[gnutls-dev] GNUTLS_E_INTERNAL_ERROR in _gnutls_ciphertext2compressed

Nikos Mavrogiannopoulos n.mavrogiannopoulos at gmail.com
Thu Nov 15 15:21:46 CET 2007


I was talking about this patch (quite big):
http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=a923cc605a40cf73dbb40de0ac46978674e388fd
and use gnutls_session_enable_compatibility_mode() on your server.

On Nov 15, 2007 4:06 PM, Ludovic Courtès <ludovic.courtes at laas.fr> wrote:
> With the attached patch against 2.0.1 (your 2 fixes + additional
> `gnutlsassert's) and `NULL' encryption, I nailed it down to this part
> of `gnutls_cipher.c':
>
>   /* This one was introduced to avoid a timing attack against the TLS
>    * 1.0 protocol.
>    */
>   if (pad_failed != 0)
>     {
>       gnutls_assert (); /* <-- This is where we fail */
>       return pad_failed;
>     }
>
> That's the first `assert' I see, which seems to indicate that PAD_FAILED
> was set here:
>
>    /* Check the pading bytes (TLS 1.x)
>     */
>    if (ver >= GNUTLS_TLS1 && pad_failed == 0)
>      for (i = 2; i < pad; i++)
>        {
>          if (ciphertext.data[ciphertext.size - i] !=
>              ciphertext.data[ciphertext.size - 1])
>            pad_failed = GNUTLS_E_DECRYPTION_FAILED;
>        }
>
> It's pretty hard for me to debug this on a Nokia so I hope you'll come
> up with a bright idea.  :-)
>
> Thanks,
> Ludovic.
>
>
> _______________________________________________
> Gnutls-dev mailing list
> Gnutls-dev at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnutls-dev
>
>




More information about the Gnutls-devel mailing list