| t1_enc.c (76866) | t1_enc.c (79998) |
|---|---|
| 1/* ssl/t1_enc.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 406 unchanged lines hidden (view full) --- 415 enc=NULL; 416 else 417 enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx); 418 } 419 420 if ((s->session == NULL) || (ds == NULL) || 421 (enc == NULL)) 422 { | 1/* ssl/t1_enc.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 406 unchanged lines hidden (view full) --- 415 enc=NULL; 416 else 417 enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx); 418 } 419 420 if ((s->session == NULL) || (ds == NULL) || 421 (enc == NULL)) 422 { |
| 423 memcpy(rec->data,rec->input,rec->length); | 423 memmove(rec->data,rec->input,rec->length); |
| 424 rec->input=rec->data; 425 } 426 else 427 { 428 l=rec->length; 429 bs=EVP_CIPHER_block_size(ds->cipher); 430 431 if ((bs != 1) && send) --- 10 unchanged lines hidden (view full) --- 442 j++; 443 } 444 for (k=(int)l; k<(int)(l+i); k++) 445 rec->input[k]=j; 446 l+=i; 447 rec->length+=i; 448 } 449 | 424 rec->input=rec->data; 425 } 426 else 427 { 428 l=rec->length; 429 bs=EVP_CIPHER_block_size(ds->cipher); 430 431 if ((bs != 1) && send) --- 10 unchanged lines hidden (view full) --- 442 j++; 443 } 444 for (k=(int)l; k<(int)(l+i); k++) 445 rec->input[k]=j; 446 l+=i; 447 rec->length+=i; 448 } 449 |
| 450 if (!send) 451 { 452 if (l == 0 || l%bs != 0) 453 { 454 SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); 455 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPT_ERROR); 456 return(0); 457 } 458 } 459 |
|
| 450 EVP_Cipher(ds,rec->data,rec->input,l); 451 452 if ((bs != 1) && !send) 453 { | 460 EVP_Cipher(ds,rec->data,rec->input,l); 461 462 if ((bs != 1) && !send) 463 { |
| 454 ii=i=rec->data[l-1]; | 464 ii=i=rec->data[l-1]; /* padding_length */ |
| 455 i++; 456 if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG) 457 { 458 /* First packet is even in size, so check */ 459 if ((memcmp(s->s3->read_sequence, 460 "\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1)) 461 s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG; 462 if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG) 463 i--; 464 } | 465 i++; 466 if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG) 467 { 468 /* First packet is even in size, so check */ 469 if ((memcmp(s->s3->read_sequence, 470 "\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1)) 471 s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG; 472 if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG) 473 i--; 474 } |
| 475 /* TLS 1.0 does not bound the number of padding bytes by the block size. 476 * All of them must have value 'padding_length'. */ |
|
| 465 if (i > (int)rec->length) 466 { 467 SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); 468 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED); 469 return(0); 470 } 471 for (j=(int)(l-i); j<(int)l; j++) 472 { --- 164 unchanged lines hidden --- | 477 if (i > (int)rec->length) 478 { 479 SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); 480 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED); 481 return(0); 482 } 483 for (j=(int)(l-i); j<(int)l; j++) 484 { --- 164 unchanged lines hidden --- |