Skip to content

Commit

Permalink
allow unencrypted alerts just before encrypted messages
Browse files Browse the repository at this point in the history
  • Loading branch information
tomato42 committed Aug 3, 2023
1 parent efc997e commit c820581
Showing 1 changed file with 11 additions and 2 deletions.
13 changes: 11 additions & 2 deletions tlslite/recordlayer.py
Original file line number Diff line number Diff line change
Expand Up @@ -915,6 +915,15 @@ def recvRecord(self):
elif self._is_tls13_plus() and \
header.type == ContentType.change_cipher_spec:
pass
# when we're in the early handshake, then unencrypted alerts
# are fine too
elif self._is_tls13_plus() and \
header.type == ContentType.alert and \
len(data) < 3 and \
self._readState and \
self._readState.encContext and \
self._readState.seqnum == 0:
pass
elif self._readState and \
self._readState.encContext and \
self._readState.encContext.isAEAD:
Expand Down Expand Up @@ -950,10 +959,10 @@ def recvRecord(self):
# start checking the MACs
self.early_data_ok = False

# TLS 1.3 encrypts the type, CCS is not encrypted
# TLS 1.3 encrypts the type, CCS and Alerts are not encrypted
if self._is_tls13_plus() and self._readState and \
self._readState.encContext and\
header.type != ContentType.change_cipher_spec:
header.type == ContentType.application_data:
# check if plaintext is not too big, RFC 8446, section 5.4
if len(data) > self.recv_record_limit + 1:
raise TLSRecordOverflow()
Expand Down

0 comments on commit c820581

Please # to comment.