Merge branch mbedtls-1.3 into development

* commit '95f0089': Update Changelog for DH params Add test case for dh params with privateValueLength accept PKCS#3 DH parameters with privateValueLength included Conflicts: library/dhm.c
2025-12-24 08:16:33 +01:00 · 2015-04-17 20:06:31 +02:00 · 2015-04-17 20:06:31 +02:00 · de9b363fbd
commit de9b363fbd
parent ab22910191 95f00892d2
4 changed files with 83 additions and 5 deletions
--- a/library/dhm.c
+++ b/library/dhm.c
@ -444,8 +444,9 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,

    /*
     *  DHParams ::= SEQUENCE {
-     *      prime            INTEGER,  -- P
-     *      generator        INTEGER,  -- g
+     *      prime              INTEGER,  -- P
+     *      generator          INTEGER,  -- g
+     *      privateValueLength INTEGER OPTIONAL
     *  }
     */
    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
@ -466,9 +467,23 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,

    if( p != end )
    {
-        ret = MBEDTLS_ERR_DHM_INVALID_FORMAT +
-              MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
-        goto exit;
+        /* This might be the optional privateValueLength.
+         * If so, we can cleanly discard it */
+        mbedtls_mpi rec;
+        mbedtls_mpi_init( &rec );
+        ret = mbedtls_asn1_get_mpi( &p, end, &rec );
+        mbedtls_mpi_free( &rec );
+        if ( ret != 0 )
+        {
+            ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret;
+            goto exit;
+        }
+        if ( p != end )
+        {
+            ret = MBEDTLS_ERR_DHM_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
+            goto exit;
+        }
    }

    ret = 0;