feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fix to detect larger key size requirement based on FP_MAX_BITS. Fix for TLSv1.3 to allow server_hello for TLSX_SUPPORTED_GROUPS. ZD 4754.

Browse Source
This commit is contained in:
David Garske
2019-02-01 09:53:30 -08:00
parent 0b2bbc33bd
commit c080050c80
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/tls.c
View File

@@ -9646,6 +9646,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType,
#ifdef WOLFSSL_TLS13 #ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(ssl->ctx->method->version) && if (IsAtLeastTLSv1_3(ssl->ctx->method->version) &&
msgType != client_hello && msgType != client_hello &&
msgType != server_hello &&
msgType != encrypted_extensions) { msgType != encrypted_extensions) {
return EXT_NOT_ALLOWED; return EXT_NOT_ALLOWED;
} }

5
wolfssl/internal.h
View File

@@ -1160,8 +1160,9 @@ enum Misc {
HELLO_EXT_EXTMS = 0x0017, /* ID for the extended master secret ext */ HELLO_EXT_EXTMS = 0x0017, /* ID for the extended master secret ext */
SECRET_LEN = WOLFSSL_MAX_MASTER_KEY_LENGTH, SECRET_LEN = WOLFSSL_MAX_MASTER_KEY_LENGTH,
/* pre RSA and all master */ /* pre RSA and all master */
#if defined(WOLFSSL_MYSQL_COMPATIBLE) #if defined(WOLFSSL_MYSQL_COMPATIBLE) || \
ENCRYPT_LEN = 1024, /* allow larger static buffer with mysql */ (defined(USE_FAST_MATH) && defined(FP_MAX_BITS) && FP_MAX_BITS > 8192)
ENCRYPT_LEN = 1024, /* allow 8192 bit static buffer */
#else #else
ENCRYPT_LEN = 512, /* allow 4096 bit static buffer */ ENCRYPT_LEN = 512, /* allow 4096 bit static buffer */
#endif #endif