diff options
author | 鞠明岐 <jumingqi@xiaomi.corp-partner.google.com> | 2023-08-08 05:41:12 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2023-08-08 05:41:12 +0000 |
commit | cca11ea21b2b130666c347f730e02334e1f6fae5 (patch) | |
tree | 8957b4dbf609ac90eff835d5a0043e97981ff859 | |
parent | dff2f6a66b3f816b7b4ae9bd60404dc3a09e9aa9 (diff) | |
parent | 9339e797ef411c3c47df19ab557552dae5c8b595 (diff) | |
download | libese-cca11ea21b2b130666c347f730e02334e1f6fae5.tar.gz |
WeaverApplet:Increase failure count before key compare for security am: 9339e797ef
Original change: https://android-review.googlesource.com/c/platform/external/libese/+/2671178
Change-Id: I00694616713d2cd60ded00e41117746ffd8da31a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
-rw-r--r-- | apps/weaver/card/src/com/android/weaver/core/CoreSlots.java | 31 |
1 files changed, 16 insertions, 15 deletions
diff --git a/apps/weaver/card/src/com/android/weaver/core/CoreSlots.java b/apps/weaver/card/src/com/android/weaver/core/CoreSlots.java index b2ef6b7..4fb86cd 100644 --- a/apps/weaver/card/src/com/android/weaver/core/CoreSlots.java +++ b/apps/weaver/card/src/com/android/weaver/core/CoreSlots.java @@ -156,22 +156,11 @@ class CoreSlots implements Slots { return Consts.READ_BACK_OFF; } - // Check the key matches in constant time and copy out the value if it does - byte result = (Util.arrayCompare( - keyBuffer, keyOffset, mKey, (short) 0, Consts.SLOT_KEY_BYTES) == 0) ? - Consts.READ_SUCCESS : Consts.READ_WRONG_KEY; - - // Keep track of the number of failures - if (result == Consts.READ_WRONG_KEY) { - if (mFailureCount != 0x7fff) { - mFailureCount += 1; - } - } else { - // This read was successful so reset the failures - if (mFailureCount != 0) { // attempt to maintain constant time - mFailureCount = 0; - } + // Assume this read will fail + if (mFailureCount != 0x7fff) { + mFailureCount += 1; } + byte result = Consts.READ_WRONG_KEY; // Start the timer on a failure if (throttle(sRemainingBackoff, (short) 0, mFailureCount)) { @@ -182,6 +171,18 @@ class CoreSlots implements Slots { mBackoffTimer.stopTimer(); } + // Check the key matches in constant time and copy out the value if it does + result = (Util.arrayCompare( + keyBuffer, keyOffset, mKey, (short) 0, Consts.SLOT_KEY_BYTES) == 0) ? + Consts.READ_SUCCESS : result; + + // Keep track of the number of failures + if (result == Consts.READ_SUCCESS) { + // This read was successful so reset the failures + mFailureCount = 0; + mBackoffTimer.stopTimer(); + } + final byte[] data = (result == Consts.READ_SUCCESS) ? mValue : sRemainingBackoff; Util.arrayCopyNonAtomic(data, (short) 0, outBuffer, outOffset, Consts.SLOT_VALUE_BYTES); |