wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

DH Fix

Browse Source 
1. Check the length values for the DH key domain and public key in the
   server key exchange message to make sure they are within the bounds
   set by the configuration. (Minimum key size is 2048 bits for DH.)
This commit is contained in:
John Safranek
2020-10-16 16:28:27 -07:00
parent 4364700c01
commit ec0aab1a23
1 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/internal.c
View File

@ -21178,6 +21178,9 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size,
}
ato16(input + args->idx, &length);
if (length < MIN_DHKEY_SZ || length > MAX_DHKEY_SZ) {
ERROR_OUT(DH_KEY_SIZE_E, exit_gdpk);
}
args->idx += OPAQUE16_LEN;
if ((args->idx - args->begin) + length > size) {
@ -21219,6 +21222,12 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size,
}
ato16(input + args->idx, &length);
if (length > MAX_DHKEY_SZ) {
XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap,
DYNAMIC_TYPE_PUBLIC_KEY);
ssl->buffers.serverDH_P.buffer = NULL;
ERROR_OUT(DH_KEY_SIZE_E, exit_gdpk);
}
args->idx += OPAQUE16_LEN;
if ((args->idx - args->begin) + length > size) {
@ -21256,6 +21265,16 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size,
}
ato16(input + args->idx, &length);
if (length < MIN_DHKEY_SZ || length > MAX_DHKEY_SZ) {
XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap,
DYNAMIC_TYPE_PUBLIC_KEY);
ssl->buffers.serverDH_P.buffer = NULL;
XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap,
DYNAMIC_TYPE_PUBLIC_KEY);
ssl->buffers.serverDH_G.buffer = NULL;
ERROR_OUT(BUFFER_ERROR, exit_gdpk);
ERROR_OUT(DH_KEY_SIZE_E, exit_gdpk);
}
args->idx += OPAQUE16_LEN;
if ((args->idx - args->begin) + length > size) {