fix(mbedtls/ecc): Enable hardware ECC mult operations only for SOC_ECC_CONSTANT_TIME_MUL

Harshal5 · AdityaHPatwardhan · Harshal5 · commit 46cbaa7d4de4 · 2024-09-20T18:46:55.000+05:30
Co-authored-by: aditya.patwardhan &lt;aditya.patwardhane@espressif.com&gt;
diff --git a/components/mbedtls/port/ecc/esp_ecc.c b/components/mbedtls/port/ecc/esp_ecc.c
@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2021-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2021-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -12,6 +12,7 @@
 #include "ecc_impl.h"
 #include "hal/ecc_hal.h"
 #include "hal/ecc_ll.h"
+#include "soc/soc_caps.h"
 
 static void esp_ecc_acquire_hardware(void)
 {
@@ -44,6 +45,14 @@ int esp_ecc_point_multiply(const ecc_point_t *point, const uint8_t *scalar, ecc_
 
     ecc_hal_write_mul_param(scalar, point->x, point->y, len);
     ecc_hal_set_mode(work_mode);
+#ifdef SOC_ECC_CONSTANT_TIME_POINT_MUL
+    /*  Enable constant-time point multiplication operations for the ECC hardware accelerator
+        This protects the ECC multiplication operation from timing attacks.
+        This increases the time taken (by almost 50%) for some point multiplication
+        operations performed by the ECC hardware accelerator.
+    */
+    ecc_hal_enable_constant_time_point_mul(true);
+#endif /* SOC_ECC_CONSTANT_TIME_POINT_MUL */
     ecc_hal_start_calc();
 
     memset(result, 0, sizeof(ecc_point_t));
