diff --git a/ext/lib/crypto/tinycrypt/README b/ext/lib/crypto/tinycrypt/README index b7e3b2f2b36..af331819b8d 100644 --- a/ext/lib/crypto/tinycrypt/README +++ b/ext/lib/crypto/tinycrypt/README @@ -3,7 +3,7 @@ open source project. The original upstream code can be found at: https://github.com/01org/tinycrypt -At revision 6e0eb53fc8403988f97345e94081b0453f47231d, version 0.2.8 +At revision 484f51f481483b999b22249055cb8bb7734149f6, version 0.2.8 Any changes to the local version should include Zephyr's TinyCrypt maintainer in the review. That can be found via the git history. diff --git a/ext/lib/crypto/tinycrypt/include/tinycrypt/utils.h b/ext/lib/crypto/tinycrypt/include/tinycrypt/utils.h index bab5c3202e4..6b7b0abf9b8 100644 --- a/ext/lib/crypto/tinycrypt/include/tinycrypt/utils.h +++ b/ext/lib/crypto/tinycrypt/include/tinycrypt/utils.h @@ -41,6 +41,7 @@ #include #include +#include #ifdef __cplusplus extern "C" { @@ -69,6 +70,31 @@ unsigned int _copy(uint8_t *to, unsigned int to_len, */ void _set(void *to, uint8_t val, unsigned int len); +/** + * @brief Set the value 'val' into the buffer 'to', 'len' times, in a way + * which does not risk getting optimized out by the compiler + * In cases where the compiler does not set __GNUC__ and where the + * optimization level removes the memset, it may be necessary to + * implement a _set_secure function and define the + * TINYCRYPT_ARCH_HAS_SET_SECURE, which then can ensure that the + * memset does not get optimized out. + * + * @param to OUT -- destination buffer + * @param val IN -- value to be set in 'to' + * @param len IN -- number of times the value will be copied + */ +#ifdef TINYCRYPT_ARCH_HAS_SET_SECURE +extern void _set_secure(void *to, uint8_t val, unsigned int len); +#else /* ! TINYCRYPT_ARCH_HAS_SET_SECURE */ +static inline void _set_secure(void *to, uint8_t val, unsigned int len) +{ + (void) memset(to, val, len); +#ifdef __GNUC__ + __asm__ __volatile__("" :: "g"(to) : "memory"); +#endif /* __GNUC__ */ +} +#endif /* TINYCRYPT_ARCH_HAS_SET_SECURE */ + /* * @brief AES specific doubling function, which utilizes * the finite field used by AES. diff --git a/ext/lib/crypto/tinycrypt/source/ecc_dh.c b/ext/lib/crypto/tinycrypt/source/ecc_dh.c index e5257d2d454..1b108a44283 100644 --- a/ext/lib/crypto/tinycrypt/source/ecc_dh.c +++ b/ext/lib/crypto/tinycrypt/source/ecc_dh.c @@ -57,6 +57,7 @@ #include #include #include +#include #include #if default_RNG_defined @@ -92,7 +93,7 @@ int uECC_make_key_with_d(uint8_t *public_key, uint8_t *private_key, _public + curve->num_words); /* erasing temporary buffer used to store secret: */ - memset(_private, 0, NUM_ECC_BYTES); + _set_secure(_private, 0, NUM_ECC_BYTES); return 1; } @@ -133,7 +134,7 @@ int uECC_make_key(uint8_t *public_key, uint8_t *private_key, uECC_Curve curve) _public + curve->num_words); /* erasing temporary buffer that stored secret: */ - memset(_private, 0, NUM_ECC_BYTES); + _set_secure(_private, 0, NUM_ECC_BYTES); return 1; } @@ -189,12 +190,9 @@ int uECC_shared_secret(const uint8_t *public_key, const uint8_t *private_key, clear_and_out: /* erasing temporary buffer used to store secret: */ - memset(p2, 0, sizeof(p2)); - __asm__ __volatile__("" :: "g"(p2) : "memory"); - memset(tmp, 0, sizeof(tmp)); - __asm__ __volatile__("" :: "g"(tmp) : "memory"); - memset(_private, 0, sizeof(_private)); - __asm__ __volatile__("" :: "g"(_private) : "memory"); + _set_secure(p2, 0, sizeof(p2)); + _set_secure(tmp, 0, sizeof(tmp)); + _set_secure(_private, 0, sizeof(_private)); return r; }