Commit Graph

19 Commits

Author SHA1 Message Date
Angus Gratton
8fe9e4b09f aes: Add fault injection checks when writing key to hardware
Vulnerability reported by LimitedResults under Espressif Bug Bounty Program.
2019-08-11 13:19:21 +10:00
Angus Gratton
910cede38d hwcrypto: Add AES fault injection check
Hardware AES-CBC performance changes:

Release config 11.0MB/sec -> 10.8MB/sec
Debug config 9.4MB/sec -> 9.8MB/sec

(Unrolling the loop to optimize the check improves
performance at -Og, even with the fault check.)
2019-08-11 13:19:21 +10:00
Ivan Grokhotkov
761d44bd36 Merge branch 'bugfix/xts_compile_err' into 'master'
mbedtls: Fix compilation errors when CONFIG_MBEDTLS_HARDWARE_AES is disabled

See merge request idf/esp-idf!3506
2018-11-05 16:58:38 +08:00
Konstantin Kondrashov
8bba348528 aes/sha/mpi: Bugfix a use of shared registers.
This commit resolves a blocking in esp_aes_block function.

Introduce:
The problem was in the fact that AES is switched off at the moment when he should give out the processed data. But because of the disabled, the operation can not be completed successfully, there is an infinite hang. The reason for this behavior is that the registers for controlling the inclusion of AES, SHA, MPI have shared registers and they were not protected from sharing.

Fix some related issue with shared using of AES SHA RSA accelerators.

Closes: https://github.com/espressif/esp-idf/issues/2295#issuecomment-432898137
2018-11-05 04:22:47 +00:00
Sagar Bijwe
fbcc160675 mbedtls: Fix compilation errors when CONFIG_MBEDTLS_HARDWARE_AES is disabled 2018-11-01 12:08:45 +05:30
Sagar Bijwe
48fccbf5dd nvs_flash: Add support for nvs encryption 2018-09-24 11:25:21 +05:30
Konstantin Kondrashov
8f80cc733d soc: Change DPORT access
When two CPUs read the area of the DPORT and the area of the APB, the result is corrupted for the CPU that read the APB area.
And another CPU has valid data.

The method of eliminating this error.
Before reading the registers of the DPORT, make a preliminary reading of the APB register.
In this case, the joint access of the two CPUs to the registers of the APB and the DPORT is successful.
2018-05-14 17:54:57 +05:00
Ivan Grokhotkov
dbc919eff5 mbedtls: update usage of mbedtls_aes_encrypt/decrypt 2018-05-09 23:15:28 +08:00
Angus Gratton
50e0a54630 esp32 hwcrypto: Use spinlock instead of lock to protect AES
More than doubles performance of mbedTLS AES self-tests.
2017-08-25 16:08:03 +10:00
Angus Gratton
2624e10055 esp32 hwcrypto: Use AES registers directly 2017-08-25 16:08:03 +10:00
Angus Gratton
e256fb6d96 hwcrypto: Use DPORT-safe accesses with AES 2017-08-25 16:08:03 +10:00
Tian Hao
26a3cb93c7 component/soc : move dport access header files to soc
1. move dport access header files to soc
2. reduce dport register write protection. Only protect read operation
2017-05-09 18:06:00 +08:00
Tian Hao
f7e8856520 component/esp32 : fix dualcore bug
1. When dual core cpu run access DPORT register, must do protection.
2. If access DPORT register, must use DPORT_REG_READ/DPORT_REG_WRITE and DPORT_XXX register operation macro.
2017-05-08 21:53:43 +08:00
Angus Gratton
2561b68af8 hwcrypto: Fixes for disabling one hardware unit causing reset of a different unit
ROM functions reset related units, but this can have problems in a
multithreaded environment.
2016-11-22 20:42:38 +11:00
Angus Gratton
2211759cc0 hwcrypto aes: Fix bugs w/ ECB decrypt, CFB modes 2016-09-08 17:02:52 +08:00
Angus Gratton
d951ab2661 hwcrypto aes: Performance tweak, only write key to hardware once
Shaves ~10% off time to compute AES-CBC
2016-09-08 16:47:37 +08:00
Angus Gratton
0a970e3a25 hwcrypto: Match API completely to mbedTLS naming conventions 2016-09-08 16:47:31 +08:00
Angus Gratton
0647d1e922 esp32 hwcrypto: Rework hardware crypto locking
Should protect against concurrent use of hardware crypto primitives,
with good performance.

Not necessary to call esp_aes_acquire_hardware(),
esp_sha_acquire_hardware(), etc when using these APIs. These are
provided for external users calling the hardware crypto hardware
directly, to coexist with this implementation.
2016-09-08 16:47:13 +08:00
Angus Gratton
4167b68eef esp32: Move hardware crypto implementation/headers to hwcrypto directories 2016-09-08 16:46:28 +08:00