TLS1.3: Correct intermediate secret derivation
authorJoseph Birr-Pixton <jpixton@gmail.com>
Sun, 19 Mar 2017 16:40:14 +0000 (16:40 +0000)
committerMatt Caswell <matt@openssl.org>
Sun, 19 Mar 2017 20:59:59 +0000 (20:59 +0000)
This label for this derivation was incorrectly "derived" or "der" depending
on the pointer size of the build(!). The correct string is "derived secret".

(cherry picked from commit 936dcf272033c1bf59a5e859ec63e2557194f191)

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2989)

ssl/tls13_enc.c

index 9103362..3b783a7 100644 (file)
@@ -124,7 +124,7 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md,
     size_t mdlen, prevsecretlen;
     int ret;
     EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
-    const char *derived_secret_label = "derived secret";
+    static const char derived_secret_label[] = "derived secret";
     unsigned char preextractsec[EVP_MAX_MD_SIZE];
 
     if (pctx == NULL)