From b0c9fc9b48be849090e84b4605087ae477c69e72 Mon Sep 17 00:00:00 2001 From: Joseph Birr-Pixton Date: Sun, 19 Mar 2017 16:40:14 +0000 Subject: [PATCH] TLS1.3: Correct intermediate secret derivation This label for this derivation was incorrectly "derived" or "der" depending on the pointer size of the build(!). The correct string is "derived secret". (cherry picked from commit 936dcf272033c1bf59a5e859ec63e2557194f191) Reviewed-by: Tim Hudson Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/2989) --- ssl/tls13_enc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 910336281d..3b783a74af 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -124,7 +124,7 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md, size_t mdlen, prevsecretlen; int ret; EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); - const char *derived_secret_label = "derived secret"; + static const char derived_secret_label[] = "derived secret"; unsigned char preextractsec[EVP_MAX_MD_SIZE]; if (pctx == NULL)