mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 14:00:48 +02:00
F-4868: reject trailing bytes in TLS 1.3 CertificateRequest
DoTls13CertificateRequest advanced past the certificate_request_context and extensions blocks but never verified the whole message body was consumed, silently ignoring trailing bytes. RFC 8446 Section 4.3.2 fixes the wire format; enforce that the consumed length equals the message size and return BUFFER_ERROR (decode_error) otherwise.
This commit is contained in:
+4
-1
@@ -6168,6 +6168,10 @@ static int DoTls13CertificateRequest(WOLFSSL* ssl, const byte* input,
|
||||
}
|
||||
*inOutIdx += len;
|
||||
|
||||
/* No trailing bytes allowed (RFC 8446 4.3.2). */
|
||||
if ((*inOutIdx - begin) != size)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
/* RFC 8446 Section 4.3.2: the signature_algorithms extension MUST be
|
||||
* present in a CertificateRequest. */
|
||||
if (peerSuites.hashSigAlgoSz == 0) {
|
||||
@@ -6175,7 +6179,6 @@ static int DoTls13CertificateRequest(WOLFSSL* ssl, const byte* input,
|
||||
WOLFSSL_ERROR_VERBOSE(INVALID_PARAMETER);
|
||||
return INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_CERT_SETUP_CB
|
||||
if ((ret = CertSetupCbWrapper(ssl)) != 0)
|
||||
return ret;
|
||||
|
||||
Reference in New Issue
Block a user