News  [SoftwareSite

Latest News
Older News
RSS Feed
Complete Projects
Useful Classes
Top Downloads
Message Board
Send Comments
Software License Buttons
Forums -> Security Library Forum
BUG: RecordLayer.WrapMessage busted  
by John Doty
posted on 2003/08/19

It appears that the encryption performed by RecordLayer.WrapMessage can cause the message size to exceed 2^14 bytes, in violation of the specification.

This happens to me while doing stream cypher encryption, but there does not appear to be any defense against it in general.

by Pieter Philippaerts [Pieter at mentalis dot org]
posted on 2003/08/19

Only plaintext fragments must be 2^14 bytes or less. Encrypted fragments can be up to 2^14+2048 bytes [section 6.2.3 in the TLS standard].

The 2^14 limit is enforced by the RecordLayer.EncryptBytes() method; this method splits up byte arrays if they are too large to send at once.

The 2^14+2048 limit is enforced implicitly because there is currently no cipher suite from which the overhead data [padding+mac] is larger than 2048 bytes.


Copyright © 2002-2007, The Team. All rights reserved.
This site is located at
Send comments to the webmaster.