espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-07-30 18:57:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(hal): Make the ECDSA countermeasure dynamically applicable

Browse Source 
This commit makes the ECDSA countermeasure dynamically applicable
    across different revisions of the ESP32H2 SoC.
This commit is contained in:
Aditya Patwardhan
2024-12-10 17:57:26 +05:30
committed by BOT
parent 748d29b5ad
commit 3bcafe77d8
6 changed files with 24 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
components/esp_hw_support/port/esp32h2/Kconfig.hw_support
View File

@ -15,8 +15,6 @@ choice ESP32H2_REV_MIN
bool "Rev v0.1 (ECO1)" bool "Rev v0.1 (ECO1)"
config ESP32H2_REV_MIN_2 config ESP32H2_REV_MIN_2
bool "Rev v0.2 (ECO2)" bool "Rev v0.2 (ECO2)"
config ESP32H2_REV_MIN_102
bool "Rev v1.2 (ECO5)"
endchoice endchoice
config ESP32H2_REV_MIN_FULL config ESP32H2_REV_MIN_FULL
@ -24,7 +22,6 @@ config ESP32H2_REV_MIN_FULL
default 0 if ESP32H2_REV_MIN_0 default 0 if ESP32H2_REV_MIN_0
default 1 if ESP32H2_REV_MIN_1 default 1 if ESP32H2_REV_MIN_1
default 2 if ESP32H2_REV_MIN_2 default 2 if ESP32H2_REV_MIN_2
default 102 if ESP32H2_REV_MIN_102
config ESP_REV_MIN_FULL config ESP_REV_MIN_FULL
int int
@ -34,7 +31,7 @@ config ESP_REV_MIN_FULL
# MAX Revision # MAX Revision
# #
comment "Maximum Supported ESP32-H2 Revision (Rev v1.99)" comment "Maximum Supported ESP32-H2 Revision (Rev v0.99)"
# Maximum revision that IDF supports. # Maximum revision that IDF supports.
# It can not be changed by user. # It can not be changed by user.
# Only Espressif can change it when a new version will be supported in IDF. # Only Espressif can change it when a new version will be supported in IDF.

1
components/esp_security/Kconfig
View File

@ -40,7 +40,6 @@ menu "ESP Security Specific"
config ESP_CRYPTO_FORCE_ECC_CONSTANT_TIME_POINT_MUL config ESP_CRYPTO_FORCE_ECC_CONSTANT_TIME_POINT_MUL
bool "Forcefully enable ECC constant time point multiplication operations" bool "Forcefully enable ECC constant time point multiplication operations"
depends on SOC_ECC_CONSTANT_TIME_POINT_MUL depends on SOC_ECC_CONSTANT_TIME_POINT_MUL
depends on !(IDF_TARGET_ESP32H2 && ESP32H2_REV_MIN_FULL < 102)
default N default N
help help
If enabled, the app startup code will burn the ECC_FORCE_CONST_TIME efuse bit to force the If enabled, the app startup code will burn the ECC_FORCE_CONST_TIME efuse bit to force the

10
components/esp_security/src/init.c
View File

@ -12,6 +12,8 @@
#include "esp_efuse_table.h" #include "esp_efuse_table.h"
#include "esp_security_priv.h" #include "esp_security_priv.h"
#include "esp_err.h" #include "esp_err.h"
#include "hal/efuse_hal.h"
#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY || SOC_KEY_MANAGER_FE_KEY_DEPLOY #if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY || SOC_KEY_MANAGER_FE_KEY_DEPLOY
#include "hal/key_mgr_ll.h" #include "hal/key_mgr_ll.h"
#endif #endif
@ -41,7 +43,13 @@ ESP_SYSTEM_INIT_FN(esp_security_init, SECONDARY, BIT(0), 103)
#endif #endif
#if CONFIG_ESP_CRYPTO_FORCE_ECC_CONSTANT_TIME_POINT_MUL #if CONFIG_ESP_CRYPTO_FORCE_ECC_CONSTANT_TIME_POINT_MUL
if (!esp_efuse_read_field_bit(ESP_EFUSE_ECC_FORCE_CONST_TIME)) { bool force_constant_time = true;
#if CONFIG_IDF_TARGET_ESP32H2
if (!ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 102)) {
force_constant_time = false;
}
#endif
if (!esp_efuse_read_field_bit(ESP_EFUSE_ECC_FORCE_CONST_TIME) && force_constant_time) {
ESP_EARLY_LOGD(TAG, "Forcefully enabling ECC constant time operations"); ESP_EARLY_LOGD(TAG, "Forcefully enabling ECC constant time operations");
esp_err_t err = esp_efuse_write_field_bit(ESP_EFUSE_ECC_FORCE_CONST_TIME); esp_err_t err = esp_efuse_write_field_bit(ESP_EFUSE_ECC_FORCE_CONST_TIME);
if (err != ESP_OK) { if (err != ESP_OK) {

