Software APIs
Functions
hardened_memory.h File Reference

(b2fb947)

Hardened memory operations for constant power buffer manipulation. More...

#include <stddef.h>
#include <stdint.h>
#include "sw/device/lib/base/hardened.h"
#include "sw/device/lib/base/macros.h"

Go to the source code of this file.

Functions

void hardened_memcpy (uint32_t *OT_RESTRICT dest, const uint32_t *OT_RESTRICT src, size_t word_len)
 Copies 32-bit words between non-overlapping regions. More...
 
void hardened_memshred (uint32_t *dest, size_t word_len)
 Fills a 32-bit aligned region of memory with random data. More...
 
hardened_bool_t hardened_memeq (const uint32_t *lhs, const uint32_t *rhs, size_t word_len)
 Compare two potentially-overlapping 32-bit aligned regions of memory for equality. More...
 

Detailed Description

Hardened memory operations for constant power buffer manipulation.

Definition in file hardened_memory.h.

Function Documentation

◆ hardened_memcpy()

void hardened_memcpy ( uint32_t *OT_RESTRICT  dest,
const uint32_t *OT_RESTRICT  src,
size_t  word_len 
)

Copies 32-bit words between non-overlapping regions.

Unlike memcpy(), this function has important differences:

  • It is significantly slower, since it mitigates power-analysis attacks.
  • It performs operations on 32-bit words, rather than bytes.
  • It returns void.

Input pointers MUST be 32-bit aligned, although they do not need to actually point to memory declared as uint32_t per the C aliasing rules. Internally, this function is careful to not dereference its operands directly, and instead uses dedicated load/store intrinsics.

Parameters
destThe destination of the copy.
srcThe source of the copy.
word_lenThe number of words to copy.

◆ hardened_memeq()

hardened_bool_t hardened_memeq ( const uint32_t *  lhs,
const uint32_t *  rhs,
size_t  word_len 
)

Compare two potentially-overlapping 32-bit aligned regions of memory for equality.

Unlike memcmp(), this function has important differences:

  • It is significantly slower, since it mitigates power-analysis attacks.
  • It performs operations on 32-bit words, rather than bytes.
  • It only computes equality, not lexicographic ordering, which would be even slower.
  • It returns a hardened_bool_t.
  • It is constant-time.

Input pointers MUST be 32-bit aligned, although they do not need to actually point to memory declared as uint32_t per the C aliasing rules. Internally, this function is careful to not dereference its operands directly, and instead uses dedicated load/store intrinsics.

Parameters
lhsThe first buffer to compare.
rhsThe second buffer to compare.
word_lenThe number of words to write.

Definition at line 115 of file hardened_memory.c.

◆ hardened_memshred()

void hardened_memshred ( uint32_t *  dest,
size_t  word_len 
)

Fills a 32-bit aligned region of memory with random data.

Unlike memset(), this function has important differences:

  • It is significantly slower, since it mitigates power-analysis attacks.
  • It performs operations on 32-bit words, rather than bytes.
  • A fill value cannot be specified.
  • It returns void.

Input pointers MUST be 32-bit aligned, although they do not need to actually point to memory declared as uint32_t per the C aliasing rules. Internally, this function is careful to not dereference its operands directly, and instead uses dedicated load/store intrinsics.

Parameters
destThe destination of the set.
word_lenThe number of words to write.

Definition at line 85 of file hardened_memory.c.

Return to OpenTitan Documentation