diff options
Diffstat (limited to 'src/tls/c_kex.cpp')
-rw-r--r-- | src/tls/c_kex.cpp | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/src/tls/c_kex.cpp b/src/tls/c_kex.cpp index 8bf923041..78c60c1cc 100644 --- a/src/tls/c_kex.cpp +++ b/src/tls/c_kex.cpp @@ -50,19 +50,23 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer, if(state->server_kex) { - const std::vector<BigInt>& params = state->server_kex->params(); + TLS_Data_Reader reader(state->server_kex->params()); if(state->suite.kex_algo() == "DH") { - if(params.size() != 3) + BigInt p = BigInt::decode(reader.get_range<byte>(2, 1, 65535)); + BigInt g = BigInt::decode(reader.get_range<byte>(2, 1, 65535)); + BigInt Y = BigInt::decode(reader.get_range<byte>(2, 1, 65535)); + + if(reader.remaining_bytes()) throw Decoding_Error("Bad params size for DH key exchange"); - DL_Group group(params[0], params[1]); + DL_Group group(p, g); if(!group.verify_group(rng, true)) throw Internal_Error("DH group failed validation, possible attack"); - DH_PublicKey counterparty_key(group, params[2]); + DH_PublicKey counterparty_key(group, Y); // FIXME Check that public key is residue? |