mirror of https://github.com/wolfSSL/wolfssl.git
Merge branch 'timing'
commit
dc88a7e8eb
|
@ -107,6 +107,7 @@ enum CyaSSL_ErrorCodes {
|
|||
SSL_NO_PEM_HEADER = -272, /* no PEM header found */
|
||||
OUT_OF_ORDER_E = -273, /* out of order message */
|
||||
BAD_KEA_TYPE_E = -274, /* bad KEA type found */
|
||||
SANITY_CIPHER_E = -275, /* sanity check on cipher error */
|
||||
/* add strings to SetErrorString !!!!! */
|
||||
|
||||
/* begin negotiation parameter errors */
|
||||
|
|
|
@ -3033,10 +3033,40 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input,
|
|||
}
|
||||
|
||||
|
||||
/* check cipher text size for sanity */
|
||||
static int SanityCheckCipherText(CYASSL* ssl, word32 encryptSz)
|
||||
{
|
||||
word32 minLength = 0;
|
||||
|
||||
if (ssl->specs.cipher_type == block) {
|
||||
if (encryptSz % ssl->specs.block_size) {
|
||||
CYASSL_MSG("Block ciphertext not block size");
|
||||
return SANITY_CIPHER_E;
|
||||
}
|
||||
minLength = ssl->specs.hash_size + 1; /* pad byte */
|
||||
if (ssl->specs.block_size > minLength)
|
||||
minLength = ssl->specs.block_size;
|
||||
}
|
||||
|
||||
if (encryptSz < minLength) {
|
||||
CYASSL_MSG("Ciphertext not minimum size");
|
||||
return SANITY_CIPHER_E;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/* decrypt input message in place */
|
||||
static int DecryptMessage(CYASSL* ssl, byte* input, word32 sz, word32* idx)
|
||||
{
|
||||
int decryptResult = Decrypt(ssl, input, input, sz);
|
||||
int decryptResult;
|
||||
int sanityResult = SanityCheckCipherText(ssl, sz);
|
||||
|
||||
if (sanityResult != 0)
|
||||
return sanityResult;
|
||||
|
||||
decryptResult = Decrypt(ssl, input, input, sz);
|
||||
|
||||
if (decryptResult == 0)
|
||||
{
|
||||
|
@ -4552,6 +4582,10 @@ void SetErrorString(int error, char* str)
|
|||
XSTRNCPY(str, "Bad KEA type found", max);
|
||||
break;
|
||||
|
||||
case SANITY_CIPHER_E:
|
||||
XSTRNCPY(str, "Sanity check on ciphertext failed", max);
|
||||
break;
|
||||
|
||||
default :
|
||||
XSTRNCPY(str, "unknown error number", max);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue