diff options
author | Randall Spangler <rspangler@chromium.org> | 2014-10-17 13:00:20 -0700 |
---|---|---|
committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-10-18 01:39:12 +0000 |
commit | 6d03b527fe0107c3bb71d0bbaf6236fe980b0704 (patch) | |
tree | 2bab42c882f58f87b6ee4e03dd6c52dcc30887b0 | |
parent | d92856ddfa4f58efbaf17427eda8da5dcdbdc8e2 (diff) | |
download | vboot-6d03b527fe0107c3bb71d0bbaf6236fe980b0704.tar.gz |
vboot2: move vb2_safe_memcmp() from rsa to common
This will be needed by other algorithms, so should not live inside the
rsa module. Also added explicit unit tests for it.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I92c8c6484964a93d755ac2ee93b57511794540e9
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/224111
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
-rw-r--r-- | firmware/2lib/2common.c | 19 | ||||
-rw-r--r-- | firmware/2lib/2rsa.c | 32 | ||||
-rw-r--r-- | firmware/2lib/include/2common.h | 15 | ||||
-rw-r--r-- | tests/vb2_common_tests.c | 11 |
4 files changed, 45 insertions, 32 deletions
diff --git a/firmware/2lib/2common.c b/firmware/2lib/2common.c index 4058a2f3..686aa002 100644 --- a/firmware/2lib/2common.c +++ b/firmware/2lib/2common.c @@ -11,6 +11,25 @@ #include "2rsa.h" #include "2sha.h" +int vb2_safe_memcmp(const void *s1, const void *s2, size_t size) +{ + const unsigned char *us1 = s1; + const unsigned char *us2 = s2; + int result = 0; + + if (0 == size) + return 0; + + /* + * Code snippet without data-dependent branch due to Nate Lawson + * (nate@root.org) of Root Labs. + */ + while (size--) + result |= *us1++ ^ *us2++; + + return result != 0; +} + int vb2_align(uint8_t **ptr, uint32_t *size, uint32_t align, uint32_t want_size) { uintptr_t p = (uintptr_t)*ptr; diff --git a/firmware/2lib/2rsa.c b/firmware/2lib/2rsa.c index 47ef1799..c4c9420a 100644 --- a/firmware/2lib/2rsa.c +++ b/firmware/2lib/2rsa.c @@ -139,38 +139,6 @@ static void modpowF4(const struct vb2_public_key *key, uint8_t *inout, } } -/** - * Safer memcmp() for use in crypto. - * - * Compares the buffers to see if they are equal. Time taken to perform - * the comparison is dependent only on the size, not the relationship of - * the match between the buffers. Note that unlike memcmp(), this only - * indicates inequality, not which buffer is lesser. - * - * @param s1 First buffer - * @param s2 Second buffer - * @param size Number of bytes to compare - * @return 0 if match or size=0, non-zero if at least one byte mismatched. - */ -int vb2_safe_memcmp(const void *s1, const void *s2, size_t size) -{ - const unsigned char *us1 = s1; - const unsigned char *us2 = s2; - int result = 0; - - if (0 == size) - return 0; - - /* - * Code snippet without data-dependent branch due to Nate Lawson - * (nate@root.org) of Root Labs. - */ - while (size--) - result |= *us1++ ^ *us2++; - - return result != 0; -} - uint32_t vb2_rsa_sig_size(uint32_t algorithm) { switch (algorithm) { diff --git a/firmware/2lib/include/2common.h b/firmware/2lib/include/2common.h index 10ecf808..52c98af9 100644 --- a/firmware/2lib/include/2common.h +++ b/firmware/2lib/include/2common.h @@ -101,6 +101,21 @@ void vb2_workbuf_free(struct vb2_workbuf *wb, uint32_t size); #define vb_aligned(ptr, align) (!(((uintptr_t)(ptr)) & ((align) - 1))) /** + * Safer memcmp() for use in crypto. + * + * Compares the buffers to see if they are equal. Time taken to perform + * the comparison is dependent only on the size, not the relationship of + * the match between the buffers. Note that unlike memcmp(), this only + * indicates inequality, not which buffer is lesser. + * + * @param s1 First buffer + * @param s2 Second buffer + * @param size Number of bytes to compare + * @return 0 if match or size=0, non-zero if at least one byte mismatched. + */ +int vb2_safe_memcmp(const void *s1, const void *s2, size_t size); + +/** * Align a buffer and check its size. * * @param **ptr Pointer to pointer to align diff --git a/tests/vb2_common_tests.c b/tests/vb2_common_tests.c index e476edf1..a9f414f8 100644 --- a/tests/vb2_common_tests.c +++ b/tests/vb2_common_tests.c @@ -11,6 +11,16 @@ #include "test_common.h" /** + * Test memory compare functions + */ +static void test_memcmp(void) +{ + TEST_EQ(vb2_safe_memcmp("foo", "foo", 3), 0, "memcmp equal"); + TEST_NEQ(vb2_safe_memcmp("foo1", "foo2", 4), 0, "memcmp different"); + TEST_EQ(vb2_safe_memcmp("foo1", "foo2", 0), 0, "memcmp 0-size"); +} + +/** * Test alignment functions */ static void test_align(void) @@ -230,6 +240,7 @@ static void test_helper_functions(void) int main(int argc, char* argv[]) { + test_memcmp(); test_align(); test_workbuf(); test_struct_packing(); |