ssl-utils: fix decryption of NULL ciphers
A dissector bug was reported: epan/dissectors/packet-ssl-utils.c:1615: failed assertion "data" and fair enough, the MAC Key is indeed NULL because of our special handling for NULL ciphers. Just ignore the MAC key then. Change-Id: I12d2be5e84520badb44a99fc965c48c3afa89346 Fixes: v2.3.0rc0-697-gb1d36fe ("ssl-utils: remove block and key sizes from cipher suites table") Reviewed-on: https://code.wireshark.org/review/17903 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This commit is contained in:
parent
ca232b1d12
commit
8b047554ee
|
@ -2840,8 +2840,11 @@ ssl_create_decoder(const SslCipherSuite *cipher_suite, gint cipher_algo,
|
|||
memory allocation and waste samo more memory*/
|
||||
dec->cipher_suite=cipher_suite;
|
||||
dec->compression = compression;
|
||||
if (mode == MODE_STREAM || mode == MODE_CBC) {
|
||||
/* AEAD ciphers use no MAC key, but stream and block ciphers do. */
|
||||
if ((mode == MODE_STREAM && mk != NULL) || mode == MODE_CBC) {
|
||||
// AEAD ciphers use no MAC key, but stream and block ciphers do. Note
|
||||
// the special case for NULL ciphers, even if there is insufficieny
|
||||
// keying material (including MAC key), we will can still create
|
||||
// decoders since "decryption" is easy for such ciphers.
|
||||
dec->mac_key.data = dec->_mac_key_or_write_iv;
|
||||
ssl_data_set(&dec->mac_key, mk, ssl_cipher_suite_dig(cipher_suite)->len);
|
||||
} else if (mode == MODE_GCM || mode == MODE_CCM || mode == MODE_CCM_8) {
|
||||
|
|
Loading…
Reference in New Issue