From c35a0713b0f639435a753d6067f4c6b3d56dd16c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= Date: Mon, 22 Aug 2022 15:45:38 +0200 Subject: [PATCH] tls: use OpenSSL constant for client random size Avoid magic numbers in the code and use an OpenSSL constant instead. PR-URL: https://github.com/nodejs/node/pull/44305 Reviewed-By: Anna Henningsen Reviewed-By: Filip Skokan --- src/crypto/crypto_common.cc | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/src/crypto/crypto_common.cc b/src/crypto/crypto_common.cc index ed1aea868d8385..e19fe81ed265c6 100644 --- a/src/crypto/crypto_common.cc +++ b/src/crypto/crypto_common.cc @@ -68,16 +68,19 @@ void LogSecret( const unsigned char* secret, size_t secretlen) { auto keylog_cb = SSL_CTX_get_keylog_callback(SSL_get_SSL_CTX(ssl.get())); - unsigned char crandom[32]; + // All supported versions of TLS/SSL fix the client random to the same size. + constexpr size_t kTlsClientRandomSize = SSL3_RANDOM_SIZE; + unsigned char crandom[kTlsClientRandomSize]; if (keylog_cb == nullptr || - SSL_get_client_random(ssl.get(), crandom, 32) != 32) { + SSL_get_client_random(ssl.get(), crandom, kTlsClientRandomSize) != + kTlsClientRandomSize) { return; } std::string line = name; - line += " " + StringBytes::hex_encode( - reinterpret_cast(crandom), 32); + line += " " + StringBytes::hex_encode(reinterpret_cast(crandom), + kTlsClientRandomSize); line += " " + StringBytes::hex_encode( reinterpret_cast(secret), secretlen); keylog_cb(ssl.get(), line.c_str());