TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-20 19:21:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix missing type conversion in the TLS-Exporter

Browse Source 
In the TLS-Exporter for TLS 1.3 we mistakenly call PSA_HASH_LENGTH() on
an mbedtls_md_type_t when it should be called on a psa_algorithm_t.

Fortunately, these two types have almost the same values, since we have
previously aligned them to make conversion more efficient. As a result,
PSA_HASH_LENGTH() produces exactly the same value when called on an
mbedtls_md_type_t as with the equivalent psa_algorithm_t.

Thanks to this happy coincidence, fix a largely cosmetic issue (rather
than a major functional bug).

Signed-off-by: David Horstmann <david.horstmann@arm.com>
This commit is contained in:
David Horstmann
2026-02-16 16:59:20 +00:00
parent 4602f36a93
commit 059fe77e4b
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
library/ssl_tls.c
View File

@@ -8938,7 +8938,7 @@ static int mbedtls_ssl_tls13_export_keying_material(mbedtls_ssl_context *ssl,
const size_t context_len)
{
const psa_algorithm_t psa_hash_alg = mbedtls_md_psa_alg_from_type(hash_alg);
const size_t hash_len = PSA_HASH_LENGTH(hash_alg);
const size_t hash_len = PSA_HASH_LENGTH(psa_hash_alg);
const unsigned char *secret = ssl->session->app_secrets.exporter_master_secret;
/* The length of the label must be at most 249 bytes to fit into the HkdfLabel