From b93a18b34ef89fad3fe2e02c95977b1d04ee3b34 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Wed, 1 Sep 2021 14:46:48 -0500 Subject: [PATCH] src/internal.c: in SendServerKeyExchange() case diffie_hellman_kea, #ifdef HAVE_SECURE_RENEGOTIATION, enlarge buffers.serverDH_Pub.buffer to accomodate larger new key replacing smaller old key, whether or not ssl->namedGroup is set (copy-paste of existing in !ssl->namedGroup path). --- src/internal.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/src/internal.c b/src/internal.c index 0877eb423..51189753f 100644 --- a/src/internal.c +++ b/src/internal.c @@ -26952,6 +26952,27 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ssl->options.dhKeyTested = 1; #endif + #ifdef HAVE_SECURE_RENEGOTIATION + /* Check that the DH public key buffer is large + * enough to hold the key. This may occur on a + * renegotiation when the key generated in the + * initial handshake is shorter than the key + * generated in the renegotiation. */ + if (ssl->buffers.serverDH_Pub.length < + ssl->buffers.serverDH_P.length) { + byte* tmp = (byte*)XREALLOC( + ssl->buffers.serverDH_Pub.buffer, + ssl->buffers.serverDH_P.length + + OPAQUE16_LEN, + ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); + if (tmp == NULL) + ERROR_OUT(MEMORY_E, exit_sske); + ssl->buffers.serverDH_Pub.buffer = tmp; + ssl->buffers.serverDH_Pub.length = + ssl->buffers.serverDH_P.length + OPAQUE16_LEN; + } + #endif + ret = DhGenKeyPair(ssl, ssl->buffers.serverDH_Key, ssl->buffers.serverDH_Priv.buffer, (word32*)&ssl->buffers.serverDH_Priv.length,