Commit d3a99b24 authored by Robert Relyea's avatar Robert Relyea

Bug 1478698, preserve leading zeros when computing TLS 1.3 DHE key share, r=mt

--HG--
extra : amend_source : 72e3dcedc874b9e0cc98288e08331fd854a11871
parent f426f00f
......@@ -528,6 +528,7 @@ tls13_HandleKeyShare(sslSocket *ss,
CK_MECHANISM_TYPE mechanism;
PRErrorCode errorCode;
SECStatus rv;
int keySize = 0;
PORT_InitCheapArena(&arena, DER_DEFAULT_CHUNKSIZE);
peerKey = PORT_ArenaZNew(&arena.arena, SECKEYPublicKey);
......@@ -552,6 +553,7 @@ tls13_HandleKeyShare(sslSocket *ss,
entry->key_exchange.len,
keyPair->pubKey);
mechanism = CKM_DH_PKCS_DERIVE;
keySize = peerKey->u.dh.publicValue.len;
break;
default:
PORT_Assert(0);
......@@ -563,7 +565,7 @@ tls13_HandleKeyShare(sslSocket *ss,
ss->ssl3.hs.dheSecret = PK11_PubDeriveWithKDF(
keyPair->privKey, peerKey, PR_FALSE, NULL, NULL, mechanism,
tls13_GetHkdfMechanism(ss), CKA_DERIVE, 0, CKD_NULL, NULL, NULL);
tls13_GetHkdfMechanism(ss), CKA_DERIVE, keySize, CKD_NULL, NULL, NULL);
if (!ss->ssl3.hs.dheSecret) {
ssl_MapLowLevelError(SSL_ERROR_KEY_EXCHANGE_FAILURE);
goto loser;
......
......@@ -23,6 +23,14 @@
"-p", "@PORT@", "-t", "1"
]
},
{
"name" : "test-tls13-dhe-shared-secret-padding.py",
"comment": "https://bugzilla.mozilla.org/show_bug.cgi?id=1305243",
"arguments": [
"-p", "@PORT@",
"-e", "TLS 1.3 with x448"
]
},
{
"name" : "test-tls13-empty-alert.py",
"arguments": [
......@@ -31,6 +39,12 @@
"comment": "https://bugzilla.mozilla.org/show_bug.cgi?id=1471656",
"exp_pass": false
},
{
"name" : "test-tls13-ffdhe-sanity.py",
"arguments": [
"-p", "@PORT@"
]
},
{
"name" : "test-tls13-finished.py",
"arguments": [
......@@ -115,6 +129,12 @@
"comment": "https://bugzilla.mozilla.org/show_bug.cgi?id=1482386",
"exp_pass": false
},
{
"name" : "test-tls13-unrecognised-groups.py",
"arguments": [
"-p", "@PORT@", "--cookie"
]
},
{
"name" : "test-tls13-version-negotiation.py",
"comment": "the disabled test timeouts because of https://github.com/tomato42/tlsfuzzer/issues/452",
......@@ -128,6 +148,18 @@
"arguments": [
"-p", "@PORT@"
]
},
{
"name" : "test-dhe-no-shared-secret-padding.py",
"comment": "https://bugzilla.mozilla.org/show_bug.cgi?id=1494221 and SSLv3 cannot be enabled in server",
"arguments": [
"-p", "@PORT@",
"-e", "Protocol (3, 0) in SSLv2 compatible ClientHello",
"-e", "Protocol (3, 1) in SSLv2 compatible ClientHello",
"-e", "Protocol (3, 2) in SSLv2 compatible ClientHello",
"-e", "Protocol (3, 3) in SSLv2 compatible ClientHello",
"-e", "Protocol (3, 0)"
]
}
]
}
......
......@@ -44,7 +44,7 @@ tlsfuzzer_init()
if [ ! -d "$TLSFUZZER" ]; then
# Can't use git-copy.sh here, as tlsfuzzer doesn't have any tags
git clone -q https://github.com/tomato42/tlsfuzzer/ "$TLSFUZZER"
git -C "$TLSFUZZER" checkout fc8fd0128643d6b2bcba344e276ba5f902445913
git -C "$TLSFUZZER" checkout a40ce4085052a4da9a05f9149b835a76c194a0c6
# We could use tlslite-ng from pip, but the pip command installed
# on TC is too old to support --pre
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment