wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 11:17:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix to handle time rollover in TLS v1.3 diff calculation.

Browse Source
This commit is contained in:
David Garske
2021-04-30 15:04:09 -07:00
parent 385e0bedaa
commit c9634952d5
2 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/tls.c
View File

@ -10360,7 +10360,7 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
#if defined(HAVE_SESSION_TICKET) #if defined(HAVE_SESSION_TICKET)
if (ssl->options.resuming && ssl->session.ticketLen > 0) { if (ssl->options.resuming && ssl->session.ticketLen > 0) {
WOLFSSL_SESSION* sess = &ssl->session; WOLFSSL_SESSION* sess = &ssl->session;
word32 milli; word32 now, milli;
if (sess->ticketLen > MAX_PSK_ID_LEN) { if (sess->ticketLen > MAX_PSK_ID_LEN) {
WOLFSSL_MSG("Session ticket length for PSK ext is too large"); WOLFSSL_MSG("Session ticket length for PSK ext is too large");
@ -10373,8 +10373,13 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
ret = SetCipherSpecs(ssl); ret = SetCipherSpecs(ssl);
if (ret != 0) if (ret != 0)
return ret; return ret;
milli = TimeNowInMilliseconds() - sess->ticketSeen + now = TimeNowInMilliseconds();
sess->ticketAdd; if (now < sess->ticketSeen)
milli = (0xFFFFFFFFU - sess->ticketSeen) + now;
else
milli = now - sess->ticketSeen;
milli += sess->ticketAdd;
/* Pre-shared key is mandatory extension for resumption. */ /* Pre-shared key is mandatory extension for resumption. */
ret = TLSX_PreSharedKey_Use(ssl, sess->ticket, sess->ticketLen, ret = TLSX_PreSharedKey_Use(ssl, sess->ticket, sess->ticketLen,
milli, ssl->specs.mac_algorithm, milli, ssl->specs.mac_algorithm,

5
src/tls13.c
View File

@ -3540,7 +3540,10 @@ static int DoPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
now = TimeNowInMilliseconds(); now = TimeNowInMilliseconds();
if (now == (word32)GETTIME_ERROR) if (now == (word32)GETTIME_ERROR)
return now; return now;
diff = now - ssl->session.ticketSeen; if (now < ssl->session.ticketSeen)
diff = (0xFFFFFFFFU - ssl->session.ticketSeen) + now;
else
diff = now - ssl->session.ticketSeen;
diff -= current->ticketAge - ssl->session.ticketAdd; diff -= current->ticketAge - ssl->session.ticketAdd;
/* Check session and ticket age timeout. /* Check session and ticket age timeout.
* Allow +/- 1000 milliseconds on ticket age. * Allow +/- 1000 milliseconds on ticket age.