fix(mbedtls/ecc): Enable hardware ECC mult operations only for SOC_ECC_CONSTANT_TIME_MUL

Co-authored-by: aditya.patwardhan <aditya.patwardhane@espressif.com>
2024-09-02 14:06:59 +05:30
parent 49ced36d7a
commit 46cbaa7d4d
1 changed files with 10 additions and 1 deletions
--- a/components/mbedtls/port/ecc/esp_ecc.c
+++ b/components/mbedtls/port/ecc/esp_ecc.c
@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2021-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2021-2024 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Apache-2.0
 */
@@ -12,6 +12,7 @@
 #include "ecc_impl.h"
 #include "hal/ecc_hal.h"
 #include "hal/ecc_ll.h"
+#include "soc/soc_caps.h"

 static void esp_ecc_acquire_hardware(void)
 {
@@ -44,6 +45,14 @@ int esp_ecc_point_multiply(const ecc_point_t *point, const uint8_t *scalar, ecc_

    ecc_hal_write_mul_param(scalar, point->x, point->y, len);
    ecc_hal_set_mode(work_mode);
+#ifdef SOC_ECC_CONSTANT_TIME_POINT_MUL
+    /*  Enable constant-time point multiplication operations for the ECC hardware accelerator
+        This protects the ECC multiplication operation from timing attacks.
+        This increases the time taken (by almost 50%) for some point multiplication
+        operations performed by the ECC hardware accelerator.
+    */
+    ecc_hal_enable_constant_time_point_mul(true);
+#endif /* SOC_ECC_CONSTANT_TIME_POINT_MUL */
    ecc_hal_start_calc();

    memset(result, 0, sizeof(ecc_point_t));