wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8318 from dgarske/CID444418

Browse Source 
Fix for finishedSz checking with TLSv1.3 and `WOLFSSL_HAVE_TLS_UNIQUE` (CID444418)
This commit is contained in:
JacobBarthelmeh
2024-12-24 15:41:25 -07:00
committed by GitHub
parent 17c17cde13 e1baf27831
commit f57f044b39
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/tls13.c
View File

@ -10867,12 +10867,12 @@ int DoTls13Finished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
} }
if (sniff == NO_SNIFF) { if (sniff == NO_SNIFF) {
ret = BuildTls13HandshakeHmac(ssl, secret, mac, &finishedSz);
if (finishedSz > WOLFSSL_MAX_8BIT) { ret = BuildTls13HandshakeHmac(ssl, secret, mac, &finishedSz);
#ifdef WOLFSSL_HAVE_TLS_UNIQUE
if (finishedSz > TLS_FINISHED_SZ_MAX) {
return BUFFER_ERROR; return BUFFER_ERROR;
} }
#ifdef WOLFSSL_HAVE_TLS_UNIQUE
if (ssl->options.side == WOLFSSL_CLIENT_END) { if (ssl->options.side == WOLFSSL_CLIENT_END) {
XMEMCPY(ssl->serverFinished, mac, finishedSz); XMEMCPY(ssl->serverFinished, mac, finishedSz);
ssl->serverFinished_len = (byte)finishedSz; ssl->serverFinished_len = (byte)finishedSz;