Fix client application traffic secret (ace081c1) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit ace081c1 authored Dec 29, 2016 by

Matt Caswell

Fix client application traffic secret



A misreading of the TLS1.3 spec meant we were using the handshake hashes
up to and including the Client Finished to calculate the client
application traffic secret. We should be only use up until the Server
Finished.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157)

parent 4954fd13

Hide whitespace changes

Inline Side-by-side

Please register or to comment