There is no need to try to derive DH shared key with a peer that tries
to use too short or too long DH Public Key. Previously, such cases ended
up implicitly getting rejected by the DH operations failing to produce
matching results. That is unnecessarily, so simply reject the message
completely if it does not have a Public Key with valid length. Accept
couple of octets shorter value to be used to avoid interoperability
issues if there are implementations that do not use zero-padding
properly.
Signed-off-by: Jouni Malinen <j@w1.fi>
ca68a8b561