ssl_srv.c: Mark ETM as disabled if cipher is not CBC

Encrypt-Then-Mac (ETM) is supported in Mbed TLS TLS
1.2 server only for the CBC cipher mode thus make it
clear in the SSL context.

The previous code was ok as long as the check of
the ETM status was done only in the case of the CBC
cipher mode but fragile as #5573 revealed.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2022-03-24 14:15:28 +01:00
parent 618955d381
commit 862902dd57

View file

@ -2047,12 +2047,6 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
const mbedtls_cipher_info_t *cipher = NULL;
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED )
{
*olen = 0;
return;
}
/*
* RFC 7366: "If a server receives an encrypt-then-MAC request extension
* from a client and then selects a stream or Authenticated Encryption
@ -2069,6 +2063,11 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
( cipher = mbedtls_cipher_info_from_type( suite->cipher ) ) == NULL ||
cipher->mode != MBEDTLS_MODE_CBC )
#endif /* MBEDTLS_USE_PSA_CRYPTO */
{
ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_DISABLED;
}
if( ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED )
{
*olen = 0;
return;