diff options
author | Piotr Nowicki <56911018+piotr-now@users.noreply.github.com> | 2020-06-10 09:13:10 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-06-10 09:13:10 +0200 |
commit | c520b90507f282ee883ddd3f0dc572967de85d99 (patch) | |
tree | 036c5e2dd40b3588354278126485b0d13f4cd7c3 | |
parent | 478b05c34ccc5cebe1019409b61cb42da300d8ba (diff) | |
parent | e048b91d25974d4d6b723ce8fa24b8cdce79bd96 (diff) | |
download | mbed-tls-c520b90507f282ee883ddd3f0dc572967de85d99.tar.gz |
Merge pull request #3390 from piotr-now/rndelay_comment
Add comment for mbedtls_platform_random_delay() and returning an FAULT_DETECTED error on potential FI attack detection
-rw-r--r-- | library/pk.c | 7 | ||||
-rw-r--r-- | library/platform_util.c | 3 | ||||
-rw-r--r-- | library/ssl_cli.c | 20 | ||||
-rw-r--r-- | library/ssl_srv.c | 8 | ||||
-rw-r--r-- | library/ssl_tls.c | 5 | ||||
-rw-r--r-- | library/x509_crt.c | 6 |
6 files changed, 37 insertions, 12 deletions
diff --git a/library/pk.c b/library/pk.c index 85575133d..82778b536 100644 --- a/library/pk.c +++ b/library/pk.c @@ -46,10 +46,9 @@ #endif /* MBEDTLS_USE_TINYCRYPT */ #include "mbedtls/platform_util.h" - -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else + +#if !defined(MBEDTLS_PLATFORM_C) #include <stdlib.h> #define mbedtls_calloc calloc #define mbedtls_free free @@ -1561,7 +1560,7 @@ int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx, } else { - verify_ret = MBEDTLS_ERR_PK_HW_ACCEL_FAILED; + verify_ret = MBEDTLS_ERR_PLATFORM_FAULT_DETECTED; } } diff --git a/library/platform_util.c b/library/platform_util.c index 3869f30a5..19958fa11 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -190,6 +190,9 @@ void mbedtls_platform_random_delay( void ) do { i++; + /* Dummy calculations to increase the time between iterations and + * make side channel attack more difficult by reducing predictability + * of its behaviour */ shift = rn_2 & 0x07; if ( i % 2 ) rn_2 = (uint32_t)( rn_2 >> shift | rn_2 << ( 32 - shift ) ); diff --git a/library/ssl_cli.c b/library/ssl_cli.c index eada831b4..5c74386e0 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -27,9 +27,9 @@ #if defined(MBEDTLS_SSL_CLI_C) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else + +#if !defined(MBEDTLS_PLATFORM_C) #include <stdlib.h> #define mbedtls_calloc calloc #define mbedtls_free free @@ -724,6 +724,10 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl ) ssl->handshake->hello_random_set = MBEDTLS_SSL_FI_FLAG_SET; return( 0 ); } + else + { + ret = MBEDTLS_ERR_PLATFORM_FAULT_DETECTED; + } } return( ret ); @@ -2388,6 +2392,10 @@ static int ssl_rsa_generate_partial_pms( mbedtls_ssl_context *ssl, ssl->handshake->premaster_generated = MBEDTLS_SSL_FI_FLAG_SET; return( 0 ); } + else + { + ret = MBEDTLS_ERR_PLATFORM_FAULT_DETECTED; + } } MBEDTLS_SSL_DEBUG_RET( 1, "f_rng", ret ); @@ -2460,6 +2468,12 @@ static int ssl_rsa_encrypt_partial_pms( mbedtls_ssl_context *ssl, { ssl->handshake->premaster_generated = MBEDTLS_SSL_FI_FLAG_SET; } + else + { + ret = MBEDTLS_ERR_PLATFORM_FAULT_DETECTED; + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_rsa_pkcs1_encrypt", ret ); + goto cleanup; + } } else { @@ -3101,7 +3115,7 @@ static int ssl_in_server_key_exchange_parse( mbedtls_ssl_context *ssl, } else { - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED ); } } #if defined(MBEDTLS_SSL__ECP_RESTARTABLE) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index fbad37b34..2cd34b21f 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -27,9 +27,9 @@ #if defined(MBEDTLS_SSL_SRV_C) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else + +#if !defined(MBEDTLS_PLATFORM_C) #include <stdlib.h> #define mbedtls_calloc calloc #define mbedtls_free free @@ -4659,6 +4659,10 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate verify" ) ); goto exit; } + else + { + ret = MBEDTLS_ERR_PLATFORM_FAULT_DETECTED; + } } diff --git a/library/ssl_tls.c b/library/ssl_tls.c index c92ab7f39..985156097 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2027,8 +2027,9 @@ int mbedtls_ssl_build_pms( mbedtls_ssl_context *ssl ) } else { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", + MBEDTLS_ERR_PLATFORM_FAULT_DETECTED ); + return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED ); } } else diff --git a/library/x509_crt.c b/library/x509_crt.c index 7f689ff90..43bb9770f 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -2936,7 +2936,7 @@ static int x509_crt_check_parent( const mbedtls_x509_crt_sig_info *sig_info, * * Return value: * - 0 on success - * - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise + * - MBEDTLS_ERR_ECP_IN_PROGRESS or MBEDTLS_ERR_PLATFORM_FAULT_DETECTED otherwise */ static int x509_crt_find_parent_in( mbedtls_x509_crt_sig_info const *child_sig, @@ -3051,6 +3051,8 @@ check_signature: mbedtls_platform_random_delay(); if( ret_fi == 0 ) signature_is_good = X509_SIGNATURE_IS_GOOD; + else + return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED ); } if( top && ! signature_is_good ) @@ -3869,6 +3871,8 @@ exit: mbedtls_platform_random_delay(); if( flags_fi == 0 ) return( 0 ); + else + return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED ); } /* Preserve the API by removing internal extra bits - from now on the |