Commit Graph

63 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
86c4f81408 Improve documentation of internal function 2019-10-31 13:07:58 +01:00
Manuel Pégourié-Gonnard
d5e503ec33 Rename wait_state_t to ecc_wait_state_t
Even though this is type name is purely internal to a single C file, let's
reduce the potential for clashes with other wait state types which might be
added elsewhere in the library and become visible here (for example through
platform_util.h).
2019-10-31 13:07:58 +01:00
Manuel Pégourié-Gonnard
d467116e59 Make wait_state smaller
Previous size was 3584 bytes which is not acceptable on constrained systems
(especially on the stack). This was a misguided attempt at minimizing the
number of calls to the RNG function in order to minimize impact on
performance, but clearly this does not justify using that much RAM and a
compromise had to be found.
2019-10-31 13:07:52 +01:00
Manuel Pégourié-Gonnard
938f53f1fb Actually use randomized mult when relevant
While at it, loose the 'curve' argument in internal randomized functions, for
the same reasons we lost 'num_words' in uECC_vli_mult_rnd(): we only have one
curve so we don't need this, and hardcoding it saves a bit of code size and
speed, which is welcome to slightly reduce the impact of the counter-measure
on both of them.
2019-10-31 13:07:52 +01:00
Manuel Pégourié-Gonnard
14ab9c2879 Add random delays to multi-precision multiplication
This is a counter-measure to make horizontal attacks harder. Horizontal
attacks work with a single trace by noticing when intermediate computations
within that trace happen on the same operands.

We'll try to make that harder for an attacker to achieve that by introducing
random delays based on extra computation and extra random accesses to input in
the multi-precision multiplication (which is the dominant operation and the target of
horizontal attacks known so far). This should make it hard for the attacker to
compare two multiplications.

This first commit introduces the new function for multiplication with random
delay - future commits will ensure it is used all the way up to the top-level
scalar multiplication routine.
2019-10-31 13:07:52 +01:00
Simon Butcher
92c3d1f4f4 Addition of copyright statements to tinycrypt files
Each of the tinycrypt files have had some very minor changes, so need a
copyright statement.
2019-09-09 17:37:08 +01:00
Simon Butcher
cffedb548f Add SPDX lines to each imported TinyCrypt file
Out of the 6 tinycrypt files included in Mbed TLS, this commit adds SPDX lines
to each for the BSD 3 Clause licence.
2019-09-09 17:34:51 +01:00
Hanno Becker
36ae758798 Include Mbed TLS config in tinycrypt compilation units 2019-08-12 17:05:38 +01:00
Manuel Pégourié-Gonnard
afdc1b5cbd Consistently use the name tinycrypt over uecc
We called in tinycrypt in the file names, but uecc in config.h, all.sh and
other places, which could be confusing. Just use tinycrypt everywhere because
that's the name of the project and repo where we took the files.

The changes were made using the following commands (with GNU sed and zsh):

sed -i 's/uecc/tinycrypt/g' **/*.[ch] tests/scripts/all.sh
sed -i 's/MBEDTLS_USE_UECC/MBEDTLS_USE_TINYCRYPT/g' **/*.[ch] tests/scripts/all.sh scripts/config.pl
2019-05-09 11:24:11 +02:00
Jarno Lamsa
46132207f8 Make compiler happy when MBEDTLS_USE_UECC disabled 2019-04-29 14:29:52 +03:00
Jarno Lamsa
55427964b1 Guard tinycrypt files with MBEDTLS_USE_UECC 2019-04-29 10:25:23 +03:00
Jarno Lamsa
d50fd6b373 Remove unused headers from uecc sources 2019-04-24 16:19:50 +03:00
Jarno Lamsa
18987a420b Add micro-ecc based ecc-files to mbedtls
The files are from https://github.com/intel/tinycrypt
Using commit 6e0eb53fc8403988f97345e94081b0453f47231d as a base.
2019-04-24 15:40:43 +03:00