Add back check for the DH public key size

This is needed for TLS-1.3. Also add check for uncompressed point format for ECDHE as the other formats are not allowed by RFC 8446. Fixes #17667 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17678)
author: Tomas Mraz <tomas@openssl.org> 2022-02-10 11:49:37 +0100
committer: Pauli <pauli@openssl.org> 2022-02-17 13:21:01 +1100
commit: d5530efada83825ef239a8458db541adc4b422ec (patch)
tree: 015266b20587d4c1726cc798dce1ce495800c767 /ssl/statem/extensions_srvr.c
parent: 3d27ac8d92ef89c202b518cf6c4e15477eb594b2 (diff)
download: openssl-new-d5530efada83825ef239a8458db541adc4b422ec.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index fa64435a00..c2506879ef 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -665,9 +665,9 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
             return 0;
         }
 
-        if (EVP_PKEY_set1_encoded_public_key(s->s3.peer_tmp,
-                PACKET_data(&encoded_pt),
-                PACKET_remaining(&encoded_pt)) <= 0) {
+        if (tls13_set_encoded_pub_key(s->s3.peer_tmp,
+                                      PACKET_data(&encoded_pt),
+                                      PACKET_remaining(&encoded_pt)) <= 0) {
             SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_ECPOINT);
             return 0;
         }
author	Tomas Mraz <tomas@openssl.org>	2022-02-10 11:49:37 +0100
committer	Pauli <pauli@openssl.org>	2022-02-17 13:21:01 +1100
commit	d5530efada83825ef239a8458db541adc4b422ec (patch)
tree	015266b20587d4c1726cc798dce1ce495800c767 /ssl/statem/extensions_srvr.c
parent	3d27ac8d92ef89c202b518cf6c4e15477eb594b2 (diff)
download	openssl-new-d5530efada83825ef239a8458db541adc4b422ec.tar.gz