generating of private key in keyexchange.py returned to the previous …

…state
tlsfuzzer · Feb 21, 2024 · 4a974e5 · 4a974e5
1 parent 74c6fc5
commit 4a974e5
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 7 deletions.
diff --git a/tlslite/keyexchange.py b/tlslite/keyexchange.py
@@ -998,7 +998,7 @@ def get_random_private_key(self):
                 return getRandomBytes(X448_ORDER_SIZE)
         else:
             curve = getCurveByName(GroupName.toStr(self.group))
-            return ecdsa.keys.SigningKey.generate(curve)
+            return ecdsa.util.randrange(curve.generator.order())
 
     def _get_fun_gen_size(self):
         """Return the function and generator for X25519/X448 KEX."""

diff --git a/unit_tests/test_tlslite_keyexchange.py b/unit_tests/test_tlslite_keyexchange.py
@@ -27,7 +27,7 @@
 from tlslite.x509 import X509
 from tlslite.x509certchain import X509CertChain
 from tlslite.utils.keyfactory import parsePEMKey
-from tlslite.utils.codec import Parser
+from tlslite.utils.codec import Parser, Writer
 from tlslite.utils.cryptomath import bytesToNumber, getRandomBytes, powMod, \
         numberToByteArray, isPrime, numBits
 from tlslite.mathtls import makeX, makeU, makeK, goodGroupParameters
@@ -1952,8 +1952,15 @@ def test_ECDHE_key_exchange(self):
         curve = getCurveByName(curveName)
         generator = curve.generator
         cln_Xc = ecdsa.util.randrange(generator.order())
-        cln_Ys = decodeX962Point(srv_key_ex.ecdh_Ys, curve)
-        cln_Yc = encodeX962Point(generator * cln_Xc)
+        abstractPoint = ecdsa.ellipticcurve.AbstractPoint().from_bytes(curve.curve, srv_key_ex.ecdh_Ys)
+        cln_Ys = ecdsa.ellipticcurve.Point(curve.curve,
+                                        abstractPoint[0],
+                                        abstractPoint[1]).from_bytes(curve.curve, srv_key_ex.ecdh_Ys)
+        point = generator * cln_Xc
+        writer = Writer()
+        writer.add(4, 1)
+        writer.bytes += point.to_bytes()
+        cln_Yc = writer.bytes
 
         cln_key_ex = ClientKeyExchange(self.cipher_suite, (3, 3))
         cln_key_ex.createECDH(cln_Yc)
@@ -1980,9 +1987,12 @@ def test_ECDHE_key_exchange_with_invalid_CKE(self):
         curve = getCurveByName(curveName)
         generator = curve.generator
         cln_Xc = ecdsa.util.randrange(generator.order())
-        cln_Ys = decodeX962Point(srv_key_ex.ecdh_Ys, curve)
-        cln_Yc = encodeX962Point(generator * cln_Xc)
-
+        point = generator * cln_Xc
+        writer = Writer()
+        writer.add(4, 1)
+        writer.bytes += point.to_bytes()
+        cln_Yc = writer.bytes
+
         cln_key_ex = ClientKeyExchange(self.cipher_suite, (3, 3))
         cln_key_ex.createECDH(cln_Yc)