From 00aee5bb787ea7ca861fde37c421e118023039e2 Mon Sep 17 00:00:00 2001
From: Simon Rozman <simon@rozman.si>
Date: Fri, 2 Sep 2016 11:38:28 +0200
Subject: [PATCH] ownTLS updated

---
 lib/TLS/include/Method.h |  9 +++++++++
 lib/TLS/src/Method.cpp   | 23 +++++++++++++++++++++++
 lib/TTLS/src/Method.cpp  |  2 +-
 3 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/lib/TLS/include/Method.h b/lib/TLS/include/Method.h
index 2575f8a..a884eb1 100644
--- a/lib/TLS/include/Method.h
+++ b/lib/TLS/include/Method.h
@@ -327,6 +327,15 @@ namespace eap
         ///
         void decrypt_message(_In_ tls_message_type_t type, _Inout_ sanitizing_blob &data);
 
+        ///
+        /// Returns maximum netto size of a message for a given TLS message size
+        ///
+        /// \param[in] size_message  Size of the final TLS message
+        ///
+        /// \returns Netto size of message data
+        ///
+        size_t get_max_message(_In_ size_t size_message) const;
+
         /// @}
 
         /// \name Pseudo-random generation
diff --git a/lib/TLS/src/Method.cpp b/lib/TLS/src/Method.cpp
index 532745e..7e55620 100644
--- a/lib/TLS/src/Method.cpp
+++ b/lib/TLS/src/Method.cpp
@@ -1618,6 +1618,29 @@ void eap::method_tls::decrypt_message(_In_ tls_message_type_t type, _Inout_ sani
 }
 
 
+size_t eap::method_tls::get_max_message(_In_ size_t size_message) const
+{
+    if (m_state_client.m_size_enc_block) {
+        // Padding
+        size_message -= size_message % m_state_client.m_size_enc_block;
+        size_message--;
+
+        // HMAC
+        size_message -= m_state_client.m_size_mac_hash;
+
+        if (m_tls_version >= tls_version_1_1) {
+            // IV (TLS 1.1+)
+            size_message -= m_state_client.m_size_enc_iv;
+        }
+    } else {
+        // HMAC
+        size_message -= m_state_client.m_size_mac_hash;
+    }
+
+    return size_message;
+}
+
+
 eap::sanitizing_blob eap::method_tls::prf(
     _In_                            HCRYPTPROV        cp,
     _In_                            ALG_ID            alg,
diff --git a/lib/TTLS/src/Method.cpp b/lib/TTLS/src/Method.cpp
index 8e17609..72a0acc 100644
--- a/lib/TTLS/src/Method.cpp
+++ b/lib/TTLS/src/Method.cpp
@@ -227,7 +227,7 @@ void eap::method_ttls::process_application_data(_In_bytecount_(size_msg) const v
         m_packet_res.m_id    = m_packet_req.m_id;
         m_packet_res.m_flags = 0;
 
-        DWORD size_data = m_size_inner_packet_max;
+        DWORD size_data = (DWORD)get_max_message(16384 - sizeof(message_header));
         sanitizing_blob data(size_data, 0);
         unsigned char *ptr_data = data.data();
 #else