fix(sidetrail): Invalid stream cipher struct in proof wrapper #4484
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of changes:
s2n_record_parse_stream calls the decrypt function pointer in the io union of s2n_cipher:
s2n-tls/tls/s2n_record_read_stream.c
Line 53 in 38d769c
In the sidetrail proof wrapper for s2n_record_parse_stream, the s2n_cipher struct is set up with the cbc union value rather than the stream value:
s2n-tls/tests/sidetrail/working/s2n-record-read-stream/s2n_record_read_wrapper.c
Lines 100 to 103 in ba825b8
This causes the sidetrail proof to finish successfully with no timing differences after attempting to decrypt, since this call always fails. This PR sets the decrypt function to the correct io struct, allowing the proof to explore the rest of the s2n_record_parse_stream function.
Call-outs:
Fixing this bug caused the proof to detect a timing difference between the mac validation failing and the mac validation succeeding. Given that the length of any private fields are declassified after successfully validating the mac, this PR removes the extra logic after mac validation from the scope of SideTrail's analysis to avoid the false positive error.
Testing:
I tested the proof with the following patches to ensure that valid sidechannels are successfully detected by sidetrail:
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.