aboutsummaryrefslogtreecommitdiffstats
path: root/src/ssl/c_kex.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/ssl/c_kex.cpp')
-rw-r--r--src/ssl/c_kex.cpp15
1 files changed, 9 insertions, 6 deletions
diff --git a/src/ssl/c_kex.cpp b/src/ssl/c_kex.cpp
index 5194c8c3d..fafb67d3d 100644
--- a/src/ssl/c_kex.cpp
+++ b/src/ssl/c_kex.cpp
@@ -40,8 +40,7 @@ Client_Key_Exchange::Client_Key_Exchange(RandomNumberGenerator& rng,
}
else if(const RSA_PublicKey* rsa_pub = dynamic_cast<const RSA_PublicKey*>(pub_key))
{
- pre_master.resize(48);
- rng.randomize(pre_master, 48);
+ pre_master = rng.random_vec(48);
pre_master[0] = (pref_version >> 8) & 0xFF;
pre_master[1] = (pref_version ) & 0xFF;
@@ -123,8 +122,13 @@ Client_Key_Exchange::pre_master_secret(RandomNumberGenerator& rng,
}
catch(...)
{
- pre_master.resize(dh_priv->public_value().size());
- rng.randomize(pre_master, pre_master.size());
+ /*
+ * Something failed in the DH computation. To avoid possible
+ * timing attacks, randomize the pre-master output and carry
+ * on, allowing the protocol to fail later in the finished
+ * checks.
+ */
+ pre_master = rng.random_vec(dh_priv->public_value().size());
}
return pre_master;
@@ -142,8 +146,7 @@ Client_Key_Exchange::pre_master_secret(RandomNumberGenerator& rng,
}
catch(...)
{
- pre_master.resize(48);
- rng.randomize(pre_master, pre_master.size());
+ pre_master = rng.random_vec(48);
pre_master[0] = (version >> 8) & 0xFF;
pre_master[1] = (version ) & 0xFF;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-29 21:44:21 +0000