提交 6612d87b 编写于 作者: M Matt Caswell

Use the correct size for TLSv1.3 finished keys

We need to use the length of the handshake hash for the length of the
finished key.
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157)
上级 ac77aa9a
...@@ -330,7 +330,7 @@ int tls13_change_cipher_state(SSL *s, int which) ...@@ -330,7 +330,7 @@ int tls13_change_cipher_state(SSL *s, int which)
if (which & SSL3_CC_HANDSHAKE) { if (which & SSL3_CC_HANDSHAKE) {
insecret = s->handshake_secret; insecret = s->handshake_secret;
finsecret = s->client_finished_secret; finsecret = s->client_finished_secret;
finsecretlen = sizeof(s->client_finished_secret); finsecretlen = EVP_MD_size(ssl_handshake_md(s));
label = client_handshake_traffic; label = client_handshake_traffic;
labellen = sizeof(client_handshake_traffic) - 1; labellen = sizeof(client_handshake_traffic) - 1;
} else { } else {
...@@ -342,7 +342,7 @@ int tls13_change_cipher_state(SSL *s, int which) ...@@ -342,7 +342,7 @@ int tls13_change_cipher_state(SSL *s, int which)
if (which & SSL3_CC_HANDSHAKE) { if (which & SSL3_CC_HANDSHAKE) {
insecret = s->handshake_secret; insecret = s->handshake_secret;
finsecret = s->server_finished_secret; finsecret = s->server_finished_secret;
finsecretlen = sizeof(s->server_finished_secret); finsecretlen = EVP_MD_size(ssl_handshake_md(s));
label = server_handshake_traffic; label = server_handshake_traffic;
labellen = sizeof(server_handshake_traffic) - 1; labellen = sizeof(server_handshake_traffic) - 1;
} else { } else {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册