diff options
Diffstat (limited to 'src/kdf/prf_tls')
| -rw-r--r-- | src/kdf/prf_tls/info.txt | 1 | ||||
| -rw-r--r-- | src/kdf/prf_tls/prf_tls.cpp | 10 |
2 files changed, 10 insertions, 1 deletions
diff --git a/src/kdf/prf_tls/info.txt b/src/kdf/prf_tls/info.txt index 9531a6a83..113c92251 100644 --- a/src/kdf/prf_tls/info.txt +++ b/src/kdf/prf_tls/info.txt @@ -1,4 +1,5 @@ define TLS_V10_PRF +define TLS_V12_PRF <requires> hmac diff --git a/src/kdf/prf_tls/prf_tls.cpp b/src/kdf/prf_tls/prf_tls.cpp index 2b57cdd25..3790650b0 100644 --- a/src/kdf/prf_tls/prf_tls.cpp +++ b/src/kdf/prf_tls/prf_tls.cpp @@ -23,7 +23,15 @@ void P_hash(MemoryRegion<byte>& output, const byte secret[], size_t secret_len, const byte seed[], size_t seed_len) { - mac->set_key(secret, secret_len); + try + { + mac->set_key(secret, secret_len); + } + catch(Invalid_Key_Length) + { + throw Internal_Error("The premaster secret of " + to_string(secret_len) + + " bytes is too long for the PRF"); + } SecureVector<byte> A(seed, seed_len); |