diff options
author | Jack Lloyd <[email protected]> | 2019-05-21 07:32:59 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2019-05-21 07:32:59 -0400 |
commit | 1c946fcfaa463c02caa63b935162d849d656dbfb (patch) | |
tree | a2c2ab43c97cdc98c14f89cc3d70bcdb9ad64424 /src/tests/test_tls.cpp | |
parent | 83a2d76a598ccdf2a6b5a867f46358014f367398 (diff) |
Fix TLS CBC in DTLS when a bad packet is received.
The Lucky13 countermeasure causes the mac state to become corrupted,
due to the extra inputs. Then the next packet fails its mac check.
This causes the Lucky13 countermeasure to go off again, ...
Diffstat (limited to 'src/tests/test_tls.cpp')
-rw-r--r-- | src/tests/test_tls.cpp | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/src/tests/test_tls.cpp b/src/tests/test_tls.cpp index 9b734bdea..0798fc120 100644 --- a/src/tests/test_tls.cpp +++ b/src/tests/test_tls.cpp @@ -170,13 +170,12 @@ class TLS_CBC_Tests final : public Text_Based_Test const bool is_valid = vars.get_req_sz("Valid") == 1; // todo test permutations - bool explicit_iv = true; bool encrypt_then_mac = false; Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption tls_cbc( std::unique_ptr<Botan::BlockCipher>(new Noop_Block_Cipher(block_size)), std::unique_ptr<Botan::MessageAuthenticationCode>(new ZeroMac(mac_len)), - 0, 0, explicit_iv, encrypt_then_mac); + 0, 0, Botan::TLS::Protocol_Version::TLS_V11, encrypt_then_mac); tls_cbc.set_key(std::vector<uint8_t>(0)); std::vector<uint8_t> ad(13); |