diff options
author | Jack Lloyd <[email protected]> | 2017-11-28 14:15:56 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2017-11-28 14:15:56 -0500 |
commit | 14499ea0f9494208ae184ee74b4a71e2fe84a404 (patch) | |
tree | bdbaf66d2c3ce0a060527a2fbf156387cd5861b9 | |
parent | c56cc4a056c8a442ed31ea2f47bb7e933569fcd4 (diff) |
Return correct alert type on malformed DH/ECDH messages.
In the client key exchange if the message was malformed (eg an
completely empty ECDH share) a Decoding_Error would be thrown,
then caught and a fake pre master secret generated. Move the
parsing of the message out of the try/catch block, so the correct
error is reported.
-rw-r--r-- | src/lib/tls/msg_client_kex.cpp | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/src/lib/tls/msg_client_kex.cpp b/src/lib/tls/msg_client_kex.cpp index 742fee6b5..51040e479 100644 --- a/src/lib/tls/msg_client_kex.cpp +++ b/src/lib/tls/msg_client_kex.cpp @@ -403,17 +403,21 @@ Client_Key_Exchange::Client_Key_Exchange(const std::vector<uint8_t>& contents, throw Internal_Error("Expected key agreement key type but got " + private_key.algo_name()); + std::vector<uint8_t> client_pubkey; + + if(ka_key->algo_name() == "DH") + { + client_pubkey = reader.get_range<uint8_t>(2, 0, 65535); + } + else + { + client_pubkey = reader.get_range<uint8_t>(1, 1, 255); + } + try { PK_Key_Agreement ka(*ka_key, rng, "Raw"); - std::vector<uint8_t> client_pubkey; - - if(ka_key->algo_name() == "DH") - client_pubkey = reader.get_range<uint8_t>(2, 0, 65535); - else - client_pubkey = reader.get_range<uint8_t>(1, 0, 255); - secure_vector<uint8_t> shared_secret = ka.derive_key(0, client_pubkey).bits_of(); if(ka_key->algo_name() == "DH") |