Provide additional comments for claryfication

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-06 11:08:39 +02:00 · 2023-07-06 11:08:39 +02:00 · 615cbcdbdf
commit 615cbcdbdf
parent e80bbf4dbf
3 changed files with 13 additions and 1 deletions
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@ -1770,10 +1770,16 @@ static int ssl_parse_server_ecdh_params(mbedtls_ssl_context *ssl,
        return MBEDTLS_ERR_SSL_DECODE_ERROR;
    }

+    /* When FFDH is enabled, the array handshake->xxdh_psa_peer_key size takes into account
+       the sizes of the FFDH keys which are at least 2048 bits.
+       The size of the array is thus greater than 256 bytes which is greater than any
+       possible value of ecpoint_len (type uint8_t) and the check below can be skipped.*/
 #if !defined(PSA_WANT_ALG_FFDH)
    if (ecpoint_len > sizeof(handshake->xxdh_psa_peerkey)) {
        return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE;
    }
+#else
+    MBEDTLS_STATIC_ASSERT(sizeof(handshake->xxdh_psa_peerkey) >= UINT8_MAX, "peer key buffer too small");
 #endif

    memcpy(handshake->xxdh_psa_peerkey, *p, ecpoint_len);
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@ -3909,12 +3909,18 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl)
            return MBEDTLS_ERR_SSL_DECODE_ERROR;
        }

+    /* When FFDH is enabled, the array handshake->xxdh_psa_peer_key size takes into account
+       the sizes of the FFDH keys which are at least 2048 bits.
+       The size of the array is thus greater than 256 bytes which is greater than any
+       possible value of ecpoint_len (type uint8_t) and the check below can be skipped.*/
 #if !defined(PSA_WANT_ALG_FFDH)
        if (ecpoint_len > sizeof(handshake->xxdh_psa_peerkey)) {
            psa_destroy_key(handshake->xxdh_psa_privkey);
            handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
            return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE;
        }
+#else
+    MBEDTLS_STATIC_ASSERT(sizeof(handshake->xxdh_psa_peerkey) >= UINT8_MAX, "peer key buffer too small");
 #endif

        memcpy(handshake->xxdh_psa_peerkey, p, ecpoint_len);
--- a/tests/scripts/generate_tls13_compat_tests.py
+++ b/tests/scripts/generate_tls13_compat_tests.py
@ -67,10 +67,10 @@ NAMED_GROUP_IANA_VALUE = {
    'secp521r1': 0x19,
    'x25519': 0x1d,
    'x448': 0x1e,
+    # Only one finite field group to keep testing time within reasonable bounds.
    'ffdhe2048': 0x100,
 }

-
 class TLSProgram:
    """
    Base class for generate server/client command.