diff options
author | nagendra modadugu <ngm@google.com> | 2016-11-10 15:19:09 -0800 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2016-11-11 14:27:23 -0800 |
commit | d7222a4956de9412fcca8a0d34c206e5dbd79abb (patch) | |
tree | 3e83ecf417cc421523f85dc5e19799a21bc23f9a /board/cr50/tpm2/NVMem.c | |
parent | d558d2bee1322c925364e46ae3cc5ed2bb5075d6 (diff) | |
download | chrome-ec-d7222a4956de9412fcca8a0d34c206e5dbd79abb.tar.gz |
CR50: add a constant time buffer equals implementation
Various cryptographic operations leak timing
information if comparisons are not executed
in constant time. This change adds DCRYPTO_equals(),
a constant runtime comparator.
Also replace crypto related callsites that used
memcmp() as a binary comparator.
BUG=none
BRANCH=none
TEST=tcg tests pass
Change-Id: I3d3da3c0524c3a349d60675902d1f2d338ad455f
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/410163
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Diffstat (limited to 'board/cr50/tpm2/NVMem.c')
-rw-r--r-- | board/cr50/tpm2/NVMem.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/board/cr50/tpm2/NVMem.c b/board/cr50/tpm2/NVMem.c index f78308033c..7874a89e86 100644 --- a/board/cr50/tpm2/NVMem.c +++ b/board/cr50/tpm2/NVMem.c @@ -135,8 +135,7 @@ _plat__NvIsDifferent(unsigned int startOffset, #ifdef CONFIG_FLASH_NVMEM return (nvmem_is_different(startOffset, size, data, NVMEM_TPM) != 0); #else - /* Do we need a safe memcmp here? */ - return (memcmp(&s_NV[startOffset], data, size) != 0); + return !DCRYPTO_equals(&s_NV[startOffset], data, size); #endif } |