summaryrefslogtreecommitdiff
path: root/src/ssl/ssl_key_share.cc
diff options
context:
space:
mode:
Diffstat (limited to 'src/ssl/ssl_key_share.cc')
-rw-r--r--src/ssl/ssl_key_share.cc9
1 files changed, 5 insertions, 4 deletions
diff --git a/src/ssl/ssl_key_share.cc b/src/ssl/ssl_key_share.cc
index 80317d89..694bec11 100644
--- a/src/ssl/ssl_key_share.cc
+++ b/src/ssl/ssl_key_share.cc
@@ -217,7 +217,7 @@ class X25519Kyber768KeyShare : public SSLKeyShare {
bool Encap(CBB *out_ciphertext, Array<uint8_t> *out_secret,
uint8_t *out_alert, Span<const uint8_t> peer_key) override {
Array<uint8_t> secret;
- if (!secret.Init(32 + KYBER_SHARED_SECRET_BYTES)) {
+ if (!secret.Init(32 + 32)) {
return false;
}
@@ -241,7 +241,8 @@ class X25519Kyber768KeyShare : public SSLKeyShare {
}
uint8_t kyber_ciphertext[KYBER_CIPHERTEXT_BYTES];
- KYBER_encap(kyber_ciphertext, secret.data() + 32, &peer_kyber_pub);
+ KYBER_encap(kyber_ciphertext, secret.data() + 32, secret.size() - 32,
+ &peer_kyber_pub);
if (!CBB_add_bytes(out_ciphertext, x25519_public_key,
sizeof(x25519_public_key)) ||
@@ -259,7 +260,7 @@ class X25519Kyber768KeyShare : public SSLKeyShare {
*out_alert = SSL_AD_INTERNAL_ERROR;
Array<uint8_t> secret;
- if (!secret.Init(32 + KYBER_SHARED_SECRET_BYTES)) {
+ if (!secret.Init(32 + 32)) {
return false;
}
@@ -270,7 +271,7 @@ class X25519Kyber768KeyShare : public SSLKeyShare {
return false;
}
- KYBER_decap(secret.data() + 32, ciphertext.data() + 32,
+ KYBER_decap(secret.data() + 32, secret.size() - 32, ciphertext.data() + 32,
&kyber_private_key_);
*out_secret = std::move(secret);
return true;
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-27 01:52:27 +0000