Correctly unpack client key shares.

Even if we're not processing/using the peer public key from the key share, we still need to unpack it in order to parse the TLS extension correctly. Resolves issues with TLSv1.3 clients talking to TLSv1.2 server. ok tb@
author: jsing <> 2020-02-01 12:41:58 +0000
committer: jsing <> 2020-02-01 12:41:58 +0000
commit: 417cbaf48fe2b28af88ca93f9a89dea1b12d6ad7 (patch)
tree: 16d52ca063b093e00d288bcf23f6f9db88380330 /src/lib/libssl/ssl_tlsext.c
parent: f5a88bbb92dc525d3c7c197c3bfcc860d7dc1224 (diff)
download: openbsd-417cbaf48fe2b28af88ca93f9a89dea1b12d6ad7.tar.gz
openbsd-417cbaf48fe2b28af88ca93f9a89dea1b12d6ad7.tar.bz2
openbsd-417cbaf48fe2b28af88ca93f9a89dea1b12d6ad7.zip
1 files changed, 9 insertions, 4 deletions
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c
index 46f30aa47e..58ba11954d 100644
--- a/src/lib/libssl/ssl_tlsext.c
+++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_tlsext.c,v 1.58 2020/01/30 17:09:23 jsing Exp $ */
+/* $OpenBSD: ssl_tlsext.c,v 1.59 2020/02/01 12:41:58 jsing Exp $ */
 /*
 * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -1274,7 +1274,7 @@ tlsext_keyshare_client_build(SSL *s, CBB *cbb)
 int
 tlsext_keyshare_server_parse(SSL *s, CBS *cbs, int *alert)
 {
-        CBS client_shares;
+        CBS client_shares, key_exchange;
        uint16_t group;
        if (!CBS_get_u16_length_prefixed(cbs, &client_shares))
@@ -1285,6 +1285,8 @@ tlsext_keyshare_server_parse(SSL *s, CBS *cbs, int *alert)
                /* Unpack client share. */
                if (!CBS_get_u16(&client_shares, &group))
                        goto err;
+                if (!CBS_get_u16_length_prefixed(&client_shares, &key_exchange))
+                        return 0;
                /*
                 * XXX support other groups later.
@@ -1295,7 +1297,7 @@ tlsext_keyshare_server_parse(SSL *s, CBS *cbs, int *alert)
                        continue;
                if (!tls13_key_share_peer_public(S3I(s)->hs_tls13.key_share,
-                    group, &client_shares))
+                    group, &key_exchange))
                        goto err;
        }
@@ -1330,16 +1332,19 @@ tlsext_keyshare_server_build(SSL *s, CBB *cbb)
 int
 tlsext_keyshare_client_parse(SSL *s, CBS *cbs, int *alert)
 {
+        CBS key_exchange;
        uint16_t group;
        /* Unpack server share. */
        if (!CBS_get_u16(cbs, &group))
                goto err;
+        if (!CBS_get_u16_length_prefixed(cbs, &key_exchange))
+                return 0;
        /* XXX - Handle other groups and verify that they're valid. */
        if (!tls13_key_share_peer_public(S3I(s)->hs_tls13.key_share,
-            group, cbs))
+            group, &key_exchange))
                goto err;
        return 1;
author	jsing <>	2020-02-01 12:41:58 +0000
committer	jsing <>	2020-02-01 12:41:58 +0000
commit	417cbaf48fe2b28af88ca93f9a89dea1b12d6ad7 (patch)
tree	16d52ca063b093e00d288bcf23f6f9db88380330 /src/lib/libssl/ssl_tlsext.c
parent	f5a88bbb92dc525d3c7c197c3bfcc860d7dc1224 (diff)
download	openbsd-417cbaf48fe2b28af88ca93f9a89dea1b12d6ad7.tar.gz openbsd-417cbaf48fe2b28af88ca93f9a89dea1b12d6ad7.tar.bz2 openbsd-417cbaf48fe2b28af88ca93f9a89dea1b12d6ad7.zip