From: Joseph Birr-Pixton Date: Sun, 19 Mar 2017 16:40:14 +0000 (+0000) Subject: TLS1.3: Correct intermediate secret derivation X-Git-Tag: OpenSSL_1_1_1-pre1~1986 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=b0c9fc9b48be849090e84b4605087ae477c69e72;p=oweals%2Fopenssl.git TLS1.3: Correct intermediate secret derivation This label for this derivation was incorrectly "derived" or "der" depending on the pointer size of the build(!). The correct string is "derived secret". (cherry picked from commit 936dcf272033c1bf59a5e859ec63e2557194f191) Reviewed-by: Tim Hudson Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/2989) --- diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 910336281d..3b783a74af 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -124,7 +124,7 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md, size_t mdlen, prevsecretlen; int ret; EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); - const char *derived_secret_label = "derived secret"; + static const char derived_secret_label[] = "derived secret"; unsigned char preextractsec[EVP_MAX_MD_SIZE]; if (pctx == NULL)