diff options
author | Janos Follath <janos.follath@arm.com> | 2016-11-03 14:25:37 +0000 |
---|---|---|
committer | Andres AG <andres.amayagarcia@arm.com> | 2017-03-15 13:44:26 +0000 |
commit | b9dbff726033a18c9ae31543dcea8edd31eb7d63 (patch) | |
tree | 16d6a7ad1585b7e53b82100e0aaaeb38c49430fc | |
parent | 46315740b8583e8f3a27ae4dd9bf463c81626f91 (diff) | |
download | mbedtls-b9dbff726033a18c9ae31543dcea8edd31eb7d63.zip mbedtls-b9dbff726033a18c9ae31543dcea8edd31eb7d63.tar.gz mbedtls-b9dbff726033a18c9ae31543dcea8edd31eb7d63.tar.bz2 |
Add thread safety to ECP hardware acceleration
The intended use of the abstraction layer for Elliptic Curve Point
arithmetic is to enable using hardware cryptographic accelerators.
These devices are a shared resource and the driver code rarely provides
thread safety.
This commit adds mutexes to the abstraction layer to protect the device
in a multi-threaded environment.
-rw-r--r-- | library/ecp.c | 30 |
1 files changed, 26 insertions, 4 deletions
diff --git a/library/ecp.c b/library/ecp.c index 97fcd01..6d8c897 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -49,6 +49,7 @@ #if defined(MBEDTLS_ECP_C) #include "mbedtls/ecp.h" +#include "mbedtls/threading.h" #include <string.h> @@ -1685,34 +1686,44 @@ int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, ( ret = mbedtls_ecp_check_pubkey( grp, P ) ) != 0 ) return( ret ); +#if defined(MBEDTLS_ECP_FUNCTION_ALT) && defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_lock( &mbedtls_threading_cryptohw_asym_mutex ) != 0 ) + return ( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + +#endif #if defined(MBEDTLS_ECP_INIT_ALT) if ( mbedtls_ecp_alt_grp_capable( grp ) ) { MBEDTLS_MPI_CHK( mbedtls_ecp_alt_init( grp ) ); } -#endif +#endif #if defined(ECP_MONTGOMERY) if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY ) ret = ecp_mul_mxz( grp, R, m, P, f_rng, p_rng ); -#endif +#endif #if defined(ECP_SHORTWEIERSTRASS) if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS ) ret = ecp_mul_comb( grp, R, m, P, f_rng, p_rng ); -#endif +#endif #if defined(MBEDTLS_ECP_INIT_ALT) cleanup: -#endif +#endif #if defined(MBEDTLS_ECP_DEINIT_ALT) if ( mbedtls_ecp_alt_grp_capable( grp ) ) { mbedtls_ecp_alt_deinit( grp ); } + #endif +#if defined(MBEDTLS_ECP_FUNCTION_ALT) && defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &mbedtls_threading_cryptohw_asym_mutex ) != 0 ) + return ( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); +#endif return( ret ); } @@ -1815,11 +1826,17 @@ int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, &mP, m, P ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, R, n, Q ) ); +#if defined(MBEDTLS_ECP_FUNCTION_ALT) && defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_lock( &mbedtls_threading_cryptohw_asym_mutex ) != 0 ) + return ( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + +#endif #if defined(MBEDTLS_ECP_INIT_ALT) if ( mbedtls_ecp_alt_grp_capable( grp ) ) { MBEDTLS_MPI_CHK( mbedtls_ecp_alt_init( grp ) ); } + #endif MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, &mP, R ) ); MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, R ) ); @@ -1831,8 +1848,13 @@ cleanup: { mbedtls_ecp_alt_deinit( grp ); } + #endif +#if defined(MBEDTLS_ECP_FUNCTION_ALT) && defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &mbedtls_threading_cryptohw_asym_mutex ) != 0 ) + return ( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); +#endif mbedtls_ecp_point_free( &mP ); return( ret ); |