yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-12-23 18:55:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add flow montitor to the mbedtls_platform_memset()

Browse source 
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
This commit is contained in:
Piotr Nowicki 2020-06-23 12:59:56 +02:00
parent 2bb1376560
commit ed840dbcd8
2 changed files with 59 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
include/mbedtls/platform_util.h
View file

@ -161,8 +161,11 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
* \param buf Buffer to be zeroized
* \param len Length of the buffer in bytes
*
* \return The value of \p buf if the operation was successful.
* \return NULL if a potential FI attack was detected or input parameters
* are not valid.
*/
void mbedtls_platform_zeroize( void *buf, size_t len );
void *mbedtls_platform_zeroize( void *buf, size_t len );
/**
* \brief Secure memset
@ -176,7 +179,8 @@ void mbedtls_platform_zeroize( void *buf, size_t len );
* \param value Value to be used when setting the buffer.
* \param num The length of the buffer in bytes.
*
* \return The value of \p ptr.
* \return The value of \p ptr if the operation was successful.
* \return NULL if a potential FI attack was detected.
*/
void *mbedtls_platform_memset( void *ptr, int value, size_t num );

68
library/platform_util.c
View file

@ -95,30 +95,68 @@
void *mbedtls_platform_memset( void *, int, size_t );
static void * (* const volatile memset_func)( void *, int, size_t ) = mbedtls_platform_memset;
void mbedtls_platform_zeroize( void *buf, size_t len )
void *mbedtls_platform_zeroize( void *buf, size_t len )
{
MBEDTLS_INTERNAL_VALIDATE( len == 0 || buf != NULL );
volatile size_t vlen = len;
if( len > 0 )
memset_func( buf, 0, len );
MBEDTLS_INTERNAL_VALIDATE_RET( ( len == 0 || buf != NULL ), NULL );
if( vlen > 0 )
{
return memset_func( buf, 0, vlen );
}
else
{
mbedtls_platform_random_delay();
if( vlen == 0 && vlen == len )
{
return buf;
}
}
return NULL;
}
#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */
void *mbedtls_platform_memset( void *ptr, int value, size_t num )
{
/* Randomize start offset. */
size_t start_offset = (size_t) mbedtls_platform_random_in_range( (uint32_t) num );
/* Randomize data */
uint32_t data = mbedtls_platform_random_in_range( 256 );
size_t i, start_offset;
volatile size_t flow_counter = 0;
volatile char *b = ptr;
char rnd_data;
/* Perform a pair of memset operations from random locations with
* random data */
memset( (void *) ( (unsigned char *) ptr + start_offset ), data,
( num - start_offset ) );
memset( (void *) ptr, data, start_offset );
start_offset = (size_t) mbedtls_platform_random_in_range( (uint32_t) num );
rnd_data = (char) mbedtls_platform_random_in_range( 256 );
/* Perform the original memset */
return( memset( ptr, value, num ) );
/* Start from a random location */
for( i = start_offset; i < num; ++i )
{
b[i] = value;
flow_counter++;
}
/* Perform a memset operations with random data */
for( i = 0; i < start_offset; ++i )
{
b[i] = rnd_data;
}
/* Finish a memset operations with correct data */
for( i = 0; i < start_offset; ++i )
{
b[i] = value;
flow_counter++;
}
/* check the correct number of iterations */
if( flow_counter == num )
{
mbedtls_platform_random_delay();
if( flow_counter == num )
{
return ptr;
}
}
return NULL;
}
void *mbedtls_platform_memcpy( void *dst, const void *src, size_t num )