From: Matt Caswell Date: Thu, 15 Dec 2016 00:28:47 +0000 (+0000) Subject: Use the correct size for TLSv1.3 finished keys X-Git-Tag: OpenSSL_1_1_1-pre1~2714 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=6612d87b897f1f71237e6a7f5a075d46e74d8ac5;p=oweals%2Fopenssl.git Use the correct size for TLSv1.3 finished keys We need to use the length of the handshake hash for the length of the finished key. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2157) --- diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 5896a5f239..cbe989c6a2 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -330,7 +330,7 @@ int tls13_change_cipher_state(SSL *s, int which) if (which & SSL3_CC_HANDSHAKE) { insecret = s->handshake_secret; finsecret = s->client_finished_secret; - finsecretlen = sizeof(s->client_finished_secret); + finsecretlen = EVP_MD_size(ssl_handshake_md(s)); label = client_handshake_traffic; labellen = sizeof(client_handshake_traffic) - 1; } else { @@ -342,7 +342,7 @@ int tls13_change_cipher_state(SSL *s, int which) if (which & SSL3_CC_HANDSHAKE) { insecret = s->handshake_secret; finsecret = s->server_finished_secret; - finsecretlen = sizeof(s->server_finished_secret); + finsecretlen = EVP_MD_size(ssl_handshake_md(s)); label = server_handshake_traffic; labellen = sizeof(server_handshake_traffic) - 1; } else {