wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 20:24:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

ECC FP_ECC: zeroize when value set

Browse Source 
accel_fp_mul was zeroizing an uninitialized MP - tk.
Add boolean, indicating to zeroize, that is set when a value is set.
This commit is contained in:
Sean Parkinson
2023-01-24 10:28:49 +10:00
parent 4b8ab2550d
commit a5adfcd5ca
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
wolfcrypt/src/ecc.c
View File

@@ -11866,6 +11866,7 @@ static int accel_fp_mul(int idx, const mp_int* k, ecc_point *R, mp_int* a,
int x, err; int x, err;
unsigned y, z = 0, bitlen, bitpos, lut_gap; unsigned y, z = 0, bitlen, bitpos, lut_gap;
int first; int first;
int tk_zeroize = 0;
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
tk = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC); tk = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC);
@@ -11884,6 +11885,7 @@ static int accel_fp_mul(int idx, const mp_int* k, ecc_point *R, mp_int* a,
if ((err = mp_copy(k, tk)) != MP_OKAY) if ((err = mp_copy(k, tk)) != MP_OKAY)
goto done; goto done;
tk_zeroize = 1;
#ifdef WOLFSSL_CHECK_MEM_ZERO #ifdef WOLFSSL_CHECK_MEM_ZERO
mp_memzero_add("accel_fp_mul tk", tk); mp_memzero_add("accel_fp_mul tk", tk);
@@ -12004,7 +12006,10 @@ static int accel_fp_mul(int idx, const mp_int* k, ecc_point *R, mp_int* a,
done: done:
/* cleanup */ /* cleanup */
mp_clear(order); mp_clear(order);
/* Ensure it was initialized. */
if (tk_zeroize) {
mp_forcezero(tk); mp_forcezero(tk);
}
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(kb, NULL, DYNAMIC_TYPE_ECC_BUFFER); XFREE(kb, NULL, DYNAMIC_TYPE_ECC_BUFFER);