Open Bug 1274801 Opened 9 years ago Updated 3 years ago

TLS 1.3: Generate right alert for records with no content type

Tracking

(Not tracked)

Status:

NEW

People

(Reporter: ekr, Unassigned)

Details

Attachments

(1 file)

wip 9 years ago Franziskus Kiefer [:franziskus] 2.20 KB, patch		Details \| Diff \| Splinter Review

Eric Rescorla (:ekr)

Reporter

Description

•

9 years ago

The spec says: Implementations MUST limit their scanning to the cleartext returned from the AEAD decryption. If a receiving implementation does not find a non-zero octet in the cleartext, it should treat the record as having an unexpected ContentType, sending an "unexpected_message" alert. But we use bad_record_mac

Franziskus Kiefer [:franziskus]

Comment 1

•

9 years ago

Attached patch wip — Details — Splinter Review

Tim Taubert [:ttaubert] (inactive)

Updated

•

8 years ago

Priority: -- → P3

BMO Automation

Updated

•

3 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

TLS 1.3: Generate right alert for records with no content type

Categories

(NSS :: Libraries, defect, P3)

Tracking

(Not tracked)

People

(Reporter: ekr, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Updated

Updated

Attachment

General

Description

File Name

Content Type