-
Notifications
You must be signed in to change notification settings - Fork 595
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Connection::dangerous_extract_secrets returns ConnectionTrafficSecrets::Aes128Gcm even when AES-256-GCM is negotiated #1833
Comments
cpu
pushed a commit
to cpu/rustls
that referenced
this issue
Mar 11, 2024
… negotiated. 55bb279 inadvertently changed `extract_keys` to always return `ConnectionTrafficSecrets::Aes128Gcm`, even when AES-256-GCM was negotiated. This change fixes it by restoring the key length check. Fixes rustls#1833
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Checklist
Describe the bug
With the ring provider, when a connection is negotiated with TLS 1.2 and ciphersuite using AES-256-GCM,
conn.dangerous_extract_secrets()
should returntx
andrx
that containConnectionTrafficSecrets::Aes256Gcm { ... }
. Instead they containConnectionTrafficSecrets::Aes128Gcm { ... }
(with the correct 32-bitAeadKey
).Bug is at
rustls/rustls/src/crypto/ring/tls12.rs
Line 165 in 546a85d
... introduced in 0.22 with the switch to the
AeadKey
type.To Reproduce
Steps to reproduce the behavior:
Expected:
Actual:
Applicable Version(s)
rustls v0.23.1
Expected behavior
Explained above.
Additional context
Workaround is to ignore the enum type and branch on
key.as_ref().len()
The text was updated successfully, but these errors were encountered: