Commit 83cdffc4 authored by Manuel Pégourié-Gonnard's avatar Manuel Pégourié-Gonnard
Browse files

Forbid sequence number wrapping

parent 3c599f11
......@@ -19,6 +19,7 @@ Security
"triple handshake" attack when authentication mode is optional (the
attack was already impossible when authentication is required).
* Check notBefore timestamp of certificates and CRLs from the future.
* Forbid sequence number wrapping
Bugfix
* ecp_gen_keypair() does more tries to prevent failure because of
......
......@@ -89,7 +89,7 @@
* ECP 4 7 (Started from top)
* MD 5 4
* CIPHER 6 6
* SSL 6 8 (Started from top)
* SSL 6 9 (Started from top)
* SSL 7 31
*
* Module dependent error code (5 bits 0x.00.-0x.F8.)
......
......@@ -139,6 +139,7 @@
#define POLARSSL_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */
#define POLARSSL_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unkown identity received (eg, PSK identity) */
#define POLARSSL_ERR_SSL_INTERNAL_ERROR -0x6C00 /**< Internal error (eg, unexpected failure in lower-level module) */
#define POLARSSL_ERR_SSL_COUNTER_WRAPPING -0x6B80 /**< A counter would wrap (eg, too many messages exchanged). */
/*
* Various constants
......
......@@ -433,6 +433,8 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
snprintf( buf, buflen, "SSL - Unkown identity received (eg, PSK identity)" );
if( use_ret == -(POLARSSL_ERR_SSL_INTERNAL_ERROR) )
snprintf( buf, buflen, "SSL - Internal error (eg, unexpected failure in lower-level module)" );
if( use_ret == -(POLARSSL_ERR_SSL_COUNTER_WRAPPING) )
snprintf( buf, buflen, "SSL - A counter would wrap (eg, too many messages exchanged)" );
#endif /* POLARSSL_SSL_TLS_C */
#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
......
......@@ -1309,6 +1309,13 @@ static int ssl_encrypt_buf( ssl_context *ssl )
if( ++ssl->out_ctr[i - 1] != 0 )
break;
/* The loops goes to its end iff the counter is wrapping */
if( i == 0 )
{
SSL_DEBUG_MSG( 1, ( "outgoing message counter would wrap" ) );
return( POLARSSL_ERR_SSL_COUNTER_WRAPPING );
}
SSL_DEBUG_MSG( 2, ( "<= encrypt buf" ) );
return( 0 );
......@@ -1775,6 +1782,13 @@ static int ssl_decrypt_buf( ssl_context *ssl )
if( ++ssl->in_ctr[i - 1] != 0 )
break;
/* The loops goes to its end iff the counter is wrapping */
if( i == 0 )
{
SSL_DEBUG_MSG( 1, ( "incoming message counter would wrap" ) );
return( POLARSSL_ERR_SSL_COUNTER_WRAPPING );
}
SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) );
return( 0 );
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment