diff options
| -rw-r--r-- | src/kdf/prf_tls/prf_tls.cpp | 9 | ||||
| -rw-r--r-- | src/mac/hmac/hmac.h | 2 |
2 files changed, 9 insertions, 2 deletions
diff --git a/src/kdf/prf_tls/prf_tls.cpp b/src/kdf/prf_tls/prf_tls.cpp index 2b57cdd25..55d72bea4 100644 --- a/src/kdf/prf_tls/prf_tls.cpp +++ b/src/kdf/prf_tls/prf_tls.cpp @@ -23,7 +23,14 @@ void P_hash(MemoryRegion<byte>& output, const byte secret[], size_t secret_len, const byte seed[], size_t seed_len) { - mac->set_key(secret, secret_len); + try + { + mac->set_key(secret, secret_len); + } + catch(Invalid_Key_Length) + { + throw Internal_Error("The premaster secret is too long for the PRF"); + } SecureVector<byte> A(seed, seed_len); diff --git a/src/mac/hmac/hmac.h b/src/mac/hmac/hmac.h index b76a058f4..9de1bc7b5 100644 --- a/src/mac/hmac/hmac.h +++ b/src/mac/hmac/hmac.h @@ -27,7 +27,7 @@ class BOTAN_DLL HMAC : public MessageAuthenticationCode Key_Length_Specification key_spec() const { - return Key_Length_Specification(0, 2*hash->hash_block_size()); + return Key_Length_Specification(0, 512); } /** |