commit 7400fae7ee2eb0c885888328a874614664856dc6
author Andrzej Kurek <andrzej.kurek@arm.com> Mon Aug 03 12:14:06 2020 +0200
committer GitHub <noreply@github.com> Mon Aug 03 12:14:06 2020 +0200
tree c386c5078feabddd0d772a404218a746472ba023
parent 898d3301481ccfc0afe47806fb527715e2b83b3c
parent 340396964513018694cc4c83317dc9b2997d641e

Merge pull request #3510 from AndrzejKurek/fi-pk-fixes

pk.c FI-related fixes

include/tinycrypt/ecc.h

diff --git a/include/tinycrypt/ecc.h b/include/tinycrypt/ecc.h
index 57aa508..4c20729 100644
--- a/include/tinycrypt/ecc.h
+++ b/include/tinycrypt/ecc.h
@@ -85,7 +85,7 @@
 /* Return values for functions, chosen with large Hamming distances between
  * them (especially to SUCESS) to mitigate the impact of fault injection
  * attacks flipping a low number of bits. */
-#define UECC_SUCCESS            0
+#define UECC_SUCCESS            0x00FFAAAA
 #define UECC_FAILURE            0x75555555
 #define UECC_FAULT_DETECTED     0x7aaaaaaa
 

library/pk.c

diff --git a/library/pk.c b/library/pk.c
index b92eb14..fea7576 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -548,6 +548,7 @@
     return( (size_t) ( NUM_ECC_BYTES * 8 ) );
 }
 
+/* This function compares public keys of two keypairs */
 static int uecc_eckey_check_pair( const void *pub, const void *prv )
 {
     const mbedtls_uecc_keypair *uecc_pub =
@@ -621,13 +622,12 @@
 static int asn1_write_mpibuf( unsigned char **p, unsigned char *start,
                               size_t n_len )
 {
-    size_t len = 0;
+    size_t len = n_len;
     int ret = MBEDTLS_ERR_PLATFORM_FAULT_DETECTED;
 
-    if( (size_t)( *p - start ) < n_len )
+    if( (size_t)( *p - start ) < len )
         return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
 
-    len = n_len;
     *p -= len;
     ret = mbedtls_platform_memmove( *p, start, len );
     if( ret != 0 )
@@ -659,6 +659,10 @@
         len += 1;
     }
 
+    /* Ensure that there is still space for len and ASN1_INTEGER */
+    if( ( *p - start ) < 2 )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
     /* The ASN.1 length encoding is just a single Byte containing the length,
      * as we assume that the total buffer length is smaller than 128 Bytes. */
     *--(*p) = len;
@@ -674,7 +678,7 @@
  *
  * [in/out] sig: the signature pre- and post-transcoding
  * [in/out] sig_len: signature length pre- and post-transcoding
- * [int] buf_len: the available size the in/out buffer
+ * [in] buf_len: the available size the in/out buffer
  *
  * Warning: buf_len must be smaller than 128 Bytes.
  */
@@ -689,6 +693,9 @@
     MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, sig + rs_len, rs_len ) );
     MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, sig, rs_len ) );
 
+    if( p - sig < 2 )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
     /* The ASN.1 length encoding is just a single Byte containing the length,
      * as we assume that the total buffer length is smaller than 128 Bytes. */
     *--p = len;