From fc834f2e2c8210ff8115135ad31eb8e54c076609 Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Wed, 23 Mar 2022 17:54:38 +0100 Subject: [PATCH] Introduce content_len_size variable in ECHDE-PSK part of ssl_write_client_key_exchange() Signed-off-by: Neil Armstrong --- library/ssl_tls12_client.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index d372663873..92c1cd3700 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -3025,10 +3025,14 @@ ecdh_calc_secret: if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + /* uint16 to store content length */ + const size_t content_len_size = 2; + header_len = 4; content_len = ssl->conf->psk_identity_len; - if( header_len + 2 + content_len > MBEDTLS_SSL_OUT_CONTENT_LEN ) + if( header_len + content_len_size + content_len + > MBEDTLS_SSL_OUT_CONTENT_LEN ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk identity too long or SSL buffer too short" ) );