From c9b4dfa9c7b79b9c2355aee83172598f76daf52a Mon Sep 17 00:00:00 2001
From: Duke Leto <duke@leto.net>
Date: Sun, 24 Jan 2021 13:09:25 -0500
Subject: [PATCH] Force WolfSSL side-channel resistance

There seems to be some build-bug in WolfSSL, such that even though
--enable-harden (HARDEN) is default, it's not set correctly in options.h .

So we define it correctly just after parsing all other config options
BUT BEFORE we load the rest of WolfSSL headers.

These will be defined no matter what options are given to wolfssl ./configure:

ECC_TIMING_RESISTANT
TFM_TIMING_RESISTANT
---
 src/hush/tlsmanager.cpp | 38 +++++++++++++-------------------------
 src/hush/tlsmanager.h   |  5 +----
 src/net.h               |  8 ++++++--
 3 files changed, 20 insertions(+), 31 deletions(-)

diff --git a/src/hush/tlsmanager.cpp b/src/hush/tlsmanager.cpp
index 92e9b6703..8fb8ad66d 100644
--- a/src/hush/tlsmanager.cpp
+++ b/src/hush/tlsmanager.cpp
@@ -5,10 +5,8 @@
 #include <wolfssl/ssl.h>
 #include <wolfssl/openssl/dh.h>
 #include <wolfssl/wolfcrypt/asn.h>
-
 #include <boost/filesystem.hpp>
 #include <boost/thread.hpp>
-
 #include "tlsmanager.h"
 #include "utiltls.h"
 
@@ -70,18 +68,15 @@ static WOLFSSL_DH *get_dh2048(void)
     return dh;
 }
 
-DH *tmp_dh_callback(WOLFSSL *ssl, int is_export, int keylength)
-{
-    LogPrint("tls", "TLS: %s: %s():%d - Using Diffie-Hellman param for PFS: is_export=%d, keylength=%d\n",
-        __FILE__, __func__, __LINE__, is_export, keylength);
+DH *tmp_dh_callback(WOLFSSL *ssl, int is_export, int keylength) {
+    LogPrint("tls", "TLS: %s: %s():%d - Using Diffie-Hellman param for PFS: is_export=%d, keylength=%d\n", __FILE__, __func__, __LINE__, is_export, keylength);
 
     return get_dh2048();
 }
 
-int TLSManager::waitFor(SSLConnectionRoutine eRoutine, SOCKET hSocket, WOLFSSL* ssl, int timeoutSec, unsigned long& err_code)
-{
+int TLSManager::waitFor(SSLConnectionRoutine eRoutine, SOCKET hSocket, WOLFSSL* ssl, int timeoutSec, unsigned long& err_code) {
     int retOp = 0;
-    err_code = 0;
+    err_code  = 0;
     char err_buffer[1024];
 
     while (true)
@@ -231,26 +226,23 @@ WOLFSSL* TLSManager::connect(SOCKET hSocket, const CAddress& addrConnect, unsign
     if ((ssl = wolfSSL_new(tls_ctx_client))) {
         if (wolfSSL_set_fd(ssl, hSocket)) {
             int ret = TLSManager::waitFor(SSL_CONNECT, hSocket, ssl, (DEFAULT_CONNECT_TIMEOUT / 1000), err_code);
-            if (ret == 1)
-            {
+            if (ret == 1) {
                 bConnectedTLS = true;
+            } else {
+                LogPrint("tls", "%s: timed out waiting for %s\n", __func__, addrConnect.ToString());
             }
         }
-    }
-    else
-    {
+    } else {
         err_code = wolfSSL_ERR_get_error();
         const char* error_str = wolfSSL_ERR_error_string(err_code, err_buffer);
-        LogPrint("tls", "TLS: %s: %s():%d - SSL_new failed err: %s\n",
-            __FILE__, __func__, __LINE__, err_buffer);
+        LogPrint("tls", "TLS: %s: %s():%d - SSL_new failed err: %s\n", __FILE__, __func__, __LINE__, err_buffer);
     }
 
