Merge pull request #9610 from Frauschi/pre_master_secret_size

Remove PQC-based buffer size increase for PreMasterSecret
This commit is contained in:
David Garske
2026-01-08 11:18:19 -08:00
committed by GitHub
2 changed files with 1 additions and 7 deletions
+1 -2
View File
@@ -10310,8 +10310,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
args->idx += OPAQUE16_LEN;
/* Signature data. */
if ((args->idx - args->begin) + args->sz > totalSz ||
args->sz > ENCRYPT_LEN) {
if ((args->idx - args->begin) + args->sz > totalSz) {
ERROR_OUT(BUFFER_ERROR, exit_dcv);
}
-5
View File
@@ -1526,15 +1526,10 @@ enum Misc {
MAXEARLYDATASZ_LEN = 4, /* maxEarlyDataSz size in ticket */
#endif
#endif
#if defined(HAVE_FALCON) || defined(HAVE_DILITHIUM)
ENCRYPT_LEN = 5120, /* Allow 5k byte buffer for dilithium and
* hybridization with other algs. */
#else
#ifndef NO_PSK
ENCRYPT_LEN = (ENCRYPT_BASE_BITS / 8) + MAX_PSK_KEY_LEN + 2,
#else
ENCRYPT_LEN = (ENCRYPT_BASE_BITS / 8),
#endif
#endif
SIZEOF_SENDER = 4, /* clnt or srvr */
FINISHED_SZ = 36, /* WC_MD5_DIGEST_SIZE + WC_SHA_DIGEST_SIZE */