]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7ef3f15)
ssl/statem: write 16-bit ECDHE group id in SKE
authorJoshua Rogers <MegaManSec@users.noreply.github.com>
Fri, 10 Oct 2025 16:48:52 +0000 (00:48 +0800)
committerTomas Mraz <tomas@openssl.org>
Fri, 17 Oct 2025 17:16:35 +0000 (19:16 +0200)
tls_construct_server_key_exchange wrote the named group as two u8 bytes with the high byte set to 0. TLS requires a 16-bit NamedGroup. Use WPACKET_put_bytes_u16(curve_id) so ids >= 256 are encoded correctly. No change for groups < 256.

Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28835)

ssl/statem/statem_srvr.c patch | blob | blame | history

diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 80d09d76e1c15c99aa38cf1d4904cd39f3b43568..5f6d64662ac1a83f9168ff918ff58ee3a7837a6e 100644 (file)
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -2767,8 +2767,7 @@ CON_FUNC_RETURN tls_construct_server_key_exchange(SSL_CONNECTION *s,
          * point itself
          */
         if (!WPACKET_put_bytes_u8(pkt, NAMED_CURVE_TYPE)
-                || !WPACKET_put_bytes_u8(pkt, 0)
-                || !WPACKET_put_bytes_u8(pkt, curve_id)
+                || !WPACKET_put_bytes_u16(pkt, curve_id)
                 || !WPACKET_sub_memcpy_u8(pkt, encodedPoint, encodedlen)) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
             goto err;
Mirror of https://github.com/openssl/openssl.git