projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4954fd1) | patch
Fix client application traffic secret
authorMatt Caswell <matt@openssl.org>
Thu, 29 Dec 2016 17:11:27 +0000 (17:11 +0000)
committerMatt Caswell <matt@openssl.org>
Tue, 10 Jan 2017 23:02:50 +0000 (23:02 +0000)
commitace081c1ed98346328e251884c3bea4b41cb50ad
tree3fc9e0107807c84d411a2916785c4e303cb9117ctree | snapshot
parent4954fd13b3c71f0f74677b78533f1176e13de032commit | diff
Fix client application traffic secret

A misreading of the TLS1.3 spec meant we were using the handshake hashes
up to and including the Client Finished to calculate the client
application traffic secret. We should be only use up until the Server
Finished.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157)
ssl/ssl_locl.h diff | blob | history
ssl/tls13_enc.c diff | blob | history
test/tls13secretstest.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.