From f4830b509200bab7b79f605af7abd25f99fed1f5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Wed, 10 Sep 2014 15:15:51 +0000
Subject: [PATCH] No memmove: ssl_parse_server_key_exchange()

---
 library/ssl_cli.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 22787fd33..b9fee78aa 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -1776,8 +1776,6 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
         return( ret );
     }
 
-    ssl_hs_rm_dtls_hdr( ssl );
-
     if( ssl->in_msgtype != SSL_MSG_HANDSHAKE )
     {
         SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
@@ -1793,6 +1791,7 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
         if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
             ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK )
         {
+            ssl_hs_rm_dtls_hdr( ssl );
             ssl->record_read = 1;
             goto exit;
         }
@@ -1801,9 +1800,9 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
         return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
     }
 
-    p   = ssl->in_msg + 4;
+    p   = ssl->in_msg + ssl_hs_hdr_len( ssl );
     end = ssl->in_msg + ssl->in_hslen;
-    SSL_DEBUG_BUF( 3,   "server key exchange", p, ssl->in_hslen - 4 );
+    SSL_DEBUG_BUF( 3,   "server key exchange", p, end - p );
 
 #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
     if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
@@ -1870,7 +1869,8 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
         ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA ||
         ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA )
     {
-        params_len = p - ( ssl->in_msg + 4 );
+        unsigned char *params = ssl->in_msg + ssl_hs_hdr_len( ssl );
+        params_len = p - params;
 
         /*
          * Handle the digitally-signed structure
@@ -1954,12 +1954,12 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
              */
             md5_starts( &md5 );
             md5_update( &md5, ssl->handshake->randbytes, 64 );
-            md5_update( &md5, ssl->in_msg + 4, params_len );
+            md5_update( &md5, params, params_len );
             md5_finish( &md5, hash );
 
             sha1_starts( &sha1 );
             sha1_update( &sha1, ssl->handshake->randbytes, 64 );
-            sha1_update( &sha1, ssl->in_msg + 4, params_len );
+            sha1_update( &sha1, params, params_len );
             sha1_finish( &sha1, hash + 16 );
 
             md5_free(  &md5  );
@@ -1995,7 +1995,7 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
 
             md_starts( &ctx );
             md_update( &ctx, ssl->handshake->randbytes, 64 );
-            md_update( &ctx, ssl->in_msg + 4, params_len );
+            md_update( &ctx, params, params_len );
             md_finish( &ctx, hash );
             md_free( &ctx );
         }