feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #6391 from rizlik/dtls13-label-fix

Browse Source 
dtls13: fix: use correct label to derive resumption key
This commit is contained in:
JacobBarthelmeh
2023-05-10 08:06:27 -06:00
committed by GitHub
parent c26a5f7514 e9303a5e77
commit c953716367
1 changed files with 18 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/tls13.c
View File

@ -885,9 +885,19 @@ int Tls13_Exporter(WOLFSSL* ssl, unsigned char *out, size_t outLen,
const byte* protocol = tls13ProtocolLabel; const byte* protocol = tls13ProtocolLabel;
word32 protocolLen = TLS13_PROTOCOL_LABEL_SZ; word32 protocolLen = TLS13_PROTOCOL_LABEL_SZ;
if (ssl->version.minor != TLSv1_3_MINOR) if (ssl->options.dtls && ssl->version.minor != DTLSv1_3_MINOR)
return VERSION_ERROR; return VERSION_ERROR;
if (!ssl->options.dtls && ssl->version.minor != TLSv1_3_MINOR)
return VERSION_ERROR;
#ifdef WOLFSSL_DTLS13
if (ssl->options.dtls) {
protocol = dtls13ProtocolLabel;
protocolLen = DTLS13_PROTOCOL_LABEL_SZ;
}
#endif /* WOLFSSL_DTLS13 */
switch (ssl->specs.mac_algorithm) { switch (ssl->specs.mac_algorithm) {
#ifndef NO_SHA256 #ifndef NO_SHA256
case sha256_mac: case sha256_mac:
@ -1166,6 +1176,13 @@ int DeriveResumptionPSK(WOLFSSL* ssl, byte* nonce, byte nonceLen, byte* secret)
WOLFSSL_MSG("Derive Resumption PSK"); WOLFSSL_MSG("Derive Resumption PSK");
#ifdef WOLFSSL_DTLS13
if (ssl->options.dtls) {
protocol = dtls13ProtocolLabel;
protocolLen = DTLS13_PROTOCOL_LABEL_SZ;
}
#endif /* WOLFSSL_DTLS13 */
switch (ssl->specs.mac_algorithm) { switch (ssl->specs.mac_algorithm) {
#ifndef NO_SHA256 #ifndef NO_SHA256
case sha256_mac: case sha256_mac: