Add check for KeyShare in ServerHello

julek-wolfssl · julek-wolfssl · commit 7bd6f5c2cbf6 · 2026-02-09T17:40:48.000+01:00
diff --git a/src/tls.c b/src/tls.c
@@ -10094,6 +10094,8 @@ int TLSX_KeyShare_Parse(WOLFSSL* ssl, const byte* input, word16 length,
         if (length < OPAQUE16_LEN)
             return BUFFER_ERROR;
 
+        ssl->options.shSentKeyShare = 1;
+
         /* The data is the named group the server wants to use. */
         ato16(input, &group);
 
diff --git a/src/tls13.c b/src/tls13.c
@@ -5559,7 +5559,8 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
     #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
             ssl->options.pskNegotiated == 0 &&
     #endif
-            ssl->session->namedGroup == 0) {
+            (ssl->session->namedGroup == 0 ||
+             ssl->options.shSentKeyShare == 0)) {
             return EXT_MISSING;
         }
 
diff --git a/wolfssl/internal.h b/wolfssl/internal.h
@@ -5107,6 +5107,7 @@ struct Options {
     word16            hrrSentCookie:1;    /* HRR sent with cookie */
 #endif
     word16            hrrSentKeyShare:1;  /* HRR sent with key share */
+    word16            shSentKeyShare:1;   /* SH sent with key share */
 #endif
     word16            returnOnGoodCh:1;
     word16            disableRead:1;

Original file line number	Diff line number	Diff line change
`@@ -5559,7 +5559,8 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,`
`5559`	`5559`	`#if defined(HAVE_SESSION_TICKET) \|\| !defined(NO_PSK)`
`5560`	`5560`	`ssl->options.pskNegotiated == 0 &&`
`5561`	`5561`	`#endif`
`5562`		`- ssl->session->namedGroup == 0) {`
	`5562`	`+ (ssl->session->namedGroup == 0 \|\|`
	`5563`	`+ ssl->options.shSentKeyShare == 0)) {`
`5563`	`5564`	`return EXT_MISSING;`
`5564`	`5565`	`}`
`5565`	`5566`