commit 5d5841f4506f524a41e8e77e08049b24bcac0686
author Piotr Nowicki <piotr.nowicki@arm.com> Fri Jun 05 16:33:24 2020 +0200
committer Piotr Nowicki <piotr.nowicki@arm.com> Tue Jun 09 14:31:55 2020 +0200
tree 1962260bba5304c2efde08b89dd14173fcd6ded9
parent 478b05c34ccc5cebe1019409b61cb42da300d8ba

Add mbedtls_platform_memmove() as a secured memcmp()

Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>

library/pk.c

diff --git a/library/pk.c b/library/pk.c
index 8557513..f2df7db 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -629,7 +629,10 @@
 
     len = n_len;
     *p -= len;
-    memmove( *p, start, len );
+    if( 0 != mbedtls_platform_memmove( *p, start, len ) )
+    {
+        return( MBEDTLS_ERR_PK_ALLOC_FAILED );
+    }
 
     /* ASN.1 DER encoding requires minimal length, so skip leading 0s.
      * Neither r nor s should be 0, but as a failsafe measure, still detect
@@ -691,8 +694,11 @@
     *--p = MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE;
     len += 2;
 
+    if( 0 != mbedtls_platform_memmove( sig, p, len ) )
+    {
+        return( MBEDTLS_ERR_PK_ALLOC_FAILED );
+    }
     ret = 0;
-    memmove( sig, p, len );
     *sig_len = len;
 
     return( ret );