wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6005 from SparkiDev/ecc_fp_alloc_fail_oob_1

Browse Source 
ECC FP_ECC: zeroize when value set
This commit is contained in:
David Garske
2023-01-24 07:57:53 -08:00
committed by GitHub
parent c9e1039a54 a5adfcd5ca
commit a21c3a3c89
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
wolfcrypt/src/ecc.c
View File

@ -11868,6 +11868,7 @@ static int accel_fp_mul(int idx, const mp_int* k, ecc_point *R, mp_int* a,
int x, err; int x, err;
unsigned y, z = 0, bitlen, bitpos, lut_gap; unsigned y, z = 0, bitlen, bitpos, lut_gap;
int first; int first;
int tk_zeroize = 0;
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
tk = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC); tk = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC);
@ -11886,6 +11887,7 @@ static int accel_fp_mul(int idx, const mp_int* k, ecc_point *R, mp_int* a,
if ((err = mp_copy(k, tk)) != MP_OKAY) if ((err = mp_copy(k, tk)) != MP_OKAY)
goto done; goto done;
tk_zeroize = 1;
#ifdef WOLFSSL_CHECK_MEM_ZERO #ifdef WOLFSSL_CHECK_MEM_ZERO
mp_memzero_add("accel_fp_mul tk", tk); mp_memzero_add("accel_fp_mul tk", tk);
@ -12006,7 +12008,10 @@ static int accel_fp_mul(int idx, const mp_int* k, ecc_point *R, mp_int* a,
done: done:
/* cleanup */ /* cleanup */
mp_clear(order); mp_clear(order);
mp_forcezero(tk); /* Ensure it was initialized. */
if (tk_zeroize) {
mp_forcezero(tk);
}
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(kb, NULL, DYNAMIC_TYPE_ECC_BUFFER); XFREE(kb, NULL, DYNAMIC_TYPE_ECC_BUFFER);