Added sending of alert messages in case of decryption failures as per RFC

The flag POLARSSL_SSL_ALERT_MESSAGES switched between enabling and
disabling the sending of alert messages that give adversaries intel
about the result of their action. PolarSSL can still communicate with
other parties if they are disabled, but debugging of issues might be
harder.
This commit is contained in:
Paul Bakker 2013-01-31 17:13:13 +01:00
parent d66f070d49
commit 40865c8e5d
3 changed files with 25 additions and 0 deletions

View file

@ -5,6 +5,9 @@ Changes
* Allow enabling of dummy error_strerror() to support some use-cases
* Debug messages about padding errors during SSL message decryption are
disabled by default and can be enabled with POLARSSL_SSL_DEBUG_ALL
* Sending of security-relevant alert messages that do not break
interoperability can be switched on/off with the flag
POLARSSL_SSL_ALL_ALERT_MESSAGES
Security
* Removed timing differences during SSL message decryption in

View file

@ -238,6 +238,20 @@
*/
#define POLARSSL_SELF_TEST
/**
* \def POLARSSL_SSL_ALL_ALERT_MESSAGES
*
* Enable sending of alert messages in case of encountered errors as per RFC.
* If you choose not to send the alert messages, PolarSSL can still communicate
* with other servers, only debugging of failures is harder.
*
* The advantage of not sending alert messages, is that no information is given
* about reasons for failures thus preventing adversaries of gaining intel.
*
* Enable sending of all alert messages
*/
#define POLARSSL_SSL_ALERT_MESSAGES
/**
* \def POLARSSL_SSL_DEBUG_ALL
*

View file

@ -1975,6 +1975,14 @@ int ssl_read_record( ssl_context *ssl )
{
if( ( ret = ssl_decrypt_buf( ssl ) ) != 0 )
{
#if defined(POLARSSL_SSL_ALERT_MESSAGES)
if( ret == POLARSSL_ERR_SSL_INVALID_MAC )
{
ssl_send_alert_message( ssl,
SSL_ALERT_LEVEL_FATAL,
SSL_ALERT_MSG_BAD_RECORD_MAC );
}
#endif
SSL_DEBUG_RET( 1, "ssl_decrypt_buf", ret );
return( ret );
}