[gnutls-dev] GNUTLS_E_INTERNAL_ERROR in _gnutls_ciphertext2compressed

Ludovic Courtès ludovic.courtes at laas.fr
Thu Nov 15 15:06:27 CET 2007


With the attached patch against 2.0.1 (your 2 fixes + additional
`gnutls assert's) and `NULL' encryption, I nailed it down to this part
of `gnutls_cipher.c':

  /* This one was introduced to avoid a timing attack against the TLS
   * 1.0 protocol.
   */
  if (pad_failed != 0)
    {
      gnutls_assert (); /* <-- This is where we fail */
      return pad_failed;
    }

That's the first `assert' I see, which seems to indicate that PAD_FAILED
was set here:

   /* Check the pading bytes (TLS 1.x)
    */
   if (ver >= GNUTLS_TLS1 && pad_failed == 0)
     for (i = 2; i < pad; i++)
       {
         if (ciphertext.data[ciphertext.size - i] !=
             ciphertext.data[ciphertext.size - 1])
           pad_failed = GNUTLS_E_DECRYPTION_FAILED;
       }

It's pretty hard for me to debug this on a Nokia so I hope you'll come
up with a bright idea.  :-)

Thanks,
Ludovic.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: ,,maemo.diff
Type: text/x-patch
Size: 5612 bytes
Desc: The patch
URL: </pipermail/attachments/20071115/a43a99cf/attachment.bin>


More information about the Gnutls-devel mailing list