1
0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-10-25 04:35:59 +08:00

Make safer_memcmp available to all compile units under PSA

Now renamed to mbedtls_psa_safer_memcmp, it provides a single location
for buffer comparison.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
This commit is contained in:
Steven Cooreman
2021-04-29 16:37:59 +02:00
parent b4b9b2879c
commit a2a1b803da
3 changed files with 23 additions and 29 deletions

View File

@@ -93,20 +93,6 @@
#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
/* constant-time buffer comparison */
static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
{
size_t i;
unsigned char diff = 0;
for( i = 0; i < n; i++ )
diff |= a[i] ^ b[i];
return( diff );
}
/****************************************************************/ /****************************************************************/
/* Global data, support functions and library management */ /* Global data, support functions and library management */
/****************************************************************/ /****************************************************************/
@@ -2235,7 +2221,7 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation,
return( status ); return( status );
if( actual_hash_length != hash_length ) if( actual_hash_length != hash_length )
return( PSA_ERROR_INVALID_SIGNATURE ); return( PSA_ERROR_INVALID_SIGNATURE );
if( safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 ) if( mbedtls_psa_safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 )
return( PSA_ERROR_INVALID_SIGNATURE ); return( PSA_ERROR_INVALID_SIGNATURE );
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} }
@@ -2271,7 +2257,7 @@ psa_status_t psa_hash_compare( psa_algorithm_t alg,
return( status ); return( status );
if( actual_hash_length != hash_length ) if( actual_hash_length != hash_length )
return( PSA_ERROR_INVALID_SIGNATURE ); return( PSA_ERROR_INVALID_SIGNATURE );
if( safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 ) if( mbedtls_psa_safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 )
return( PSA_ERROR_INVALID_SIGNATURE ); return( PSA_ERROR_INVALID_SIGNATURE );
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} }

View File

@@ -30,6 +30,26 @@
#include "psa/crypto.h" #include "psa/crypto.h"
#include "psa/crypto_se_driver.h" #include "psa/crypto_se_driver.h"
/** Constant-time buffer comparison
*
* \param[in] a Left-hand buffer for comparison.
* \param[in] b Right-hand buffer for comparison.
* \param n Amount of bytes to compare.
*
* \return 0 if the buffer contents are equal, non-zero otherwise
*/
static inline int mbedtls_psa_safer_memcmp(
const uint8_t *a, const uint8_t *b, size_t n )
{
size_t i;
unsigned char diff = 0;
for( i = 0; i < n; i++ )
diff |= a[i] ^ b[i];
return( diff );
}
/** The data structure representing a key slot, containing key material /** The data structure representing a key slot, containing key material
* and metadata for one key. * and metadata for one key.
*/ */

View File

@@ -526,18 +526,6 @@ static psa_status_t mac_sign_finish(
return( status ); return( status );
} }
/* constant-time buffer comparison */
static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
{
size_t i;
unsigned char diff = 0;
for( i = 0; i < n; i++ )
diff |= a[i] ^ b[i];
return( diff );
}
static psa_status_t mac_verify_finish( static psa_status_t mac_verify_finish(
mbedtls_psa_mac_operation_t *operation, mbedtls_psa_mac_operation_t *operation,
const uint8_t *mac, const uint8_t *mac,
@@ -562,7 +550,7 @@ static psa_status_t mac_verify_finish(
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
goto cleanup; goto cleanup;
if( safer_memcmp( mac, actual_mac, mac_length ) != 0 ) if( mbedtls_psa_safer_memcmp( mac, actual_mac, mac_length ) != 0 )
status = PSA_ERROR_INVALID_SIGNATURE; status = PSA_ERROR_INVALID_SIGNATURE;
cleanup: cleanup: