diff options
author | lloyd <[email protected]> | 2012-01-20 21:57:01 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-01-20 21:57:01 +0000 |
commit | 64b89f78ef04d2a36d01c7f6b61fc9871396fb0b (patch) | |
tree | ed248653c2138acd9fe6fbf60c157e5b26ec2dc2 /src/kdf/prf_tls/prf_tls.cpp | |
parent | b7c09658fec70fe053b5dc5d4ebb31f91f5f41ff (diff) |
Increase the max key length of HMAC to 512 bytes. Previously we would
run into trouble in the TLS PRF with large pre-master secrets. This
especially crops up in TLS 1.2 as there the entire pre master secret
is fed to a single PRF (in earlier verions it is split in half). A
limit of 512 bytes allows a DH group up to 4096 bits which seems good
enough for now.
Also catch Invalid_Key_Length in the TLS PRF and throw an exception
that makes more sense - initially I was completely thrown off by the
HMAC key length exception, and it took me a while to figure it
out. Someone else looking at this the first time a server sends a 8192
bit DH group would be even more confused.
Diffstat (limited to 'src/kdf/prf_tls/prf_tls.cpp')
-rw-r--r-- | src/kdf/prf_tls/prf_tls.cpp | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/kdf/prf_tls/prf_tls.cpp b/src/kdf/prf_tls/prf_tls.cpp index 2b57cdd25..55d72bea4 100644 --- a/src/kdf/prf_tls/prf_tls.cpp +++ b/src/kdf/prf_tls/prf_tls.cpp @@ -23,7 +23,14 @@ void P_hash(MemoryRegion<byte>& output, const byte secret[], size_t secret_len, const byte seed[], size_t seed_len) { - mac->set_key(secret, secret_len); + try + { + mac->set_key(secret, secret_len); + } + catch(Invalid_Key_Length) + { + throw Internal_Error("The premaster secret is too long for the PRF"); + } SecureVector<byte> A(seed, seed_len); |