#ifdef SSL_DEBUG
printf("which = %04X\nmac key=", which);
{
- int z;
+ size_t z;
for (z = 0; z < i; z++)
printf("%02X%c", ms[z], ((z + 1) % 16) ? ' ' : '\n');
}
}
printf("\niv=");
{
- int z;
+ size_t z;
for (z = 0; z < k; z++)
printf("%02X%c", iv[z], ((z + 1) % 16) ? ' ' : '\n');
}
int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
size_t len, size_t *secret_size)
{
- if (s->session->flags & SSL_SESS_FLAG_EXTMS) {
+ /*
+ * TODO(TLS1.3): We haven't implemented TLS1.3 key derivation yet. For now
+ * we will just force no use of EMS (which adds complications around the
+ * handshake has). This will need to be removed later
+ */
+ if ((s->session->flags & SSL_SESS_FLAG_EXTMS)
+ && s->version != TLS1_3_VERSION) {
unsigned char hash[EVP_MAX_MD_SIZE * 2];
size_t hashlen;
/*