aboutsummaryrefslogtreecommitdiffstats
path: root/src/kdf/prf_tls/prf_tls.cpp
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-01-20 21:57:01 +0000
committerlloyd <[email protected]>2012-01-20 21:57:01 +0000
commit64b89f78ef04d2a36d01c7f6b61fc9871396fb0b (patch)
treeed248653c2138acd9fe6fbf60c157e5b26ec2dc2 /src/kdf/prf_tls/prf_tls.cpp
parentb7c09658fec70fe053b5dc5d4ebb31f91f5f41ff (diff)
Increase the max key length of HMAC to 512 bytes. Previously we would
run into trouble in the TLS PRF with large pre-master secrets. This especially crops up in TLS 1.2 as there the entire pre master secret is fed to a single PRF (in earlier verions it is split in half). A limit of 512 bytes allows a DH group up to 4096 bits which seems good enough for now. Also catch Invalid_Key_Length in the TLS PRF and throw an exception that makes more sense - initially I was completely thrown off by the HMAC key length exception, and it took me a while to figure it out. Someone else looking at this the first time a server sends a 8192 bit DH group would be even more confused.
Diffstat (limited to 'src/kdf/prf_tls/prf_tls.cpp')
-rw-r--r--src/kdf/prf_tls/prf_tls.cpp9
1 files changed, 8 insertions, 1 deletions
diff --git a/src/kdf/prf_tls/prf_tls.cpp b/src/kdf/prf_tls/prf_tls.cpp
index 2b57cdd25..55d72bea4 100644
--- a/src/kdf/prf_tls/prf_tls.cpp
+++ b/src/kdf/prf_tls/prf_tls.cpp
@@ -23,7 +23,14 @@ void P_hash(MemoryRegion<byte>& output,
const byte secret[], size_t secret_len,
const byte seed[], size_t seed_len)
{
- mac->set_key(secret, secret_len);
+ try
+ {
+ mac->set_key(secret, secret_len);
+ }
+ catch(Invalid_Key_Length)
+ {
+ throw Internal_Error("The premaster secret is too long for the PRF");
+ }
SecureVector<byte> A(seed, seed_len);