aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2017-11-28 14:15:56 -0500
committerJack Lloyd <[email protected]>2017-11-28 14:15:56 -0500
commit14499ea0f9494208ae184ee74b4a71e2fe84a404 (patch)
treebdbaf66d2c3ce0a060527a2fbf156387cd5861b9
parentc56cc4a056c8a442ed31ea2f47bb7e933569fcd4 (diff)
Return correct alert type on malformed DH/ECDH messages.
In the client key exchange if the message was malformed (eg an completely empty ECDH share) a Decoding_Error would be thrown, then caught and a fake pre master secret generated. Move the parsing of the message out of the try/catch block, so the correct error is reported.
-rw-r--r--src/lib/tls/msg_client_kex.cpp18
1 files changed, 11 insertions, 7 deletions
diff --git a/src/lib/tls/msg_client_kex.cpp b/src/lib/tls/msg_client_kex.cpp
index 742fee6b5..51040e479 100644
--- a/src/lib/tls/msg_client_kex.cpp
+++ b/src/lib/tls/msg_client_kex.cpp
@@ -403,17 +403,21 @@ Client_Key_Exchange::Client_Key_Exchange(const std::vector<uint8_t>& contents,
throw Internal_Error("Expected key agreement key type but got " +
private_key.algo_name());
+ std::vector<uint8_t> client_pubkey;
+
+ if(ka_key->algo_name() == "DH")
+ {
+ client_pubkey = reader.get_range<uint8_t>(2, 0, 65535);
+ }
+ else
+ {
+ client_pubkey = reader.get_range<uint8_t>(1, 1, 255);
+ }
+
try
{
PK_Key_Agreement ka(*ka_key, rng, "Raw");
- std::vector<uint8_t> client_pubkey;
-
- if(ka_key->algo_name() == "DH")
- client_pubkey = reader.get_range<uint8_t>(2, 0, 65535);
- else
- client_pubkey = reader.get_range<uint8_t>(1, 0, 255);
-
secure_vector<uint8_t> shared_secret = ka.derive_key(0, client_pubkey).bits_of();
if(ka_key->algo_name() == "DH")