Commit graph

10527 commits

Author SHA1 Message Date
Andrzej Kurek 1175044156
Merge enc/dec cipher contexts in ssl transforms
Store the raw encryption and decryption keys in transforms
to set them before each cipher operation. Add a config option
for this - MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-09-17 23:51:58 +02:00
Andrzej Kurek 6f3a987ae3
Merge pull request #3640 from AndrzejKurek/fi-hash-instead-of-crc
Swap out CRC calculation in AES in favour of a simple hash
2020-09-03 15:21:47 +02:00
Andrzej Kurek a00c3eeaca
Merge pull request #3619 from AndrzejKurek/fi-uecc-return-value
Change the tinycrypt return values to be below 256
2020-08-31 14:53:39 +02:00
Andrzej Kurek 858e4325d2
Merge pull request #3604 from AndrzejKurek/alias-memcmp-memequal
Add a deprecated version of mbedtls_platform_memcmp.
2020-08-24 15:26:23 +02:00
Andrzej Kurek c87e91ce2b
Merge pull request #3553 from AndrzejKurek/crc-calculation-base
Validate AES keys after each use checking CRC
2020-08-13 12:42:54 +02:00
Piotr Nowicki c2b682ab71
Merge pull request #3468 from piotr-now/fic_flow_monitor
Add flow monitor for memory block operations
2020-08-13 09:34:00 +02:00
Piotr Nowicki 305a5ec496 Checking in critical places if secured memset() and memcpy() was successful
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-12 15:22:20 +02:00
Piotr Nowicki ea8e846fdc Add flow monitor for mbedtls_platform_memcpy() and mbedtls_platform_memmove()
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-12 15:22:06 +02:00
Piotr Nowicki a6348edc23 Checking in critical places if the mbedtls_platform_zeroize() was successful
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-12 15:12:20 +02:00
Piotr Nowicki ed840dbcd8 Add flow montitor to the mbedtls_platform_memset()
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-12 15:12:20 +02:00
Piotr Nowicki 2bb1376560
Merge pull request #3537 from piotr-now/platform_random
Expanded the random number generator in the `platform_util.c` file
2020-08-12 15:09:05 +02:00
Piotr Nowicki 26c33692b0 Fix CI failure.
For ASanDbg tests of the earlier implementation of the
mbedtls_platform_random_in_range(), there was no case where ‘shift’
value was zero. Such a case generated a bit shift of 32, which is treated
as an error by ASanDbg. Increasing the ‘shift’ value by one ensures that
it will always be non-zero.

Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-11 16:41:34 +02:00
Piotr Nowicki 057daa3b28 Random delay can be disabled in configuration
Use random delay depending on whether MBEDTLS_FI_COUNTERMEASURES is defined

Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-11 16:41:34 +02:00
Piotr Nowicki 77b7a7754c Expanded the random number generator in the platform_util.c file
The earlier implementation had two problems: the random generator always
returned 0 if the MBEDTLS_ENTROPY_HARDWARE_ALT flag was not defined and there
was no protection needed if the HW RNG was malfunctioning. Both these problems
have been solved in this commit by adding the linear congruential generator algorithm.

Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-11 16:41:34 +02:00
Piotr Nowicki 8656fc6525 Change the value type in the mbedtls_platform_random_in_range()
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-11 16:38:25 +02:00
Piotr Nowicki fa635dfaa1
Merge pull request #3448 from piotr-now/platform_util
Renamed mbedtls_platform_memcmp() to mbedtls_platform_memequal()
2020-08-11 14:30:35 +02:00
Andrzej Kurek 9539f831b2
Swap out CRC calculation in AES in favour of a simple hash
XOR the key bytes upon setting and re-check hash during each use.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-08-10 20:46:48 -04:00
Andrzej Kurek 8fba6e99ce
Merge pull request #3532 from AndrzejKurek/fi-hmac-drbg-fixes
Fi-related hmac_drbg fixes
2020-08-10 19:02:25 +02:00
Andrzej Kurek 0305753d7a
Merge pull request #3477 from AndrzejKurek/aes-fake-key
Use a fake random key in AES calculations
2020-08-10 13:05:46 +02:00
Piotr Nowicki e3c4ee51b2 Rename mbedtls_platform_memcmp() to mbedtls_platform_memequal()
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-08-10 12:41:00 +02:00
Andrzej Kurek e6d8db0f41
Change the tinycrypt return values to be below 256
Thanks to this change the produced ASM does not need an additional instruction
to place the constant value in a register, but can compare it directly.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-08-10 02:54:56 -04:00
Andrzej Kurek 8bb0839555
Add a deprecated version of mbedtls_platform_memcmp.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-08-09 02:18:12 -04:00
Andrzej Kurek e4f865d53c
Makefile: alphabetically order object files
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-08-08 19:08:26 -04:00
Andrzej Kurek fba5921186
aes: validate keys using crc before encryption/decryption
CRC is calculated when the key is set. This commit also adds new tests
for ecb encryption and decryption, simulating a fault injection after the key is set.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-08-08 19:06:44 -04:00
Andrzej Kurek 9df2b416b9
Add a CRC module to mbedtls and baremetal config
Add a new CRC module along with some tests for it.
The table and the CRC function body is generated using pycrc v0.9.2. 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-08-08 02:10:52 -04:00
Shelly Liberman c6319a70ab
Merge pull request #3514 from shelib01/fi_write_user_data
Fi write user data
2020-08-06 07:41:15 +03:00
Shelly Liberman 3799fc1578 Splitting buffers comment added
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
2020-08-05 17:53:31 +03:00
Shelly Liberman c6a7e6b0c4 Enhancement fixes
Co-authored-by: Andrzej Kurek <andrzej.kurek@arm.com>
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
2020-08-05 15:40:15 +03:00
shelib01 4062d6ca68 Add user pointer and data size duplication to ssl context.
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
2020-08-05 15:01:05 +03:00
Andrzej Kurek e9cb642748
Merge pull request #3516 from AndrzejKurek/fi-pkparse-changes
FI-related pkparse.c fixes
2020-08-03 12:14:22 +02:00
Andrzej Kurek 7400fae7ee
Merge pull request #3510 from AndrzejKurek/fi-pk-fixes
pk.c FI-related fixes
2020-08-03 12:14:06 +02:00
Andrzej Kurek 898d330148
Merge pull request #3500 from AndrzejKurek/fi-sha256-fixes
Introduce sha256 security review fixes
2020-08-03 12:13:40 +02:00
Andrzej Kurek 84afe68ad4
Merge pull request #3509 from AndrzejKurek/fi-x509-changes
x509.c: Remove one unnecessary cast
2020-08-03 12:11:47 +02:00
Andrzej Kurek 4b700a3db3
Merge pull request #3456 from AndrzejKurek/aes-fi-improvements
Minor AES module improvements
2020-07-30 16:29:48 +02:00
Andrzej Kurek 7e6075b7fd
Merge pull request #3499 from AndrzejKurek/fi-duplicate-buffers-revert
Revert a part of the sensitive information duplication changes
2020-07-21 11:03:50 +02:00
Andrzej Kurek 4353b698ed
hmac_drbg: make no reseeding behaviour explicit
Add a flag to the hmac_drbg context that will signal that reseeding is not required.
Change tests and one ecdsa call to not use reseeding, as was the previous case.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-07-19 09:00:18 -04:00
Andrzej Kurek fac2f9b4ce
aes: move the fake key operations to AES_SCA_COUNTERMEASURES define
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-07-19 05:01:44 -04:00
Andrzej Kurek f6265441b0
hmac_drbg: fix default value of the prediction resistance in ctx
After changing the possible prediction resistance values to have more
hamming distance between them, 0 (default initialization value) no
longer meant no prediction resistance.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-07-18 07:09:04 -04:00
Andrzej Kurek 6bc37fa4e2
hmac_drbg: set_entropy_len can now return an error
Make mbedtls_hmac_drbg_set_entropy_len return an error
in case of a too long entropy length setting.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-07-18 06:05:03 -04:00
Andrzej Kurek 9167aa96f8
hmac_drbg: change two variables to be volatile
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-07-18 06:02:59 -04:00
Andrzej Kurek e78775eed2
Use a fake random key in AES calculations
Create an additional field in the AES context to store a randomized fake key.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-07-18 05:21:32 -04:00
Andrzej Kurek 8917326d7b
Introduce sha256 security review fixes
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-07-18 00:42:39 -04:00
Andrzej Kurek 3403969645
Add a comment regarding remaining space check
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-07-17 05:49:47 -04:00
Andrzej Kurek a9a5ff5f31
aes: add a comment about expected keybits value.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-07-17 03:28:32 -04:00
Andrzej Kurek 11ddf25828
Add minor FI countermeasures improvements
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-07-17 03:28:32 -04:00
Andrzej Kurek 189ee74a82
Add a platform function to return a random uint32_t
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-07-17 03:28:32 -04:00
Andrzej Kurek 3ed65d2b84
Add a return from pk_get_ueccpubkey if uecc_public_key_read_binary fails
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-07-17 02:17:38 -04:00
Andrzej Kurek c3b69edd2f
Increase hamming distance by changing UECC_SUCCESS from 0 to FFAAAA
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-07-16 11:33:34 -04:00
Andrzej Kurek a798e5d5cc
Introduce additional buffer size checks to pk.c
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-07-16 11:32:53 -04:00
Andrzej Kurek ddc2db4c13
x509.c: Remove one unnecessary cast
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-07-16 04:41:48 -04:00