blackbeard420/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf synced 2025-03-09 17:19:09 -04:00
Code Issues Projects Releases Wiki Activity

feat(docs): Update minimizing binary size

Browse Source 
The ESP32-H2 software countermeasure may not be necessary
        for ESP32-H2 v1.2 and above, this commit updates
        the relevant documentation
This commit is contained in:
Aditya Patwardhan 2025-01-15 12:15:44 +05:30 committed by BOT
parent 202b74eca8
commit b301e03f57
3 changed files with 25 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
components/hal/Kconfig
View File

@ -111,5 +111,7 @@ menu "Hardware Abstraction Layer (HAL) and Low Level (LL)"
Enable this option to apply the countermeasure for ECDSA signature operation Enable this option to apply the countermeasure for ECDSA signature operation
This countermeasure masks the real ECDSA sign operation This countermeasure masks the real ECDSA sign operation
under dummy sign operations to add randomness in the generated power signature. under dummy sign operations to add randomness in the generated power signature.
This countermeasure is only necessary for ESP32-H2 < v1.2.
endmenu endmenu

4
components/mbedtls/Kconfig
View File

@ -592,13 +592,14 @@ menu "mbedTLS"
select HAL_ECDSA_GEN_SIG_CM select HAL_ECDSA_GEN_SIG_CM
default y default y
help help
The ECDSA peripheral before ECO5 does not offer constant time ECDSA sign operation. The ECDSA peripheral before ESP32-H2 v1.2 does not offer constant time ECDSA sign operation.
This time can be observed through power profiling of the device, This time can be observed through power profiling of the device,
making the ECDSA private key vulnerable to side-channel timing attacks. making the ECDSA private key vulnerable to side-channel timing attacks.
This countermeasure masks the real ECDSA sign operation This countermeasure masks the real ECDSA sign operation
under dummy sign operations to add randomness in the generated power signature. under dummy sign operations to add randomness in the generated power signature.
It is highly recommended to also enable Secure Boot for the device in addition to this countermeasure It is highly recommended to also enable Secure Boot for the device in addition to this countermeasure
so that only trusted software can execute on the device. so that only trusted software can execute on the device.
This countermeasure can be safely disabled for ESP32-H2 v1.2 and above.
config MBEDTLS_HARDWARE_ECDSA_SIGN_CONSTANT_TIME_CM config MBEDTLS_HARDWARE_ECDSA_SIGN_CONSTANT_TIME_CM
bool "Make ECDSA signature operation pseudo constant time for software" bool "Make ECDSA signature operation pseudo constant time for software"
@ -611,6 +612,7 @@ menu "mbedTLS"
of an arbitrary message. of an arbitrary message.
The signature time would appear to be constant to the external entity after enabling The signature time would appear to be constant to the external entity after enabling
this option. this option.
This countermeasure can be safely disabled for ESP32-H2 v1.2 and above.
endmenu endmenu

37
docs/en/api-guides/performance/size.rst
View File

@ -191,23 +191,26 @@ Under **Component Config** > **mbedTLS**, there are multiple mbedTLS features en
These include: These include:
- :ref:`CONFIG_MBEDTLS_HAVE_TIME` .. list::
- :ref:`CONFIG_MBEDTLS_ECDSA_DETERMINISTIC`
- :ref:`CONFIG_MBEDTLS_SHA512_C` - :ref:`CONFIG_MBEDTLS_HAVE_TIME`
- :ref:`CONFIG_MBEDTLS_SHA3_C` - :ref:`CONFIG_MBEDTLS_ECDSA_DETERMINISTIC`
- :ref:`CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS` - :ref:`CONFIG_MBEDTLS_SHA512_C`
- :ref:`CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS` - :ref:`CONFIG_MBEDTLS_SHA3_C`
- :ref:`CONFIG_MBEDTLS_SSL_CONTEXT_SERIALIZATION` - :ref:`CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS`
- :ref:`CONFIG_MBEDTLS_SSL_ALPN` - :ref:`CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS`
- :ref:`CONFIG_MBEDTLS_SSL_RENEGOTIATION` - :ref:`CONFIG_MBEDTLS_SSL_CONTEXT_SERIALIZATION`
- :ref:`CONFIG_MBEDTLS_CCM_C` - :ref:`CONFIG_MBEDTLS_SSL_ALPN`
- :ref:`CONFIG_MBEDTLS_GCM_C` - :ref:`CONFIG_MBEDTLS_SSL_RENEGOTIATION`
- :ref:`CONFIG_MBEDTLS_ECP_C` (Alternatively: Leave this option enabled but disable some of the elliptic curves listed in the sub-menu.) - :ref:`CONFIG_MBEDTLS_CCM_C`
- :ref:`CONFIG_MBEDTLS_ECP_NIST_OPTIM` - :ref:`CONFIG_MBEDTLS_GCM_C`
- :ref:`CONFIG_MBEDTLS_ECP_FIXED_POINT_OPTIM` - :ref:`CONFIG_MBEDTLS_ECP_C` (Alternatively: Leave this option enabled but disable some of the elliptic curves listed in the sub-menu.)
- Change :ref:`CONFIG_MBEDTLS_TLS_MODE` if both server & client functionalities are not needed. - :ref:`CONFIG_MBEDTLS_ECP_NIST_OPTIM`
- Consider disabling some cipher suites listed in the ``TLS Key Exchange Methods`` sub-menu (i.e., :ref:`CONFIG_MBEDTLS_KEY_EXCHANGE_RSA`). - :ref:`CONFIG_MBEDTLS_ECP_FIXED_POINT_OPTIM`
- Consider disabling :ref:`CONFIG_MBEDTLS_ERROR_STRINGS` if the application is already pulling in mbedTLS error strings through using :cpp:func:`mbedtls_strerror`. - Change :ref:`CONFIG_MBEDTLS_TLS_MODE` if both server & client functionalities are not needed.
- Consider disabling some cipher suites listed in the ``TLS Key Exchange Methods`` sub-menu (i.e., :ref:`CONFIG_MBEDTLS_KEY_EXCHANGE_RSA`).
- Consider disabling :ref:`CONFIG_MBEDTLS_ERROR_STRINGS` if the application is already pulling in mbedTLS error strings through using :cpp:func:`mbedtls_strerror`.
:esp32h2: - For {IDF_TARGET_NAME} v1.2 and above, consider disabling :ref:`CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN_MASKING_CM` and :ref:`CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN_CONSTANT_TIME_CM` as the software countermeasures for the ECDSA sign operation are not required.
The help text for each option has some more information for reference. The help text for each option has some more information for reference.