mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use same sequence number calculation in tls.c and internal.c 

The DTLS sequence number used when decrypting CCM/GCM was taken from
the internal state, instead of from the actual message record.

If any DTLS messages were dropped, the expectation of the next
sequence number was wrong. This lead to a failed MAC check on the next
message to arrive, and an alert was generated.
This commit is contained in:
Jonas Norling 2014-06-04 13:15:45 +02:00 committed by John Safranek
parent 4ebd5a0717
commit 277598e34a
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/internal.c
View File

@ -4740,6 +4740,14 @@ static int DoDtlsHandShakeMsg(CYASSL* ssl, byte* input, word32* inOutIdx,
|| defined(HAVE_AESGCM)
static INLINE word32 GetSEQIncrement(CYASSL* ssl, int verify)
{
#ifdef CYASSL_DTLS
if (ssl->options.dtls) {
if (verify)
return ssl->keys.dtls_state.curSeq; /* explicit from peer */
else
return ssl->keys.dtls_sequence_number - 1; /* already incremented */
}
#endif
if (verify)
return ssl->keys.peer_sequence_number++;
else