Zeroing out 2*NUM_ECC_WORDS bytes starting from the `p2` pointer would
not only write 16 bytes to an 8-byte array allocated on the stack, but
also not clear out important arrays such as `_private` and `tmp`.
Moreover, no memory was cleared out before returning from the function,
and there are two exit points.
Properly memset() all private data and use an empty assembly block
referencing the memory region to avoid the memset() calls to be elided
by the compiler.
Ideally, in the future, all stack-allocated variables that contains
sensitive information should be marked with __attribute__((cleanup)), a
GCC extension that calls a function when the variable exits the scope.
This will not only reduce code size, but for other functions with
multiple exit points, also ensure that sensitive data is always
cleared.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Version 0.2.7 of this library has been released on June 30th, and this
patch updates the library from version 0.2.6. A summary of changes
is available at the official repository at:
https://github.com/01org/tinycrypt/releases/tag/v0.2.7
There were some API changes in this version, so some tests are not
building: ccm_mode, ecc_dh, and ecc_dsa. Fixes to these tests and
subsystems affected by the changes will be provided.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Tinycrypt is maintained at github and thus should be treated as an
external library and hosted under ext/.
Change-Id: I4c4a3bcdacf01d4922919e5ea1f9dec21a19cd37
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Leandro Pereira