diff options
author | lloyd <[email protected]> | 2012-04-02 16:48:54 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-04-02 16:48:54 +0000 |
commit | 7f0df78e77eedaf299a8dcbea2d10290b99d3521 (patch) | |
tree | 3eb0cce53f5ff3a844b6af64801d77fc5b4bc38a /src/tls/tls_handshake_state.cpp | |
parent | 4b4edaa984cb0b26e8246f19e594cb8d173ae833 (diff) |
Use SHA-256 when MD5 is negotiated as the HMAC hash in TLS 1.2,
previously negotiating any MD5-based ciphersuite in TLS 1.2 would
cause MAC failures as the master secret would come out differently due
to using the wrong PRF.
Diffstat (limited to 'src/tls/tls_handshake_state.cpp')
-rw-r--r-- | src/tls/tls_handshake_state.cpp | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/tls/tls_handshake_state.cpp b/src/tls/tls_handshake_state.cpp index 6ddd8d346..48d9abbeb 100644 --- a/src/tls/tls_handshake_state.cpp +++ b/src/tls/tls_handshake_state.cpp @@ -163,8 +163,12 @@ KDF* Handshake_State::protocol_specific_prf() } else if(version() == Protocol_Version::TLS_V12) { - if(suite.mac_algo() == "SHA-1" || suite.mac_algo() == "SHA-256") + if(suite.mac_algo() == "MD5" || + suite.mac_algo() == "SHA-1" || + suite.mac_algo() == "SHA-256") + { return get_kdf("TLS-12-PRF(SHA-256)"); + } return get_kdf("TLS-12-PRF(" + suite.mac_algo() + ")"); } |