diff --git a/src/tls.c b/src/tls.c index 3ffa417f7..6a076bf79 100644 --- a/src/tls.c +++ b/src/tls.c @@ -10360,7 +10360,7 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) #if defined(HAVE_SESSION_TICKET) if (ssl->options.resuming && ssl->session.ticketLen > 0) { WOLFSSL_SESSION* sess = &ssl->session; - word32 milli; + word32 now, milli; if (sess->ticketLen > MAX_PSK_ID_LEN) { WOLFSSL_MSG("Session ticket length for PSK ext is too large"); @@ -10373,8 +10373,13 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) ret = SetCipherSpecs(ssl); if (ret != 0) return ret; - milli = TimeNowInMilliseconds() - sess->ticketSeen + - sess->ticketAdd; + now = TimeNowInMilliseconds(); + if (now < sess->ticketSeen) + milli = (0xFFFFFFFFU - sess->ticketSeen) + now; + else + milli = now - sess->ticketSeen; + milli += sess->ticketAdd; + /* Pre-shared key is mandatory extension for resumption. */ ret = TLSX_PreSharedKey_Use(ssl, sess->ticket, sess->ticketLen, milli, ssl->specs.mac_algorithm, diff --git a/src/tls13.c b/src/tls13.c index fd686a747..f510dfd01 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -3540,7 +3540,10 @@ static int DoPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz, now = TimeNowInMilliseconds(); if (now == (word32)GETTIME_ERROR) return now; - diff = now - ssl->session.ticketSeen; + if (now < ssl->session.ticketSeen) + diff = (0xFFFFFFFFU - ssl->session.ticketSeen) + now; + else + diff = now - ssl->session.ticketSeen; diff -= current->ticketAge - ssl->session.ticketAdd; /* Check session and ticket age timeout. * Allow +/- 1000 milliseconds on ticket age.