From 171796e8e2572125c7f27aa3f96762a74630f26a Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 10 Jul 2017 14:40:07 -0700 Subject: [PATCH 1/2] Fix up for building without `./configure` to warn if hardening options are not enabled. Currently `./configure` defaults to `--enable-harden`, but if building sources directly and using `settings.h` or `user_settings.h` the hardening defines will not be set by default. If a user wants to use without hardening they can suppress the warning by defining `WC_NO_HARDEN`. --- IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h | 5 +++++ configure.ac | 2 ++ wolfssl/wolfcrypt/settings.h | 15 +++++++++++++++ 3 files changed, 22 insertions(+) diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h b/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h index ad720b32b..b9f3ae150 100644 --- a/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h +++ b/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h @@ -120,6 +120,11 @@ extern "C" { /* half as much memory but twice as slow */ #undef RSA_LOW_MEM //#define RSA_LOW_MEM + + /* Enables blinding mode, to prevent timing attacks */ + #undef WC_RSA_BLINDING + #define WC_RSA_BLINDING + #else #define NO_RSA #endif diff --git a/configure.ac b/configure.ac index 9666232d7..f7fde4d59 100644 --- a/configure.ac +++ b/configure.ac @@ -408,6 +408,8 @@ AC_ARG_ENABLE([harden], if test "$ENABLED_HARDEN" = "yes" then AM_CFLAGS="$AM_CFLAGS -DTFM_TIMING_RESISTANT -DECC_TIMING_RESISTANT -DWC_RSA_BLINDING" +else + AM_CFLAGS="$AM_CFLAGS -DWC_NO_HARDEN" fi diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 8e6777d0e..945a5110a 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -1596,6 +1596,21 @@ extern void uITRON4_free(void *p) ; #define ED25519_SMALL #endif + +/* warning for not using harden build options (default with ./configure) */ +#ifndef WC_NO_HARDEN + #if (defined(USE_FAST_MATH) && !defined(TFM_TIMING_RESISTANT)) || \ + (defined(HAVE_ECC) && !defined(ECC_TIMING_RESISTANT)) || \ + (!defined(NO_RSA) && !defined(WC_RSA_BLINDING)) + + #ifndef _MSC_VER + #warning "For timing resistance / side-channel attack prevention consider using harden options" + #else + #pragma message("Warning: For timing resistance / side-channel attack prevention consider using harden options") + #endif + #endif +#endif + #ifdef __cplusplus } /* extern "C" */ #endif From 792fcefbb7a85040cad7f8c5893cf37d7494be01 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 10 Jul 2017 18:41:22 -0700 Subject: [PATCH 2/2] Fix to not warn about `WC_RSA_BLINDING` in FIPS mode. Add `WC_RSA_BLINDING` to Windows `user_settings.h`. --- IDE/WIN/user_settings.h | 31 ++++++++++++++++++------------- wolfssl/wolfcrypt/settings.h | 2 +- 2 files changed, 19 insertions(+), 14 deletions(-) diff --git a/IDE/WIN/user_settings.h b/IDE/WIN/user_settings.h index 9ebc2ca77..b5c59a9ae 100755 --- a/IDE/WIN/user_settings.h +++ b/IDE/WIN/user_settings.h @@ -22,20 +22,25 @@ #define NO_RABBIT #define NO_DSA #define NO_MD4 -#elif defined(WOLFSSL_LIB) - /* The lib */ - #define OPENSSL_EXTRA - #define WOLFSSL_RIPEMD - #define WOLFSSL_SHA512 - #define NO_PSK - #define HAVE_EXTENDED_MASTER - #define WOLFSSL_SNIFFER - #define HAVE_TLS_EXTENSIONS - #define HAVE_SECURE_RENEGOTIATION #else - /* The servers and clients */ - #define OPENSSL_EXTRA - #define NO_PSK + /* Enables blinding mode, to prevent timing attacks */ + #define WC_RSA_BLINDING + + #if defined(WOLFSSL_LIB) + /* The lib */ + #define OPENSSL_EXTRA + #define WOLFSSL_RIPEMD + #define WOLFSSL_SHA512 + #define NO_PSK + #define HAVE_EXTENDED_MASTER + #define WOLFSSL_SNIFFER + #define HAVE_TLS_EXTENSIONS + #define HAVE_SECURE_RENEGOTIATION + #else + /* The servers and clients */ + #define OPENSSL_EXTRA + #define NO_PSK + #endif #endif /* HAVE_FIPS */ #endif /* _WIN_USER_SETTINGS_H_ */ diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 945a5110a..ec4c22e67 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -1601,7 +1601,7 @@ extern void uITRON4_free(void *p) ; #ifndef WC_NO_HARDEN #if (defined(USE_FAST_MATH) && !defined(TFM_TIMING_RESISTANT)) || \ (defined(HAVE_ECC) && !defined(ECC_TIMING_RESISTANT)) || \ - (!defined(NO_RSA) && !defined(WC_RSA_BLINDING)) + (!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS)) #ifndef _MSC_VER #warning "For timing resistance / side-channel attack prevention consider using harden options"