some additional sanity checks with harden build

wolfSSL · Dec 17, 2024 · 87ae31b · 87ae31b
1 parent f0f50f1
commit 87ae31b
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 1 deletion.
diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c
@@ -9138,6 +9138,11 @@ static int ecc_verify_hash(mp_int *r, mp_int *s, const byte* hash,
    if (err == MP_OKAY) {
        if (mp_cmp(v, r) == MP_EQ)
            *res = 1;
+#ifdef WOLFSSL_CHECK_VER_FAULTS
+       /* redundant comparison as sanity check that first one happened */
+       if (*res == 1 && mp_cmp(r, v) != MP_EQ)
+           *res = 0;
+#endif
    }
 
    /* cleanup */

diff --git a/wolfcrypt/src/ed25519.c b/wolfcrypt/src/ed25519.c
@@ -837,7 +837,16 @@ static int ed25519_verify_msg_final_with_sha(const byte* sig, word32 sigLen,
     ret = ConstantCompare(rcheck, sig, ED25519_SIG_SIZE/2);
     if (ret != 0) {
         ret = SIG_VERIFY_E;
-    } else {
+    }
+
+#ifdef WOLFSSL_CHECK_VER_FAULTS
+    /* redundant comparison as sanity check that first one happened */
+    if (ret == 0 && ConstantCompare(rcheck, sig, ED25519_SIG_SIZE/2) != 0) {
+        ret = SIG_VERIFY_E;
+    }
+#endif
+
+    if (ret == 0) {
         /* set the verification status */
         *res = 1;
     }

diff --git a/wolfcrypt/src/ge_operations.c b/wolfcrypt/src/ge_operations.c
@@ -9467,6 +9467,13 @@ int ge_double_scalarmult_vartime(ge_p2 *r, const unsigned char *a,
     ge_p1p1_to_p2(r,t);
   }
 
+#ifdef WOLFSSL_CHECK_VER_FAULTS
+  if (i != -1) {
+      /* did not go through whole loop */
+      return BAD_STATE_E;
+  }
+#endif
+
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC)
   out: