diff --git a/microstack/ILibAsyncSocket.c b/microstack/ILibAsyncSocket.c
index f4f2a23..d05e9a1 100644
--- a/microstack/ILibAsyncSocket.c
+++ b/microstack/ILibAsyncSocket.c
@@ -1215,7 +1215,9 @@ void ILibProcessAsyncSocket(struct ILibAsyncSocketModule *Reader, int pendingRea
 					}
 					SSL_TRACE2("SSL_handshake()");
 				}
-				else
+				
+				// Even if we get completed the TLS handshake, we must still read if data remains, this is possible with TLS 1.3
+				if ((Reader->TLSHandshakeCompleted == 1) && (Reader->readBioBuffer->length > 0))
 				{
 					SSL_TRACE1("SSL_read()");
 					while ((j = SSL_read(Reader->ssl, Reader->buffer + Reader->EndPointer, Reader->MallocSize - Reader->EndPointer))>0)
diff --git a/microstack/ILibCrypto.c b/microstack/ILibCrypto.c
index d9a5315..b36c68f 100644
--- a/microstack/ILibCrypto.c
+++ b/microstack/ILibCrypto.c
@@ -1085,12 +1085,13 @@ void  __fastcall util_savekeys(SSL* ssl) {
 	if (ssl == NULL) return;
 	if (SSL_get_client_random(ssl, clientRandom, 32) != 32) return;
 	if (SSL_get_server_random(ssl, serverRandom, 32) != 32) return;
-	if (SSL_SESSION_get_master_key(SSL_get_session(ssl), sessionSecret, 48) != 48) return;
+	len = SSL_SESSION_get_master_key(SSL_get_session(ssl), sessionSecret, 48);
+	if (len <= 0) return;
 
 	// Convert the randoms and key into hex
 	util_tohex(clientRandom, 32, clientRandomHex);
 	util_tohex(serverRandom, 32, serverRandomHex);
-	util_tohex(sessionSecret, 48, sessionSecretHex);
+	util_tohex(sessionSecret, len, sessionSecretHex);
 
 	// Append the client random and key to the log file.
 	len = snprintf(text, 1000, "CLIENT_RANDOM %s %s\r\nCLIENT_RANDOM %s %s\r\n", clientRandomHex, sessionSecretHex, serverRandomHex, sessionSecretHex);