Kevin Bracey
045e576e02
Adjust fixed-time arithmetic to not use boolean ops
...
Signed-off-by: Kevin Bracey <kevin.bracey@arm.com>
2020-10-12 18:09:04 +03:00
Kevin Bracey
99c64e142e
Use builtin CLZ
...
Signed-off-by: Kevin Bracey <kevin.bracey@arm.com>
2020-10-12 18:09:04 +03:00
Kevin Bracey
3be252e252
vli_isZero and vli_clear assembly
...
Signed-off-by: Kevin Bracey <kevin.bracey@arm.com>
2020-10-12 18:09:04 +03:00
Kevin Bracey
4aea62569b
More GCC assembly
...
Signed-off-by: Kevin Bracey <kevin.bracey@arm.com>
2020-10-12 18:09:04 +03:00
Kevin Bracey
06060330d8
Add GCC vli_rshift1 assembly
...
Signed-off-by: Kevin Bracey <kevin.bracey@arm.com>
2020-10-12 18:09:04 +03:00
Kevin Bracey
0a1884bba4
Use GCC extended assembler
...
Naked functions and basic assembler don't seem to work reliably - basic
assembler is assumed to not change registers or memory, and there does
not appear to be any special handling of naked functions in this regard.
Signed-off-by: Kevin Bracey <kevin.bracey@arm.com>
2020-10-12 18:09:04 +03:00
Kevin Bracey
e0f88d5140
Add GCC/Clang muladd assembly
...
Signed-off-by: Kevin Bracey <kevin.bracey@arm.com>
2020-10-12 18:09:04 +03:00
Kevin Bracey
84f31d3eaa
Optimise muladd more
...
Signed-off-by: Kevin Bracey <kevin.bracey@arm.com>
2020-10-12 18:09:04 +03:00
Kevin Bracey
1959c18c69
tinycrypt: Add ARM assembler optimisations
...
For ARM Compiler 5 only, provide assembler versions of vli_add, vli_sub,
vli_rshift1 and muladd.
Signed-off-by: Kevin Bracey <kevin.bracey@arm.com>
2020-10-12 18:09:04 +03:00
Andrzej Kurek
ce62080a99
Merge pull request #3613 from AndrzejKurek/fi-double-crypto-calls
...
Add double pk verification and double master secret calculation
2020-10-07 16:03:23 +01:00
Kevin Bracey
f40c79272f
tinycrypt: use fast integer types
...
Signed-off-by: Kevin Bracey <kevin.bracey@arm.com>
2020-10-07 14:13:41 +03:00
Andrzej Kurek
2544cd3582
Merge pull request #3724 from AndrzejKurek/transform-cipher-optimization-2
...
Add hash calculation to the ssl module
2020-10-06 14:20:10 +01:00
Andrzej Kurek
73680ad5a2
Merge pull request #3694 from AndrzejKurek/transform-cipher-optimization
...
Merge enc/dec cipher contexts in ssl transforms
2020-09-23 14:06:43 +01:00
Andrzej Kurek
f4d2c7de31
Improve FI resistance of pk verification in ssl_cli.c
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-09-20 02:15:16 +02:00
Andrzej Kurek
f74a86c0b0
Improve FI resistance of certificate verification in ssl_srv.c
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-09-20 01:57:30 +02:00
Andrzej Kurek
ef34494d80
ssl_srv.c: change the initial return variable value
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-09-20 00:29:43 +02:00
Andrzej Kurek
ff51721e99
ssl_tls: reduce the complexity of encryption validation
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-09-20 00:29:43 +02:00
Andrzej Kurek
8ec9e136cf
ssl_tls: Add a flag indicating that encryption succeeded
...
Protect against encryption skipping by introducing a new flag.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-09-20 00:29:43 +02:00
Andrzej Kurek
6c30be8e4b
ssl: call signature verification twice for non-restartable operations
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-09-20 00:29:43 +02:00
Andrzej Kurek
69bafce7a3
Improve the FI resistance in ssl_tls.c key switching
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-09-19 12:45:20 +02:00
Andrzej Kurek
f7df0d37ab
Reduce the size of used constant in ssl_tls.c
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-09-19 12:00:57 +02:00
Andrzej Kurek
a793237998
Calculate hashes of ssl encryption and decryption keys
...
Optimize the key switching mechanism to set the key only if
a different operation is performed with the context.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-09-19 08:04:05 +02:00
Andrzej Kurek
d81351b047
Change the default value of initialized cipher operation to NONE
...
This way, an initialized cipher context but without a key set can be identified.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-09-19 04:07:03 +02:00
Andrzej Kurek
1175044156
Merge enc/dec cipher contexts in ssl transforms
...
Store the raw encryption and decryption keys in transforms
to set them before each cipher operation. Add a config option
for this - MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-09-17 23:51:58 +02:00
Shelly Liberman
f8d7e0112a
Merge pull request #3669 from shelib01/ec_key_gen_optimization
...
replace user rand by platform rand in ecc delays
2020-09-16 20:32:52 +03:00
Shelly Liberman
05beb9ac70
replace user rand by platform rand in ecc delays
...
