From eaaed051cbaec2eac9721773b7b4a4d440e8ec2d Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Tue, 28 Nov 2017 17:07:35 +0100 Subject: ssl: Align timing just in case --- lib/ssl/src/ssl_connection.erl | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'lib/ssl/src') diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index 1f77b558ef..452bbb6816 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -1396,24 +1396,24 @@ server_certify_and_key_exchange(State0, Connection) -> certify_client_key_exchange(#encrypted_premaster_secret{premaster_secret= EncPMS}, #state{private_key = Key, client_hello_version = {Major, Minor} = Version} = State, Connection) -> - + FakeSecret = make_premaster_secret(Version, rsa), %% Countermeasure for Bleichenbacher attack always provide some kind of premaster secret %% and fail handshake later.RFC 5246 section 7.4.7.1. PremasterSecret = try ssl_handshake:premaster_secret(EncPMS, Key) of Secret when erlang:byte_size(Secret) == ?NUM_OF_PREMASTERSECRET_BYTES -> case Secret of - <> -> %% Correct - Secret; + <> -> %% Correct + <>; <> -> %% Version mismatch <> end; _ -> %% erlang:byte_size(Secret) =/= ?NUM_OF_PREMASTERSECRET_BYTES - make_premaster_secret(Version, rsa) + FakeSecret catch #alert{description = ?DECRYPT_ERROR} -> - make_premaster_secret(Version, rsa) - end, + FakeSecret + end, calculate_master_secret(PremasterSecret, State, Connection, certify, cipher); certify_client_key_exchange(#client_diffie_hellman_public{dh_public = ClientPublicDhKey}, #state{diffie_hellman_params = #'DHParameter'{} = Params, -- cgit v1.2.3