Open
Bug 1274801
Opened 8 years ago
Updated 2 years ago
TLS 1.3: Generate right alert for records with no content type
Categories
(NSS :: Libraries, defect, P3)
Tracking
(Not tracked)
NEW
People
(Reporter: ekr, Unassigned)
Details
Attachments
(1 file)
2.20 KB,
patch
|
Details | Diff | Splinter Review |
The spec says: Implementations MUST limit their scanning to the cleartext returned from the AEAD decryption. If a receiving implementation does not find a non-zero octet in the cleartext, it should treat the record as having an unexpected ContentType, sending an "unexpected_message" alert. But we use bad_record_mac
Comment 1•8 years ago
|
||
Updated•7 years ago
|
Priority: -- → P3
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•