projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 43c5641)
TLS1.3: Correct intermediate secret derivation
authorJoseph Birr-Pixton <jpixton@gmail.com>
Sun, 19 Mar 2017 16:40:14 +0000 (16:40 +0000)
committerMatt Caswell <matt@openssl.org>
Sun, 19 Mar 2017 20:59:59 +0000 (20:59 +0000)
This label for this derivation was incorrectly "derived" or "der" depending
on the pointer size of the build(!). The correct string is "derived secret".

(cherry picked from commit 936dcf272033c1bf59a5e859ec63e2557194f191)

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2989)

ssl/tls13_enc.c patch | blob | history

diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
index 910336281d3a7bdb36b725d9cf608bfa6f41ccf4..3b783a74af59899f8cd058fce3915420f9e89a3d 100644 (file)
--- a/ssl/tls13_enc.c
+++ b/ssl/tls13_enc.c
@@ -124,7 +124,7 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md,
     size_t mdlen, prevsecretlen;
     int ret;
     EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
-    const char *derived_secret_label = "derived secret";
+    static const char derived_secret_label[] = "derived secret";
     unsigned char preextractsec[EVP_MAX_MD_SIZE];
 
     if (pctx == NULL)
Unnamed repository; edit this file 'description' to name the repository.