Merge pull request #2977 from SparkiDev/tlsx_ks_ecc_fix

KeyShare ECC shift index range check
2020-05-19 15:49:41 -07:00
parent 754c96965a 5b918f7ace
commit 7901f74d0b
2 changed files with 9 additions and 4 deletions
--- a/src/tls.c
+++ b/src/tls.c
@ -8131,13 +8131,17 @@ int TLSX_KeyShare_Establish(WOLFSSL *ssl)
        if (!TLSX_SupportedGroups_Find(ssl, clientKSE->group))
            return BAD_KEY_SHARE_DATA;

-    #ifdef OPENSSL_EXTRA
        if ((clientKSE->group & NAMED_DH_MASK) == 0) {
-            /* Check if server supports group. */
-            if (ssl->ctx->disabledCurves & (1 << clientKSE->group))
+            /* Check max value supported. */
+            if (clientKSE->group > WOLFSSL_ECC_MAX) {
                continue;
+            }
+        #ifdef OPENSSL_EXTRA
+            /* Check if server supports group. */
+            if (ssl->ctx->disabledCurves & ((word32)1 << clientKSE->group))
+                continue;
+        #endif
        }
-    #endif
        if (!TLSX_KeyShare_IsSupported(clientKSE->group))
            continue;

--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@ -3032,6 +3032,7 @@ enum {
    WOLFSSL_ECC_BRAINPOOLP512R1 = 28,
    WOLFSSL_ECC_X25519    = 29,
    WOLFSSL_ECC_X448      = 30,
+    WOLFSSL_ECC_MAX       = 30,

    WOLFSSL_FFDHE_2048    = 256,
    WOLFSSL_FFDHE_3072    = 257,