2
components/hal/Kconfig
View File

@ -105,7 +105,7 @@ menu "Hardware Abstraction Layer (HAL) and Low Level (LL)"
config HAL_ECDSA_GEN_SIG_CM config HAL_ECDSA_GEN_SIG_CM
bool "Enable countermeasure for ECDSA signature generation" bool "Enable countermeasure for ECDSA signature generation"
depends on IDF_TARGET_ESP32H2 && ESP32H2_REV_MIN_FULL < 102 depends on IDF_TARGET_ESP32H2
default n default n
help help
Enable this option to apply the countermeasure for ECDSA signature operation Enable this option to apply the countermeasure for ECDSA signature operation

7
components/hal/ecdsa_hal.c
View File

@ -12,6 +12,7 @@
#if CONFIG_HAL_ECDSA_GEN_SIG_CM #if CONFIG_HAL_ECDSA_GEN_SIG_CM
#include "esp_fault.h" #include "esp_fault.h"
#include "esp_random.h" #include "esp_random.h"
#include "soc/chip_revision.h"
#endif #endif
#ifdef SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY #ifdef SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY
@ -136,7 +137,11 @@ void ecdsa_hal_gen_signature(ecdsa_hal_config_t *conf, const uint8_t *hash,
configure_ecdsa_periph(conf); configure_ecdsa_periph(conf);
#if CONFIG_HAL_ECDSA_GEN_SIG_CM #if CONFIG_HAL_ECDSA_GEN_SIG_CM
ecdsa_hal_gen_signature_with_countermeasure(hash, r_out, s_out, len); if (!ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 102)) {
ecdsa_hal_gen_signature_with_countermeasure(hash, r_out, s_out, len);
} else {
ecdsa_hal_gen_signature_inner(hash, r_out, s_out, len);
}
#else /* CONFIG_HAL_ECDSA_GEN_SIG_CM */ #else /* CONFIG_HAL_ECDSA_GEN_SIG_CM */
ecdsa_hal_gen_signature_inner(hash, r_out, s_out, len); ecdsa_hal_gen_signature_inner(hash, r_out, s_out, len);
#endif /* !CONFIG_HAL_ECDSA_GEN_SIG_CM */ #endif /* !CONFIG_HAL_ECDSA_GEN_SIG_CM */

10
components/mbedtls/port/ecdsa/ecdsa_alt.c
View File

@ -27,6 +27,8 @@
#if CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN_CONSTANT_TIME_CM #if CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN_CONSTANT_TIME_CM
#include "esp_timer.h" #include "esp_timer.h"
#include "soc/chip_revision.h"
#include "hal/efuse_hal.h"
#if CONFIG_ESP_CRYPTO_DPA_PROTECTION_LEVEL_HIGH #if CONFIG_ESP_CRYPTO_DPA_PROTECTION_LEVEL_HIGH
/* /*
@ -362,9 +364,11 @@ static int esp_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi* r, mbedtls_mpi* s
#endif #endif
ecdsa_hal_gen_signature(&conf, sha_le, r_le, s_le, len); ecdsa_hal_gen_signature(&conf, sha_le, r_le, s_le, len);
#if CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN_CONSTANT_TIME_CM #if CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN_CONSTANT_TIME_CM
sig_time = esp_timer_get_time() - sig_time; if (!ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 102)) {
if (sig_time < ECDSA_CM_FIXED_SIG_TIME) { sig_time = esp_timer_get_time() - sig_time;
esp_rom_delay_us(ECDSA_CM_FIXED_SIG_TIME - sig_time); if (sig_time < ECDSA_CM_FIXED_SIG_TIME) {
esp_rom_delay_us(ECDSA_CM_FIXED_SIG_TIME - sig_time);
}
} }
#endif #endif
process_again = !ecdsa_hal_get_operation_result() process_again = !ecdsa_hal_get_operation_result()