- md5sha_ctx_t ctx;
- begin(&ctx);
- md5sha_hash(&ctx, key, key_size);
- key_size = sha_end(&ctx, tempkey);
+ bb_error_msg_and_die("HMAC key>64"); //does not happen (yet?)
+// md5sha_ctx_t ctx;
+// begin(&ctx);
+// md5sha_hash(&ctx, key, key_size);
+// key_size = sha_end(&ctx, tempkey);
+// //key = tempkey; - right? RIGHT? why does it work without this?
+// // because SHA_INSIZE is 64, but hmac() is always called with
+// // key_size = tls->MAC_size = SHA1/256_OUTSIZE (20 or 32),
+// // and prf_hmac_sha256() -> hmac_sha256() key sizes are:
+// // - RSA_PREMASTER_SIZE is 48
+// // - CURVE25519_KEYSIZE is 32
+// // - master_secret[] is 48