aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls/tls_handshake_state.cpp
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-04-02 16:48:54 +0000
committerlloyd <[email protected]>2012-04-02 16:48:54 +0000
commit7f0df78e77eedaf299a8dcbea2d10290b99d3521 (patch)
tree3eb0cce53f5ff3a844b6af64801d77fc5b4bc38a /src/tls/tls_handshake_state.cpp
parent4b4edaa984cb0b26e8246f19e594cb8d173ae833 (diff)
Use SHA-256 when MD5 is negotiated as the HMAC hash in TLS 1.2,
previously negotiating any MD5-based ciphersuite in TLS 1.2 would cause MAC failures as the master secret would come out differently due to using the wrong PRF.
Diffstat (limited to 'src/tls/tls_handshake_state.cpp')
-rw-r--r--src/tls/tls_handshake_state.cpp6
1 files changed, 5 insertions, 1 deletions
diff --git a/src/tls/tls_handshake_state.cpp b/src/tls/tls_handshake_state.cpp
index 6ddd8d346..48d9abbeb 100644
--- a/src/tls/tls_handshake_state.cpp
+++ b/src/tls/tls_handshake_state.cpp
@@ -163,8 +163,12 @@ KDF* Handshake_State::protocol_specific_prf()
}
else if(version() == Protocol_Version::TLS_V12)
{
- if(suite.mac_algo() == "SHA-1" || suite.mac_algo() == "SHA-256")
+ if(suite.mac_algo() == "MD5" ||
+ suite.mac_algo() == "SHA-1" ||
+ suite.mac_algo() == "SHA-256")
+ {
return get_kdf("TLS-12-PRF(SHA-256)");
+ }
return get_kdf("TLS-12-PRF(" + suite.mac_algo() + ")");
}