Commit Graph

6507 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
5fcfd0345d Fix Lucky 13 cache attack on MD/SHA padding
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function gives information about that.

Information about this length (modulo the MD/SHA block size) can be deduced
from how much MD/SHA padding (this is distinct from TLS-CBC padding) is used.
If MD/SHA padding is read from a (static) buffer, a local attacker could get
information about how much is used via a cache attack targeting that buffer.

Let's get rid of this buffer. Now the only buffer used is the internal MD/SHA
one, which is always read fully by the process() function.
2018-07-12 10:18:37 +02:00
Simon Butcher
d064b5c87b Disable use of the i386 assembly for option -O0
We don't compile in the assembly code if compiler optimisations are disabled as
the number of registers used in the assembly code doesn't work with the -O0
option. Also anyone select -O0 probably doesn't want to compile in the assembly
code anyway.
2018-07-10 23:20:01 +01:00
Andres Amaya Garcia
808a09ca85 Remove redundant ret = 1 in dh_client.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia
cfb61b33cf Add missing platform macro defines in cert_app.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia
9f92a805e9 Add missing platform macro defines in pk_decrypt.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia
2b0599bc91 Fix typo in platform macro defines for examples 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia
0dcc6a9f7d Fix ret code in gen_random_havege.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia
053e1cd7ab Fix ret code in rsa_encrypt.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia
156099b76f Fix ret code in rsa_decrypt.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia
8ec767c042 Fix ret code in cert_app.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia
77d2de223c Fix ret code in generic_sum.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
2702000d2c Fix ret code in pk_verify.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
a5236b1dd3 Fix ret code in pk_sign.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
a0ea01d273 Fix ret code in pk_encrypt.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
141b4f4526 Fix ret code in pk_encrypt.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
81982c84d4 Fix ret code in ecdh_curve25519.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
c899c464f6 Fix ret code in mpi_demo.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
6118adab09 Fix ret code in pem2der.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
73081c3e2f Fix ret code in ssl_cert_test.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
01e3d21350 Fix ret code in udp_proxy.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
12ab7a6884 Fix ret code in req_app.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
8fe4d917f7 Fix ret code in crl_app.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
a7ac5ab2ee Fix ret code in cert_write.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
7bd88dc44c Fix ret code in cert_req.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
ea14fe76d5 Fix ret code in ssl_mail_client.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
e4f79e1902 Fix ret code in ssl_fork_server.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
bc1af79add Fix ret code in ssl_client1.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
ac0e3e7b11 Fix ret code in gen_random_ctr_drbg.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
43e65fbbca Fix ret code in gen_entropy.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
1b04390e4f Fix ret code in rsa_verify_pss.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
1e36af911b Fix ret code in rsa_verify.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
0b20b4e4cd Fix ret code in rsa_sign_pss.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
39e1964960 Fix ret code in rsa_sign.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
a8a96ae42f Fix ret code in rsa_genkey.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
aa3291e1fb Fix ret code in key_app_writer.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
f57bccf839 Fix ret code in key_app.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
7c55e79f54 Fix ret code in gen_key.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
47c041190c Fix ret code in ecdsa.c 2018-07-10 17:34:23 +01:00
Andres Amaya Garcia
114ba1955e Fix ret code in dh_server.c 2018-07-10 17:34:23 +01:00
Andres Amaya Garcia
74c51e6e64 Fix ret code in dh_genprime.c 2018-07-10 17:34:23 +01:00
Andres Amaya Garcia
f842345ac3 Fix ret code in dh_client.c 2018-07-10 17:34:23 +01:00
Andres Amaya Garcia
990900ff40 Fix ret code in crypt_and_hash.c 2018-07-10 17:34:23 +01:00
Andres Amaya Garcia
15cbf61805 Fix ret code in aescrypt2.c 2018-07-10 17:34:23 +01:00
Simon Butcher
a063fff51a Fix Changelog entry for #1533 fix as a Change not a bugfix 2018-07-10 15:20:26 +01:00
Simon Butcher
28f68a3d15 Merge remote-tracking branch 'public/pr/1809' into mbedtls-2.7 2018-07-10 14:58:51 +01:00
Simon Butcher
e5b05e531f Merge remote-tracking branch 'public/pr/1822' into mbedtls-2.7 2018-07-10 14:34:21 +01:00
Simon Butcher
a159d64e86 Merge remote-tracking branch 'public/pr/1827' into mbedtls-2.7 2018-07-10 12:50:16 +01:00
Gilles Peskine
b2d88404a3 Add ChangeLog entry 2018-07-10 13:05:11 +02:00
Simon Butcher
db060a8da2 Merge remote-tracking branch 'public/pr/1819' into mbedtls-2.7 2018-07-10 11:36:14 +01:00
k-stachowiak
6cba569e3f Update change log 2018-07-09 14:45:00 +02:00