Closed ryru closed 3 years ago
Good catch. I'm not sure about the fix, though. I think it would be easier to not change derive_labeled_keys()
and just copy these lines to update_app_keys()
:
suite_algs_t *algs;
algs = find_suite(this->suite);
destroy_aeads(this);
if (!create_aead(this, algs))
{
return FALSE;
}
You could squash that into "tls-crypto: Move AEAD ownership to the protection layer".
Thank's for the feedback!
AEAD ownership was moved to the protection layer but KeyUpdate still depended on a local reference.
Fixes: c7066402 (“tls-crypto: Move AEAD ownership to the protection layer”)