Open Bug 1274801 Opened 9 years ago Updated 3 years ago

TLS 1.3: Generate right alert for records with no content type

Categories

(NSS :: Libraries, defect, P3)

3.18

Tracking

(Not tracked)

People

(Reporter: ekr, Unassigned)

Details

Attachments

(1 file)

The spec says: Implementations MUST limit their scanning to the cleartext returned from the AEAD decryption. If a receiving implementation does not find a non-zero octet in the cleartext, it should treat the record as having an unexpected ContentType, sending an "unexpected_message" alert. But we use bad_record_mac
Priority: -- → P3
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: