Open Bug 1274801 Opened 8 years ago Updated 2 years ago

TLS 1.3: Generate right alert for records with no content type

Tracking

(Not tracked)

Status:

NEW

People

(Reporter: ekr, Unassigned)

Details

Attachments

(1 file)

wip 8 years ago Franziskus Kiefer [:franziskus] 2.20 KB, patch		Details \| Diff \| Splinter Review

Eric Rescorla (:ekr)

Reporter

Description

•

8 years ago

The spec says:

Implementations MUST limit their scanning to the cleartext returned
from the AEAD decryption.  If a receiving implementation does not find
a non-zero octet in the cleartext, it should treat the record as
having an unexpected ContentType, sending an "unexpected_message"
alert.


But we use bad_record_mac

Franziskus Kiefer [:franziskus]

Comment 1

•

8 years ago

Attached patch wip — Details — Splinter Review

Tim Taubert [:ttaubert] (inactive)

Updated

•

7 years ago

Priority: -- → P3

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

TLS 1.3: Generate right alert for records with no content type

Categories

(NSS :: Libraries, defect, P3)

Tracking

(Not tracked)

People

(Reporter: ekr, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Updated

Updated

Attachment

General

Description

File Name

Content Type