mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 15:10:48 +02:00
DTLS export: cap IV size at buffer size
ExportKeyState was writing ssl->specs.iv_size bytes from keys->aead_enc_imp_IV (always sized AEAD_MAX_IMP_SZ). ssl->specs.iv_size carries a different meaning depending on the cipher suite: in AEAD suites it's the implicit IV / nonce size, but in CBC it's the block cipher's IV size (16). In CBC this overran the size of aead_enc_imp_IV (12).
This commit is contained in:
+3
-1
@@ -1000,7 +1000,9 @@ static int ExportKeyState(WOLFSSL* ssl, byte* exp, word32 len, byte ver,
|
||||
XMEMCPY(exp + idx, keys->aead_exp_IV, AEAD_MAX_EXP_SZ);
|
||||
idx += AEAD_MAX_EXP_SZ;
|
||||
|
||||
sz = (small)? 0: ssl->specs.iv_size;
|
||||
sz = (small) ? 0 :
|
||||
(ssl->specs.iv_size > AEAD_MAX_IMP_SZ ? AEAD_MAX_IMP_SZ
|
||||
: ssl->specs.iv_size);
|
||||
if (idx + (sz * 2) + OPAQUE8_LEN > len) {
|
||||
WOLFSSL_MSG("Buffer not large enough for imp IVs");
|
||||
return BUFFER_E;
|
||||
|
||||
Reference in New Issue
Block a user