diff options
| author | Richard Levitte <levitte@openssl.org> | 2001-07-05 17:56:50 +0400 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2001-07-05 17:56:50 +0400 |
| commit | 393a9b68cf76392fa3d5ab4efca89eca7b902cb7 (patch) | |
| tree | f8d0ef86251efa299cc0d2ee888456b9f42e9f43 /ssl | |
| parent | 4ae5099856741dd7cf365dbd2c1df45751dfbf4f (diff) | |
Merge from 0.9.6-stable branch. No conflicts.
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/s3_enc.c | 17 | ||||
| -rw-r--r-- | ssl/t1_enc.c | 16 |
2 files changed, 28 insertions, 5 deletions
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 9f52c39ca9..8709da9175 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -356,7 +356,7 @@ int ssl3_enc(SSL *s, int send) if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) { - memcpy(rec->data,rec->input,rec->length); + memmove(rec->data,rec->input,rec->length); rec->input=rec->data; } else @@ -366,7 +366,6 @@ int ssl3_enc(SSL *s, int send) /* COMPRESS */ - /* This should be using (bs-1) and bs instead of 7 and 8 */ if ((bs != 1) && send) { i=bs-((int)l%bs); @@ -376,12 +375,24 @@ int ssl3_enc(SSL *s, int send) rec->length+=i; rec->input[l-1]=(i-1); } - + + if (!send) + { + if (l == 0 || l%bs != 0) + { + SSLerr(SSL_F_SSL3_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPT_ERROR); + return(0); + } + } + EVP_Cipher(ds,rec->data,rec->input,l); if ((bs != 1) && !send) { i=rec->data[l-1]+1; + /* SSL 3.0 bounds the number of padding bytes by the block size; + * padding bytes (except that last) are arbitrary */ if (i > bs) { SSLerr(SSL_F_SSL3_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index d10a23af8e..a0758e9261 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -420,7 +420,7 @@ int tls1_enc(SSL *s, int send) if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) { - memcpy(rec->data,rec->input,rec->length); + memmove(rec->data,rec->input,rec->length); rec->input=rec->data; } else @@ -447,11 +447,21 @@ int tls1_enc(SSL *s, int send) rec->length+=i; } + if (!send) + { + if (l == 0 || l%bs != 0) + { + SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPT_ERROR); + return(0); + } + } + EVP_Cipher(ds,rec->data,rec->input,l); if ((bs != 1) && !send) { - ii=i=rec->data[l-1]; + ii=i=rec->data[l-1]; /* padding_length */ i++; if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG) { @@ -462,6 +472,8 @@ int tls1_enc(SSL *s, int send) if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG) i--; } + /* TLS 1.0 does not bound the number of padding bytes by the block size. + * All of them must have value 'padding_length'. */ if (i > (int)rec->length) { SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); |