From 153bf6c6f74b8c951a8b2a13b0224f460148531e Mon Sep 17 00:00:00 2001 From: Andre Noll Date: Sat, 5 Sep 2009 13:16:53 +0200 Subject: [PATCH] Use RSA key blinding to protect against timing attacks. Not that it matters much, but it doesn't hurt either. --- audiod.c | 1 + client.c | 1 + crypt.c | 13 ++++++++++++- error.h | 1 + 4 files changed, 15 insertions(+), 1 deletion(-) diff --git a/audiod.c b/audiod.c index 0479e1e1..e0a455d2 100644 --- a/audiod.c +++ b/audiod.c @@ -1203,6 +1203,7 @@ int main(int argc, char *argv[]) drop_privileges_or_die(conf.user_arg, conf.group_arg); parse_config_or_die(); init_colors_or_die(); + init_random_seed_or_die(); daemon_set_flag(DF_LOG_TIME); daemon_set_flag(DF_LOG_HOSTNAME); daemon_set_flag(DF_LOG_LL); diff --git a/client.c b/client.c index b7c1644c..ebe33898 100644 --- a/client.c +++ b/client.c @@ -82,6 +82,7 @@ int main(int argc, char *argv[]) int ret; static struct sched s; + init_random_seed_or_die(); s.default_timeout.tv_sec = 1; s.default_timeout.tv_usec = 0; ret = client_open(argc, argv, &ct, &client_loglevel); diff --git a/crypt.c b/crypt.c index 352c5b8d..1172ddc3 100644 --- a/crypt.c +++ b/crypt.c @@ -146,9 +146,20 @@ int para_decrypt_buffer(char *key_file, unsigned char *outbuf, unsigned char *in ret = get_rsa_key(key_file, &rsa, LOAD_PRIVATE_KEY); if (ret < 0) return ret; + /* + * RSA is vulnerable to timing attacks. Generate a random blinding + * factor to protect against this kind of attack. + */ + ret = -E_BLINDING; + if (RSA_blinding_on(rsa, NULL) == 0) + goto out; ret = RSA_private_decrypt(inlen, inbuf, outbuf, rsa, RSA_PKCS1_OAEP_PADDING); + RSA_blinding_off(rsa); + if (ret <= 0) + ret = -E_DECRYPT; +out: rsa_free(rsa); - return (ret > 0)? ret : -E_DECRYPT; + return ret; } /** diff --git a/error.h b/error.h index 7416be57..4639cf78 100644 --- a/error.h +++ b/error.h @@ -323,6 +323,7 @@ extern const char **para_errlist[]; PARA_ERROR(ENCRYPT, "encrypt error"), \ PARA_ERROR(DECRYPT, "decrypt error"), \ PARA_ERROR(CHALLENGE, "failed to read challenge"), \ + PARA_ERROR(BLINDING, "failed to activate key blinding"), \ #define COMMAND_ERRORS \ -- 2.39.5