Added `CERTIFICATE_VERIFY_MAX_LENGTH` constant

- Set `CERTIFICATE_VERIFY_MAX_LENGTH` to 65539
  (2 bytes for the algorithm identifier + 2 bytes of signature length
   + 65535 bytes of signature)
- Changed `SSL3_RT_MAX_PLAIN_LENGTH` to `CERTIFICATE_VERIFY_MAX_LENGTH`
  in `statem_srvr.c` and `statem_clnt.c`

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20486)

3 files changed, 5 insertions, 2 deletions

diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index e5b036390a..8d90520d14 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -1020,7 +1020,7 @@ size_t ossl_statem_client_max_message_size(SSL_CONNECTION *s)
         return s->max_cert_list;
 
     case TLS_ST_CR_CERT_VRFY:
-        return SSL3_RT_MAX_PLAIN_LENGTH;
+        return CERTIFICATE_VERIFY_MAX_LENGTH;
 
     case TLS_ST_CR_CERT_STATUS:
         return SSL3_RT_MAX_PLAIN_LENGTH;
diff --git a/ssl/statem/statem_local.h b/ssl/statem/statem_local.h
index 75b7274c2e..30b7d5b0a5 100644
--- a/ssl/statem/statem_local.h
+++ b/ssl/statem/statem_local.h
@@ -31,6 +31,9 @@
 /* Max ServerHello size permitted by RFC 8446 */
 #define SERVER_HELLO_MAX_LENGTH         65607
 
+/* Max CertificateVerify size permitted by RFC 8446 */
+#define CERTIFICATE_VERIFY_MAX_LENGTH   65539
+
 /* Max should actually be 36 but we are generous */
 #define FINISHED_MAX_LENGTH             64
 
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 6d4be61118..3137f548ef 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1223,7 +1223,7 @@ size_t ossl_statem_server_max_message_size(SSL_CONNECTION *s)
         return CLIENT_KEY_EXCH_MAX_LENGTH;
 
     case TLS_ST_SR_CERT_VRFY:
-        return SSL3_RT_MAX_PLAIN_LENGTH;
+        return CERTIFICATE_VERIFY_MAX_LENGTH;
 
 #ifndef OPENSSL_NO_NEXTPROTONEG
     case TLS_ST_SR_NEXT_PROTO: