Add double check on bad signature flagging

commit: 81c1fc41327bae26fe494a6d9c25df090c41e593 [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Fri Nov 08 11:25:16 2019 +0100
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Thu Nov 21 15:32:45 2019 +0100
tree: 91b9be55ae6bd6afeed03a2348d602118c1b0606
parent: f66657ac44ccf9ab983042831db342631adfe1d1 [diff] [blame]
diff --git a/library/x509_crt.c b/library/x509_crt.c
index d75e304..c0914fa 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c

@@ -3385,6 +3385,7 @@
     int parent_is_trusted;
     int child_is_trusted;
     int signature_is_good;
+    volatile int signature_is_good_fi;
     unsigned self_cnt;
 
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
@@ -3527,9 +3528,16 @@
         }
 
         /* signature was checked while searching parent */
-        if( signature_is_good != X509_SIGNATURE_IS_GOOD )
+        signature_is_good_fi = signature_is_good;
+        if( signature_is_good_fi != X509_SIGNATURE_IS_GOOD )
+        {
             *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED;
 
+            mbedtls_platform_enforce_volatile_reads();
+            if( signature_is_good_fi != X509_SIGNATURE_IS_GOOD )
+                *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED;
+        }
+
         {
             mbedtls_pk_context *parent_pk;
             ret = mbedtls_x509_crt_pk_acquire( parent_crt, &parent_pk );
commit	81c1fc41327bae26fe494a6d9c25df090c41e593	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Fri Nov 08 11:25:16 2019 +0100
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Thu Nov 21 15:32:45 2019 +0100
tree	91b9be55ae6bd6afeed03a2348d602118c1b0606
parent	f66657ac44ccf9ab983042831db342631adfe1d1 [diff] [blame]