Update DTLS code to match CBC decoding in TLS.

This change updates the DTLS code to match the constant-time CBC behaviour in the TLS.
author: Ben Laurie <ben@links.org> 2013-01-28 17:34:33 +0000
committer: Ben Laurie <ben@links.org> 2013-01-28 17:34:33 +0000
commit: 9f27de170d1b7bef3d46d41382dc4dafde8b3900 (patch)
tree: 1d224a7727fc7a834f632bbc790902caa32bdcd3 /ssl/d1_enc.c
parent: 6cb19b7681f600b2f165e4adc57547b097b475fd (diff)
download: openssl-new-9f27de170d1b7bef3d46d41382dc4dafde8b3900.tar.gz
1 files changed, 10 insertions, 3 deletions
diff --git a/ssl/d1_enc.c b/ssl/d1_enc.c
index da42348b3d..712c4647f2 100644
--- a/ssl/d1_enc.c
+++ b/ssl/d1_enc.c
@@ -126,6 +126,14 @@
 #include <openssl/des.h>
 #endif
 
+/* dtls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
+ *
+ * Returns:
+ *   0: (in non-constant time) if the record is publically invalid (i.e. too
+ *       short etc).
+ *   1: if the record's padding is valid / the encryption was successful.
+ *   -1: if the record's padding/AEAD-authenticator is invalid or, if sending,
+ *       an internal error occured. */
 int dtls1_enc(SSL *s, int send)
 	{
 	SSL3_RECORD *rec;
@@ -165,8 +173,7 @@ int dtls1_enc(SSL *s, int send)
 		if (EVP_MD_CTX_md(s->read_hash))
 			{
 			mac_size=EVP_MD_CTX_size(s->read_hash);
-			if (mac_size < 0)
-				return -1;
+			OPENSSL_assert(mac_size >= 0);
 			}
 		ds=s->enc_read_ctx;
 		rec= &(s->s3->rrec);
@@ -231,7 +238,7 @@ int dtls1_enc(SSL *s, int send)
 		if (!send)
 			{
 			if (l == 0 || l%bs != 0)
-				return -1;
+				return 0;
 			}
 		
 		EVP_Cipher(ds,rec->data,rec->input,l);
author	Ben Laurie <ben@links.org>	2013-01-28 17:34:33 +0000
committer	Ben Laurie <ben@links.org>	2013-01-28 17:34:33 +0000
commit	9f27de170d1b7bef3d46d41382dc4dafde8b3900 (patch)
tree	1d224a7727fc7a834f632bbc790902caa32bdcd3 /ssl/d1_enc.c
parent	6cb19b7681f600b2f165e4adc57547b097b475fd (diff)
download	openssl-new-9f27de170d1b7bef3d46d41382dc4dafde8b3900.tar.gz