aescolar
commented
5 years ago @ceolin Note that the PR has been updated as per your request
Closed daor-oti closed 5 years ago
aescolar
commented
5 years ago @ceolin Note that the PR has been updated as per your request
aescolar
commented
5 years ago @mczraf Thank you. Are you able to merge the changes?
mczraf
commented
5 years ago @mczraf Thank you. Are you able to merge the changes?
Yes. Thank you for your contribution to TinyCrypt.
In ecc_dh.c it is widely used to zero out the memory used for holding sensitive information, such as private keys. This memory is cleared by a memset, but as this is done right at function return, this memset will most likely be optimized out by the compiler, as the memory will no longer be used, hence no need to set it. To prevent the memset from being optimized out, it is necessary to place a memory barrier at the memset, but such a barrier is compiler depended.
To solve the above, a _set_secure function has been introduced. This defaults to an inlined function calling memset and, in cases where the compiler defines GNUC, adds a memory barrier which ensures that the memset is not optimized out. For compilers, not defining the GNUC, it may be necessary to define TINYCRYPT_ARCH_HAS_SET_SECURE which then declares the _set_secure function extern, thus meaning that it will require target implementation, which in turn allows for architecture/compiler dependent implementation.
This also fixes the memset's in uECC_make_key and uECC_make_key_with_d which actually was missing the memory barrier.
Fixes #32