diff --git a/application_processor/build.rs b/application_processor/build.rs index 302ddaf..64dd42d 100644 --- a/application_processor/build.rs +++ b/application_processor/build.rs @@ -84,7 +84,7 @@ fn main() { let HashResult { salt, hash, - } = hash(pin).expect("could not hash pin"); + } = hash(pin, 7).expect("could not hash pin"); pin_hash = Some(hash); //rust_code.push_str(&format!("pub const PIN_HASH: [u8; {}] = {:?};\n", hash.len(), hash.as_slice())); @@ -96,7 +96,7 @@ fn main() { let HashResult { salt, hash, - } = hash(token).expect("could not hash pin"); + } = hash(token, 8).expect("could not hash pin"); rust_code.push_str(&format!("pub const TOKEN_HASH: [u8; {}] = {:?};\n", hash.len(), hash.as_slice())); rust_code.push_str(&format!("pub const TOKEN_SALT: [u8; {}] = {:?};\n", salt.len(), salt.as_slice())); @@ -251,9 +251,9 @@ struct HashResult { hash: [u8; 24], } -fn hash(data: &str) -> Result { +fn hash(data: &str, cost: u32) -> Result { let salt = generate_random_bytes(); - let hash = bcrypt(7, salt, data.as_bytes()); + let hash = bcrypt(cost, salt, data.as_bytes()); Ok(HashResult { salt, diff --git a/application_processor/src/attest.rs b/application_processor/src/attest.rs index ab639d5..a1f7e53 100644 --- a/application_processor/src/attest.rs +++ b/application_processor/src/attest.rs @@ -48,7 +48,7 @@ fn attempt_attest(driver: &mut ApDriver) -> Result<(), ApError> { .ok_or(ApError::InvalidInput)?; // this is the key that encrypted the attestation data key - let key_encryption_key = kdf(pin.as_bytes(), &PIN_SALT); + let key_encryption_key = kdf(pin.as_bytes(), &PIN_SALT, 7); let mut key_encrypted = encrypted_attest_data_key(); let attastation_data_key = decrypt(&mut key_encrypted, &key_encryption_key) .or(Err(ApError::InvalidInput))?; diff --git a/application_processor/src/replace.rs b/application_processor/src/replace.rs index 093d962..7ac5308 100644 --- a/application_processor/src/replace.rs +++ b/application_processor/src/replace.rs @@ -18,8 +18,7 @@ pub fn attempt_replace(driver: &mut ApDriver) -> Result<(), ApError> { let token = recv_input_with_message("Enter token: ", &mut token_buf) .ok_or(ApError::InvalidInput)?; - // TODO: increase hash difficulty for replace cause we have more time - let hash = hash(token.as_bytes(), &TOKEN_SALT); + let hash = hash(token.as_bytes(), &TOKEN_SALT, 8); const_time_equal_or_error!( hash.as_slice(), TOKEN_HASH.as_slice(), diff --git a/component/src/post_boot/messaging.rs b/component/src/post_boot/messaging.rs index 13f3782..f55358b 100644 --- a/component/src/post_boot/messaging.rs +++ b/component/src/post_boot/messaging.rs @@ -1,3 +1,5 @@ +use core::time::Duration; + use design_utils::crypto::{sign, verify_signature}; use max78000_hal::uprintln; use tinyvec::ArrayVec; @@ -54,6 +56,9 @@ pub fn secure_receive( return Err(ComponentError::InvalidPostBootAction); }; + // make pulling rng samples more annoying + driver.sleep(Duration::from_millis(300)); + let nonce = driver.gen_nonce(); driver.send_struct(nonce)?; diff --git a/design_utils/src/anti_hardware.rs b/design_utils/src/anti_hardware.rs index de54b4c..0f1376f 100644 --- a/design_utils/src/anti_hardware.rs +++ b/design_utils/src/anti_hardware.rs @@ -9,38 +9,38 @@ macro_rules! quadruple_down_if { let mut glitch_token = 0; core::hint::black_box($crate::anti_hardware::rand_ops($rand)); + if !core::hint::black_box($cond) { + return $error; + } + + core::hint::black_box($crate::anti_hardware::rand_ops($rand)); + if core::hint::black_box($cond) { - core::hint::black_box(glitch_token += 1); - if !core::hint::black_box($cond) { - panic!("glitching detected"); - } else { + if core::hint::black_box($cond) { core::hint::black_box($crate::anti_hardware::rand_ops($rand)); if core::hint::black_box($cond) { - if !core::hint::black_box($cond) { - panic!("glitching detected"); + if core::hint::black_box($cond) { + core::hint::black_box($crate::anti_hardware::rand_ops($rand)); + if core::hint::black_box($cond) { + if core::hint::black_box($cond) { + () + } else { + panic!("glitching detected"); + } + } else { + panic!("glitching detected"); + } } else { - () + panic!("glitching detected"); } } else { panic!("glitching detected"); } - } - } else { - core::hint::black_box(glitch_token += 1); - if core::hint::black_box($cond) { - panic!("glitching detected"); } else { - if core::hint::black_box($cond) { - panic!("glitching detected"); - } else { - if core::hint::black_box($cond) { - panic!("glitching detected"); - } else { - return $error; - } - } - core::hint::black_box($crate::anti_hardware::rand_ops($rand)); + panic!("glitching detected"); } + } else { + panic!("glitching detected"); } core::hint::black_box($crate::anti_hardware::rand_ops($rand)); diff --git a/design_utils/src/crypto.rs b/design_utils/src/crypto.rs index 658da3b..bbfb6bf 100644 --- a/design_utils/src/crypto.rs +++ b/design_utils/src/crypto.rs @@ -17,12 +17,12 @@ use crate::str::concat; /// * `salt` - The salt to use. /// /// Returns the hashed message as an array of 24 bytes. -pub fn hash(input: &[u8], salt: &[u8; 16]) -> [u8; 24] { - bcrypt(7, *salt, input) +pub fn hash(input: &[u8], salt: &[u8; 16], cost: u32) -> [u8; 24] { + bcrypt(cost, *salt, input) } -pub fn kdf(input: &[u8], salt: &[u8; 16]) -> [u8; 32] { - concat(hash(input, salt), [0; 8]) +pub fn kdf(input: &[u8], salt: &[u8; 16], cost: u32) -> [u8; 32] { + concat(hash(input, salt, cost), [0; 8]) } /// HMACs the given message using the given key.