TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 5b3669377404b2e35696e2d192a06cecd083d663^! / . / include / mbedtls / hmac_drbg.h
commit5b3669377404b2e35696e2d192a06cecd083d663[log] [tgz]
authorArto Kinnunen <arto.kinnunen@arm.com>Wed Nov 20 16:13:13 2019 +0200
committerArto Kinnunen <arto.kinnunen@arm.com>Mon Nov 25 13:45:44 2019 +0200
tree5827bed644cb2ef38989ee9a3438513a73356c18
parent72a8c9e7dcca83a17c2c8429311822ab6bdbc450 [diff] [blame]
Harden hmac_drbg and md against fault injection

-Add flow monitor, loop integrity check and variable doubling to
 harden mbedtls_hmac_drbg_update_ret.

-Use longer hamming distance for nonce usage in hmac_drbg_reseed_core

-Return actual value instead of success in mbedtls_hmac_drbg_seed and
 mbedtls_hmac_drbg_seed_buf

-Check illegal condition in hmac_drbg_reseed_core.

-Double buf/buf_len variables in mbedtls_hmac_drbg_random_with_add

-Add more hamming distance to MBEDTLS_HMAC_DRBG_PR_ON/OFF

diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h
index ed03854..f38337a 100644
--- a/include/mbedtls/hmac_drbg.h
+++ b/include/mbedtls/hmac_drbg.h

@@ -70,8 +70,8 @@
 
 /* \} name SECTION: Module settings */
 
-#define MBEDTLS_HMAC_DRBG_PR_OFF   0   /**< No prediction resistance       */
-#define MBEDTLS_HMAC_DRBG_PR_ON    1   /**< Prediction resistance enabled  */
+#define MBEDTLS_HMAC_DRBG_PR_OFF   0x55555555   /**< No prediction resistance       */
+#define MBEDTLS_HMAC_DRBG_PR_ON    0x2AAAAAAA   /**< Prediction resistance enabled  */
 
 #ifdef __cplusplus
 extern "C" {
@@ -202,7 +202,8 @@
  * \param add_len       Length of additional data, or 0
  *
  * \return              \c 0 on success, or an error from the underlying
- *                      hash calculation.
+ *                      hash calculation or
+ *                      MBEDTLS_ERR_PLATFORM_FAULT_DETECTED.
  *
  * \note                Additional data is optional, pass NULL and 0 as second
  *                      third argument if no additional data is being used.
@@ -237,7 +238,8 @@
  * \return              0 if successful, or
  *                      MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or
  *                      MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG, or
- *                      MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG.
+ *                      MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG, or
+ *                      MBEDTLS_ERR_PLATFORM_FAULT_DETECTED.
  */
 int mbedtls_hmac_drbg_random_with_add( void *p_rng,
                                unsigned char *output, size_t output_len,
@@ -255,7 +257,9 @@
  *
  * \return              0 if successful, or
  *                      MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or
- *                      MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG
+ *                      MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG,
+ *                      MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG, or
+ *                      MBEDTLS_ERR_PLATFORM_FAULT_DETECTED.
  */
 int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len );