aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstate/policy.cpp
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-04-09 03:43:48 +0000
committerlloyd <[email protected]>2010-04-09 03:43:48 +0000
commitd7e2e9316a5540e93595b5386f67594135de736d (patch)
treeb7b556f5005a8aa0f63cd0abe636cad927ea02ab /src/libstate/policy.cpp
parent24ec42e6b17e177900b864771f205f2eed8753e5 (diff)
If the CBC padding is incorrect, then assume the pad size is zero and
carry on with the procedure. This prevents a timing attack where an attacker could distinguish bad padding vs MAC failure. This timing channel used in the paper "Password Interception in a SSL/TLS Channel" by Vaudenay et. al. to attack SSL in certain fairly realistic use scenarios.
Diffstat (limited to 'src/libstate/policy.cpp')
0 files changed, 0 insertions, 0 deletions