diff options
author | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2018-12-20 11:12:40 +0100 |
---|---|---|
committer | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2018-12-20 13:36:34 +0100 |
commit | 2b2563da953978f63e3e707f758fd600dcd19a32 (patch) | |
tree | a207b096c10788192b56025e8187f14d1b5a978d /freebsd/crypto/openssl/ssl/tls13_enc.c | |
parent | freebsd/if_cpsw: Port. (diff) | |
download | rtems-libbsd-2b2563da953978f63e3e707f758fd600dcd19a32.tar.bz2 |
Update to FreeBSD head 2018-12-20
Git mirror commit 19a6ceb89dbacf74697d493e48c388767126d418.
It includes an update of wpa_supplicant to version 2.7.
It includes an update of the OpenSSL baseline to version 1.1.1a.
Update #3472.
Diffstat (limited to '')
-rw-r--r-- | freebsd/crypto/openssl/ssl/tls13_enc.c | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/freebsd/crypto/openssl/ssl/tls13_enc.c b/freebsd/crypto/openssl/ssl/tls13_enc.c index cd100126..0e8c4bc3 100644 --- a/freebsd/crypto/openssl/ssl/tls13_enc.c +++ b/freebsd/crypto/openssl/ssl/tls13_enc.c @@ -15,7 +15,14 @@ #include <openssl/evp.h> #include <openssl/kdf.h> -#define TLS13_MAX_LABEL_LEN 246 +/* + * RFC 8446, 7.1 Key Schedule, says: + * Note: With common hash functions, any label longer than 12 characters + * requires an additional iteration of the hash function to compute. + * The labels in this specification have all been chosen to fit within + * this limit. + */ +#define TLS13_MAX_LABEL_LEN 12 /* Always filled with zeros */ static const unsigned char default_zeros[EVP_MAX_MD_SIZE]; @@ -31,14 +38,15 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret, const unsigned char *data, size_t datalen, unsigned char *out, size_t outlen) { - const unsigned char label_prefix[] = "tls13 "; + static const unsigned char label_prefix[] = "tls13 "; EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); int ret; size_t hkdflabellen; size_t hashlen; /* - * 2 bytes for length of whole HkdfLabel + 1 byte for length of combined - * prefix and label + bytes for the label itself + bytes for the hash + * 2 bytes for length of derived secret + 1 byte for length of combined + * prefix and label + bytes for the label itself + 1 byte length of hash + * + bytes for the hash itself */ unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) + + sizeof(label_prefix) + TLS13_MAX_LABEL_LEN |