yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-12-26 03:35:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
10331 commits 88 branches 205 tags 69 MiB
Commit graph

10331 commits

This branch
This branch
All branches
Author SHA1 Message Date
Arto Kinnunen 98c93af1ef Randomize number of AES dummy calculation rounds 
Use either 4 or 5 dummy rounds in AES encryption/decryption.
 2020-01-21 12:01:42 +02:00
Arto Kinnunen 2eb678f5e8 Update AES SCA countermeasures 
-Add dummy rounds to the start and/or end of the AES calculation
 rounds.
 2020-01-21 12:01:42 +02:00
Arto Kinnunen 28ecfb002f Merge remote-tracking branch 'upstream/pr/2983' into baremetal 
* upstream/pr/2983:
  Fix mbedtls_strerror to work with all wanted codes
 2020-01-17 11:21:53 +02:00
Arto Kinnunen ca1978b7d5 Merge remote-tracking branch 'upstream/pr/2982' into baremetal 
* upstream/pr/2982:
  Use mbedtls_platform_memset in data_randomize
  Protect get/put on secret data on AES-module
 2020-01-17 11:21:41 +02:00
Arto Kinnunen d1340e455c Merge remote-tracking branch 'upstream/pr/2980' into baremetal 
* upstream/pr/2980:
  Protect get/put on secret data on sha256-module
 2020-01-17 11:21:32 +02:00
Arto Kinnunen 10a2ffde5d Merge remote-tracking branch 'upstream/pr/2945' into baremetal 
* upstream/pr/2945:
  Rename macro MBEDTLS_MAX_RAND_DELAY
  Update signature of mbedtls_platform_random_delay
  Replace mbedtls_platform_enforce_volatile_reads 2
  Replace mbedtls_platform_enforce_volatile_reads
  Add more variation to random delay countermeasure
  Add random  delay to enforce_volatile_reads
  Update comments of mbedtls_platform_random_delay
  Follow Mbed TLS coding style
  Add random delay function to platform_utils
 2020-01-17 11:21:16 +02:00
Jarno Lamsa 8f8c0bdfc7 Use mbedtls_platform_memset in data_randomize 
More secure memset should be used here instead
of standard memset.
 2020-01-10 08:19:37 +02:00
Jarno Lamsa 282db8e3f8 Protect get/put on secret data on AES-module 
When reading the input, buffer will be initialised with random data
and the reading will start from a random offset. When writing the data,
the output will be initialised with random data and the writing will start
from a random offset.
 2020-01-10 08:19:37 +02:00
Teppo Järvelin 5bc072f737 Fix mbedtls_strerror to work with all wanted codes 2020-01-09 14:22:32 +02:00
Arto Kinnunen b148651e49 Rename macro MBEDTLS_MAX_RAND_DELAY 
MBEDTLS_MAX_RAND_DELAY renamed to MAX_RAND_DELAY to get CI passing.
 2020-01-09 11:11:23 +02:00
Arto Kinnunen ac6d226939 Update signature of mbedtls_platform_random_delay 
Skip parameter and return value from mbedtls_platform_random_delay
to make it more resistant for FI attacks.
 2020-01-09 10:19:07 +02:00
Simon Butcher 05ca9d46c1 Merge remote-tracking branch 'public/pr/2979' into baremetal 2020-01-08 18:15:52 +00:00
Simon Butcher 282911eabf Merge remote-tracking branch 'public/pr/2978' into baremetal 2020-01-08 18:14:21 +00:00
Simon Butcher 01d78fcefe Merge remote-tracking branch 'public/pr/2971' into baremetal 2020-01-08 18:10:44 +00:00
Simon Butcher 2d9c0eb215 Merge remote-tracking branch 'public/pr/2948' into baremetal 2020-01-08 18:08:28 +00:00
Simon Butcher 4b3b8c208e Merge remote-tracking branch 'public/pr/2886' into baremetal 2020-01-08 17:53:43 +00:00
Simon Butcher 5dc7faf56e Merge remote-tracking branch 'public/pr/2956' into baremetal 2020-01-08 17:53:16 +00:00
Jarno Lamsa bb86c52430 Protect get/put on secret data on sha256-module 
When reading the input, the buffer will be initialised with random data
and the reading will start from a random offset. When writing the data,
the output will be initialised with random data and the writing will
start from a random offset.
 2020-01-08 10:45:51 +02:00
Teppo Järvelin cafb6c91b0 Clear internal decrypted buffer after read 2020-01-08 10:25:16 +02:00
Arto Kinnunen 0a8f87f5eb Remove entropy source overwrite in baremetal_test 
-Do not overwrite MBEDTLS_ENTROPY_MAX_SOURCES in baremetal_test.h
-Skip tests that are not suitable for low number of entropy sources
 2020-01-07 14:48:33 +02:00
Arto Kinnunen 7195571681 Replace mbedtls_platform_enforce_volatile_reads 2 
Replace remaining mbedtls_platform_enforce_volatile_reads() with
mbedtls_platform_random_delay().
