From d7aa8e179565f101bc0987052e9429e4a87058a8 Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 13 Jan 2021 11:10:12 -0800 Subject: [PATCH] Fix for issue where mac digest changes between early data and server_hello, which can leave section of response uninitialized. ZD11424 --- src/tls13.c | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/src/tls13.c b/src/tls13.c index 3b639d332..08ea1fd5a 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -1545,7 +1545,7 @@ static WC_INLINE void BuildTls13Nonce(WOLFSSL* ssl, byte* nonce, const byte* iv, } #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) -/* Encrypt with ChaCha20 and create authenication tag with Poly1305. +/* Encrypt with ChaCha20 and create authentication tag with Poly1305. * * ssl The SSL/TLS object. * output The buffer to write encrypted data and authentication tag into. @@ -1600,7 +1600,7 @@ static int ChaCha20Poly1305_Encrypt(WOLFSSL* ssl, byte* output, #endif #ifdef HAVE_NULL_CIPHER -/* Create authenication tag and copy data over input. +/* Create authentication tag and copy data over input. * * ssl The SSL/TLS object. * output The buffer to copy data into. @@ -1826,7 +1826,7 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input, } #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) -/* Decrypt with ChaCha20 and check authenication tag with Poly1305. +/* Decrypt with ChaCha20 and check authentication tag with Poly1305. * * ssl The SSL/TLS object. * output The buffer to write decrypted data into. @@ -7190,13 +7190,8 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx, ENCRYPT_AND_DECRYPT_SIDE, 1)) != 0) { return ret; } - #ifdef WOLFSSL_EARLY_DATA - if ((ret = SetKeysSide(ssl, DECRYPT_SIDE_ONLY)) != 0) - return ret; - #else if ((ret = SetKeysSide(ssl, ENCRYPT_AND_DECRYPT_SIDE)) != 0) return ret; - #endif } if (type == finished) {