commit 615cbcdbdfbb147724c50721013d77a46190911a
author Przemek Stekiel <przemyslaw.stekiel@mobica.com> Thu Jul 06 11:08:39 2023 +0200
committer Przemek Stekiel <przemyslaw.stekiel@mobica.com> Thu Jul 06 12:16:39 2023 +0200
tree 2b1568d3abac2fa173d223e76813b6c649fe504f
parent e80bbf4dbf3ae8b3b1eb9317a29143c2ffa75cfa

Provide additional comments for claryfication

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>

library/ssl_tls12_client.c

diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index c0ddfa1..f9c54fe 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -1770,10 +1770,16 @@
         return MBEDTLS_ERR_SSL_DECODE_ERROR;
     }
 
+    /* When FFDH is enabled, the array handshake->xxdh_psa_peer_key size takes into account
+       the sizes of the FFDH keys which are at least 2048 bits.
+       The size of the array is thus greater than 256 bytes which is greater than any
+       possible value of ecpoint_len (type uint8_t) and the check below can be skipped.*/
 #if !defined(PSA_WANT_ALG_FFDH)
     if (ecpoint_len > sizeof(handshake->xxdh_psa_peerkey)) {
         return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE;
     }
+#else
+    MBEDTLS_STATIC_ASSERT(sizeof(handshake->xxdh_psa_peerkey) >= UINT8_MAX, "peer key buffer too small");
 #endif
 
     memcpy(handshake->xxdh_psa_peerkey, *p, ecpoint_len);

library/ssl_tls12_server.c

diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index 9d302d6..d5da55a 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -3909,12 +3909,18 @@
             return MBEDTLS_ERR_SSL_DECODE_ERROR;
         }
 
+    /* When FFDH is enabled, the array handshake->xxdh_psa_peer_key size takes into account
+       the sizes of the FFDH keys which are at least 2048 bits.
+       The size of the array is thus greater than 256 bytes which is greater than any
+       possible value of ecpoint_len (type uint8_t) and the check below can be skipped.*/
 #if !defined(PSA_WANT_ALG_FFDH)
         if (ecpoint_len > sizeof(handshake->xxdh_psa_peerkey)) {
             psa_destroy_key(handshake->xxdh_psa_privkey);
             handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
             return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE;
         }
+#else
+    MBEDTLS_STATIC_ASSERT(sizeof(handshake->xxdh_psa_peerkey) >= UINT8_MAX, "peer key buffer too small");
 #endif
 
         memcpy(handshake->xxdh_psa_peerkey, p, ecpoint_len);

tests/scripts/generate_tls13_compat_tests.py

diff --git a/tests/scripts/generate_tls13_compat_tests.py b/tests/scripts/generate_tls13_compat_tests.py
index 77f3374..05d80a5 100755
--- a/tests/scripts/generate_tls13_compat_tests.py
+++ b/tests/scripts/generate_tls13_compat_tests.py
@@ -67,10 +67,10 @@
     'secp521r1': 0x19,
     'x25519': 0x1d,
     'x448': 0x1e,
+    # Only one finite field group to keep testing time within reasonable bounds.
     'ffdhe2048': 0x100,
 }
 
-
 class TLSProgram:
     """
     Base class for generate server/client command.