yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-30 23:11:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'public/pr/1915' into iotssl-165-dtls-hs-fragmentation-new

Browse source 
* public/pr/1915:
  Adapt ChangeLog
  Fix mbedtls_ssl_get_record_expansion() for ChaChaPoly and CBC
This commit is contained in:
Manuel Pégourié-Gonnard 2018-08-16 10:01:21 +02:00
parent 9468ff1966 448146407f
commit 637e234d9f
2 changed files with 26 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
ChangeLog
View file

@ -15,6 +15,9 @@ Bugfix
interoperability issues with BouncyCastle. Raised by milenamil in #1157. interoperability issues with BouncyCastle. Raised by milenamil in #1157.
* Fix potential use-after-free in mbedtls_ssl_get_max_frag_len() * Fix potential use-after-free in mbedtls_ssl_get_max_frag_len()
and mbedtls_ssl_get_record_expansion() after a session reset. Fixes #1941. and mbedtls_ssl_get_record_expansion() after a session reset. Fixes #1941.
* Fix a miscalculation of the maximum record expansion in
mbedtls_ssl_get_record_expansion() in case of ChachaPoly ciphersuites,
or CBC ciphersuites in (D)TLS versions 1.1 or higher. Fixes #1913, #1914.
Changes Changes
* Copy headers preserving timestamps when doing a "make install". * Copy headers preserving timestamps when doing a "make install".

25
library/ssl_tls.c
View file

@ -7005,6 +7005,7 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl )
{ {
size_t transform_expansion; size_t transform_expansion;
const mbedtls_ssl_transform *transform = ssl->transform_out; const mbedtls_ssl_transform *transform = ssl->transform_out;
unsigned block_size;
if( transform == NULL ) if( transform == NULL )
return( (int) mbedtls_ssl_hdr_len( ssl ) ); return( (int) mbedtls_ssl_hdr_len( ssl ) );
@ -7019,13 +7020,33 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl )
{ {
case MBEDTLS_MODE_GCM: case MBEDTLS_MODE_GCM:
case MBEDTLS_MODE_CCM: case MBEDTLS_MODE_CCM:
case MBEDTLS_MODE_CHACHAPOLY:
case MBEDTLS_MODE_STREAM: case MBEDTLS_MODE_STREAM:
transform_expansion = transform->minlen; transform_expansion = transform->minlen;
break; break;
case MBEDTLS_MODE_CBC: case MBEDTLS_MODE_CBC:
transform_expansion = transform->maclen
+ mbedtls_cipher_get_block_size( &transform->cipher_ctx_enc ); block_size = mbedtls_cipher_get_block_size(
&transform->cipher_ctx_enc );
#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
{
/* Expansion due to addition of
* - MAC
* - CBC padding (theoretically up to 256 bytes, but
* we never use more than block_size)
* - explicit IV
*/
transform_expansion = transform->maclen + 2 * block_size;
}
else
#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */
{
/* No explicit IV prior to TLS 1.1. */
transform_expansion = transform->maclen + block_size;
}
break; break;
default: default: