diff options
| author | Matt Caswell <matt@openssl.org> | 2018-03-06 14:12:10 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2018-03-09 11:22:23 +0000 |
| commit | e73c6eaeff82615d20845692c5c72ba9dfa895f5 (patch) | |
| tree | 3eabbfe2325ad07a300c38e299e927b026aff507 /apps | |
| parent | a7fb4fa1708c65c0932133dca64a53d0237312e3 (diff) | |
Tolerate TLSv1.3 PSKs that are a different size to the hash size
We also default to SHA256 as per the spec if we do not have an explicit
digest defined.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5554)
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/s_client.c | 16 | ||||
| -rw-r--r-- | apps/s_server.c | 10 |
2 files changed, 8 insertions, 18 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index a319d217c1..1ed853d14b 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -197,19 +197,13 @@ static int psk_use_session_cb(SSL *s, const EVP_MD *md, return 0; } - if (key_len == EVP_MD_size(EVP_sha256())) - cipher = SSL_CIPHER_find(s, tls13_aes128gcmsha256_id); - else if (key_len == EVP_MD_size(EVP_sha384())) - cipher = SSL_CIPHER_find(s, tls13_aes256gcmsha384_id); - + /* We default to SHA-256 */ + cipher = SSL_CIPHER_find(s, tls13_aes128gcmsha256_id); if (cipher == NULL) { - /* Doesn't look like a suitable TLSv1.3 key. Ignore it */ - OPENSSL_free(key); - *id = NULL; - *idlen = 0; - *sess = NULL; - return 1; + BIO_printf(bio_err, "Error finding suitable ciphersuite\n"); + return 0; } + usesess = SSL_SESSION_new(); if (usesess == NULL || !SSL_SESSION_set1_master_key(usesess, key, key_len) diff --git a/apps/s_server.c b/apps/s_server.c index ff9ee5add9..bc1d1e5608 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -208,14 +208,10 @@ static int psk_find_session_cb(SSL *ssl, const unsigned char *identity, return 0; } - if (key_len == EVP_MD_size(EVP_sha256())) - cipher = SSL_CIPHER_find(ssl, tls13_aes128gcmsha256_id); - else if (key_len == EVP_MD_size(EVP_sha384())) - cipher = SSL_CIPHER_find(ssl, tls13_aes256gcmsha384_id); - + /* We default to SHA256 */ + cipher = SSL_CIPHER_find(ssl, tls13_aes128gcmsha256_id); if (cipher == NULL) { - /* Doesn't look like a suitable TLSv1.3 key. Ignore it */ - OPENSSL_free(key); + BIO_printf(bio_err, "Error finding suitable ciphersuite\n"); return 0; } |