Skip to content

Commit 14ebd0f

Browse files
authored
Merge pull request #2228 from dcooper16/fix_data_after_finished_30
Fix decrypting TLS 1.3 server response
2 parents bac8cb7 + a8c8bfe commit 14ebd0f

File tree

1 file changed

+2
-0
lines changed

1 file changed

+2
-0
lines changed

testssl.sh

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11715,6 +11715,8 @@ check_tls_serverhellodone() {
1171511715
decrypted_response+="${tls_content_type}0301$(printf "%04X" $((plaintext_len/2)))${plaintext:0:plaintext_len}"
1171611716
if [[ "$tls_content_type" == 16 ]]; then
1171711717
tls_handshake_ascii+="${plaintext:0:plaintext_len}"
11718+
# Data after the Finished message is encrypted under a different key.
11719+
[[ "${plaintext:0:2}" == 14 ]] && break
1171811720
elif [[ "$tls_content_type" == 15 ]]; then
1171911721
tls_alert_ascii+="${plaintext:0:plaintext_len}"
1172011722
else

0 commit comments

Comments
 (0)