summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_kex.c
diff options
context:
space:
mode:
authorjsing <>2021-12-04 13:15:10 +0000
committerjsing <>2021-12-04 13:15:10 +0000
commit7085fbe2b262f41f046f592ab0de0f4ae40c8f81 (patch)
treed834bc34e0b51572c243f906b3c3e92c5b05757d /src/lib/libssl/ssl_kex.c
parent723967b03de0a4e95a0830bf19578bcf71d0dd70 (diff)
downloadopenbsd-7085fbe2b262f41f046f592ab0de0f4ae40c8f81.tar.gz
openbsd-7085fbe2b262f41f046f592ab0de0f4ae40c8f81.tar.bz2
openbsd-7085fbe2b262f41f046f592ab0de0f4ae40c8f81.zip
Check DH public key in ssl_kex_peer_public_dhe().
Call DH_check_pub_key() after decoding the peer public key - this will be needed for the server DHE key exchange, but also benefits the client. ok inoguchi@ tb@
Diffstat (limited to 'src/lib/libssl/ssl_kex.c')
-rw-r--r--src/lib/libssl/ssl_kex.c16
1 files changed, 12 insertions, 4 deletions
diff --git a/src/lib/libssl/ssl_kex.c b/src/lib/libssl/ssl_kex.c
index 9af440d827..68d83cedbe 100644
--- a/src/lib/libssl/ssl_kex.c
+++ b/src/lib/libssl/ssl_kex.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_kex.c,v 1.5 2021/11/30 18:17:03 tb Exp $ */ 1/* $OpenBSD: ssl_kex.c,v 1.6 2021/12/04 13:15:10 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2020 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -142,23 +142,31 @@ ssl_kex_peer_params_dhe(DH *dh, CBS *cbs)
142} 142}
143 143
144int 144int
145ssl_kex_peer_public_dhe(DH *dh, CBS *cbs) 145ssl_kex_peer_public_dhe(DH *dh, CBS *cbs, int *invalid_key)
146{ 146{
147 CBS dh_y;
148 BIGNUM *pub_key = NULL; 147 BIGNUM *pub_key = NULL;
148 int check_flags;
149 CBS dh_y;
149 int ret = 0; 150 int ret = 0;
150 151
152 *invalid_key = 0;
153
151 if (!CBS_get_u16_length_prefixed(cbs, &dh_y)) 154 if (!CBS_get_u16_length_prefixed(cbs, &dh_y))
152 goto err; 155 goto err;
156
153 if ((pub_key = BN_bin2bn(CBS_data(&dh_y), CBS_len(&dh_y), 157 if ((pub_key = BN_bin2bn(CBS_data(&dh_y), CBS_len(&dh_y),
154 NULL)) == NULL) 158 NULL)) == NULL)
155 goto err; 159 goto err;
156 160
157 if (!DH_set0_key(dh, pub_key, NULL)) 161 if (!DH_set0_key(dh, pub_key, NULL))
158 goto err; 162 goto err;
159
160 pub_key = NULL; 163 pub_key = NULL;
161 164
165 if (!DH_check_pub_key(dh, dh->pub_key, &check_flags))
166 goto err;
167 if (check_flags != 0)
168 *invalid_key = 1;
169
162 ret = 1; 170 ret = 1;
163 171
164 err: 172 err:
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-04 14:17:15 +0000