yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-09 03:15:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
10593 commits 88 branches 205 tags 69 MiB
Commit graph

5115 commits

Author SHA1 Message Date
Andrzej Kurek 8265f5cc4f
Merge pull request #3880 from AndrzejKurek/fi-random-delays 
Add random delays to sha256 to protect against fault injection
 2020-11-25 13:38:52 -05:00
Andrzej Kurek 9b92865bcd
Merge pull request #3850 from AndrzejKurek/ccm-clean-temp-data 
ccm - clean temp data
 2020-11-25 11:14:05 -05:00
Andrzej Kurek 549a35690c
Merge pull request #3890 from AndrzejKurek/fi-memcpy-memset-fail 
Add a callback for platform faults in platform_util.c
 2020-11-25 11:13:32 -05:00
Andrzej Kurek 1c448168b2
Merge pull request #3913 from jarvte/memfix_variablebuffer 
Fix possible memory leak when MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH defined
 2020-11-25 09:45:53 -05:00
Andrzej Kurek 7f81c86a0d Add a callback for platform faults in platform_util.c 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-11-25 06:53:59 -05:00
Andrzej Kurek 9bc6119bb9 Add random delays to sha256 to protect against fault injection 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-11-25 06:38:05 -05:00
Andrzej Kurek 142f09fb96 ccm: zeroize buffers before and after usage 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-11-25 06:20:43 -05:00
Andrzej Kurek 5eba1d82a2
Merge pull request #3841 from AndrzejKurek/baremetal-rnd-in-range-fix 
Move size checks outside of mbedtls_platform_random_in_range
 2020-11-25 11:41:40 +01:00
Andrzej Kurek 21f64d3633
Merge pull request #3840 from AndrzejKurek/baremetal-aes-shuffling-2 
CCM countermeasures - shuffling and masking
 2020-11-25 11:33:53 +01:00
Teppo Järvelin b89cf99a57 Fix possible memory leak when MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH is defined 
Signed-off-by: Teppo Järvelin <teppo.jarvelin@arm.com>
 2020-11-25 11:44:05 +02:00
Shelly Liberman c5b0c6e8ae fix uninitialized variables 
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
 2020-11-19 20:01:21 +02:00
Andrzej Kurek 18c60aaca1
ccm: use random_in_range instead of duplicating its functionality 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-11-18 12:37:41 +01:00
Andrzej Kurek a138c0a0b0
Move size checks outside of mbedtls_platform_random_in_range 
Update the documentation to mention that calling it with zero
as an argument will result in an undefined behavior.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-11-12 17:05:51 +01:00
Shelly Liberman 560203ae01
Merge pull request #3853 from kjbracey-arm/m_narrowloop 
[baremetal] Avoid narrow loop counters etc
 2020-11-08 08:03:48 +02:00
Kevin Bracey a967a58ed3 [baremetal] Avoid narrow loop counters etc 
Use `uint_fast8_t` instead of `unsigned char` in various loop-type
situations. This avoids the need for a 16 or 32-bit system to insert
explicit narrow-to-8-bit instructions.

Not the result of an exhaustive source analysis, rather inspecting
the disassembly output for a cut-down Cortex-M0+ build looking for
UXTB etc instructions, so there could well be more in the complete
configuration.

Signed-off-by: Kevin Bracey <kevin.bracey@arm.com>
 2020-11-06 10:56:16 +02:00
Kevin Bracey 585e9e0922 Add MBEDTLS_SSL_CONF_TRANSPORT 
Follow the model of `MBEDTLS_SSL_CONF_ENDPOINT`. This saves a small
amount - most of the saving was already acheived via`
MBEDTLS_SSL_TRANSPORT_IS_TLS` but we can scrape out a little more by
totally eliminating `ssl->conf->transport` references.

Signed-off-by: Kevin Bracey <kevin.bracey@arm.com>
 2020-11-04 15:16:22 +02:00
Kevin Bracey d859db833c Fix MBEDTLS_SSL_CONF_ENDPOINT flagging 
Compilation failed if MBEDTLS_SSL_CONF_ENDPOINT was set - add necessary
conditions.

