Merge remote-tracking branch 'public/pr/2111' into development-proposed

2018-10-28 16:22:18 +00:00 · 2018-10-28 16:22:18 +00:00 · 17a0fab345
commit 17a0fab345
parent 02ef525a7b f24c3360fc
2 changed files with 9 additions and 6 deletions
--- a/3
+++ b/3
@ -19,6 +19,9 @@ Bugfix
     invalidated keys of a lifetime of less than a 1s. Fixes #1968.
   * Fix failure in hmac_drbg in the benchmark sample application, when
     MBEDTLS_THREADING_C is defined. Found by TrinityTonic, #1095
+   * Fix a bug in the record decryption routine ssl_decrypt_buf()
+     which lead to accepting properly authenticated but improperly
+     padded records in case of CBC ciphersuites using Encrypt-then-MAC.

 Changes
   * Removed support for Yotta as a build tool.
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -2307,13 +2307,13 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
            correct = 0;
        }
        auth_done++;
-
-        /*
-         * Finally check the correct flag
-         */
-        if( correct == 0 )
-            return( MBEDTLS_ERR_SSL_INVALID_MAC );
    }
+
+    /*
+     * Finally check the correct flag
+     */
+    if( correct == 0 )
+        return( MBEDTLS_ERR_SSL_INVALID_MAC );
 #endif /* SSL_SOME_MODES_USE_MAC */

    /* Make extra sure authentication was performed, exactly once */