From a0cf79e841e4e1ee22f9a2c5f3b4f2e113db2c19 Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Fri, 2 Dec 2011 16:49:32 +0000 Subject: [PATCH] Fix exporter. --- ssl/ssl.h | 7 ++++--- ssl/t1_enc.c | 17 +++++++++++++---- 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/ssl/ssl.h b/ssl/ssl.h index 1809946fca..2b57b1f909 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h @@ -2019,9 +2019,10 @@ int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb, /* Pre-shared secret session resumption functions */ int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); -int SSL_tls1_key_exporter(SSL *s, unsigned char *label, int label_len, - unsigned char *context, int context_len, - unsigned char *out, int olen); +int SSL_tls1_key_exporter(SSL *s, + const unsigned char *label, int label_len, + const unsigned char *context, int context_len, + unsigned char *out, int olen); void SSL_set_debug(SSL *s, int debug); int SSL_cache_hit(SSL *s); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 53341eeb34..b4aa67ee90 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -1250,23 +1250,32 @@ int tls1_alert_code(int code) } } -int SSL_tls1_key_exporter(SSL *s, unsigned char *label, int label_len, - unsigned char *context, int context_len, - unsigned char *out, int olen) +int SSL_tls1_key_exporter(SSL *s, + const unsigned char *label, int label_len, + const unsigned char *context, int context_len, + unsigned char *out, int olen) { unsigned char *tmp; int rv; + unsigned char context_len_16[2]; + + if (context_len > 0xffff) + return 0; tmp = OPENSSL_malloc(olen); if (!tmp) return 0; + + context_len_16[0] = context_len >> 8; + context_len_16[1] = context_len; rv = tls1_PRF(ssl_get_algorithm2(s), label, label_len, s->s3->client_random,SSL3_RANDOM_SIZE, s->s3->server_random,SSL3_RANDOM_SIZE, - context, context_len, NULL, 0, + context_len_16, sizeof(context_len_16), + context, context_len, s->session->master_key, s->session->master_key_length, out, tmp, olen); -- 2.25.1