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
2020-09-16 18:58:50 +03:00
Andrzej Kurek
6f3a987ae3
Merge pull request #3640 from AndrzejKurek/fi-hash-instead-of-crc
...
Swap out CRC calculation in AES in favour of a simple hash
2020-09-03 15:21:47 +02:00
Andrzej Kurek
a00c3eeaca
Merge pull request #3619 from AndrzejKurek/fi-uecc-return-value
...
Change the tinycrypt return values to be below 256
2020-08-31 14:53:39 +02:00
Andrzej Kurek
858e4325d2
Merge pull request #3604 from AndrzejKurek/alias-memcmp-memequal
...
Add a deprecated version of mbedtls_platform_memcmp.
2020-08-24 15:26:23 +02:00
Andrzej Kurek
c87e91ce2b
Merge pull request #3553 from AndrzejKurek/crc-calculation-base
...
Validate AES keys after each use checking CRC
2020-08-13 12:42:54 +02:00
Piotr Nowicki
c2b682ab71
Merge pull request #3468 from piotr-now/fic_flow_monitor
...
Add flow monitor for memory block operations
2020-08-13 09:34:00 +02:00
Piotr Nowicki
305a5ec496
Checking in critical places if secured memset() and memcpy() was successful
...
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-12 15:22:20 +02:00
Piotr Nowicki
ea8e846fdc
Add flow monitor for mbedtls_platform_memcpy() and mbedtls_platform_memmove()
...
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-12 15:22:06 +02:00
Piotr Nowicki
a6348edc23
Checking in critical places if the mbedtls_platform_zeroize() was successful
...
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-12 15:12:20 +02:00
Piotr Nowicki
ed840dbcd8
Add flow montitor to the mbedtls_platform_memset()
...
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-12 15:12:20 +02:00
Piotr Nowicki
2bb1376560
Merge pull request #3537 from piotr-now/platform_random
...
Expanded the random number generator in the `platform_util.c` file
2020-08-12 15:09:05 +02:00
Piotr Nowicki
26c33692b0
Fix CI failure.
...
For ASanDbg tests of the earlier implementation of the
mbedtls_platform_random_in_range(), there was no case where ‘shift’
value was zero. Such a case generated a bit shift of 32, which is treated
as an error by ASanDbg. Increasing the ‘shift’ value by one ensures that
it will always be non-zero.
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-11 16:41:34 +02:00
Piotr Nowicki
057daa3b28
Random delay can be disabled in configuration
...
Use random delay depending on whether MBEDTLS_FI_COUNTERMEASURES is defined
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-11 16:41:34 +02:00
Piotr Nowicki
77b7a7754c
Expanded the random number generator in the platform_util.c
file
...
The earlier implementation had two problems: the random generator always
returned 0 if the MBEDTLS_ENTROPY_HARDWARE_ALT flag was not defined and there
was no protection needed if the HW RNG was malfunctioning. Both these problems
have been solved in this commit by adding the linear congruential generator algorithm.
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-11 16:41:34 +02:00
Piotr Nowicki
8656fc6525
Change the value type in the mbedtls_platform_random_in_range()
...
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-11 16:38:25 +02:00
Piotr Nowicki
fa635dfaa1
Merge pull request #3448 from piotr-now/platform_util
...
Renamed mbedtls_platform_memcmp() to mbedtls_platform_memequal()
2020-08-11 14:30:35 +02:00
Andrzej Kurek
9539f831b2
Swap out CRC calculation in AES in favour of a simple hash
...
XOR the key bytes upon setting and re-check hash during each use.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-08-10 20:46:48 -04:00
Andrzej Kurek
8fba6e99ce
Merge pull request #3532 from AndrzejKurek/fi-hmac-drbg-fixes
...
Fi-related hmac_drbg fixes
2020-08-10 19:02:25 +02:00
Andrzej Kurek
0305753d7a
Merge pull request #3477 from AndrzejKurek/aes-fake-key
...
Use a fake random key in AES calculations
2020-08-10 13:05:46 +02:00
Piotr Nowicki
e3c4ee51b2
Rename mbedtls_platform_memcmp() to mbedtls_platform_memequal()
...
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-10 12:41:00 +02:00
Andrzej Kurek
e6d8db0f41
Change the tinycrypt return values to be below 256
...
Thanks to this change the produced ASM does not need an additional instruction
to place the constant value in a register, but can compare it directly.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-08-10 02:54:56 -04:00
Andrzej Kurek
8bb0839555
Add a deprecated version of mbedtls_platform_memcmp.
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-08-09 02:18:12 -04:00
Andrzej Kurek
e4f865d53c
Makefile: alphabetically order object files
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-08-08 19:08:26 -04:00
Andrzej Kurek
fba5921186
aes: validate keys using crc before encryption/decryption
...
CRC is calculated when the key is set. This commit also adds new tests
for ecb encryption and decryption, simulating a fault injection after the key is set.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-08-08 19:06:44 -04:00
Andrzej Kurek
9df2b416b9
Add a CRC module to mbedtls and baremetal config
...
Add a new CRC module along with some tests for it.
The table and the CRC function body is generated using pycrc v0.9.2.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-08-08 02:10:52 -04:00