wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Silently discard DTLS msgs that fail decryption

Browse Source 
Don't send alerts when decryption fails inside a DTLS connection.
TLS should always send a bad_record_mac when decryption fails.
This commit is contained in:
Juliusz Sosinowicz
2022-08-01 15:07:21 +02:00
parent fd1e8c49eb
commit 3278210e1c
1 changed files with 18 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
src/internal.c
View File

@ -18497,12 +18497,13 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
aad_size = ssl->dtls13CurRlLength; aad_size = ssl->dtls13CurRlLength;
} }
#endif /* WOLFSSL_DTLS13 */ #endif /* WOLFSSL_DTLS13 */
/* Don't send an alert for DTLS. We will just drop it
* silently later. */
ret = DecryptTls13(ssl, ret = DecryptTls13(ssl,
in->buffer + in->idx, in->buffer + in->idx,
in->buffer + in->idx, in->buffer + in->idx,
ssl->curSize, ssl->curSize,
aad, aad_size, 1); aad, aad_size, !ssl->options.dtls);
#else #else
ret = DECRYPT_ERROR; ret = DECRYPT_ERROR;
#endif /* WOLFSSL_TLS13 */ #endif /* WOLFSSL_TLS13 */
@ -18529,16 +18530,20 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
} }
else { else {
WOLFSSL_MSG("Decrypt failed"); WOLFSSL_MSG("Decrypt failed");
WOLFSSL_ERROR(ret); #ifdef WOLFSSL_DTLS
#ifdef WOLFSSL_DTLS13 /* If in DTLS mode, if the decrypt fails for any
if (ssl->options.tls1_3 && ssl->options.dtls) { * reason, pretend the datagram never happened. */
if (ssl->options.dtls) {
WOLFSSL_MSG("DTLS: Ignoring decrypted failed record"); WOLFSSL_MSG("DTLS: Ignoring decrypted failed record");
ssl->options.processReply = doProcessInit; ssl->options.processReply = doProcessInit;
ssl->buffers.inputBuffer.idx = ssl->buffers.inputBuffer.idx =
ssl->buffers.inputBuffer.length; ssl->buffers.inputBuffer.length;
#ifdef WOLFSSL_DTLS_DROP_STATS
ssl->macDropCount++;
#endif /* WOLFSSL_DTLS_DROP_STATS */
return 0; return 0;
} }
#endif /* WOLFSSL_DTLS13 */ #endif /* WOLFSSL_DTLS */
#ifdef WOLFSSL_EARLY_DATA #ifdef WOLFSSL_EARLY_DATA
if (ssl->options.tls1_3) { if (ssl->options.tls1_3) {
if (ssl->options.side == WOLFSSL_SERVER_END && if (ssl->options.side == WOLFSSL_SERVER_END &&
@ -18554,28 +18559,20 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
ssl->options.processReply = doProcessInit; ssl->options.processReply = doProcessInit;
ssl->buffers.inputBuffer.idx += ssl->curSize; ssl->buffers.inputBuffer.idx += ssl->curSize;
if (ssl->buffers.inputBuffer.idx > if (ssl->buffers.inputBuffer.idx >
ssl->buffers.inputBuffer.length) ssl->buffers.inputBuffer.length) {
WOLFSSL_ERROR(BUFFER_E);
return BUFFER_E; return BUFFER_E;
}
return 0; return 0;
} }
WOLFSSL_MSG("Too much EarlyData!"); WOLFSSL_MSG("Too much EarlyData!");
} }
SendAlert(ssl, alert_fatal, bad_record_mac);
} }
#endif #endif
#ifdef WOLFSSL_DTLS SendAlert(ssl, alert_fatal, bad_record_mac);
/* If in DTLS mode, if the decrypt fails for any /* Push error once we know that we will error out here */
* reason, pretend the datagram never happened. */ WOLFSSL_ERROR(ret);
if (ssl->options.dtls) {
ssl->options.processReply = doProcessInit;
ssl->buffers.inputBuffer.idx =
ssl->buffers.inputBuffer.length;
#ifdef WOLFSSL_DTLS_DROP_STATS
ssl->macDropCount++;
#endif /* WOLFSSL_DTLS_DROP_STATS */
}
#endif /* WOLFSSL_DTLS */
return DECRYPT_ERROR; return DECRYPT_ERROR;
} }
} }