From b08a99057c70c111b58f21c203dc0bc14df5118c Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 13 Nov 2017 15:02:13 -0800 Subject: [PATCH] Cleanup of `hashSigAlgo` handling in `DoClientHello`. --- src/internal.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/src/internal.c b/src/internal.c index e71218679..427809d8a 100644 --- a/src/internal.c +++ b/src/internal.c @@ -13237,7 +13237,7 @@ int SendCertificateRequest(WOLFSSL* ssl) /* supported hash/sig */ if (IsAtLeastTLSv1_2(ssl)) { c16toa(ssl->suites->hashSigAlgoSz, &output[i]); - i += LENGTH_SZ; + i += OPAQUE16_LEN; XMEMCPY(&output[i], ssl->suites->hashSigAlgo, ssl->suites->hashSigAlgoSz); @@ -22765,18 +22765,22 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return BUFFER_ERROR; if (extId == HELLO_EXT_SIG_ALGO) { - ato16(&input[i], &clSuites.hashSigAlgoSz); + word16 hashSigAlgoSz; + + ato16(&input[i], &hashSigAlgoSz); i += OPAQUE16_LEN; - if (OPAQUE16_LEN + clSuites.hashSigAlgoSz > extSz) + if (OPAQUE16_LEN + hashSigAlgoSz > extSz) return BUFFER_ERROR; - XMEMCPY(clSuites.hashSigAlgo, &input[i], - min(clSuites.hashSigAlgoSz, WOLFSSL_MAX_SIGALGO)); - i += clSuites.hashSigAlgoSz; - + clSuites.hashSigAlgoSz = hashSigAlgoSz; if (clSuites.hashSigAlgoSz > WOLFSSL_MAX_SIGALGO) clSuites.hashSigAlgoSz = WOLFSSL_MAX_SIGALGO; + + XMEMCPY(clSuites.hashSigAlgo, &input[i], + clSuites.hashSigAlgoSz); + + i += hashSigAlgoSz; } #ifdef HAVE_EXTENDED_MASTER else if (extId == HELLO_EXT_EXTMS)