yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-30 02:14:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3880 from AndrzejKurek/fi-random-delays

Browse Source 
Add random delays to sha256 to protect against fault injection
This commit is contained in:
Andrzej Kurek 2020-11-25 13:38:52 -05:00 committed by GitHub
commit 8265f5cc4f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
library/sha256.c
View File

@ -281,6 +281,8 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
if( flow_ctrl == 8 ) if( flow_ctrl == 8 )
{ {
mbedtls_platform_random_delay();
if( flow_ctrl == 8 )
return( 0 ); return( 0 );
} }
/* Free the ctx upon suspected FI */ /* Free the ctx upon suspected FI */
@ -355,6 +357,7 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
/* Re-check ilen_dup to protect from a FI attack */ /* Re-check ilen_dup to protect from a FI attack */
if( ilen_dup < 64 ) if( ilen_dup < 64 )
{ {
mbedtls_platform_random_delay();
/* Re-check that the calculated offsets are correct */ /* Re-check that the calculated offsets are correct */
ilen_change = ilen - ilen_dup; ilen_change = ilen - ilen_dup;
if( ( input_dup + ilen_change ) == input ) if( ( input_dup + ilen_change ) == input )
@ -458,6 +461,8 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
/* flow ctrl was incremented twice and then 7 times in two loops */ /* flow ctrl was incremented twice and then 7 times in two loops */
if( flow_ctrl == 9 ) if( flow_ctrl == 9 )
{ {
mbedtls_platform_random_delay();
if( flow_ctrl == 9 )
return( 0 ); return( 0 );
} }
/* Free the ctx and clear output upon suspected FI */ /* Free the ctx and clear output upon suspected FI */
@ -509,6 +514,8 @@ exit:
if( input_dup == input && ilen_dup == ilen ) if( input_dup == input && ilen_dup == ilen )
{ {
mbedtls_platform_random_delay();
if( input_dup == input && ilen_dup == ilen )
return( ret ); return( ret );
} }
mbedtls_platform_memset( output, 0, 32 ); mbedtls_platform_memset( output, 0, 32 );