mirror of https://github.com/wolfSSL/wolfssl.git
sslv3 may have bad padding, can't verify
parent
640a0cb0e3
commit
3d88d8851a
|
@ -3446,9 +3446,20 @@ int DoApplicationData(CYASSL* ssl, byte* input, word32* inOutIdx)
|
||||||
ivExtra = ssl->specs.block_size;
|
ivExtra = ssl->specs.block_size;
|
||||||
pad = *(input + idx + msgSz - ivExtra - 1);
|
pad = *(input + idx + msgSz - ivExtra - 1);
|
||||||
padByte = 1;
|
padByte = 1;
|
||||||
ret = TimingPadVerify(ssl, input + idx, pad, digestSz, msgSz - ivExtra);
|
|
||||||
if (ret != 0)
|
if (ssl->options.tls) {
|
||||||
return ret;
|
ret = TimingPadVerify(ssl, input + idx, pad, digestSz,
|
||||||
|
msgSz - ivExtra);
|
||||||
|
if (ret != 0)
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
else { /* sslv3, some implementations have pad padding */
|
||||||
|
ssl->hmac(ssl, verify, rawData, msgSz - digestSz - pad - 1,
|
||||||
|
application_data, 1);
|
||||||
|
if (ConstantCompare(verify,rawData + msgSz - digestSz - pad - 1,
|
||||||
|
digestSz) != 0)
|
||||||
|
return VERIFY_MAC_ERROR;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else if (ssl->specs.cipher_type == stream) {
|
else if (ssl->specs.cipher_type == stream) {
|
||||||
ssl->hmac(ssl, verify, rawData, msgSz - digestSz, application_data, 1);
|
ssl->hmac(ssl, verify, rawData, msgSz - digestSz, application_data, 1);
|
||||||
|
|
Loading…
Reference in New Issue