From 169dd6a514142902665f5f9890f338bb251d2a46 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 4 Nov 2014 16:15:39 +0100 Subject: [PATCH] Adjust minimum length for EtM --- library/ssl_tls.c | 21 ++++++++++++++++----- tests/ssl-opt.sh | 21 +++++++++++++++++++++ 2 files changed, 37 insertions(+), 5 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 4132e47aa..8c981cf36 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -601,12 +601,23 @@ int ssl_derive_keys( ssl_context *ssl ) { /* * GenericBlockCipher: - * first multiple of blocklen greater than maclen - * + IV except for SSL3 and TLS 1.0 + * 1. if EtM is in use: one block plus MAC + * otherwise: * first multiple of blocklen greater than maclen + * 2. IV except for SSL3 and TLS 1.0 */ - transform->minlen = transform->maclen - + cipher_info->block_size - - transform->maclen % cipher_info->block_size; +#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) + if( session->encrypt_then_mac == SSL_ETM_ENABLED ) + { + transform->minlen = transform->maclen + + cipher_info->block_size; + } + else +#endif + { + transform->minlen = transform->maclen + + cipher_info->block_size + - transform->maclen % cipher_info->block_size; + } #if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) if( ssl->minor_ver == SSL_MINOR_VERSION_0 || diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 26b2f897c..1349737f9 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1864,6 +1864,13 @@ run_test "Small packet TLS 1.0 BlockCipher" \ 0 \ -s "Read from client: 1 bytes read" +run_test "Small packet TLS 1.0 BlockCipher without EtM" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1 etm=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + run_test "Small packet TLS 1.0 BlockCipher truncated MAC" \ "$P_SRV" \ "$P_CLI request_size=1 force_version=tls1 \ @@ -1887,6 +1894,13 @@ run_test "Small packet TLS 1.1 BlockCipher" \ 0 \ -s "Read from client: 1 bytes read" +run_test "Small packet TLS 1.1 BlockCipher without EtM" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_1 etm=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + run_test "Small packet TLS 1.1 StreamCipher" \ "$P_SRV" \ "$P_CLI request_size=1 force_version=tls1_1 \ @@ -1917,6 +1931,13 @@ run_test "Small packet TLS 1.2 BlockCipher" \ 0 \ -s "Read from client: 1 bytes read" +run_test "Small packet TLS 1.2 BlockCipher without EtM" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_2 etm=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + run_test "Small packet TLS 1.2 BlockCipher larger MAC" \ "$P_SRV" \ "$P_CLI request_size=1 force_version=tls1_2 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \