[gnutls-dev] GNUTLS_E_INTERNAL_ERROR in _gnutls_ciphertext2compressed
Nikos Mavrogiannopoulos
n.mavrogiannopoulos at gmail.com
Thu Nov 15 15:32:24 CET 2007
Or if you just want a quick and dirty fix for your copy in gnutls_record.c
at the call _gnutls_encrypt() the last parameter is 1. Just turn it to
zero (disables random padding).
regards,
Nikos
On Nov 15, 2007 4:21 PM, Nikos Mavrogiannopoulos
<n.mavrogiannopoulos at gmail.com> wrote:
> I was talking about this patch (quite big):
> http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=a923cc605a40cf73dbb40de0ac46978674e388fd
> and use gnutls_session_enable_compatibility_mode() on your server.
>
> On Nov 15, 2007 4:06 PM, Ludovic Courtès <ludovic.courtes at laas.fr> wrote:
> > With the attached patch against 2.0.1 (your 2 fixes + additional
> > `gnutlsassert's) and `NULL' encryption, I nailed it down to this part
>
> > of `gnutls_cipher.c':
> >
> > /* This one was introduced to avoid a timing attack against the TLS
> > * 1.0 protocol.
> > */
> > if (pad_failed != 0)
> > {
> > gnutls_assert (); /* <-- This is where we fail */
> > return pad_failed;
> > }
> >
> > That's the first `assert' I see, which seems to indicate that PAD_FAILED
> > was set here:
> >
> > /* Check the pading bytes (TLS 1.x)
> > */
> > if (ver >= GNUTLS_TLS1 && pad_failed == 0)
> > for (i = 2; i < pad; i++)
> > {
> > if (ciphertext.data[ciphertext.size - i] !=
> > ciphertext.data[ciphertext.size - 1])
> > pad_failed = GNUTLS_E_DECRYPTION_FAILED;
> > }
> >
> > It's pretty hard for me to debug this on a Nokia so I hope you'll come
> > up with a bright idea. :-)
> >
> > Thanks,
> > Ludovic.
> >
> >
>
> > _______________________________________________
> > Gnutls-dev mailing list
> > Gnutls-dev at gnupg.org
> > http://lists.gnupg.org/mailman/listinfo/gnutls-dev
> >
> >
>
More information about the Gnutls-devel
mailing list