feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

ForceZero fix: encryption fail and not EtM

Browse Source 
Zeroizing of plaintext on encryption failure will use wrong size when
not using Encrypt-then-MAC. Size may go negative and cast to unsigned.
This commit is contained in:
Sean Parkinson
2022-10-31 09:00:57 +10:00
parent 0ea0b887a5
commit 4efba8f437
1 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/internal.c
View File

@@ -20813,8 +20813,16 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
#endif #endif
{ {
/* Zeroize plaintext. */ /* Zeroize plaintext. */
ForceZero(output + args->headerSz, #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
(word16)(args->size - args->digestSz)); if (ssl->options.startedETMWrite) {
ForceZero(output + args->headerSz,
(word16)(args->size - args->digestSz));
}
else
#endif
{
ForceZero(output + args->headerSz, (word16)args->size);
}
} }
goto exit_buildmsg; goto exit_buildmsg;
} }