Merge pull request #499 from toddouska/timing

add --enable-harden swtich for timing resistance and blinding, on by …
2025-08-03 04:34:41 +02:00 · 2016-07-26 10:14:20 -07:00
parent ea683f493a fc6a5c0702
commit 5bb250583e
7 changed files with 53 additions and 2 deletions
--- a/configure.ac
+++ b/configure.ac
@@ -192,6 +192,18 @@ AC_ARG_ENABLE([maxstrength],
    [ENABLED_MAXSTRENGTH=no])


+# Harden, enable Timing Resistance and Blinding by default
+AC_ARG_ENABLE([harden],
+    [AS_HELP_STRING([--enable-harden],[Enable Hardened build, Enables Timing Resistance and Blinding (default: enabled)])],
+    [ENABLED_HARDEN=$enableval],
+    [ENABLED_HARDEN=yes])
+
+if test "$ENABLED_HARDEN" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DTFM_TIMING_RESISTANT -DECC_TIMING_RESISTANT -DWC_RSA_BLINDING"
+fi
+
+
 # IPv6 Test Apps
 AC_ARG_ENABLE([ipv6],
    [  --enable-ipv6           Enable testing of IPV6 (default: disabled)],
--- a/mcapi/crypto.c
+++ b/mcapi/crypto.c
@@ -536,7 +536,22 @@ int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX* rsa)
        return BAD_FUNC_ARG;

    return RsaEncryptSize((RsaKey*)rsa->holder);
-}    
+}
+
+
+int CRYPT_RSA_SetRng(CRYPT_RSA_CTX* rsa, CRYPT_RNG_CTX* rng)
+{
+    if (rsa == NULL)
+        return BAD_FUNC_ARG;
+
+#ifdef WC_RSA_BLINDING
+    return wc_RsaSetRNG((RsaKey*)rsa->holder, (WC_RNG*)rng);
+#else
+    (void)rng;
+
+    return 0;
+#endif
+}


 /* ECC init */
--- a/mcapi/crypto.h
+++ b/mcapi/crypto.h
@@ -220,7 +220,8 @@ int CRYPT_RSA_PrivateDecrypt(CRYPT_RSA_CTX*, unsigned char*,
                             unsigned int, const unsigned char*, unsigned int);

 /* helpers */
-int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX*);                             
+int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX*);
+int CRYPT_RSA_SetRng(CRYPT_RSA_CTX*, CRYPT_RNG_CTX*);



--- a/mcapi/mcapi_test.c
+++ b/mcapi/mcapi_test.c
@@ -1296,6 +1296,12 @@ static int check_rsa(void)
        return -1;
    }

+    ret = CRYPT_RSA_SetRng(&mcRsa, &mcRng);
+    if (ret != 0) {
+        printf("mcapi rsa set rng failed\n");
+        return -1;
+    }
+
    ret = CRYPT_RSA_PublicEncrypt(&mcRsa, out1, sizeof(out1), ourData,
                                  RSA_TEST_SIZE, &mcRng);
    if (ret < 0) {
--- a/wolfcrypt/user-crypto/include/user_rsa.h
+++ b/wolfcrypt/user-crypto/include/user_rsa.h
@@ -105,6 +105,7 @@ WOLFSSL_API int  wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
 #endif
 WOLFSSL_API int  wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
                                                                       word32*);
+WOLFSSL_API int  wc_RsaSetRNG(RsaKey* key, WC_RNG* rng);


 #if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)
--- a/wolfcrypt/user-crypto/src/rsa.c
+++ b/wolfcrypt/user-crypto/src/rsa.c
@@ -2670,5 +2670,19 @@ int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen)

 #endif /* WOLFSSL_KEY_GEN */

+#ifdef WC_RSA_BLINDING
+
+int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng)
+{
+    if (key == NULL)
+        return USER_CRYPTO_ERROR;
+
+    (void)rng;
+
+    return 0;
+}
+
+#endif /* WC_RSA_BLINDING */
+
 #endif /* NO_RSA */

--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@@ -155,6 +155,8 @@
 /* make sure old RNG name is used with CTaoCrypt FIPS */
 #ifdef HAVE_FIPS
    #define WC_RNG RNG
+    /* blinding adds API not available yet in FIPS mode */
+    #undef WC_RSA_BLINDING
 #endif