commit 169dd6a514142902665f5f9890f338bb251d2a46
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Tue Nov 04 16:15:39 2014 +0100
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Nov 05 16:00:50 2014 +0100
tree 6becc410e15a3cc5844748b602fe261e613f38a6
parent 78e745fc0a5ab2895946f9b5ba5e268558908541

Adjust minimum length for EtM

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 4132e47..8c981cf 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -601,12 +601,23 @@
         {
             /*
              * GenericBlockCipher:
-             * first multiple of blocklen greater than maclen
-             * + IV except for SSL3 and TLS 1.0
+             * 1. if EtM is in use: one block plus MAC
+             *    otherwise: * first multiple of blocklen greater than maclen
+             * 2. IV except for SSL3 and TLS 1.0
              */
-            transform->minlen = transform->maclen
-                                + cipher_info->block_size
-                                - transform->maclen % cipher_info->block_size;
+#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
+            if( session->encrypt_then_mac == SSL_ETM_ENABLED )
+            {
+                transform->minlen = transform->maclen
+                                  + cipher_info->block_size;
+            }
+            else
+#endif
+            {
+                transform->minlen = transform->maclen
+                                  + cipher_info->block_size
+                                  - transform->maclen % cipher_info->block_size;
+            }
 
 #if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1)
             if( ssl->minor_ver == SSL_MINOR_VERSION_0 ||

tests/ssl-opt.sh

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 26b2f89..1349737 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -1864,6 +1864,13 @@
             0 \
             -s "Read from client: 1 bytes read"
 
+run_test    "Small packet TLS 1.0 BlockCipher without EtM" \
+            "$P_SRV" \
+            "$P_CLI request_size=1 force_version=tls1 etm=0 \
+             force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+            0 \
+            -s "Read from client: 1 bytes read"
+
 run_test    "Small packet TLS 1.0 BlockCipher truncated MAC" \
             "$P_SRV" \
             "$P_CLI request_size=1 force_version=tls1 \
@@ -1887,6 +1894,13 @@
             0 \
             -s "Read from client: 1 bytes read"
 
+run_test    "Small packet TLS 1.1 BlockCipher without EtM" \
+            "$P_SRV" \
+            "$P_CLI request_size=1 force_version=tls1_1 etm=0 \
+             force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+            0 \
+            -s "Read from client: 1 bytes read"
+
 run_test    "Small packet TLS 1.1 StreamCipher" \
             "$P_SRV" \
             "$P_CLI request_size=1 force_version=tls1_1 \
@@ -1917,6 +1931,13 @@
             0 \
             -s "Read from client: 1 bytes read"
 
+run_test    "Small packet TLS 1.2 BlockCipher without EtM" \
+            "$P_SRV" \
+            "$P_CLI request_size=1 force_version=tls1_2 etm=0 \
+             force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+            0 \
+            -s "Read from client: 1 bytes read"
+
 run_test    "Small packet TLS 1.2 BlockCipher larger MAC" \
             "$P_SRV" \
             "$P_CLI request_size=1 force_version=tls1_2 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \