diff options
author | Jack Lloyd <[email protected]> | 2016-12-17 22:35:08 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2016-12-17 22:35:08 -0500 |
commit | 5006e178ba46dbb977c9e7363b770bc758782d4b (patch) | |
tree | c53591987e10ababb2dba7bf816ffb8d06746634 /src | |
parent | 7397a773c80a6f3d273b2aa80c6e54aa7ebdcc46 (diff) |
Disable TLS signature and finished message checks in fuzzer mode
Also use a const time comparison for the finished message, though
I don't see any real way of exploiting that timing channel.
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/tls/msg_cert_verify.cpp | 9 | ||||
-rw-r--r-- | src/lib/tls/msg_finished.cpp | 9 | ||||
-rw-r--r-- | src/lib/tls/msg_server_kex.cpp | 8 |
3 files changed, 23 insertions, 3 deletions
diff --git a/src/lib/tls/msg_cert_verify.cpp b/src/lib/tls/msg_cert_verify.cpp index ac8fa97fd..2f8e8230e 100644 --- a/src/lib/tls/msg_cert_verify.cpp +++ b/src/lib/tls/msg_cert_verify.cpp @@ -90,7 +90,14 @@ bool Certificate_Verify::verify(const X509_Certificate& cert, PK_Verifier verifier(*key, format.first, format.second); - return verifier.verify_message(state.hash().get_contents(), m_signature); + const bool signature_valid = + verifier.verify_message(state.hash().get_contents(), m_signature); + +#if defined(BOTAN_UNSAFE_FUZZER_MODE) + return true; +#else + return signature_valid; +#endif } } diff --git a/src/lib/tls/msg_finished.cpp b/src/lib/tls/msg_finished.cpp index 3a2c88fb1..7d5eea77a 100644 --- a/src/lib/tls/msg_finished.cpp +++ b/src/lib/tls/msg_finished.cpp @@ -74,7 +74,14 @@ Finished::Finished(const std::vector<byte>& buf) : m_verification_data(buf) bool Finished::verify(const Handshake_State& state, Connection_Side side) const { - return (m_verification_data == finished_compute_verify(state, side)); + std::vector<byte> computed_verify = finished_compute_verify(state, side); + +#if defined(BOTAN_UNSAFE_FUZZER_MODE) + return true; +#else + return (m_verification_data.size() == computed_verify.size()) && + same_mem(m_verification_data.data(), computed_verify.data(), computed_verify.size()); +#endif } } diff --git a/src/lib/tls/msg_server_kex.cpp b/src/lib/tls/msg_server_kex.cpp index 521ef4e20..72b90a31c 100644 --- a/src/lib/tls/msg_server_kex.cpp +++ b/src/lib/tls/msg_server_kex.cpp @@ -287,7 +287,13 @@ bool Server_Key_Exchange::verify(const Public_Key& server_key, verifier.update(state.server_hello()->random()); verifier.update(params()); - return verifier.check_signature(m_signature); + const bool signature_valid = verifier.check_signature(m_signature); + +#if defined(BOTAN_UNSAFE_FUZZER_MODE) + return true; +#else + return signature_valid; +#endif } const Private_Key& Server_Key_Exchange::server_kex_key() const |