Merge pull request #707 from JacobBarthelmeh/master

fix location in tfm.c that could result in potential cache attack
2017-01-11 12:35:22 -08:00 · 2017-01-11 12:35:22 -08:00 · 575ac7b9d3
parent 8954de40ff e3277c19b7
commit 575ac7b9d3
1 changed files with 3 additions and 4 deletions
--- a/wolfcrypt/src/tfm.c
+++ b/wolfcrypt/src/tfm.c
@ -480,12 +480,11 @@ void fp_mul_comba(fp_int *A, fp_int *B, fp_int *C)
      pa = FP_SIZE-1;
   }

-   if (A == C || B == C) {
+   /* Always take branch to use tmp variable. This avoids a cache attack for
+    * determining if C equals A */
+   if (1) {
      fp_init(&tmp);
      dst = &tmp;
-   } else {
-      fp_zero(C);
-      dst = C;
   }

   for (ix = 0; ix < pa; ix++) {