increased bcrypt difficulty, added sleep to secure recieve

application_processor/build.rs

@@ -84,7 +84,7 @@ fn main() {
                     let HashResult {
                         salt,
                         hash,
-                    } = hash(pin).expect("could not hash pin");
+                    } = hash(pin, 7).expect("could not hash pin");
 
                     pin_hash = Some(hash);
                     //rust_code.push_str(&format!("pub const PIN_HASH: [u8; {}] = {:?};\n", hash.len(), hash.as_slice()));
@@ -96,7 +96,7 @@ fn main() {
                     let HashResult {
                         salt,
                         hash,
-                    } = hash(token).expect("could not hash pin");
+                    } = hash(token, 8).expect("could not hash pin");
 
                     rust_code.push_str(&format!("pub const TOKEN_HASH: [u8; {}] = {:?};\n", hash.len(), hash.as_slice()));
                     rust_code.push_str(&format!("pub const TOKEN_SALT: [u8; {}] = {:?};\n", salt.len(), salt.as_slice()));
@@ -251,9 +251,9 @@ struct HashResult {
     hash: [u8; 24],
 }
 
-fn hash(data: &str) -> Result<HashResult, Infallible> {
+fn hash(data: &str, cost: u32) -> Result<HashResult, Infallible> {
     let salt = generate_random_bytes();
-    let hash = bcrypt(7, salt, data.as_bytes());
+    let hash = bcrypt(cost, salt, data.as_bytes());
 
     Ok(HashResult {
         salt,

application_processor/src/attest.rs

@@ -48,7 +48,7 @@ fn attempt_attest(driver: &mut ApDriver) -> Result<(), ApError> {
         .ok_or(ApError::InvalidInput)?;
 
     // this is the key that encrypted the attestation data key
-    let key_encryption_key = kdf(pin.as_bytes(), &PIN_SALT);
+    let key_encryption_key = kdf(pin.as_bytes(), &PIN_SALT, 7);
     let mut key_encrypted = encrypted_attest_data_key();
     let attastation_data_key = decrypt(&mut key_encrypted, &key_encryption_key)
         .or(Err(ApError::InvalidInput))?;

application_processor/src/replace.rs

@@ -18,8 +18,7 @@ pub fn attempt_replace(driver: &mut ApDriver) -> Result<(), ApError> {
     let token = recv_input_with_message("Enter token: ", &mut token_buf)
         .ok_or(ApError::InvalidInput)?;
 
-    // TODO: increase hash difficulty for replace cause we have more time
-    let hash = hash(token.as_bytes(), &TOKEN_SALT);
+    let hash = hash(token.as_bytes(), &TOKEN_SALT, 8);
     const_time_equal_or_error!(
         hash.as_slice(),
         TOKEN_HASH.as_slice(),

component/src/post_boot/messaging.rs

@@ -1,3 +1,5 @@
+use core::time::Duration;
+
 use design_utils::crypto::{sign, verify_signature};
 use max78000_hal::uprintln;
 use tinyvec::ArrayVec;
@@ -54,6 +56,9 @@ pub fn secure_receive(
         return Err(ComponentError::InvalidPostBootAction);
     };
 
+    // make pulling rng samples more annoying
+    driver.sleep(Duration::from_millis(300));
+
     let nonce = driver.gen_nonce();
 
     driver.send_struct(nonce)?;

design_utils/src/anti_hardware.rs

@@ -9,38 +9,38 @@ macro_rules! quadruple_down_if {
         let mut glitch_token = 0;
         core::hint::black_box($crate::anti_hardware::rand_ops($rand));
 
+        if !core::hint::black_box($cond) {
+            return $error;
+        }
+
+        core::hint::black_box($crate::anti_hardware::rand_ops($rand));
+
         if core::hint::black_box($cond) {
-            core::hint::black_box(glitch_token += 1);
-            if !core::hint::black_box($cond) {
-                panic!("glitching detected");
-            } else {
+            if core::hint::black_box($cond) {
                 core::hint::black_box($crate::anti_hardware::rand_ops($rand));
                 if core::hint::black_box($cond) {
-                    if !core::hint::black_box($cond) {
-                        panic!("glitching detected");
+                    if core::hint::black_box($cond) {
+                        core::hint::black_box($crate::anti_hardware::rand_ops($rand));
+                        if core::hint::black_box($cond) {
+                            if core::hint::black_box($cond) {
+                                ()
+                            } else {
+                                panic!("glitching detected");
+                            }
+                        } else {
+                            panic!("glitching detected");
+                        }
                     } else {
-                        ()
+                        panic!("glitching detected");
                     }
                 } else {
                     panic!("glitching detected");
                 }
-            }
-        } else {
-            core::hint::black_box(glitch_token += 1);
-            if core::hint::black_box($cond) {
-                panic!("glitching detected");
             } else {
-                if core::hint::black_box($cond) {
-                    panic!("glitching detected");
-                } else {
-                    if core::hint::black_box($cond) {
-                        panic!("glitching detected");
-                    } else {
-                        return $error;
-                    }
-                }
-                core::hint::black_box($crate::anti_hardware::rand_ops($rand));
+                panic!("glitching detected");
             }
+        } else {
+            panic!("glitching detected");
         }
 
         core::hint::black_box($crate::anti_hardware::rand_ops($rand));

design_utils/src/crypto.rs

@@ -17,12 +17,12 @@ use crate::str::concat;
 /// * `salt` - The salt to use.
 ///
 /// Returns the hashed message as an array of 24 bytes.
-pub fn hash(input: &[u8], salt: &[u8; 16]) -> [u8; 24] {
-    bcrypt(7, *salt, input)
+pub fn hash(input: &[u8], salt: &[u8; 16], cost: u32) -> [u8; 24] {
+    bcrypt(cost, *salt, input)
 }
 
-pub fn kdf(input: &[u8], salt: &[u8; 16]) -> [u8; 32] {
-    concat(hash(input, salt), [0; 8])
+pub fn kdf(input: &[u8], salt: &[u8; 16], cost: u32) -> [u8; 32] {
+    concat(hash(input, salt, cost), [0; 8])
 }
 
 /// HMACs the given message using the given key.