From: cx <1249843194@qq.com>
Date: Thu, 26 Sep 2024 03:27:14 +0000 (+0800)
Subject: Reject invalid FFDHE and ECDHE key shares with SSL_AD_ILLEGAL_PARAMETER alert
X-Git-Tag: openssl-3.1.8~45
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b618bebca7a74f92fe6e07767e76d0029d1ed3cf;p=thirdparty%2Fopenssl.git

Reject invalid FFDHE and ECDHE key shares with SSL_AD_ILLEGAL_PARAMETER alert

This changes the alert according to RFC 8446.

Fixes: #25402

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25547)

(cherry picked from commit 0f6caf740977fa25d0f05cd3c48a656efbd9a79e)
---

diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index de0c6804d22..cc42e642d10 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -2985,7 +2985,7 @@ static int tls_process_cke_dhe(SSL *s, PACKET *pkt)
     }
 
     if (!EVP_PKEY_set1_encoded_public_key(ckey, data, i)) {
-        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+        SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_KEY_SHARE);
         goto err;
     }
 
@@ -3039,7 +3039,7 @@ static int tls_process_cke_ecdhe(SSL *s, PACKET *pkt)
         }
 
         if (EVP_PKEY_set1_encoded_public_key(ckey, data, i) <= 0) {
-            SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EC_LIB);
+            SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_KEY_SHARE);
             goto err;
         }
     }