feat(esp_security): Config to forcefully enable ECC constant-time operations during bootup

Harshal5 · Harshal5 · commit 39872a55753f · 2024-09-20T18:46:55.000+05:30
diff --git a/components/esp_security/Kconfig b/components/esp_security/Kconfig
@@ -37,4 +37,17 @@ menu "ESP Security Specific"
             default 3 if ESP_CRYPTO_DPA_PROTECTION_LEVEL_HIGH
     endmenu
 
+    config ESP_CRYPTO_FORCE_ECC_CONSTANT_TIME_POINT_MUL
+        bool "Forcfully enable ECC constant time point multiplication operations"
+        depends on SOC_ECC_CONSTANT_TIME_POINT_MUL
+        default N
+        help
+            If enabled, the app startup code will burn the ECC_FORCE_CONST_TIME efuse bit to force the
+            ECC peripheral to always perform constant time point multiplication operations,
+            irrespective of the ECC_MULT_SECURITY_MODE status bit that is present in the ECC_MULT_CONF_REG
+            register. By default, ESP-IDF configures the ECC peripheral to perform constant time point
+            multiplication operations, so enabling this config would provide security enhancement only in
+            the cases when trusted boot is not enabled and the attacker tries carrying out non-constant
+            time point multiplication operations by changing the default ESP-IDF configurations.
+            Performing constant time operations protect the ECC multiplication operations from timing attacks.
 endmenu
diff --git a/components/esp_security/src/init.c b/components/esp_security/src/init.c
@@ -7,14 +7,30 @@
 #include "esp_private/startup_internal.h"
 #include "sdkconfig.h"
 #include "esp_crypto_clk.h"
+#include "esp_efuse.h"
+#include "esp_efuse_table.h"
 #include "esp_security_priv.h"
+#include "esp_err.h"
+
+__attribute__((unused)) static const char *TAG = "esp_security";
 
 ESP_SYSTEM_INIT_FN(esp_security_init, SECONDARY, BIT(0), 103)
 {
     esp_crypto_clk_init();
 #if CONFIG_ESP_CRYPTO_DPA_PROTECTION_AT_STARTUP
     esp_crypto_dpa_protection_startup();
 #endif
+
+#ifdef CONFIG_ESP_CRYPTO_FORCE_ECC_CONSTANT_TIME_POINT_MUL
+    if (!esp_efuse_read_field_bit(ESP_EFUSE_ECC_FORCE_CONST_TIME)) {
+        ESP_EARLY_LOGD(TAG, "Forcefully enabling ECC constant time operations");
+        esp_err_t err = esp_efuse_write_field_bit(ESP_EFUSE_ECC_FORCE_CONST_TIME);
+        if (err != ESP_OK) {
+            ESP_EARLY_LOGE(TAG, "Enabling ECC constant time operations forcefully failed.");
+            return err;
+        }
+    }
+#endif
     return ESP_OK;
 }
 
