<div dir="ltr"><p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif">Hi All,</span><span style="font-size:10pt;font-family:Arial,sans-serif"></span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif"> </span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif">Recently we have ported
OpenSSL 1.0.2d. Everything works perfect except the below explained issue. </span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif"> </span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif">When we enable only
TLS 1.0 protocol and select CBC ciphers, TLS handshake fails with the error
"</span><span style="font-size:10pt;font-family:Arial,sans-serif;color:black">bad record mac".</span><span style="font-size:10pt;font-family:Arial,sans-serif"></span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif;color:black"> </span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif;color:black">Error is in function
static int ssl3_get_record(SSL *s). Error happens at </span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif"> </span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif">if (i < 0 || mac ==
NULL</span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif"> || CRYPTO_memcmp(md, mac, (size_t)mac_size)
!= 0). </span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif"> </span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif"> </span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif">CRYPTO_memcmp is
failing. I debugged further.</span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif"> </span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif">I replaced constant_time_eq_8
usage in s3_cbc.c with the implementation available in OpenSSL 1.0.1e. Things
worked fine.</span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif"> </span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif">OpenSSL 1.0.2d has
this implementation in constant_time_locl.h. OpenSSL 1.0.1e has this
implementation local to s3_cbc.c</span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif"> </span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif">Now my question is
whatever I did is it correct? Or Do need to replace complete s3_cbc.c with
OpenSSL 1.0.1e?</span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif"> </span></p><p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif"><br></span></p><p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif">Regards</span></p><p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif">Jaya</span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif"> </span></p>
<p class="MsoNormal"><span style="font-size:10pt;font-family:Arial,sans-serif"> </span></p></div>