Not that it matters much, but it doesn't hurt either.
drop_privileges_or_die(conf.user_arg, conf.group_arg);
parse_config_or_die();
init_colors_or_die();
+ init_random_seed_or_die();
daemon_set_flag(DF_LOG_TIME);
daemon_set_flag(DF_LOG_HOSTNAME);
daemon_set_flag(DF_LOG_LL);
int ret;
static struct sched s;
+ init_random_seed_or_die();
s.default_timeout.tv_sec = 1;
s.default_timeout.tv_usec = 0;
ret = client_open(argc, argv, &ct, &client_loglevel);
ret = get_rsa_key(key_file, &rsa, LOAD_PRIVATE_KEY);
if (ret < 0)
return ret;
+ /*
+ * RSA is vulnerable to timing attacks. Generate a random blinding
+ * factor to protect against this kind of attack.
+ */
+ ret = -E_BLINDING;
+ if (RSA_blinding_on(rsa, NULL) == 0)
+ goto out;
ret = RSA_private_decrypt(inlen, inbuf, outbuf, rsa, RSA_PKCS1_OAEP_PADDING);
+ RSA_blinding_off(rsa);
+ if (ret <= 0)
+ ret = -E_DECRYPT;
+out:
rsa_free(rsa);
- return (ret > 0)? ret : -E_DECRYPT;
+ return ret;
}
/**
PARA_ERROR(ENCRYPT, "encrypt error"), \
PARA_ERROR(DECRYPT, "decrypt error"), \
PARA_ERROR(CHALLENGE, "failed to read challenge"), \
+ PARA_ERROR(BLINDING, "failed to activate key blinding"), \
#define COMMAND_ERRORS \
projects / paraslash.git / commitdiff