mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-24 01:35:46 +00:00
Add flow montitor to the mbedtls_platform_memset()
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
This commit is contained in:
parent
2bb1376560
commit
ed840dbcd8
|
@ -161,8 +161,11 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
|
||||||
* \param buf Buffer to be zeroized
|
* \param buf Buffer to be zeroized
|
||||||
* \param len Length of the buffer in bytes
|
* \param len Length of the buffer in bytes
|
||||||
*
|
*
|
||||||
|
* \return The value of \p buf if the operation was successful.
|
||||||
|
* \return NULL if a potential FI attack was detected or input parameters
|
||||||
|
* are not valid.
|
||||||
*/
|
*/
|
||||||
void mbedtls_platform_zeroize( void *buf, size_t len );
|
void *mbedtls_platform_zeroize( void *buf, size_t len );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Secure memset
|
* \brief Secure memset
|
||||||
|
@ -176,7 +179,8 @@ void mbedtls_platform_zeroize( void *buf, size_t len );
|
||||||
* \param value Value to be used when setting the buffer.
|
* \param value Value to be used when setting the buffer.
|
||||||
* \param num The length of the buffer in bytes.
|
* \param num The length of the buffer in bytes.
|
||||||
*
|
*
|
||||||
* \return The value of \p ptr.
|
* \return The value of \p ptr if the operation was successful.
|
||||||
|
* \return NULL if a potential FI attack was detected.
|
||||||
*/
|
*/
|
||||||
void *mbedtls_platform_memset( void *ptr, int value, size_t num );
|
void *mbedtls_platform_memset( void *ptr, int value, size_t num );
|
||||||
|
|
||||||
|
|
|
@ -95,30 +95,68 @@
|
||||||
void *mbedtls_platform_memset( void *, int, size_t );
|
void *mbedtls_platform_memset( void *, int, size_t );
|
||||||
static void * (* const volatile memset_func)( void *, int, size_t ) = mbedtls_platform_memset;
|
static void * (* const volatile memset_func)( void *, int, size_t ) = mbedtls_platform_memset;
|
||||||
|
|
||||||
void mbedtls_platform_zeroize( void *buf, size_t len )
|
void *mbedtls_platform_zeroize( void *buf, size_t len )
|
||||||
{
|
{
|
||||||
MBEDTLS_INTERNAL_VALIDATE( len == 0 || buf != NULL );
|
volatile size_t vlen = len;
|
||||||
|
|
||||||
if( len > 0 )
|
MBEDTLS_INTERNAL_VALIDATE_RET( ( len == 0 || buf != NULL ), NULL );
|
||||||
memset_func( buf, 0, len );
|
|
||||||
|
if( vlen > 0 )
|
||||||
|
{
|
||||||
|
return memset_func( buf, 0, vlen );
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
mbedtls_platform_random_delay();
|
||||||
|
if( vlen == 0 && vlen == len )
|
||||||
|
{
|
||||||
|
return buf;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return NULL;
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */
|
#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */
|
||||||
|
|
||||||
void *mbedtls_platform_memset( void *ptr, int value, size_t num )
|
void *mbedtls_platform_memset( void *ptr, int value, size_t num )
|
||||||
{
|
{
|
||||||
/* Randomize start offset. */
|
size_t i, start_offset;
|
||||||
size_t start_offset = (size_t) mbedtls_platform_random_in_range( (uint32_t) num );
|
volatile size_t flow_counter = 0;
|
||||||
/* Randomize data */
|
volatile char *b = ptr;
|
||||||
uint32_t data = mbedtls_platform_random_in_range( 256 );
|
char rnd_data;
|
||||||
|
|
||||||
/* Perform a pair of memset operations from random locations with
|
start_offset = (size_t) mbedtls_platform_random_in_range( (uint32_t) num );
|
||||||
* random data */
|
rnd_data = (char) mbedtls_platform_random_in_range( 256 );
|
||||||
memset( (void *) ( (unsigned char *) ptr + start_offset ), data,
|
|
||||||
( num - start_offset ) );
|
|
||||||
memset( (void *) ptr, data, start_offset );
|
|
||||||
|
|
||||||
/* Perform the original memset */
|
/* Start from a random location */
|
||||||
return( memset( ptr, value, num ) );
|
for( i = start_offset; i < num; ++i )
|
||||||
|
{
|
||||||
|
b[i] = value;
|
||||||
|
flow_counter++;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Perform a memset operations with random data */
|
||||||
|
for( i = 0; i < start_offset; ++i )
|
||||||
|
{
|
||||||
|
b[i] = rnd_data;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Finish a memset operations with correct data */
|
||||||
|
for( i = 0; i < start_offset; ++i )
|
||||||
|
{
|
||||||
|
b[i] = value;
|
||||||
|
flow_counter++;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* check the correct number of iterations */
|
||||||
|
if( flow_counter == num )
|
||||||
|
{
|
||||||
|
mbedtls_platform_random_delay();
|
||||||
|
if( flow_counter == num )
|
||||||
|
{
|
||||||
|
return ptr;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
void *mbedtls_platform_memcpy( void *dst, const void *src, size_t num )
|
void *mbedtls_platform_memcpy( void *dst, const void *src, size_t num )
|
||||||
|
|
Loading…
Reference in a new issue