libmbedtls: add fault mitigation in mbedtls_rsa_rsassa_pss_verify_ext() Adds fault mitigation in mbedtls_rsa_rsassa_pss_verify_ext() by using the macro FTMN_CALLEE_DONE_MEMCMP() instead of memcmp() when checking that the hash in the RSA signature is matching the expected value. FTMN_CALLEE_DONE_MEMCMP() saves on success the result in a thread local storage if fault mitigations was enabled when the function was called. Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

commit: a846630f4435a7127bdee968781e6d6eb296f5fa [log] [tgz]
author: Jens Wiklander <jens.wiklander@linaro.org> Fri Apr 01 17:45:55 2022 +0200
committer: Jérôme Forissier <jerome@forissier.org> Fri Nov 25 09:53:18 2022 +0100
tree: e9a9faa04da3e3af839962315183e10d33b0669c
parent: 3227a4c6ab32a31685c3f7b826fd5b0264f49ce0 [diff]
diff --git a/lib/libmbedtls/mbedtls/library/rsa.c b/lib/libmbedtls/mbedtls/library/rsa.c
index 497f011..dfb0e5e 100644
--- a/lib/libmbedtls/mbedtls/library/rsa.c
+++ b/lib/libmbedtls/mbedtls/library/rsa.c

@@ -66,6 +66,8 @@
 #define mbedtls_free   free
 #endif
 
+#include <fault_mitigation.h>
+
 #if !defined(MBEDTLS_RSA_ALT)
 
 /* Parameter validation macros */
@@ -2141,7 +2143,7 @@
     if ( ret != 0 )
         goto exit;
 
-    if( memcmp( hash_start, result, hlen ) != 0 )
+    if( FTMN_CALLEE_DONE_MEMCMP( memcmp, hash_start, result, hlen ) != 0 )
     {
         ret = MBEDTLS_ERR_RSA_VERIFY_FAILED;
         goto exit;
commit	a846630f4435a7127bdee968781e6d6eb296f5fa	[log] [tgz]
author	Jens Wiklander <jens.wiklander@linaro.org>	Fri Apr 01 17:45:55 2022 +0200
committer	Jérôme Forissier <jerome@forissier.org>	Fri Nov 25 09:53:18 2022 +0100
tree	e9a9faa04da3e3af839962315183e10d33b0669c
parent	3227a4c6ab32a31685c3f7b826fd5b0264f49ce0 [diff]