Permalink
Browse files

Confirm size of decrypted PMS before using

  • Loading branch information...
peterdettman committed Dec 12, 2017
1 parent 199be1b commit a00b684465b38d722ca9a3543b8af8568e6bad5c
@@ -97,7 +97,11 @@ protected TlsSecret safeDecryptPreMasterSecret(TlsCryptoParameters cryptoParams,
{
Cipher c = crypto.createRSAEncryptionCipher();
c.init(Cipher.DECRYPT_MODE, rsaServerPrivateKey);
M = c.doFinal(encryptedPreMasterSecret);
byte[] m = c.doFinal(encryptedPreMasterSecret);
if (m != null && m.length == 48)
{
M = m;
}
}
catch (Exception e)
{

4 comments on commit a00b684

@carnil

This comment has been minimized.

Copy link

carnil replied Dec 12, 2017

CVE-2017-13098

@bcgit

This comment has been minimized.

Copy link
Owner

bcgit replied Dec 12, 2017

This is also available in the current beta in https://www.bouncycastle.org/betas 159b09 or later.

@zenithravi

This comment has been minimized.

Copy link

zenithravi replied Dec 14, 2017

Any plan ? When fix for CVE-2017-13098 (159b09) will be released ?

@bcgit

This comment has been minimized.

Copy link
Owner

bcgit replied Dec 14, 2017

We're hoping to have 1.59 out in the next week or so.

Please sign in to comment.