Corrected behaviour for CBC-based suites using the SHA384 MAC and PRF

2013-03-20 15:30:09 +01:00 · 2013-03-20 15:30:09 +01:00 · b7149bcc90
commit b7149bcc90
parent a0234377fc
3 changed files with 8 additions and 11 deletions
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@ -1068,8 +1068,8 @@ static int ssl_write_certificate_request( ssl_context *ssl )
        *p++ = 0;
        *p++ = 2;

-        if( ssl->transform_negotiate->ciphersuite_info->cipher ==
-            POLARSSL_CIPHER_AES_256_GCM )
+        if( ssl->transform_negotiate->ciphersuite_info->mac ==
+            POLARSSL_MD_SHA384 )
        {
            ssl->handshake->verify_sig_alg = SSL_HASH_SHA384;
        }