DragonX/dragonx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Force WolfSSL side-channel resistance

Browse Source 
There seems to be some build-bug in WolfSSL, such that even though
--enable-harden (HARDEN) is default, it's not set correctly in options.h .

So we define it correctly just after parsing all other config options
BUT BEFORE we load the rest of WolfSSL headers.

These will be defined no matter what options are given to wolfssl ./configure:

ECC_TIMING_RESISTANT
TFM_TIMING_RESISTANT
This commit is contained in:
Duke Leto
2021-01-24 13:09:25 -05:00
parent cf9dc41361
commit c9b4dfa9c7
3 changed files with 20 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/hush/tlsmanager.h
View File

@@ -33,10 +33,7 @@ bool operator==(const _NODE_ADDR b) const
}
} NODE_ADDR, *PNODE_ADDR;
/**
* @brief A class to wrap some of hush specific TLS functionalities used in the net.cpp
*
*/
// A class to wrap some of hush specific TLS functionalities used in the net.cpp
class TLSManager
{
public: