When the “PSK binder“ validation fails, the alert description is not "decrypt_error"

openssl / openssl

TLS/SSL and crypto library

https://www.openssl.org

Apache License 2.0

26.03k stars 10.17k forks source link

When the “PSK binder“ validation fails, the alert description is not "decrypt_error" #25106

Open baoyi84930 opened 3 months ago

baoyi84930 commented 3 months ago

version: 3.0.9

according to rfc8446

decrypt_error: A handshake (not record layer) cryptographic operation failed, including being unable to correctly verify a signature or validate a Finished message or a PSK binder.

https://github.com/openssl/openssl/blob/de90e54bbe82e5be4fb9608b6f5c308bb837d355/ssl/statem/extensions.c#L1620-L1628

mattcaswell commented 3 months ago

Looks correct. A minor conformance issue. Adding help wanted and good first issue labels.