check not CHACHA_BYTE before considering normal suite

2016-01-18 15:33:32 -07:00
parent 93e454f09a
commit 3a65f55bd3
2 changed files with 2 additions and 1 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -3943,7 +3943,7 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
            return 0;
        }   /* switch */
        }   /* if     */
-        if (first != ECC_BYTE) {   /* normal suites */
+        if (first != ECC_BYTE && first != CHACHA_BYTE) {   /* normal suites */
        switch (second) {

 #ifndef NO_RSA
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@ -784,6 +784,7 @@ enum {
    TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xbe,
    TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4,

+    /* chacha20-poly1305 suites first byte is 0xCC (CHACHA_BYTE) */
    TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256   = 0x13,
    TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0x14,
    TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256     = 0x15,