Added
Link Here
|
1 |
--- lib/ssl/src/ssl_connection.erl.orig 2015-03-31 12:32:52.000000000 +0000 |
2 |
+++ lib/ssl/src/ssl_connection.erl 2017-12-14 13:13:46.570861000 +0000 |
3 |
@@ -1135,8 +1135,25 @@ |
4 |
request_client_cert(State2, Connection). |
5 |
|
6 |
certify_client_key_exchange(#encrypted_premaster_secret{premaster_secret= EncPMS}, |
7 |
- #state{private_key = Key} = State, Connection) -> |
8 |
- PremasterSecret = ssl_handshake:premaster_secret(EncPMS, Key), |
9 |
+ #state{private_key = Key, client_hello_version = {Major, Minor} = Version } = State, Connection) -> |
10 |
+ |
11 |
+ %% Countermeasure for Bleichenbacher attack always provide some kind of premaster secret |
12 |
+ %% and fail handshake later.RFC 5246 section 7.4.7.1. |
13 |
+ PremasterSecret = |
14 |
+ try ssl_handshake:premaster_secret(EncPMS, Key) of |
15 |
+ Secret when erlang:byte_size(Secret) == ?NUM_OF_PREMASTERSECRET_BYTES -> |
16 |
+ case Secret of |
17 |
+ <<?BYTE(Major), ?BYTE(Minor), _/binary>> -> %% Correct |
18 |
+ Secret; |
19 |
+ <<?BYTE(_), ?BYTE(_), Rest/binary>> -> %% Version mismatch |
20 |
+ <<?BYTE(Major), ?BYTE(Minor), Rest/binary>> |
21 |
+ end; |
22 |
+ _ -> %% erlang:byte_size(Secret) =/= ?NUM_OF_PREMASTERSECRET_BYTES |
23 |
+ make_premaster_secret(Version, rsa) |
24 |
+ catch |
25 |
+ #alert{description = ?DECRYPT_ERROR} -> |
26 |
+ make_premaster_secret(Version, rsa) |
27 |
+ end, |
28 |
calculate_master_secret(PremasterSecret, State, Connection, certify, cipher); |
29 |
|
30 |
certify_client_key_exchange(#client_diffie_hellman_public{dh_public = ClientPublicDhKey}, |