-
Bug
-
Resolution: Duplicate
-
P4
-
11, 12, 13
-
None
If receiving a HRR, and the checks in "4.2.8. Key Share" fail:
Upon receipt of this extension in a HelloRetryRequest, the client
MUST verify that (1) the selected_group field corresponds to a group
which was provided in the "supported_groups" extension in the
original ClientHello and (2) the selected_group field does not
correspond to a group which was provided in the "key_share" extension
in the original ClientHello. If either of these checks fails, then
the client MUST abort the handshake with an "illegal_parameter"
alert.
It looks like we're sending:
NamedGroup serverGroup = NamedGroup.valueOf(spec.selectedGroup);
if (serverGroup == null) {
throw chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE,
"Unsupported HelloRetryRequest selected group: " +
NamedGroup.nameOf(spec.selectedGroup));
}
There might be two issues: the alert should be illegal_parameter, and no check for selected_group field with the ClientHello request.
Upon receipt of this extension in a HelloRetryRequest, the client
MUST verify that (1) the selected_group field corresponds to a group
which was provided in the "supported_groups" extension in the
original ClientHello and (2) the selected_group field does not
correspond to a group which was provided in the "key_share" extension
in the original ClientHello. If either of these checks fails, then
the client MUST abort the handshake with an "illegal_parameter"
alert.
It looks like we're sending:
NamedGroup serverGroup = NamedGroup.valueOf(spec.selectedGroup);
if (serverGroup == null) {
throw chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE,
"Unsupported HelloRetryRequest selected group: " +
NamedGroup.nameOf(spec.selectedGroup));
}
There might be two issues: the alert should be illegal_parameter, and no check for selected_group field with the ClientHello request.
- duplicates
-
-
- Resolved
-