From 46cbaa7d4de4ae338f6cb838b684ebfaff6a3d1b Mon Sep 17 00:00:00 2001 From: "harshal.patil" Date: Mon, 2 Sep 2024 14:06:59 +0530 Subject: [PATCH] fix(mbedtls/ecc): Enable hardware ECC mult operations only for SOC_ECC_CONSTANT_TIME_MUL Co-authored-by: aditya.patwardhan --- components/mbedtls/port/ecc/esp_ecc.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/components/mbedtls/port/ecc/esp_ecc.c b/components/mbedtls/port/ecc/esp_ecc.c index 0cb4e72e9c..d6b0c6a632 100644 --- a/components/mbedtls/port/ecc/esp_ecc.c +++ b/components/mbedtls/port/ecc/esp_ecc.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2021-2023 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2021-2024 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -12,6 +12,7 @@ #include "ecc_impl.h" #include "hal/ecc_hal.h" #include "hal/ecc_ll.h" +#include "soc/soc_caps.h" static void esp_ecc_acquire_hardware(void) { @@ -44,6 +45,14 @@ int esp_ecc_point_multiply(const ecc_point_t *point, const uint8_t *scalar, ecc_ ecc_hal_write_mul_param(scalar, point->x, point->y, len); ecc_hal_set_mode(work_mode); +#ifdef SOC_ECC_CONSTANT_TIME_POINT_MUL + /* Enable constant-time point multiplication operations for the ECC hardware accelerator + This protects the ECC multiplication operation from timing attacks. + This increases the time taken (by almost 50%) for some point multiplication + operations performed by the ECC hardware accelerator. + */ + ecc_hal_enable_constant_time_point_mul(true); +#endif /* SOC_ECC_CONSTANT_TIME_POINT_MUL */ ecc_hal_start_calc(); memset(result, 0, sizeof(ecc_point_t));