Tolerate TLSv1.3 PSKs that are a different size to the hash size

            return 0;

            return 0;

        }

        }

        if (key_len == EVP_MD_size(EVP_sha256()))

        /* We default to SHA-256 */

        cipher = SSL_CIPHER_find(s, tls13_aes128gcmsha256_id);

        cipher = SSL_CIPHER_find(s, tls13_aes128gcmsha256_id);

        else if (key_len == EVP_MD_size(EVP_sha384()))

            cipher = SSL_CIPHER_find(s, tls13_aes256gcmsha384_id);

        if (cipher == NULL) {

        if (cipher == NULL) {

            /* Doesn't look like a suitable TLSv1.3 key. Ignore it */

            BIO_printf(bio_err, "Error finding suitable ciphersuite\n");

            OPENSSL_free(key);

            return 0;

            *id = NULL;

            *idlen = 0;

            *sess = NULL;

            return 1;

        }

        }

        usesess = SSL_SESSION_new();

        usesess = SSL_SESSION_new();

        if (usesess == NULL

        if (usesess == NULL

                || !SSL_SESSION_set1_master_key(usesess, key, key_len)

                || !SSL_SESSION_set1_master_key(usesess, key, key_len)

        return 0;

        return 0;

    }

    }

    if (key_len == EVP_MD_size(EVP_sha256()))

    /* We default to SHA256 */

    cipher = SSL_CIPHER_find(ssl, tls13_aes128gcmsha256_id);

    cipher = SSL_CIPHER_find(ssl, tls13_aes128gcmsha256_id);

    else if (key_len == EVP_MD_size(EVP_sha384()))

        cipher = SSL_CIPHER_find(ssl, tls13_aes256gcmsha384_id);

    if (cipher == NULL) {

    if (cipher == NULL) {

        /* Doesn't look like a suitable TLSv1.3 key. Ignore it */

        BIO_printf(bio_err, "Error finding suitable ciphersuite\n");

        OPENSSL_free(key);

        return 0;

        return 0;

    }

    }

    const char external_label[] = "ext binder";

    const char external_label[] = "ext binder";

    const char nonce_label[] = "resumption";

    const char nonce_label[] = "resumption";

    const char *label;

    const char *label;

    size_t bindersize, labelsize, hashsize = EVP_MD_size(md);

    size_t bindersize, labelsize, psklen, hashsize = EVP_MD_size(md);

    int ret = -1;

    int ret = -1;

    int usepskfored = 0;

    int usepskfored = 0;

        labelsize = sizeof(resumption_label) - 1;

        labelsize = sizeof(resumption_label) - 1;

    }

    }

    if (sess->master_key_length != hashsize) {

        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PSK_DO_BINDER,

                 SSL_R_BAD_PSK);

        goto err;

    }

    if (external) {

    if (external) {

        psk = sess->master_key;

        psk = sess->master_key;

        psklen = sess->master_key_length;

    } else {

    } else {

        psk = tmppsk;

        psk = tmppsk;

        psklen = hashsize;

        if (!tls13_hkdf_expand(s, md, sess->master_key,

        if (!tls13_hkdf_expand(s, md, sess->master_key,

                               (const unsigned char *)nonce_label,

                               (const unsigned char *)nonce_label,

                               sizeof(nonce_label) - 1, sess->ext.tick_nonce,

                               sizeof(nonce_label) - 1, sess->ext.tick_nonce,

        early_secret = (unsigned char *)s->early_secret;

        early_secret = (unsigned char *)s->early_secret;

    else

    else

        early_secret = (unsigned char *)sess->early_secret;

        early_secret = (unsigned char *)sess->early_secret;

    if (!tls13_generate_secret(s, md, NULL, psk, hashsize, early_secret)) {

    if (!tls13_generate_secret(s, md, NULL, psk, psklen, early_secret)) {

        /* SSLfatal() already called */

        /* SSLfatal() already called */

        goto err;

        goto err;

    }

    }