feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

tls13: fix cookie has keyShare information check

Browse Source 
Fix the check to see if the cookie has key_share information or not (needed to
reconstruct the HelloRetryRequest). At the moment, it looks like we never send a
cookie without KeyShare extension. Indeed the HelloRetryRequest is sent only
because the client didn't provide a good KeyShareEntry in the first
ClientHello. When we will support DTLSv1.3, the HelloRetryRequest will be used
as a return-routability check and it may be sent without the KeyShare extension.
This commit is contained in:
Marco Oliverio
2022-05-09 10:48:29 +02:00
parent 798d81723b
commit 829e9f5277
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/tls13.c
View File

@@ -4437,7 +4437,8 @@ static int RestartHandshakeHashWithCookie(WOLFSSL* ssl, Cookie* cookie)
length = HRR_BODY_SZ - ID_LEN + ssl->session->sessionIDSz +
HRR_COOKIE_HDR_SZ + cookie->len;
length += HRR_VERSIONS_SZ;
if (cookieDataSz > hashSz + OPAQUE16_LEN) {
/* HashSz (1 byte) + Hash (HashSz bytes) + CipherSuite (2 bytes) */
if (cookieDataSz > OPAQUE8_LEN + hashSz + OPAQUE16_LEN) {
keyShareExt = 1;
length += HRR_KEY_SHARE_SZ;
}