Skip to content
Permalink
Browse files Browse the repository at this point in the history
Confirm size of decrypted PMS before using
  • Loading branch information
peterdettman committed Dec 12, 2017
1 parent 199be1b commit a00b684
Showing 1 changed file with 5 additions and 1 deletion.
Expand Up @@ -97,7 +97,11 @@ protected TlsSecret safeDecryptPreMasterSecret(TlsCryptoParameters cryptoParams,
{
Cipher c = crypto.createRSAEncryptionCipher();
c.init(Cipher.DECRYPT_MODE, rsaServerPrivateKey);
M = c.doFinal(encryptedPreMasterSecret);
byte[] m = c.doFinal(encryptedPreMasterSecret);
if (m != null && m.length == 48)
{
M = m;
}
}
catch (Exception e)
{
Expand Down

4 comments on commit a00b684

@carnil
Copy link

@carnil carnil commented on a00b684 Dec 12, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@bcgit
Copy link
Collaborator

@bcgit bcgit commented on a00b684 Dec 12, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is also available in the current beta in https://www.bouncycastle.org/betas 159b09 or later.

@zenithravi
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any plan ? When fix for CVE-2017-13098 (159b09) will be released ?

@bcgit
Copy link
Collaborator

@bcgit bcgit commented on a00b684 Dec 14, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We're hoping to have 1.59 out in the next week or so.

Please sign in to comment.