Use safer return values in uECC_verify() This is a first step in protecting against fault injection attacks: the attacker can no longer change failure into success by flipping a single bit. Additional steps are needed to prevent other attacks (instruction skip etc) and will be the object of future commits. The return value of uECC_vli_equal() should be protected as well, which will be done in a future commit as well.

commit: 10d8e8ed64158e12fe4279ea59d5b383433ab24f [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Wed Nov 06 10:30:26 2019 +0100
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Thu Nov 21 15:12:44 2019 +0100
tree: 037215d166929c2db745a3498c1932913708b99e
parent: c05f1506f41ef548680f4898245f693632a78152 [diff]
diff --git a/library/pk.c b/library/pk.c
index 29123eb..857bafc 100644
--- a/library/pk.c
+++ b/library/pk.c

@@ -591,7 +591,7 @@
 
     ret = uECC_verify( keypair->public_key, hash,
                        (unsigned) hash_len, signature, uecc_curve );
-    if( ret == 0 )
+    if( ret != UECC_SUCCESS )
         return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
 
     return( 0 );
commit	10d8e8ed64158e12fe4279ea59d5b383433ab24f	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Wed Nov 06 10:30:26 2019 +0100
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Thu Nov 21 15:12:44 2019 +0100
tree	037215d166929c2db745a3498c1932913708b99e
parent	c05f1506f41ef548680f4898245f693632a78152 [diff]