narenas
/
opengnsys_ipxe
mirror of https://github.com/ipxe/ipxe.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[tls] Treat invalid block padding as zero length padding 

Harden against padding oracle attacks by treating invalid block
padding as zero length padding, thereby deferring the failure until
after computing the (incorrect) MAC.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
pull/801/head
Michael Brown 2022-11-08 15:10:25 +00:00
parent 634a86093a
commit 186306d619
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/net/tls.c
View File

@ -2821,8 +2821,8 @@ static int tls_new_ciphertext ( struct tls_connection *tls,
if ( is_block_cipher ( cipher ) ) { if ( is_block_cipher ( cipher ) ) {
pad_len = tls_verify_padding ( tls, last ); pad_len = tls_verify_padding ( tls, last );
if ( pad_len < 0 ) { if ( pad_len < 0 ) {
rc = pad_len; /* Assume zero padding length to avoid timing attacks */
return rc; pad_len = 0;
} }
iob_unput ( last, pad_len ); iob_unput ( last, pad_len );
len -= pad_len; len -= pad_len;