eden-emu/mbedtls
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Don't use DH blinding for ephemeral DH

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2013-09-07 13:06:27 +02:00
parent ce6352a791
commit 032c34e206
3 changed files with 14 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

6
library/ssl_srv.c
View file

@ -2384,10 +2384,11 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl )
ssl->handshake->pmslen = ssl->handshake->dhm_ctx.len;
/* No blinding needed for DHE, but will be needed for fixed DH! */
if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx,
ssl->handshake->premaster,
&ssl->handshake->pmslen,
ssl->f_rng, ssl->p_rng ) ) != 0 )
NULL, NULL ) ) != 0 )
{
SSL_DEBUG_RET( 1, "dhm_calc_secret", ret );
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS );
@ -2472,8 +2473,9 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl )
n = ssl->handshake->dhm_ctx.len;
/* No blinding needed since this is ephemeral DHM */
if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx,
p, &n, ssl->f_rng, ssl->p_rng ) ) != 0 )
p, &n, NULL, NULL ) ) != 0 )
{
SSL_DEBUG_RET( 1, "dhm_calc_secret", ret );
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS );