Current 1.0.1, 1.0.2 and master don't handle malformed Client Key Exchange messages correctly.
when a malformed message, or message with incorrect parameters is received openssl server just closes the connection instead of sending an Alert message reproducer script: https://github.com/tomato42/tlsfuzzer/blob/master/scripts/test-ecdhe-rsa-key-exchange-with-bad-messages.py to reproduce: openssl req -x509 -newkey rsa -keyout localhost.key -out localhost.crt -subj /CN=localhost -nodes -batch openssl s_server -key localhost.key -cert localhost.crt -www 2>server.err >server.out & openssl_pid=$! git clone https://github.com/tomato42/tlsfuzzer pushd tlsfuzzer git clone https://github.com/tomato42/tlslite-ng .tlslite-ng ln -s .tlslite-ng/tlslite tlslite git clone https://github.com/warner/python-ecdsa .python-ecdsa ln -s .python-ecdsa/ecdsa ecdsa PYTHONPATH=. python scripts/test-ecdhe-rsa-key-exchange-with-bad-messages.py popd kill $openssl_pid -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4610 Please log in as guest with password guest if prompted
signature.asc
Description: PGP signature
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
