From f3fbb921c048634a8da9d293c5019cc6f5aca920 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Fri, 9 Oct 2020 12:01:41 -0700
Subject: [PATCH] Fixes SSLv3 use of ECDH. The public key length byte needs to
 be skipped for import with SSLv3 and TLS (not TLS v1.3). ZD 11085

---
 src/sniffer.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/sniffer.c b/src/sniffer.c
index 5c9ac81d3..6dd6d8905 100644
--- a/src/sniffer.c
+++ b/src/sniffer.c
@@ -2268,7 +2268,7 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
             length = wc_ecc_size(&key) * 2 + 1;
             /* The length should be 2 times the key size (x and y), plus 1
              * for the type byte. */
-            if (IsTLS(session->sslServer) && !IsAtLeastTLSv1_3(session->sslServer->version)) {
+            if (!IsAtLeastTLSv1_3(session->sslServer->version)) {
                 input += 1; /* Don't include the TLS length for the key. */
             }