Strip leading zeros in DHE premaster secret #201
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@kazu-yamamoto I've changed directly |
core/Network/TLS/Crypto/DH.hs
Outdated
| where | ||
| -- strips leading zeros from the result of DH.getShared, as required | ||
| -- for DH(E) premaster secret in SSL/TLS before version 1.3. | ||
| stripLeadingZeros (DH.SharedKey sb) = DH.SharedKey (snd $ B.span (== 0) sb) |
There was a problem hiding this comment.
I think that you should use dropWhile instead of span.
There was a problem hiding this comment.
Ordinarily yes, but here it's Data.ByteArray from memory and there is no dropWhile.
|
Thank you for your kindness but you don't have to check my |
ocheron
added a commit
that referenced
this pull request
Mar 19, 2017
Strip leading zeros in DHE premaster secret
|
Merged, thanks for reviewing. I don't plan to look at TLS 1.3 very often, only on occasions. I still have many things to learn on the previous versions. Here the tlswg PR was helpful to understand why a difference between DH/ECDH. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a remplacement for #197, in order to fix DHE without changing ECDHE.
Fixes an infrequent and random
BadRecordMacfailure during handshake, when DHE is selected and the premaster secret begins with a 0x00 byte. It was not visible in the test suite as both server and client code performed the same erroneous computation.