From 1dece95168a32fb11cc671a7571807e04b47ed11 Mon Sep 17 00:00:00 2001 From: Kurt Roeckx Date: Sat, 18 Apr 2015 19:15:48 +0200 Subject: [PATCH] Only allow a temporary rsa key exchange when they key is larger than 512. Reviewed-by: Matt Caswell MR #588 --- ssl/s3_clnt.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 2f7b093c3d..935a621e6d 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -334,7 +334,7 @@ int ssl3_connect(SSL *s) if (! (s->s3->tmp. new_cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP)) -&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) { + && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) { ret = ssl3_get_server_certificate(s); if (ret <= 0) goto end; @@ -1704,6 +1704,13 @@ int ssl3_get_key_exchange(SSL *s) SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto err; } + + if (EVP_PKEY_bits(pkey) <= SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) { + al = SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE); + goto f_err; + } + s->session->sess_cert->peer_rsa_tmp = rsa; rsa = NULL; } -- 2.40.0