Increase internal TLSs client key exchange buffer · 6fc34d9fe5 - Gogs

Increase internal TLSs client key exchange buffer

This patch fixes a problem I had when I tried to connect
an embedded system [wpa_supplicant, CONFIG_TLS=internal]
to my TLS secured network.

TLSv1: Send CertificateVerify
TLSv1: CertificateVerify hash - hexdump(len=36): ha .. ha
PKCS #1: pkcs1_generate_encryption_block - Invalid buffer lengths \
                        (modlen=512 outlen=454 inlen=36)

It turned out that a fixed 1000 byte message buffer was just
a little bit too small for the 4096 bit RSA certificates
I'm using.

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>

Christian Lamparter 14 years ago

parent

f39b07d7ed

commit

6fc34d9fe5

1 changed files with 1 additions and 1 deletions

Split View Show Diff Stats

						
							+ 1
							
							- 1
						
src/tls/tlsv1_client_write.c
							 
								View File
							
				@@ -669,7 +669,7 @@ static u8 * tls_send_client_key_exchange(struct tlsv1_client *conn,
			
				 	*out_len = 0;
			
				-	msglen = 1000;
			
				+	msglen = 2000;
			
				 	if (conn->certificate_requested)
			
				 		msglen += tls_client_cert_chain_der_len(conn);