sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2025-12-11 22:11:08 +03:00
Code Issues Packages Projects Releases Wiki Activity

[tls] Treat invalid block padding as zero length padding

Browse Source 
Harden against padding oracle attacks by treating invalid block
padding as zero length padding, thereby deferring the failure until
after computing the (incorrect) MAC.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown
2022-11-08 15:10:25 +00:00
parent 634a86093a
commit 186306d619
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/net/tls.c
View File

@@ -2821,8 +2821,8 @@ static int tls_new_ciphertext ( struct tls_connection *tls,
if ( is_block_cipher ( cipher ) ) { if ( is_block_cipher ( cipher ) ) {
pad_len = tls_verify_padding ( tls, last ); pad_len = tls_verify_padding ( tls, last );
if ( pad_len < 0 ) { if ( pad_len < 0 ) {
rc = pad_len; /* Assume zero padding length to avoid timing attacks */
return rc; pad_len = 0;
} }
iob_unput ( last, pad_len ); iob_unput ( last, pad_len );
len -= pad_len; len -= pad_len;