Skip to content

Commit a00b684

Browse files
committed
Confirm size of decrypted PMS before using
1 parent 199be1b commit a00b684

File tree

1 file changed

+5
-1
lines changed

1 file changed

+5
-1
lines changed

Diff for: tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceDefaultTlsCredentialedDecryptor.java

+5-1
Original file line numberDiff line numberDiff line change
@@ -97,7 +97,11 @@ protected TlsSecret safeDecryptPreMasterSecret(TlsCryptoParameters cryptoParams,
9797
{
9898
Cipher c = crypto.createRSAEncryptionCipher();
9999
c.init(Cipher.DECRYPT_MODE, rsaServerPrivateKey);
100-
M = c.doFinal(encryptedPreMasterSecret);
100+
byte[] m = c.doFinal(encryptedPreMasterSecret);
101+
if (m != null && m.length == 48)
102+
{
103+
M = m;
104+
}
101105
}
102106
catch (Exception e)
103107
{

0 commit comments

Comments
 (0)