diff options
| author | Frantisek Krenzelok <krenzelok.frantisek@gmail.com> | 2023-01-06 12:24:47 +0100 |
|---|---|---|
| committer | Frantisek Krenzelok <krenzelok.frantisek@gmail.com> | 2023-02-20 16:32:13 +0100 |
| commit | caf3be8fdb3fe115406b5523633bf6ffdc8bb615 (patch) | |
| tree | 5b88440212dd70d98e28525184a4d8383bfcc4c2 | |
| parent | 38cf20c60222bed755f46aebe15bf8632d669662 (diff) | |
| download | gnutls-caf3be8fdb3fe115406b5523633bf6ffdc8bb615.tar.gz | |
DTLS1_3: Omit header fields transcript
DTLS1.3 only
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
| -rw-r--r-- | lib/cipher.c | 9 | ||||
| -rw-r--r-- | lib/handshake.c | 54 |
2 files changed, 61 insertions, 2 deletions
diff --git a/lib/cipher.c b/lib/cipher.c index ab697db96b..eb032dd37f 100644 --- a/lib/cipher.c +++ b/lib/cipher.c @@ -881,8 +881,13 @@ decrypt_packet_tls13(gnutls_session_t session, } aad[0] = GNUTLS_APPLICATION_DATA; - aad[1] = 0x03; - aad[2] = 0x03; + if (session->internals.transport == GNUTLS_STREAM) { + aad[1] = 0x03; + aad[2] = 0x03; + } else { + aad[1] = 0xfe; + aad[2] = 0xfc; + } _gnutls_write_uint16(ciphertext->size, &aad[3]); ret = gnutls_aead_cipher_decrypt(¶ms->read.ctx.aead, diff --git a/lib/handshake.c b/lib/handshake.c index 1633157230..72f531da13 100644 --- a/lib/handshake.c +++ b/lib/handshake.c @@ -1471,6 +1471,7 @@ handshake_hash_add_recvd(gnutls_session_t session, { int ret; const version_entry_st *vers = get_version(session); + const version_entry_st *max = _gnutls_version_max(session); if (unlikely(vers == NULL)) return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); @@ -1486,6 +1487,30 @@ handshake_hash_add_recvd(gnutls_session_t session, session->internals.handshake_hash_buffer.length; if (vers->id != GNUTLS_DTLS0_9) { + if (max->id >= GNUTLS_DTLS1_3) { + /* DTLS 1.3 doesn't include message_seq, fragment_offset, and + * fragment_length. + */ + if (header_size < 4) { + gnutls_assert(); + return GNUTLS_E_INTERNAL_ERROR; + } + ret = _gnutls_buffer_append_data(&session->internals. + handshake_hash_buffer, + header, 4); + if (ret < 0) { + return gnutls_assert_val(ret); + } + header_size -= 4; + header += 4; + + if (header_size < 8) { + gnutls_assert(); + return GNUTLS_E_INTERNAL_ERROR; + } + header_size -= 8; + header += 8; + } ret = _gnutls_buffer_append_data(&session->internals. handshake_hash_buffer, @@ -1530,6 +1555,7 @@ handshake_hash_add_sent(gnutls_session_t session, { int ret; const version_entry_st *vers = get_version(session); + const version_entry_st *max = _gnutls_version_max(session); if (unlikely(vers == NULL)) return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); @@ -1550,6 +1576,34 @@ handshake_hash_add_sent(gnutls_session_t session, if (datalen == 0) return 0; + } else if (max->id >= GNUTLS_DTLS1_3) { + /* DTLS 1.3 doesn't include message_seq, fragment_offset, and + * fragment_length. + */ + if (datalen < 4) { + gnutls_assert(); + return GNUTLS_E_INTERNAL_ERROR; + } + + ret = _gnutls_buffer_append_data(&session->internals. + handshake_hash_buffer, + dataptr, 4); + if (ret < 0) { + return gnutls_assert_val(ret); + } + dataptr += 4; + datalen -= 4; + + if (datalen < 8) { + gnutls_assert(); + return GNUTLS_E_INTERNAL_ERROR; + } + dataptr += 8; + datalen -= 8; + + if (datalen == 0) { + return 0; + } } ret = |