fix: moved control of uncompressed point ext from server key exchange…

… to check of client hello by server; that way the server will abort the connection after bad client hello, not after server key exchange
tlsfuzzer · Nov 27, 2024 · f59374b · f59374b
1 parent 08ee649
commit f59374b
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 7 deletions.
diff --git a/tlslite/keyexchange.py b/tlslite/keyexchange.py
@@ -712,13 +712,6 @@ def makeServerKeyExchange(self, sigHash=None):
         ext_negotiated = ECPointFormat.uncompressed
         ext_c = self.clientHello.getExtension(ExtensionType.ec_point_formats)
         ext_s = self.serverHello.getExtension(ExtensionType.ec_point_formats)
-        if ext_c:
-            if ext_c.formats == []:
-                raise TLSDecodeError("Point formats extension is empty.")
-            elif ECPointFormat.uncompressed not in ext_c.formats:
-                raise TLSIllegalParameterException(
-                    "The client does not advertise "
-                    "the uncompressed point format extension.")
         if ext_c and ext_s:
             try:
                 ext_negotiated = next((i for i in ext_c.formats \

diff --git a/tlslite/tlsconnection.py b/tlslite/tlsconnection.py
@@ -3435,6 +3435,21 @@ def _serverGetClientHello(self, settings, private_key, cert_chain,
                     "Master Secret extension"):
                 yield result
 
+        # sanity check the ec point formats extension
+        ecExt = clientHello.getExtension(ExtensionType.ec_point_formats)
+        if ecExt:
+            if ecExt.formats == []:
+                for result in self._sendError(
+                        AlertDescription.decode_error,
+                        "Empty ec_point_formats extension"):
+                    yield result
+            if ECPointFormat.uncompressed not in ecExt.formats:
+                for result in self._sendError(
+                        AlertDescription.illegal_parameter,
+                        "Client sent ec_point_formats extension "
+                        "without uncompressed format"):
+                    yield result
+
         # sanity check the TLS 1.3 extensions
         ver_ext = clientHello.getExtension(ExtensionType.supported_versions)
         if ver_ext and (3, 4) in ver_ext.versions: