| t1_enc.c (79998) | t1_enc.c (89837) |
|---|---|
| 1/* ssl/t1_enc.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 438 unchanged lines hidden (view full) --- 447 rec->length+=i; 448 } 449 450 if (!send) 451 { 452 if (l == 0 || l%bs != 0) 453 { 454 SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); | 1/* ssl/t1_enc.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 438 unchanged lines hidden (view full) --- 447 rec->length+=i; 448 } 449 450 if (!send) 451 { 452 if (l == 0 || l%bs != 0) 453 { 454 SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); |
| 455 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPT_ERROR); 456 return(0); | 455 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED); 456 return 0; |
| 457 } 458 } 459 460 EVP_Cipher(ds,rec->data,rec->input,l); 461 462 if ((bs != 1) && !send) 463 { 464 ii=i=rec->data[l-1]; /* padding_length */ --- 6 unchanged lines hidden (view full) --- 471 s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG; 472 if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG) 473 i--; 474 } 475 /* TLS 1.0 does not bound the number of padding bytes by the block size. 476 * All of them must have value 'padding_length'. */ 477 if (i > (int)rec->length) 478 { | 457 } 458 } 459 460 EVP_Cipher(ds,rec->data,rec->input,l); 461 462 if ((bs != 1) && !send) 463 { 464 ii=i=rec->data[l-1]; /* padding_length */ --- 6 unchanged lines hidden (view full) --- 471 s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG; 472 if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG) 473 i--; 474 } 475 /* TLS 1.0 does not bound the number of padding bytes by the block size. 476 * All of them must have value 'padding_length'. */ 477 if (i > (int)rec->length) 478 { |
| 479 SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); 480 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED); 481 return(0); | 479 /* Incorrect padding. SSLerr() and ssl3_alert are done 480 * by caller: we don't want to reveal whether this is 481 * a decryption error or a MAC verification failure 482 * (see http://www.openssl.org/~bodo/tls-cbc.txt) */ 483 return -1; |
| 482 } 483 for (j=(int)(l-i); j<(int)l; j++) 484 { 485 if (rec->data[j] != ii) 486 { | 484 } 485 for (j=(int)(l-i); j<(int)l; j++) 486 { 487 if (rec->data[j] != ii) 488 { |
| 487 SSLerr(SSL_F_TLS1_ENC,SSL_R_DECRYPTION_FAILED); 488 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED); 489 return(0); | 489 /* Incorrect padding */ 490 return -1; |
| 490 } 491 } 492 rec->length-=i; 493 } 494 } 495 return(1); 496 } 497 --- 151 unchanged lines hidden --- | 491 } 492 } 493 rec->length-=i; 494 } 495 } 496 return(1); 497 } 498 --- 151 unchanged lines hidden --- |