mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-18 14:57:25 +00:00
Disable debug messages that can introduce a timing side channel.
Introduced the POLARSSL_SSL_DEBUG_ALL flag to enable all these debug messages in case somebody does want to see the reason checks fail.
This commit is contained in:
parent
4582999be6
commit
d66f070d49
|
@ -3,6 +3,8 @@ PolarSSL ChangeLog
|
||||||
= Development
|
= Development
|
||||||
Changes
|
Changes
|
||||||
* Allow enabling of dummy error_strerror() to support some use-cases
|
* Allow enabling of dummy error_strerror() to support some use-cases
|
||||||
|
* Debug messages about padding errors during SSL message decryption are
|
||||||
|
disabled by default and can be enabled with POLARSSL_SSL_DEBUG_ALL
|
||||||
|
|
||||||
Security
|
Security
|
||||||
* Removed timing differences during SSL message decryption in
|
* Removed timing differences during SSL message decryption in
|
||||||
|
|
|
@ -238,6 +238,22 @@
|
||||||
*/
|
*/
|
||||||
#define POLARSSL_SELF_TEST
|
#define POLARSSL_SELF_TEST
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \def POLARSSL_SSL_DEBUG_ALL
|
||||||
|
*
|
||||||
|
* Enable the debug messages in SSL module for all issues.
|
||||||
|
* Debug messages have been disabled in some places to prevent timing
|
||||||
|
* attacks due to (unbalanced) debugging function calls.
|
||||||
|
*
|
||||||
|
* If you need all error reporting you should enable this during debugging,
|
||||||
|
* but remove this for production servers that should log as well.
|
||||||
|
*
|
||||||
|
* Uncomment this macro to report all debug messages on errors introducing
|
||||||
|
* a timing side-channel.
|
||||||
|
*
|
||||||
|
#define POLARSSL_SSL_DEBUG_ALL
|
||||||
|
*/
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \def POLARSSL_SSL_HW_RECORD_ACCEL
|
* \def POLARSSL_SSL_HW_RECORD_ACCEL
|
||||||
*
|
*
|
||||||
|
|
|
@ -1403,9 +1403,10 @@ static int ssl_decrypt_buf( ssl_context *ssl )
|
||||||
|
|
||||||
if( ssl->in_msglen < ssl->transform_in->maclen + padlen )
|
if( ssl->in_msglen < ssl->transform_in->maclen + padlen )
|
||||||
{
|
{
|
||||||
|
#if defined(POLARSSL_SSL_DEBUG_ALL)
|
||||||
SSL_DEBUG_MSG( 1, ( "msglen (%d) < maclen (%d) + padlen (%d)",
|
SSL_DEBUG_MSG( 1, ( "msglen (%d) < maclen (%d) + padlen (%d)",
|
||||||
ssl->in_msglen, ssl->transform_in->maclen, padlen ) );
|
ssl->in_msglen, ssl->transform_in->maclen, padlen ) );
|
||||||
|
#endif
|
||||||
padlen = 0;
|
padlen = 0;
|
||||||
fake_padlen = 256;
|
fake_padlen = 256;
|
||||||
correct = 0;
|
correct = 0;
|
||||||
|
@ -1415,9 +1416,11 @@ static int ssl_decrypt_buf( ssl_context *ssl )
|
||||||
{
|
{
|
||||||
if( padlen > ssl->transform_in->ivlen )
|
if( padlen > ssl->transform_in->ivlen )
|
||||||
{
|
{
|
||||||
|
#if defined(POLARSSL_SSL_DEBUG_ALL)
|
||||||
SSL_DEBUG_MSG( 1, ( "bad padding length: is %d, "
|
SSL_DEBUG_MSG( 1, ( "bad padding length: is %d, "
|
||||||
"should be no more than %d",
|
"should be no more than %d",
|
||||||
padlen, ssl->transform_in->ivlen ) );
|
padlen, ssl->transform_in->ivlen ) );
|
||||||
|
#endif
|
||||||
correct = 0;
|
correct = 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1443,8 +1446,10 @@ static int ssl_decrypt_buf( ssl_context *ssl )
|
||||||
else
|
else
|
||||||
minlen = 1;
|
minlen = 1;
|
||||||
}
|
}
|
||||||
|
#if defined(POLARSSL_SSL_DEBUG_ALL)
|
||||||
if( padlen > 0 && correct == 0)
|
if( padlen > 0 && correct == 0)
|
||||||
SSL_DEBUG_MSG( 1, ( "bad padding byte detected" ) );
|
SSL_DEBUG_MSG( 1, ( "bad padding byte detected" ) );
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue