pkcs11-object: Remove return value logging

To prevent Marvin attack on RSA PKCS#1 v1.5 padding when logging the return value, signaling the padding error.
hhonkanen · Feb 5, 2024 · 2d84cec · 2d84cec
1 parent e018f19
commit 2d84cec
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 3 deletions.
diff --git a/src/pkcs11/pkcs11-object.c b/src/pkcs11/pkcs11-object.c
@@ -1034,7 +1034,8 @@ C_Decrypt(CK_SESSION_HANDLE hSession, /* the session's handle */
  rv = reset_login_state(session->slot, rv);
  }
 
- SC_LOG_RV("C_Decrypt() = %s", rv);
+ /* do not log error code to prevent side channel attack */
+ SC_LOG("C_Decrypt()");
  sc_pkcs11_unlock();
  return rv;
 }
@@ -1058,7 +1059,8 @@ C_DecryptUpdate(CK_SESSION_HANDLE hSession, /* the session's handle */
  rv = sc_pkcs11_decr_update(session, pEncryptedPart, ulEncryptedPartLen,
  pPart, pulPartLen);
 
- SC_LOG_RV("C_DecryptUpdate() = %s", rv);
+ /* do not log error code to prevent side channel attack */
+ SC_LOG("C_DecryptUpdate()");
  sc_pkcs11_unlock();
  return rv;
 }
@@ -1086,7 +1088,8 @@ C_DecryptFinal(CK_SESSION_HANDLE hSession, /* the session's handle */
  rv = reset_login_state(session->slot, rv);
  }
 
- SC_LOG_RV("C_DecryptFinal() = %s", rv);
+ /* do not log error code to prevent side channel attack */
+ SC_LOG("C_DecryptFinal()");
  sc_pkcs11_unlock();
  return rv;
 }

diff --git a/src/pkcs11/sc-pkcs11.h b/src/pkcs11/sc-pkcs11.h
@@ -246,6 +246,11 @@ do {\
  }\
 } while(0)
 
+#define SC_LOG(fmt) \
+ do { \
+ sc_log(context, (fmt)); \
+ } while (0)
+
 /* Debug virtual slots. S is slot to be highlighted or NULL
  * C is a comment format string and args It will be preceded by "VSS " */
 #define DEBUG_VSS(S, ...) do { sc_log(context,"VSS " __VA_ARGS__); _debug_virtual_slots(S); } while (0)