From: Bhaskar Metiya <bhaskarmetiya@gmail.com>
Date: Wed, 14 Aug 2024 06:04:01 +0000 (+0530)
Subject: Return SSL_AD_DECRYPT_ERROR alert on PSK binder validation failure (RFC 8446)
X-Git-Tag: openssl-3.4.0-alpha1~136
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=02b8b7b83698d1c7ddfef274f16c039c8cca7988;p=thirdparty%2Fopenssl.git

Return SSL_AD_DECRYPT_ERROR alert on PSK binder validation failure (RFC 8446)

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/25176)
---

diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 554190221fa..837ac739c33 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -1697,7 +1697,7 @@ int tls_psk_do_binder(SSL_CONNECTION *s, const EVP_MD *md,
         /* HMAC keys can't do EVP_DigestVerify* - use CRYPTO_memcmp instead */
         ret = (CRYPTO_memcmp(binderin, binderout, hashsize) == 0);
         if (!ret)
-            SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BINDER_DOES_NOT_VERIFY);
+            SSLfatal(s, SSL_AD_DECRYPT_ERROR, SSL_R_BINDER_DOES_NOT_VERIFY);
     }
 
  err: