wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Correct serverDH_Pub length on renegotiation

Browse Source 
On a renegotiation the serverDH_Pub buffer may be too short. The previous DhGenKeyPair call may have generated a key that has a shorter binary representation (usually by one byte). Calling DhGenKeyPair with this shorter buffer results in a WC_KEY_SIZE_E error.
This commit is contained in:
Juliusz Sosinowicz
2021-06-24 15:19:03 +02:00
parent 1b6b16c2c3
commit 6dfc702364
1 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/internal.c
View File

@@ -26634,6 +26634,26 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
}
}
#ifdef HAVE_SECURE_RENEGOTIATION
/* Check that the DH public key buffer is large
* enough to hold the key. This may occur on a
* renegotiation when the key generated in the
* initial handshake is shorter than the key
* generated in the renegotiation. */
if (ssl->buffers.serverDH_Pub.length <
ssl->buffers.serverDH_P.length) {
byte* tmp = (byte*)XREALLOC(
ssl->buffers.serverDH_Pub.buffer,
ssl->buffers.serverDH_P.length +
OPAQUE16_LEN,
ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
if (tmp == NULL)
ERROR_OUT(MEMORY_E, exit_sske);
ssl->buffers.serverDH_Pub.buffer = tmp;
ssl->buffers.serverDH_Pub.length =
ssl->buffers.serverDH_P.length + OPAQUE16_LEN;
}
#endif
ret = DhGenKeyPair(ssl, ssl->buffers.serverDH_Key,
ssl->buffers.serverDH_Priv.buffer,
(word32*)&ssl->buffers.serverDH_Priv.length,