diff --git a/ssl/d1_enc.c b/ssl/d1_enc.c index c13b495a081f56941bea4e372ca149592cd035ee..da42348b3df2f50677f23f52558abc676b110f0f 100644 --- a/ssl/d1_enc.c +++ b/ssl/d1_enc.c @@ -245,7 +245,6 @@ int dtls1_enc(SSL *s, int send) } #endif /* KSSL_DEBUG */ - rec->orig_len = rec->length; if ((bs != 1) && !send) return tls1_cbc_remove_padding(s, rec, bs, mac_size); } diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index 5e2c56c9833ddcb85c0286de0e2cb89c9cbf9578..4763d5cd1f9398f42646f16a89c061095c0c9187 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -414,6 +414,7 @@ dtls1_process_record(SSL *s) /* decrypt in place in 'rr->input' */ rr->data=rr->input; + rr->orig_len=rr->length; enc_err = s->method->ssl3_enc->enc(s,0); if (enc_err <= 0) diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 13ebfc6996f48c968c81113abd14f668a60b3ebe..98f38949549785b66949ebe4335300f1503dbbb7 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -487,6 +487,15 @@ void ssl3_cleanup_key_block(SSL *s) s->s3->tmp.key_block_length=0; } +/* ssl3_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively. + * + * Returns: + * 0: (in non-constant time) if the record is publically invalid (i.e. too + * short etc). + * 1: if the record's padding is valid / the encryption was successful. + * -1: if the record's padding is invalid or, if sending, an internal error + * occured. + */ int ssl3_enc(SSL *s, int send) { SSL3_RECORD *rec; @@ -553,8 +562,6 @@ int ssl3_enc(SSL *s, int send) EVP_Cipher(ds,rec->data,rec->input,l); - rec->orig_len = rec->length; - if (EVP_MD_CTX_md(s->read_hash) != NULL) mac_size = EVP_MD_CTX_size(s->read_hash); if ((bs != 1) && !send) diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index b2e5dc188231f4dac8ed5bb1e60a3bfc7cb94a3b..3e60f5018c41c3e11fdb6298dcc68235f6c85eaf 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -401,8 +401,13 @@ fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length); /* decrypt in place in 'rr->input' */ rr->data=rr->input; + rr->orig_len=rr->length; enc_err = s->method->ssl3_enc->enc(s,0); + /* enc_err is: + * 0: (in non-constant time) if the record is publically invalid. + * 1: if the padding is valid + * -1: if the padding is invalid */ if (enc_err == 0) { /* SSLerr() and ssl3_send_alert() have been called */ diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 8153b2ca4326dfbd9b54f3a47e18e8266c3d4b59..4b31742783d6d60308d8c52281b06bf9e5a6768b 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -691,6 +691,15 @@ err: return(ret); } +/* tls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively. + * + * Returns: + * 0: (in non-constant time) if the record is publically invalid (i.e. too + * short etc). + * 1: if the record's padding is valid / the encryption was successful. + * -1: if the record's padding/AEAD-authenticator is invalid or, if sending, + * an internal error occured. + */ int tls1_enc(SSL *s, int send) { SSL3_RECORD *rec; @@ -841,8 +850,6 @@ int tls1_enc(SSL *s, int send) { if (l == 0 || l%bs != 0) { - if (s->version >= TLS1_1_VERSION) - return -1; SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED); return 0; @@ -870,8 +877,6 @@ int tls1_enc(SSL *s, int send) } #endif /* KSSL_DEBUG */ - rec->orig_len = rec->length; - ret = 1; if (EVP_MD_CTX_md(s->read_hash) != NULL) mac_size = EVP_MD_CTX_size(s->read_hash);