in tls/s2n_connection.c [1313:1360]
S2N_CLEANUP_RESULT s2n_connection_apply_error_blinding(struct s2n_connection **conn)
{
RESULT_ENSURE_REF(conn);
if (*conn == NULL) {
return S2N_RESULT_OK;
}
/* Ensure that conn->in doesn't contain any leftover invalid or unauthenticated data. */
RESULT_GUARD_POSIX(s2n_stuffer_wipe(&(*conn)->in));
int error_code = s2n_errno;
int error_type = s2n_error_get_type(error_code);
switch (error_type) {
case S2N_ERR_T_OK:
/* Ignore no error */
return S2N_RESULT_OK;
case S2N_ERR_T_BLOCKED:
/* All blocking errors are retriable and should trigger no further action. */
return S2N_RESULT_OK;
default:
break;
}
switch (error_code) {
/* Don't invoke blinding on some of the common errors.
*
* Be careful adding new errors here. Disabling blinding for an
* error that can be triggered by secret / encrypted values can
* potentially lead to a side channel attack.
*
* We may want to someday add an explicit error type for these errors.
*/
case S2N_ERR_CLOSED:
case S2N_ERR_CANCELLED:
case S2N_ERR_CIPHER_NOT_SUPPORTED:
case S2N_ERR_PROTOCOL_VERSION_UNSUPPORTED:
case S2N_ERR_CONFIG_NULL_BEFORE_CH_CALLBACK:
RESULT_GUARD(s2n_connection_set_closed(*conn));
break;
default:
/* Apply blinding to all other errors */
RESULT_GUARD(s2n_connection_kill(*conn));
break;
}
return S2N_RESULT_OK;
}