Signed-off-by: Kevin Bracey <kevin.bracey@arm.com>
 2020-11-04 15:16:09 +02:00
Andrzej Kurek 8b0910a791
Merge pull request #3815 from AndrzejKurek/cipher-optim-mem-fix 
ssl_tls.c: Fix unchecked memory allocation
 2020-11-02 11:41:24 +01:00
Andrzej Kurek 0fa427b027
ccm: add masking to the UPDATE_CBC_MAC macro 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-10-31 17:55:21 +01:00
Andrzej Kurek 8bef87ee5e
Add basic shuffling and masking to CCM operations 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-10-31 10:19:07 +01:00
Andrzej Kurek 28b3b29306
ssl_tls.c: Fix unchecked memory allocation 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-10-22 11:40:41 +02:00
Andrzej Kurek 2e49d079d6
Describe the behaviour of buffer resizing on an out-of-memory error 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-10-22 11:16:25 +02:00
Andrzej Kurek cd9a6ff3c1
Introduce additional flags for buffer upsizing and downsizing 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-10-22 11:12:07 +02:00
Andrzej Kurek 79db2f14da
Refactor the buffer resize feature to reduce codesize 
Extract a common part of the code to a function.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-10-20 17:11:54 +02:00
Andrzej Kurek f384495972
Sideport the variable IO buffer size feature to baremetal 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-10-17 00:55:17 +02:00
Andrzej Kurek dd5ad6924e
Merge pull request #3785 from AndrzejKurek/m_tinycrypt_asm 
TinyCrypt ARM assembler and other optimisations
 2020-10-15 13:27:39 +02:00
Andrzej Kurek db0e50ea70
Introduce MBEDTLS_OPTIMIZE_TINYCRYPT_ASM 
Make the ASM optimizations in tinycrypt optional.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-10-14 14:32:50 +02:00
Andrzej Kurek f4d2c7de31
Improve FI resistance of pk verification in ssl_cli.c 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-09-20 02:15:16 +02:00
Andrzej Kurek f74a86c0b0
Improve FI resistance of certificate verification in ssl_srv.c 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-09-20 01:57:30 +02:00
Andrzej Kurek ef34494d80
ssl_srv.c: change the initial return variable value 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-09-20 00:29:43 +02:00
Andrzej Kurek ff51721e99
ssl_tls: reduce the complexity of encryption validation 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-09-20 00:29:43 +02:00
Andrzej Kurek 8ec9e136cf
ssl_tls: Add a flag indicating that encryption succeeded 
Protect against encryption skipping by introducing a new flag.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-09-20 00:29:43 +02:00
Andrzej Kurek 6c30be8e4b
ssl: call signature verification twice for non-restartable operations 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-09-20 00:29:43 +02:00
Andrzej Kurek 69bafce7a3
Improve the FI resistance in ssl_tls.c key switching 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-09-19 12:45:20 +02:00
Andrzej Kurek f7df0d37ab
Reduce the size of used constant in ssl_tls.c 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-09-19 12:00:57 +02:00
Andrzej Kurek a793237998
Calculate hashes of ssl encryption and decryption keys 
Optimize the key switching mechanism to set the key only if 
a different operation is performed with the context.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-09-19 08:04:05 +02:00
Andrzej Kurek d81351b047
Change the default value of initialized cipher operation to NONE 
This way, an initialized cipher context but without a key set can be identified.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-09-19 04:07:03 +02:00
Andrzej Kurek 73680ad5a2
Merge pull request #3694 from AndrzejKurek/transform-cipher-optimization 
Merge enc/dec cipher contexts in ssl transforms
 2020-09-23 14:06:43 +01:00
Andrzej Kurek 1175044156
Merge enc/dec cipher contexts in ssl transforms 
Store the raw encryption and decryption keys in transforms
to set them before each cipher operation. Add a config option
for this - MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-09-17 23:51:58 +02:00
Shelly Liberman 05beb9ac70 replace user rand by platform rand in ecc delays 
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
 2020-09-16 18:58:50 +03:00
Andrzej Kurek 9539f831b2
Swap out CRC calculation in AES in favour of a simple hash 
XOR the key bytes upon setting and re-check hash during each use.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-08-10 20:46:48 -04:00
Andrzej Kurek 8bb0839555
Add a deprecated version of mbedtls_platform_memcmp. 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-08-09 02:18:12 -04:00
Andrzej Kurek c87e91ce2b
Merge pull request #3553 from AndrzejKurek/crc-calculation-base 
Validate AES keys after each use checking CRC
 2020-08-13 12:42:54 +02:00
Piotr Nowicki 305a5ec496 Checking in critical places if secured memset() and memcpy() was successful 
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
 2020-08-12 15:22:20 +02:00
Piotr Nowicki ea8e846fdc Add flow monitor for mbedtls_platform_memcpy() and mbedtls_platform_memmove() 
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
 2020-08-12 15:22:06 +02:00
Piotr Nowicki a6348edc23 Checking in critical places if the mbedtls_platform_zeroize() was successful 
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
 2020-08-12 15:12:20 +02:00
Piotr Nowicki ed840dbcd8 Add flow montitor to the mbedtls_platform_memset() 
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
 2020-08-12 15:12:20 +02:00
Piotr Nowicki 26c33692b0 Fix CI failure. 
For ASanDbg tests of the earlier implementation of the
mbedtls_platform_random_in_range(), there was no case where ‘shift’
value was zero. Such a case generated a bit shift of 32, which is treated
as an error by ASanDbg. Increasing the ‘shift’ value by one ensures that
it will always be non-zero.

Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
 2020-08-11 16:41:34 +02:00
Piotr Nowicki 057daa3b28 Random delay can be disabled in configuration 
Use random delay depending on whether MBEDTLS_FI_COUNTERMEASURES is defined

Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
 2020-08-11 16:41:34 +02:00
Piotr Nowicki 77b7a7754c Expanded the random number generator in the platform_util.c file 
The earlier implementation had two problems: the random generator always
returned 0 if the MBEDTLS_ENTROPY_HARDWARE_ALT flag was not defined and there
was no protection needed if the HW RNG was malfunctioning. Both these problems
have been solved in this commit by adding the linear congruential generator algorithm.

Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
 2020-08-11 16:41:34 +02:00