| s3_enc.c (79998) | s3_enc.c (89837) |
|---|---|
| 1/* ssl/s3_enc.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 367 unchanged lines hidden (view full) --- 376 rec->input[l-1]=(i-1); 377 } 378 379 if (!send) 380 { 381 if (l == 0 || l%bs != 0) 382 { 383 SSLerr(SSL_F_SSL3_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); | 1/* ssl/s3_enc.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 367 unchanged lines hidden (view full) --- 376 rec->input[l-1]=(i-1); 377 } 378 379 if (!send) 380 { 381 if (l == 0 || l%bs != 0) 382 { 383 SSLerr(SSL_F_SSL3_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); |
| 384 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPT_ERROR); 385 return(0); | 384 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED); 385 return 0; |
| 386 } 387 } 388 389 EVP_Cipher(ds,rec->data,rec->input,l); 390 391 if ((bs != 1) && !send) 392 { 393 i=rec->data[l-1]+1; 394 /* SSL 3.0 bounds the number of padding bytes by the block size; 395 * padding bytes (except that last) are arbitrary */ 396 if (i > bs) 397 { | 386 } 387 } 388 389 EVP_Cipher(ds,rec->data,rec->input,l); 390 391 if ((bs != 1) && !send) 392 { 393 i=rec->data[l-1]+1; 394 /* SSL 3.0 bounds the number of padding bytes by the block size; 395 * padding bytes (except that last) are arbitrary */ 396 if (i > bs) 397 { |
| 398 SSLerr(SSL_F_SSL3_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); 399 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPT_ERROR); 400 return(0); | 398 /* Incorrect padding. SSLerr() and ssl3_alert are done 399 * by caller: we don't want to reveal whether this is 400 * a decryption error or a MAC verification failure 401 * (see http://www.openssl.org/~bodo/tls-cbc.txt) */ 402 return -1; |
| 401 } 402 rec->length-=i; 403 } 404 } 405 return(1); 406 } 407 408void ssl3_init_finished_mac(SSL *s) --- 189 unchanged lines hidden --- | 403 } 404 rec->length-=i; 405 } 406 } 407 return(1); 408 } 409 410void ssl3_init_finished_mac(SSL *s) --- 189 unchanged lines hidden --- |