From ec0aab1a2305cfc2de4ba374721ffcb7ca74012c Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 16 Oct 2020 16:28:27 -0700 Subject: [PATCH] DH Fix 1. Check the length values for the DH key domain and public key in the server key exchange message to make sure they are within the bounds set by the configuration. (Minimum key size is 2048 bits for DH.) --- src/internal.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/src/internal.c b/src/internal.c index c4464a3e2..378ca1d8d 100644 --- a/src/internal.c +++ b/src/internal.c @@ -21178,6 +21178,9 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size, } ato16(input + args->idx, &length); + if (length < MIN_DHKEY_SZ || length > MAX_DHKEY_SZ) { + ERROR_OUT(DH_KEY_SIZE_E, exit_gdpk); + } args->idx += OPAQUE16_LEN; if ((args->idx - args->begin) + length > size) { @@ -21219,6 +21222,12 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size, } ato16(input + args->idx, &length); + if (length > MAX_DHKEY_SZ) { + XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_P.buffer = NULL; + ERROR_OUT(DH_KEY_SIZE_E, exit_gdpk); + } args->idx += OPAQUE16_LEN; if ((args->idx - args->begin) + length > size) { @@ -21256,6 +21265,16 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size, } ato16(input + args->idx, &length); + if (length < MIN_DHKEY_SZ || length > MAX_DHKEY_SZ) { + XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_P.buffer = NULL; + XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_G.buffer = NULL; + ERROR_OUT(BUFFER_ERROR, exit_gdpk); + ERROR_OUT(DH_KEY_SIZE_E, exit_gdpk); + } args->idx += OPAQUE16_LEN; if ((args->idx - args->begin) + length > size) {