     if (bConnectedTLS) {
         LogPrintf("TLS: connection to %s has been established (tlsv = %s 0x%04x / ssl = %s 0x%x ). Using cipher: %s\n",
             addrConnect.ToString(), wolfSSL_get_version(ssl), wolfSSL_version(ssl), wolfSSL_OpenSSL_version(), wolfSSL_lib_version_hex(), wolfSSL_get_cipher_name(ssl));
     } else {
-        LogPrintf("TLS: %s: %s():%d - TLS connection to %s failed (err_code 0x%X)\n",
-            __FILE__, __func__, __LINE__, addrConnect.ToString(), err_code);
+        LogPrintf("TLS: %s: %s():%d - TLS connection to %s timed out\n", __FILE__, __func__, __LINE__, addrConnect.ToString(), err_code);
 
         if (ssl) {
             wolfSSL_free(ssl);
@@ -444,13 +436,10 @@ WOLFSSL* TLSManager::accept(SOCKET hSocket, const CAddress& addr, unsigned long&
                 bAcceptedTLS = true;
             }
         }
-    }
-    else
-    {
+    } else {
         err_code = wolfSSL_ERR_get_error();
         const char* error_str = wolfSSL_ERR_error_string(err_code, err_buffer);
-        LogPrint("tls", "TLS: %s: %s():%d - SSL_new failed err: %s\n",
-            __FILE__, __func__, __LINE__, err_buffer);
+        LogPrint("tls", "TLS: %s: %s():%d - SSL_new failed err: %s\n", __FILE__, __func__, __LINE__, err_buffer);
     }
 
     if (bAcceptedTLS) {
@@ -463,8 +452,7 @@ WOLFSSL* TLSManager::accept(SOCKET hSocket, const CAddress& addr, unsigned long&
             LogPrint("tls", "TLS: supporting cipher: %s\n", wolfSSL_CIPHER_get_name(c));
         }
     } else {
-        LogPrintf("TLS: %s: %s():%d - TLS connection from %s failed (err_code 0x%X)\n",
-            __FILE__, __func__, __LINE__, addr.ToString(), err_code);
+        LogPrintf("TLS: %s: %s():%d - TLS connection from %s failed (err_code 0x%X)\n", __FILE__, __func__, __LINE__, addr.ToString(), err_code);
 
         if (ssl) {
             SSL_free(ssl);
diff --git a/src/hush/tlsmanager.h b/src/hush/tlsmanager.h
index 517ed09a9..8d46f372c 100644
--- a/src/hush/tlsmanager.h
+++ b/src/hush/tlsmanager.h
@@ -33,10 +33,7 @@ bool operator==(const _NODE_ADDR b) const
 }
 } NODE_ADDR, *PNODE_ADDR;
 
-/**
- * @brief A class to wrap some of hush specific TLS functionalities used in the net.cpp
- * 
- */
+// A class to wrap some of hush specific TLS functionalities used in the net.cpp
 class TLSManager
 {
 public:
diff --git a/src/net.h b/src/net.h
index f9da3a9ff..7f97632b0 100644
--- a/src/net.h
+++ b/src/net.h
@@ -42,9 +42,13 @@
 #include <boost/filesystem/path.hpp>
 #include <boost/foreach.hpp>
 #include <boost/signals2/signal.hpp>
-// Enable side-channel resistant WolfSSL Support for Hush
-#define ECC_TIMING_RESISTANT 420
+// Enable WolfSSL Support for Hush
 #include <wolfssl/options.h>
+// TODO: these are not set correctly by wolfssl for some reason. Ja bless.
+#undef ECC_TIMING_RESISTANT
+#undef TFM_TIMING_RESISTANT
+#define ECC_TIMING_RESISTANT 420
+#define TFM_TIMING_RESISTANT 420
 #include <wolfssl/ssl.h>
 
 class CAddrMan;