Use the correct size for TLSv1.3 finished keys

We need to use the length of the handshake hash for the length of the finished key. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2157)
author: Matt Caswell <matt@openssl.org> 2016-12-15 00:28:47 +0000
committer: Matt Caswell <matt@openssl.org> 2017-01-10 23:02:50 +0000
commit: 6612d87b897f1f71237e6a7f5a075d46e74d8ac5 (patch)
tree: a091f981335a98eac6c7a18d2c8e52eef332765d /ssl
parent: ac77aa9a1c247ef8fe0726b3eceb95a26eba292e (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
index 5896a5f239..cbe989c6a2 100644
--- a/ssl/tls13_enc.c
+++ b/ssl/tls13_enc.c
@@ -330,7 +330,7 @@ int tls13_change_cipher_state(SSL *s, int which)
         if (which & SSL3_CC_HANDSHAKE) {
             insecret = s->handshake_secret;
             finsecret = s->client_finished_secret;
-            finsecretlen = sizeof(s->client_finished_secret);
+            finsecretlen = EVP_MD_size(ssl_handshake_md(s));
             label = client_handshake_traffic;
             labellen = sizeof(client_handshake_traffic) - 1;
         } else {
@@ -342,7 +342,7 @@ int tls13_change_cipher_state(SSL *s, int which)
         if (which & SSL3_CC_HANDSHAKE) {
             insecret = s->handshake_secret;
             finsecret = s->server_finished_secret;
-            finsecretlen = sizeof(s->server_finished_secret);
+            finsecretlen = EVP_MD_size(ssl_handshake_md(s));
             label = server_handshake_traffic;
             labellen = sizeof(server_handshake_traffic) - 1;
         } else {
author	Matt Caswell <matt@openssl.org>	2016-12-15 00:28:47 +0000
committer	Matt Caswell <matt@openssl.org>	2017-01-10 23:02:50 +0000
commit	6612d87b897f1f71237e6a7f5a075d46e74d8ac5 (patch)
tree	a091f981335a98eac6c7a18d2c8e52eef332765d /ssl
parent	ac77aa9a1c247ef8fe0726b3eceb95a26eba292e (diff)