From 1466bf88974bf7ad40e1a3a6179ba3b48f5002b0 Mon Sep 17 00:00:00 2001
From: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Date: Mon, 12 Aug 2024 13:20:46 +0200
Subject: [PATCH] Fix key_len check in TLS-Exporter

The length of the generated key must fit into a uint16_t, so it must not
be larger than 0xffff.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
---
 library/ssl_tls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 3c1c5cf588..4fe13ffbfc 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -10111,7 +10111,7 @@ static int mbedtls_ssl_tls13_export_keying_material(mbedtls_ssl_context *ssl,
     const size_t hash_len = PSA_HASH_LENGTH(hash_alg);
     const unsigned char *secret = ssl->session->app_secrets.exporter_master_secret;
 
-    if (key_len > 0xff || label_len > 250) {
+    if (key_len > 0xffff || label_len > 250) {
         return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
     }