forked from wolfSSL/wolfssl
Enhancement to allow override of maximum sig/algos using new WOLFSSL_MAX_SIGALGO define (default is 32).
This commit is contained in:
David Garske
@ -22772,11 +22772,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
|||||||
return BUFFER_ERROR;
|
return BUFFER_ERROR;
|
||||||
|
|
||||||
XMEMCPY(clSuites.hashSigAlgo, &input[i],
|
XMEMCPY(clSuites.hashSigAlgo, &input[i],
|
||||||
min(clSuites.hashSigAlgoSz, HELLO_EXT_SIGALGO_MAX));
|
min(clSuites.hashSigAlgoSz, WOLFSSL_MAX_SIGALGO));
|
||||||
i += clSuites.hashSigAlgoSz;
|
i += clSuites.hashSigAlgoSz;
|
||||||
|
|
||||||
if (clSuites.hashSigAlgoSz > HELLO_EXT_SIGALGO_MAX)
|
if (clSuites.hashSigAlgoSz > WOLFSSL_MAX_SIGALGO)
|
||||||
clSuites.hashSigAlgoSz = HELLO_EXT_SIGALGO_MAX;
|
clSuites.hashSigAlgoSz = WOLFSSL_MAX_SIGALGO;
|
||||||
}
|
}
|
||||||
#ifdef HAVE_EXTENDED_MASTER
|
#ifdef HAVE_EXTENDED_MASTER
|
||||||
else if (extId == HELLO_EXT_EXTMS)
|
else if (extId == HELLO_EXT_EXTMS)
|
||||||
|
|||||||
@ -1034,7 +1034,6 @@ enum Misc {
|
|||||||
HELLO_EXT_TYPE_SZ = 2, /* length of a hello extension type */
|
HELLO_EXT_TYPE_SZ = 2, /* length of a hello extension type */
|
||||||
HELLO_EXT_SZ_SZ = 2, /* length of a hello extension size */
|
HELLO_EXT_SZ_SZ = 2, /* length of a hello extension size */
|
||||||
HELLO_EXT_SIGALGO_SZ = 2, /* length of number of items in sigalgo list */
|
HELLO_EXT_SIGALGO_SZ = 2, /* length of number of items in sigalgo list */
|
||||||
HELLO_EXT_SIGALGO_MAX = 32, /* number of items in the signature algo list */
|
|
||||||
|
|
||||||
DTLS_HANDSHAKE_HEADER_SZ = 12, /* normal + seq(2) + offset(3) + length(3) */
|
DTLS_HANDSHAKE_HEADER_SZ = 12, /* normal + seq(2) + offset(3) + length(3) */
|
||||||
DTLS_RECORD_HEADER_SZ = 13, /* normal + epoch(2) + seq_num(6) */
|
DTLS_RECORD_HEADER_SZ = 13, /* normal + epoch(2) + seq_num(6) */
|
||||||
@ -1192,6 +1191,12 @@ enum Misc {
|
|||||||
/* 150 suites for now! */
|
/* 150 suites for now! */
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* number of items in the signature algo list */
|
||||||
|
#ifndef WOLFSSL_MAX_SIGALGO
|
||||||
|
#define WOLFSSL_MAX_SIGALGO 32
|
||||||
|
#endif
|
||||||
|
|
||||||
|
|
||||||
/* set minimum ECC key size allowed */
|
/* set minimum ECC key size allowed */
|
||||||
#ifndef WOLFSSL_MIN_ECC_BITS
|
#ifndef WOLFSSL_MIN_ECC_BITS
|
||||||
#ifdef WOLFSSL_MAX_STRENGTH
|
#ifdef WOLFSSL_MAX_STRENGTH
|
||||||
@ -1527,7 +1532,7 @@ typedef struct Suites {
|
|||||||
word16 suiteSz; /* suite length in bytes */
|
word16 suiteSz; /* suite length in bytes */
|
||||||
word16 hashSigAlgoSz; /* SigAlgo extension length in bytes */
|
word16 hashSigAlgoSz; /* SigAlgo extension length in bytes */
|
||||||
byte suites[WOLFSSL_MAX_SUITE_SZ];
|
byte suites[WOLFSSL_MAX_SUITE_SZ];
|
||||||
byte hashSigAlgo[HELLO_EXT_SIGALGO_MAX]; /* sig/algo to offer */
|
byte hashSigAlgo[WOLFSSL_MAX_SIGALGO]; /* sig/algo to offer */
|
||||||
byte setSuites; /* user set suites from default */
|
byte setSuites; /* user set suites from default */
|
||||||
byte hashAlgo; /* selected hash algorithm */
|
byte hashAlgo; /* selected hash algorithm */
|
||||||
byte sigAlgo; /* selected sig algorithm */
|
byte sigAlgo; /* selected sig algorithm */
|
||||||
|
|||||||
Reference in New Issue
Block a user