 2020-01-07 10:47:58 +02:00
Arto Kinnunen e91f0dc905 Replace mbedtls_platform_enforce_volatile_reads 
Replace function mbedtls_platform_enforce_volatile_reads() with
mbedtls_platform_random_delay().
 2020-01-07 10:47:58 +02:00
Arto Kinnunen dbf2b43ceb Add more variation to random delay countermeasure 
Add more variation to the random delay function by xor:ing two
variables. It is not enough to increment just a counter to create a
delay as it will be visible as uniform delay that can be easily
removed from the trace by analysis.
 2020-01-07 10:47:58 +02:00
Arto Kinnunen 0490485be5 Add random delay to enforce_volatile_reads 
Add a random delay to mbedtls_platform_enforce_volatile_reads() as a
countermeasure to fault injection attacks.
 2020-01-07 10:47:58 +02:00
Arto Kinnunen 9a506e7424 Update comments of mbedtls_platform_random_delay 2020-01-07 10:47:58 +02:00
Arto Kinnunen b47b105838 Follow Mbed TLS coding style 2020-01-07 10:47:58 +02:00
Arto Kinnunen 4c63b98e94 Add random delay function to platform_utils 
Add delay function to platform_utils. The function will delay
program execution by incrementing local variable randomised number of
times.
 2020-01-07 10:47:58 +02:00
Teppo Järvelin c2fa3eaa81 Removed dead code after optimization in tinycrypt 2020-01-05 12:02:37 +02:00
Teppo Järvelin 8f7e36fc98 Coverity fixes, check hmac return values 2020-01-05 12:02:37 +02:00
Teppo Järvelin 0b1d7d946d Coverity fix: dead error condition removed from ecc.c 2020-01-05 12:02:04 +02:00
Simon Butcher 7d2434fac2 Merge remote-tracking branch 'public/pr/2973' into baremetal 2020-01-03 15:52:36 +00:00
Darryl Green 029fe86c53 Fix some pylint warnings 
Fix a too-long line to meet PEP8 standards
 2020-01-03 13:41:20 +00:00
Simon Butcher 1b370a63ec Merge remote-tracking branch 'public/pr/2960' into baremetal 2019-12-27 18:18:22 +00:00
Simon Butcher 58813498f7 Merge remote-tracking branch 'public/pr/2957' into baremetal 2019-12-27 18:18:04 +00:00
Jarno Lamsa 5aa4c07b85 Minor review fixes 2019-12-20 13:09:27 +02:00
Jarno Lamsa 015aa44b93 Make authmode volatile 
This is to enforce reading it from memory for the double
check to prevent compiler from optimising it away.
 2019-12-20 12:09:37 +02:00
Jarno Lamsa af60cd7698 Protect the peer_authenticated flag more 
Add more protection to the flag preventing attacker
possibly to glitch using faulty certificate.
 2019-12-20 10:50:33 +02:00
Jarno Lamsa 616fbe177c Increase hamming distance for authmode 
Prevent glitching mode by single bit flipping.
 2019-12-19 17:07:35 +02:00
Jarno Lamsa 8d09e5744c Increase hamming distance for session resume flag 
This is to prevent glitching a single bit for the resume flag.
 2019-12-19 17:07:35 +02:00
Jarno Lamsa 489dccd158 Adress review comments 2019-12-19 17:07:35 +02:00
Jarno Lamsa 88db2ae9a0 Use Platform fault when double check fails 2019-12-19 17:07:35 +02:00
Jarno Lamsa f5b6af01d3 Fix double check in entropy_gather_internal 
The double check was wrong way, glitching either check
could have compromised the flow there.
 2019-12-19 17:07:29 +02:00
Jarno Lamsa afff4d0679 Remove unused flag 2019-12-19 14:41:56 +02:00
Jarno Lamsa 06164057b3 Check that we have all the proper keys 
The proper keys should be set at the end of
the handshake, if not, fail the handshake.
 2019-12-19 14:40:36 +02:00
Jarno Lamsa e1621d4700 Check that the peer_authenticated flag 
Check that the peer has been authenticated in the end
of the handshake.
 2019-12-19 14:29:24 +02:00
Jarno Lamsa ba4730fe4c Protect setting of peer_authenticated flag 
Use flow counting and double checks when setting the flag.
Also protect the flow to prevent causing a glitch.
 2019-12-19 09:43:25 +02:00
Jarno Lamsa 4031a45019 Protect key_derivation_done flag 
The flag is used to track that the key derivation
has been done.
 2019-12-19 09:43:25 +02:00
Jarno Lamsa 67f0a1e833 Protect setting of premaster_generated flag 
The flag is used for tracking if the premaster has
been succesfully generated. Note that when resuming
a session, the flag should not be used when trying to
notice if all the key generation/derivation has been done.
 2019-12-19 09:43:19 +02:00
Jarno Lamsa 98801af26b Protect setting of hello_random flag 
The handshake flag tells when the handshake hello.random
is set and can be used later to decide if we have the correct
keys.
 2019-12-19 09:02:02 +02:00
Jarno Lamsa b57d7fd568 Add flags for protecting TLS state machine 
Flags are there to prevent skipping vital parts of the TLS
handshake.
 2019-12-19 09:01:54 +02:00