[openssl.org #2628] [PATCH] ServerKeyExchange signature broken if ECC key is used with DTLS

Robin Seggelmann via RT Thu, 20 Oct 2011 11:00:04 -0700

The signature in the ServerKeyExchange is created with wrong parameters with 
ECC keys, because the TLS header length is used instead of the DTLS header 
length.


Thanks to Erwin Himawan for providing hints!

Best regards
Robin



--- ssl/d1_srvr.c       5 Sep 2011 10:25:21 -0000       1.20.2.21
+++ ssl/d1_srvr.c       20 Oct 2011 09:20:35 -0000
@@ -1271,7 +1271,7 @@
                                EVP_SignInit_ex(&md_ctx,EVP_ecdsa(), NULL);
                                
EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
                                
EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
-                               EVP_SignUpdate(&md_ctx,&(d[4]),n);
+                               
EVP_SignUpdate(&md_ctx,&(d[DTLS1_HM_HEADER_LENGTH]),n);
                                if (!EVP_SignFinal(&md_ctx,&(p[2]),
                                        (unsigned int *)&i,pkey))
                                        {

dtls-ecc-key-bug-1.0.0.patch
Description: Binary data

dtls-ecc-key-bug-1.0.1.patch
Description: Binary data

[openssl.org #2628] [PATCH] ServerKeyExchange signature broken if ECC key is used with DTLS

Reply via email to