Increase internal TLSs client key exchange buffer
This patch fixes a problem I had when I tried to connect an embedded system [wpa_supplicant, CONFIG_TLS=internal] to my TLS secured network. TLSv1: Send CertificateVerify TLSv1: CertificateVerify hash - hexdump(len=36): ha .. ha PKCS #1: pkcs1_generate_encryption_block - Invalid buffer lengths \ (modlen=512 outlen=454 inlen=36) It turned out that a fixed 1000 byte message buffer was just a little bit too small for the 4096 bit RSA certificates I'm using. Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
This commit is contained in:
parent
f39b07d7ed
commit
6fc34d9fe5
1 changed files with 1 additions and 1 deletions
|
@ -669,7 +669,7 @@ static u8 * tls_send_client_key_exchange(struct tlsv1_client *conn,
|
||||||
|
|
||||||
*out_len = 0;
|
*out_len = 0;
|
||||||
|
|
||||||
msglen = 1000;
|
msglen = 2000;
|
||||||
if (conn->certificate_requested)
|
if (conn->certificate_requested)
|
||||||
msglen += tls_client_cert_chain_der_len(conn);
|
msglen += tls_client_cert_chain_der_len(conn);
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue