Add a double check to protect from glitch Check that the encryption has been done for the outbut buffer. This is to ensure that glitching out the encryption doesn't result as a unecrypted buffer to be sent.

commit: acb5eb00caaace5ba62fc49fb7ff21c54dffa294 [log] [tgz]
author: Jarno Lamsa <jarno.lamsa@arm.com> Thu Nov 14 14:13:10 2019 +0200
committer: Jarno Lamsa <jarno.lamsa@arm.com> Thu Dec 19 07:56:10 2019 +0200
tree: 34ca873dc338dfb11277f8a0d53c4389f8f3404d
parent: d05da1fa45f9b40cc5a56f7d9ff1c55992590168 [diff] [blame]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index ca5ca6d..d7ad696 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -4490,6 +4490,7 @@
     {
         unsigned i;
         size_t protected_record_size;
+        volatile int encrypted_fi = 0;
 
         /* Skip writing the record content type to after the encryption,
          * as it may change when using the CID extension. */
@@ -4544,6 +4545,13 @@
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
             ssl->out_msglen = len = rec.data_len;
             (void)mbedtls_platform_put_uint16_be( ssl->out_len, rec.data_len );
+            encrypted_fi = 1;
+        }
+
+        //Double check to ensure the encryption has been done
+        if( ssl->transform_out != NULL && encrypted_fi == 0 )
+        {
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
         }
 
         protected_record_size = len + mbedtls_ssl_out_hdr_len( ssl );
commit	acb5eb00caaace5ba62fc49fb7ff21c54dffa294	[log] [tgz]
author	Jarno Lamsa <jarno.lamsa@arm.com>	Thu Nov 14 14:13:10 2019 +0200
committer	Jarno Lamsa <jarno.lamsa@arm.com>	Thu Dec 19 07:56:10 2019 +0200
tree	34ca873dc338dfb11277f8a0d53c4389f8f3404d
parent	d05da1fa45f9b40cc5a56f7d9ff1c55992590168 [diff] [blame]