Better usage of dhm_calc_secret in SSL
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 7b9b6e9..d3096ab 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -2055,7 +2055,7 @@
SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X );
SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX );
- ssl->handshake->pmslen = ssl->handshake->dhm_ctx.len;
+ ssl->handshake->pmslen = POLARSSL_PREMASTER_SIZE;
if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx,
ssl->handshake->premaster,
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 7a5f462..a8e4f41 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -2743,7 +2743,7 @@
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
}
- ssl->handshake->pmslen = ssl->handshake->dhm_ctx.len;
+ ssl->handshake->pmslen = POLARSSL_PREMASTER_SIZE;
if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx,
ssl->handshake->premaster,
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 3de7f7c..a1428dc 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -908,10 +908,7 @@
if( key_ex == POLARSSL_KEY_EXCHANGE_DHE_PSK )
{
int ret;
- size_t len = ssl->handshake->dhm_ctx.len;
-
- if( end - p < 2 + (int) len )
- return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
+ size_t len = end - ( p + 2 );
/* Write length only when we know the actual value */
if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx,