wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix for ECC with !WC_NO_CACHE_RESISTANT and ALT_ECC_SIZE causing invalid mp_int*. An ecc_point with ALT_ECC_SIZE is "mp_int* x" vs. "mp_int x[1]". The resulting pointer for &M[0]->x is not valid in the ALT_ECC_SIZE case. This was found while testing ECC on a Cortex M4 (32-bit) and caused a hard fault.

Browse Source
This commit is contained in:
David Garske
2016-10-14 16:44:57 -07:00
parent 2ecf7090ca
commit d2a6c6838e
1 changed files with 13 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
wolfcrypt/src/ecc.c
View File

@@ -2043,21 +2043,21 @@ int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R,
#else #else
/* instead of using M[i] for double, which leaks key bit to cache /* instead of using M[i] for double, which leaks key bit to cache
* monitor, use M[2] as temp, make sure address calc is constant, * monitor, use M[2] as temp, make sure address calc is constant,
* keep &M[0] and &M[1] in cache */ * keep M[0] and M[1] in cache */
if (err == MP_OKAY) if (err == MP_OKAY)
err = mp_copy((mp_int*) err = mp_copy((mp_int*)
( ((wolfssl_word)&M[0]->x & wc_off_on_addr[i^1]) + ( ((wolfssl_word)M[0]->x & wc_off_on_addr[i^1]) +
((wolfssl_word)&M[1]->x & wc_off_on_addr[i])), ((wolfssl_word)M[1]->x & wc_off_on_addr[i])),
M[2]->x); M[2]->x);
if (err == MP_OKAY) if (err == MP_OKAY)
err = mp_copy((mp_int*) err = mp_copy((mp_int*)
( ((wolfssl_word)&M[0]->y & wc_off_on_addr[i^1]) + ( ((wolfssl_word)M[0]->y & wc_off_on_addr[i^1]) +
((wolfssl_word)&M[1]->y & wc_off_on_addr[i])), ((wolfssl_word)M[1]->y & wc_off_on_addr[i])),
M[2]->y); M[2]->y);
if (err == MP_OKAY) if (err == MP_OKAY)
err = mp_copy((mp_int*) err = mp_copy((mp_int*)
( ((wolfssl_word)&M[0]->z & wc_off_on_addr[i^1]) + ( ((wolfssl_word)M[0]->z & wc_off_on_addr[i^1]) +
((wolfssl_word)&M[1]->z & wc_off_on_addr[i])), ((wolfssl_word)M[1]->z & wc_off_on_addr[i])),
M[2]->z); M[2]->z);
if (err == MP_OKAY) if (err == MP_OKAY)
err = ecc_projective_dbl_point(M[2], M[2], a, modulus, mp); err = ecc_projective_dbl_point(M[2], M[2], a, modulus, mp);
@@ -2065,18 +2065,18 @@ int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R,
if (err == MP_OKAY) if (err == MP_OKAY)
err = mp_copy(M[2]->x, err = mp_copy(M[2]->x,
(mp_int*) (mp_int*)
( ((wolfssl_word)&M[0]->x & wc_off_on_addr[i^1]) + ( ((wolfssl_word)M[0]->x & wc_off_on_addr[i^1]) +
((wolfssl_word)&M[1]->x & wc_off_on_addr[i])) ); ((wolfssl_word)M[1]->x & wc_off_on_addr[i])) );
if (err == MP_OKAY) if (err == MP_OKAY)
err = mp_copy(M[2]->y, err = mp_copy(M[2]->y,
(mp_int*) (mp_int*)
( ((wolfssl_word)&M[0]->y & wc_off_on_addr[i^1]) + ( ((wolfssl_word)M[0]->y & wc_off_on_addr[i^1]) +
((wolfssl_word)&M[1]->y & wc_off_on_addr[i])) ); ((wolfssl_word)M[1]->y & wc_off_on_addr[i])) );
if (err == MP_OKAY) if (err == MP_OKAY)
err = mp_copy(M[2]->z, err = mp_copy(M[2]->z,
(mp_int*) (mp_int*)
( ((wolfssl_word)&M[0]->z & wc_off_on_addr[i^1]) + ( ((wolfssl_word)M[0]->z & wc_off_on_addr[i^1]) +
((wolfssl_word)&M[1]->z & wc_off_on_addr[i])) ); ((wolfssl_word)M[1]->z & wc_off_on_addr[i])) );
if (err != MP_OKAY) if (err != MP_OKAY)
break; break;
#endif /* WC_NO_CACHE_RESISTANT */ #endif /* WC_NO_CACHE_RESISTANT */