I'm working to update a security library and I'm noticing some strange behavior when completing the SSL handshake and then calling querycontextattribute to obtain the header, maximum size, and trailer of the the messages. What I notice is when I have the grbitEnabledProtocols set to TLS 1_0 the handshake occurs as expected and returns a 5 byte header for the SSL packet as expected.
However, when I change the bit enabled protocol to either 0, and schannel selects tls 1.2, or if I set the bitenabled protocol to use TLS 1.2 when the function to query the message sizes is called, a 21 byte header is returned where 5 is expected.
Are there any additional calls that should be made when moving to TLS 1.2 as I have that would have not been necessary using TLS 1.0? Or, does returning the 21 byte header indicate an error in the processing of initializesecuritycontext that I'm not catching currently that should have been caught?
