[erlang-patches] [PATCH] fix handling of ssl_cipher:block_decipher/5 failure
Andreas Schultz
aschultz@REDACTED
Mon Oct 3 14:05:40 CEST 2011
Hi all,
Included is a change to fix a badmatch error in
ssl_cipher:generic_block_cipher_from_bin/2 and implement a CBC
timming attack counter measure in ssl_cipher:block_decipher/5.
Both changes are closely related.
git fetch git@REDACTED:RoadRunnr/otp.git ssl-cbc-fix
ssl_cipher:generic_block_cipher_from_bin/2 would generate a badmatch
error when the padding length was greater than the overall data. This
can happen when the decryption resulted in invalid data. It seems to
me, that the try in block_decipher/5 was supposed to catch that, but
it did not.
Also, RFC 5246 suggests a counter measure for a CBC timing attack on
the MAC calculation. This can easily be implemented by not generating
the error alert in block_decipher/5 and invalidating the decoded text.
It would also be possible to extend the return value of block_decipher
with the result of the padding check and test that value later. However,
this would also require changes to generic_block_cipher_from_bin/2.
Thanks
Andreas
--
--
Dipl. Inform.
Andreas Schultz
email: as@REDACTED
phone: +49-391-819099-224
mobil: +49-179-7654368
------------------ managed broadband access ------------------
Travelping GmbH phone: +49-391-8190990
Roentgenstr. 13 fax: +49-391-819099299
D-39108 Magdeburg email: info@REDACTED
GERMANY web: http://www.travelping.com
Company Registration: HRB21276 Handelsregistergericht Chemnitz
Geschaeftsfuehrer: Holger Winkelmann | VAT ID No.: DE236673780
--------------------------------------------------------------
More information about the erlang-patches
mailing list