Tolerate TLSv1.3 PSKs that are a different size to the hash size

We also default to SHA256 as per the spec if we do not have an explicit digest defined. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5554)
author: Matt Caswell <matt@openssl.org> 2018-03-06 14:12:10 +0000
committer: Matt Caswell <matt@openssl.org> 2018-03-09 11:22:23 +0000
commit: e73c6eaeff82615d20845692c5c72ba9dfa895f5 (patch)
tree: 3eabbfe2325ad07a300c38e299e927b026aff507 /apps/s_server.c
parent: a7fb4fa1708c65c0932133dca64a53d0237312e3 (diff)
1 files changed, 3 insertions, 7 deletions
diff --git a/apps/s_server.c b/apps/s_server.c
index ff9ee5add9..bc1d1e5608 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -208,14 +208,10 @@ static int psk_find_session_cb(SSL *ssl, const unsigned char *identity,
         return 0;
     }
 
-    if (key_len == EVP_MD_size(EVP_sha256()))
-        cipher = SSL_CIPHER_find(ssl, tls13_aes128gcmsha256_id);
-    else if (key_len == EVP_MD_size(EVP_sha384()))
-        cipher = SSL_CIPHER_find(ssl, tls13_aes256gcmsha384_id);
-
+    /* We default to SHA256 */
+    cipher = SSL_CIPHER_find(ssl, tls13_aes128gcmsha256_id);
     if (cipher == NULL) {
-        /* Doesn't look like a suitable TLSv1.3 key. Ignore it */
-        OPENSSL_free(key);
+        BIO_printf(bio_err, "Error finding suitable ciphersuite\n");
         return 0;
     }
author	Matt Caswell <matt@openssl.org>	2018-03-06 14:12:10 +0000
committer	Matt Caswell <matt@openssl.org>	2018-03-09 11:22:23 +0000
commit	e73c6eaeff82615d20845692c5c72ba9dfa895f5 (patch)
tree	3eabbfe2325ad07a300c38e299e927b026aff507 /apps/s_server.c
parent	a7fb4fa1708c65c0932133dca64a53d0237312e3 (diff)