From 88f847de90fe0a363791b4c969f09facae0b8115 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 25 Jul 2016 13:24:36 -0700 Subject: [PATCH 1/6] add --enable-harden swtich for timing resistance and blinding, on by default --- configure.ac | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/configure.ac b/configure.ac index 753457d48..bf5a27fbe 100644 --- a/configure.ac +++ b/configure.ac @@ -192,6 +192,18 @@ AC_ARG_ENABLE([maxstrength], [ENABLED_MAXSTRENGTH=no]) +# Harden, enable Timing Resistance and Blinding by default +AC_ARG_ENABLE([harden], + [AS_HELP_STRING([--enable-harden],[Enable Hardened build, Enables Timing Resistance and Blinding (default: enabled)])], + [ENABLED_HARDEN=$enableval], + [ENABLED_HARDEN=yes]) + +if test "$ENABLED_HARDEN" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DTFM_TIMING_RESISTANT -DECC_TIMING_RESISTANT -DWC_RSA_BLINDING" +fi + + # IPv6 Test Apps AC_ARG_ENABLE([ipv6], [ --enable-ipv6 Enable testing of IPV6 (default: disabled)], From 16336e37ec5c65440bd14f1c6bea36ec536785b6 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 25 Jul 2016 13:47:53 -0700 Subject: [PATCH 2/6] fix blinding with fips --- wolfssl/wolfcrypt/settings.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index c2130f6a2..ad95b6137 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -155,6 +155,8 @@ /* make sure old RNG name is used with CTaoCrypt FIPS */ #ifdef HAVE_FIPS #define WC_RNG RNG + /* blinding adds API not available yet in FIPS mode */ + #undef WC_RSA_BLINDING #endif From cd5486a4e6c5247091753fbcf2413c20a1c5503a Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 25 Jul 2016 15:33:28 -0700 Subject: [PATCH 3/6] fix user_rsa with blinding API addition --- wolfcrypt/user-crypto/include/user_rsa.h | 1 + wolfcrypt/user-crypto/src/rsa.c | 14 ++++++++++++++ 2 files changed, 15 insertions(+) diff --git a/wolfcrypt/user-crypto/include/user_rsa.h b/wolfcrypt/user-crypto/include/user_rsa.h index fbf9430fe..72d2c610e 100644 --- a/wolfcrypt/user-crypto/include/user_rsa.h +++ b/wolfcrypt/user-crypto/include/user_rsa.h @@ -105,6 +105,7 @@ WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, #endif WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*, word32*); +WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng); #if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN) diff --git a/wolfcrypt/user-crypto/src/rsa.c b/wolfcrypt/user-crypto/src/rsa.c index 748c420c4..e39ee6e68 100644 --- a/wolfcrypt/user-crypto/src/rsa.c +++ b/wolfcrypt/user-crypto/src/rsa.c @@ -2670,5 +2670,19 @@ int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen) #endif /* WOLFSSL_KEY_GEN */ +#ifdef WC_RSA_BLINDING + +int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng) +{ + if (key == NULL) + return BAD_FUNC_ARG; + + (void)rng; + + return 0; +} + +#endif /* WC_RSA_BLINDING */ + #endif /* NO_RSA */ From 51042e166f1bde27dcb662baaa85f205b6ac2b4c Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 25 Jul 2016 15:57:38 -0700 Subject: [PATCH 4/6] fix mcapi with blinding API addition --- mcapi/crypto.c | 11 ++++++++++- mcapi/crypto.h | 3 ++- mcapi/mcapi_test.c | 6 ++++++ 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/mcapi/crypto.c b/mcapi/crypto.c index b73ff2772..d15bfad26 100644 --- a/mcapi/crypto.c +++ b/mcapi/crypto.c @@ -536,7 +536,16 @@ int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX* rsa) return BAD_FUNC_ARG; return RsaEncryptSize((RsaKey*)rsa->holder); -} +} + + +int CRYPT_RSA_SetRng(CRYPT_RSA_CTX* rsa, CRYPT_RNG_CTX* rng) +{ + if (rsa == NULL) + return BAD_FUNC_ARG; + + return wc_RsaSetRNG((RsaKey*)rsa->holder, (WC_RNG*)rng); +} /* ECC init */ diff --git a/mcapi/crypto.h b/mcapi/crypto.h index 36232a452..8fe323631 100644 --- a/mcapi/crypto.h +++ b/mcapi/crypto.h @@ -220,7 +220,8 @@ int CRYPT_RSA_PrivateDecrypt(CRYPT_RSA_CTX*, unsigned char*, unsigned int, const unsigned char*, unsigned int); /* helpers */ -int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX*); +int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX*); +int CRYPT_RSA_SetRng(CRYPT_RSA_CTX*, CRYPT_RNG_CTX*); diff --git a/mcapi/mcapi_test.c b/mcapi/mcapi_test.c index a34834d17..0a6d77e74 100644 --- a/mcapi/mcapi_test.c +++ b/mcapi/mcapi_test.c @@ -1296,6 +1296,12 @@ static int check_rsa(void) return -1; } + ret = CRYPT_RSA_SetRng(&mcRsa, &mcRng); + if (ret != 0) { + printf("mcapi rsa set rng failed\n"); + return -1; + } + ret = CRYPT_RSA_PublicEncrypt(&mcRsa, out1, sizeof(out1), ourData, RSA_TEST_SIZE, &mcRng); if (ret < 0) { From a274386693b2250b86e3e1f95c10c4ece2a58cb0 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 25 Jul 2016 19:19:46 -0700 Subject: [PATCH 5/6] fix user rsa no error codes? --- wolfcrypt/user-crypto/src/rsa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wolfcrypt/user-crypto/src/rsa.c b/wolfcrypt/user-crypto/src/rsa.c index e39ee6e68..974789ce7 100644 --- a/wolfcrypt/user-crypto/src/rsa.c +++ b/wolfcrypt/user-crypto/src/rsa.c @@ -2675,7 +2675,7 @@ int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen) int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng) { if (key == NULL) - return BAD_FUNC_ARG; + return USER_CRYPTO_ERROR; (void)rng; From fc6a5c0702c40ca8c89b4d756dfe01d7d814a87f Mon Sep 17 00:00:00 2001 From: toddouska Date: Tue, 26 Jul 2016 09:06:46 -0700 Subject: [PATCH 6/6] fix mcapi w/o harden --- mcapi/crypto.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/mcapi/crypto.c b/mcapi/crypto.c index d15bfad26..c8a99f579 100644 --- a/mcapi/crypto.c +++ b/mcapi/crypto.c @@ -544,7 +544,13 @@ int CRYPT_RSA_SetRng(CRYPT_RSA_CTX* rsa, CRYPT_RNG_CTX* rng) if (rsa == NULL) return BAD_FUNC_ARG; +#ifdef WC_RSA_BLINDING return wc_RsaSetRNG((RsaKey*)rsa->holder, (WC_RNG*)rng); +#else + (void)rng; + + return 0; +#endif }