diff options
author | Matt Caswell <matt@openssl.org> | 2018-12-04 08:37:04 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-12-05 10:59:08 +0000 |
commit | db860ea3dcf56a1993c66da22bd44460d7ac4914 (patch) | |
tree | 1b8f457e57de929695cb8e4d10894ebf917ae941 /doc | |
parent | 56e0f123dc17cb99f50efbae4bbbab77f360818f (diff) |
Fix some SSL_export_keying_material() issues
Fix some issues in tls13_hkdf_expand() which impact the above function
for TLSv1.3. In particular test that we can use the maximum label length
in TLSv1.3.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7755)
(cherry picked from commit 0fb2815b873304d145ed00283454fc9f3bd35e6b)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man3/SSL_export_keying_material.pod | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/doc/man3/SSL_export_keying_material.pod b/doc/man3/SSL_export_keying_material.pod index abebf911fc..4c81a60ffb 100644 --- a/doc/man3/SSL_export_keying_material.pod +++ b/doc/man3/SSL_export_keying_material.pod @@ -59,7 +59,8 @@ B<label> and should be B<llen> bytes long. Typically this will be a value from the IANA Exporter Label Registry (L<https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels>). Alternatively labels beginning with "EXPERIMENTAL" are permitted by the standard -to be used without registration. +to be used without registration. TLSv1.3 imposes a maximum label length of +249 bytes. Note that this function is only defined for TLSv1.0 and above, and DTLSv1.0 and above. Attempting to use it in SSLv3 will result in an error. |