Commit graph

6507 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard 5fcfd0345d Fix Lucky 13 cache attack on MD/SHA padding
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function gives information about that.

Information about this length (modulo the MD/SHA block size) can be deduced
from how much MD/SHA padding (this is distinct from TLS-CBC padding) is used.
If MD/SHA padding is read from a (static) buffer, a local attacker could get
information about how much is used via a cache attack targeting that buffer.

Let's get rid of this buffer. Now the only buffer used is the internal MD/SHA
one, which is always read fully by the process() function.
2018-07-12 10:18:37 +02:00
Simon Butcher d064b5c87b Disable use of the i386 assembly for option -O0
We don't compile in the assembly code if compiler optimisations are disabled as
the number of registers used in the assembly code doesn't work with the -O0
option. Also anyone select -O0 probably doesn't want to compile in the assembly
code anyway.
2018-07-10 23:20:01 +01:00
Andres Amaya Garcia 808a09ca85 Remove redundant ret = 1 in dh_client.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia cfb61b33cf Add missing platform macro defines in cert_app.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia 9f92a805e9 Add missing platform macro defines in pk_decrypt.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia 2b0599bc91 Fix typo in platform macro defines for examples 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia 0dcc6a9f7d Fix ret code in gen_random_havege.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia 053e1cd7ab Fix ret code in rsa_encrypt.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia 156099b76f Fix ret code in rsa_decrypt.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia 8ec767c042 Fix ret code in cert_app.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia 77d2de223c Fix ret code in generic_sum.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia 2702000d2c Fix ret code in pk_verify.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia a5236b1dd3 Fix ret code in pk_sign.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia a0ea01d273 Fix ret code in pk_encrypt.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia 141b4f4526 Fix ret code in pk_encrypt.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia 81982c84d4 Fix ret code in ecdh_curve25519.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia c899c464f6 Fix ret code in mpi_demo.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia 6118adab09 Fix ret code in pem2der.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia 73081c3e2f Fix ret code in ssl_cert_test.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia 01e3d21350 Fix ret code in udp_proxy.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia 12ab7a6884 Fix ret code in req_app.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia 8fe4d917f7 Fix ret code in crl_app.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia a7ac5ab2ee Fix ret code in cert_write.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia 7bd88dc44c Fix ret code in cert_req.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia ea14fe76d5 Fix ret code in ssl_mail_client.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia e4f79e1902 Fix ret code in ssl_fork_server.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia bc1af79add Fix ret code in ssl_client1.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia ac0e3e7b11 Fix ret code in gen_random_ctr_drbg.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia 43e65fbbca Fix ret code in gen_entropy.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia 1b04390e4f Fix ret code in rsa_verify_pss.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia 1e36af911b Fix ret code in rsa_verify.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia 0b20b4e4cd Fix ret code in rsa_sign_pss.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia 39e1964960 Fix ret code in rsa_sign.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia a8a96ae42f Fix ret code in rsa_genkey.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia aa3291e1fb Fix ret code in key_app_writer.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia f57bccf839 Fix ret code in key_app.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia 7c55e79f54 Fix ret code in gen_key.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia 47c041190c Fix ret code in ecdsa.c 2018-07-10 17:34:23 +01:00
Andres Amaya Garcia 114ba1955e Fix ret code in dh_server.c 2018-07-10 17:34:23 +01:00
Andres Amaya Garcia 74c51e6e64 Fix ret code in dh_genprime.c 2018-07-10 17:34:23 +01:00
Andres Amaya Garcia f842345ac3 Fix ret code in dh_client.c 2018-07-10 17:34:23 +01:00
Andres Amaya Garcia 990900ff40 Fix ret code in crypt_and_hash.c 2018-07-10 17:34:23 +01:00
Andres Amaya Garcia 15cbf61805 Fix ret code in aescrypt2.c 2018-07-10 17:34:23 +01:00
Simon Butcher a063fff51a Fix Changelog entry for #1533 fix as a Change not a bugfix 2018-07-10 15:20:26 +01:00
Simon Butcher 28f68a3d15 Merge remote-tracking branch 'public/pr/1809' into mbedtls-2.7 2018-07-10 14:58:51 +01:00
Simon Butcher e5b05e531f Merge remote-tracking branch 'public/pr/1822' into mbedtls-2.7 2018-07-10 14:34:21 +01:00
Simon Butcher a159d64e86 Merge remote-tracking branch 'public/pr/1827' into mbedtls-2.7 2018-07-10 12:50:16 +01:00
Gilles Peskine b2d88404a3 Add ChangeLog entry 2018-07-10 13:05:11 +02:00
Simon Butcher db060a8da2 Merge remote-tracking branch 'public/pr/1819' into mbedtls-2.7 2018-07-10 11:36:14 +01:00
k-stachowiak 6cba569e3f Update change log 2018-07-09 14:45:00 +02:00