Software APIs
hardened_memory.h
Go to the documentation of this file.
1
// Copyright lowRISC contributors (OpenTitan project).
2
// Licensed under the Apache License, Version 2.0, see LICENSE for details.
3
// SPDX-License-Identifier: Apache-2.0
4
5
#ifndef OPENTITAN_SW_DEVICE_LIB_BASE_HARDENED_MEMORY_H_
6
#define OPENTITAN_SW_DEVICE_LIB_BASE_HARDENED_MEMORY_H_
7
8
/**
9
* @file
10
* @brief Hardened memory operations for constant power buffer manipulation.
11
*/
12
13
#include <stddef.h>
14
#include <stdint.h>
15
16
#include "
sw/device/lib/base/hardened.h
"
17
#include "
sw/device/lib/base/macros.h
"
18
#include "sw/device/lib/crypto/impl/status.h"
19
20
#ifdef __cplusplus
21
extern
"C"
{
22
#endif
// __cplusplus
23
24
/**
25
* Expects some external implementation of randomness to be linked.
26
*
27
* @return A fresh random word.
28
*/
29
extern
uint32_t
hardened_memshred_random_word
(
void
);
30
31
/**
32
* Copies 32-bit words between non-overlapping regions.
33
*
34
* Unlike `memcpy()`, this function has important differences:
35
* - It is significantly slower, since it mitigates power-analysis attacks.
36
* - It performs operations on 32-bit words, rather than bytes.
37
* - It returns void.
38
*
39
* Input pointers *MUST* be 32-bit aligned, although they do not need to
40
* actually point to memory declared as `uint32_t` per the C aliasing rules.
41
* Internally, this function is careful to not dereference its operands
42
* directly, and instead uses dedicated load/store intrinsics.
43
*
44
* @param dest The destination of the copy.
45
* @param src The source of the copy.
46
* @param word_len The number of words to copy.
47
* @return OK or error.
48
*/
49
status_t
hardened_memcpy
(uint32_t *
OT_RESTRICT
dest,
50
const
uint32_t *
OT_RESTRICT
src,
size_t
word_len);
51
52
/**
53
* Fills a 32-bit aligned region of memory with random data.
54
*
55
* Unlike `memset()`, this function has important differences:
56
* - It is significantly slower, since it mitigates power-analysis attacks.
57
* - It performs operations on 32-bit words, rather than bytes.
58
* - A fill value cannot be specified.
59
* - It returns void.
60
*
61
* Input pointers *MUST* be 32-bit aligned, although they do not need to
62
* actually point to memory declared as `uint32_t` per the C aliasing rules.
63
* Internally, this function is careful to not dereference its operands
64
* directly, and instead uses dedicated load/store intrinsics.
65
*
66
* @param dest The destination of the set.
67
* @param word_len The number of words to write.
68
* @return OK or error.
69
*/
70
status_t
hardened_memshred
(uint32_t *dest,
size_t
word_len);
71
72
/**
73
* Compare two potentially-overlapping 32-bit aligned regions of memory for
74
* equality.
75
*
76
* Unlike `memcmp()`, this function has important differences:
77
* - It is significantly slower, since it mitigates power-analysis attacks.
78
* - It performs operations on 32-bit words, rather than bytes.
79
* - It only computes equality, not lexicographic ordering, which would be even
80
* slower.
81
* - It returns a `hardened_bool_t`.
82
* - It is constant-time.
83
*
84
* Input pointers *MUST* be 32-bit aligned, although they do not need to
85
* actually point to memory declared as `uint32_t` per the C aliasing rules.
86
* Internally, this function is careful to not dereference its operands
87
* directly, and instead uses dedicated load/store intrinsics.
88
*
89
* @param lhs The first buffer to compare.
90
* @param rhs The second buffer to compare.
91
* @param word_len The number of words to write.
92
*/
93
hardened_bool_t
hardened_memeq
(
const
uint32_t *lhs,
const
uint32_t *rhs,
94
size_t
word_len);
95
96
/**
97
* Combines two word buffers with XOR.
98
*
99
* Callers should ensure the entropy complex is up before calling this
100
* function. The implementation uses random-order hardening primitives for
101
* side-channel defense.
102
*
103
* @param[in,out] x Pointer to the first operand (modified in-place).
104
* @param y Pointer to the second operand.
105
* @param word_len Length in words of each operand.
106
* @return OK or error.
107
*/
108
status_t
hardened_xor
(uint32_t *
OT_RESTRICT
x,
const
uint32_t *
OT_RESTRICT
y,
109
size_t
word_len);
110
111
#ifdef __cplusplus
112
}
// extern "C"
113
#endif
// __cplusplus
114
115
#endif
// OPENTITAN_SW_DEVICE_LIB_BASE_HARDENED_MEMORY_H_
sw
device
lib
base
hardened_memory.h
Return to
OpenTitan Documentation