diff options
author | visbjn <Jochen.Kreissl@vector.com> | 2022-09-19 10:27:34 +0200 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2022-09-27 15:56:51 +0100 |
commit | 54ba0f1625b515293d76f61dda62644c9c02704e (patch) | |
tree | e700e99b04b546ac7f49a057d68ce4be34bf8661 | |
parent | 61f8d46d49eeee87d44cfa74acfb2f81393b92dd (diff) |
ssl_log_secret call in tls13_key_update
Newly computed traffic secrets are now logged upon key update
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19241)
(cherry picked from commit 2f7e61b8b21ed472a3667b8922843851f94a3d93)
-rw-r--r-- | ssl/ssl_local.h | 2 | ||||
-rw-r--r-- | ssl/tls13_enc.c | 8 |
2 files changed, 10 insertions, 0 deletions
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h index 5471e900b8..5fb1feb801 100644 --- a/ssl/ssl_local.h +++ b/ssl/ssl_local.h @@ -2752,7 +2752,9 @@ __owur int ssl_log_secret(SSL *ssl, const char *label, #define CLIENT_HANDSHAKE_LABEL "CLIENT_HANDSHAKE_TRAFFIC_SECRET" #define SERVER_HANDSHAKE_LABEL "SERVER_HANDSHAKE_TRAFFIC_SECRET" #define CLIENT_APPLICATION_LABEL "CLIENT_TRAFFIC_SECRET_0" +#define CLIENT_APPLICATION_N_LABEL "CLIENT_TRAFFIC_SECRET_N" #define SERVER_APPLICATION_LABEL "SERVER_TRAFFIC_SECRET_0" +#define SERVER_APPLICATION_N_LABEL "SERVER_TRAFFIC_SECRET_N" #define EARLY_EXPORTER_SECRET_LABEL "EARLY_EXPORTER_SECRET" #define EXPORTER_SECRET_LABEL "EXPORTER_SECRET" diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index b186cb3897..ddcff5eb89 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -755,6 +755,7 @@ int tls13_update_key(SSL *s, int sending) unsigned char key[EVP_MAX_KEY_LENGTH]; unsigned char *insecret, *iv; unsigned char secret[EVP_MAX_MD_SIZE]; + char *log_label; EVP_CIPHER_CTX *ciph_ctx; int ret = 0, l; @@ -791,6 +792,13 @@ int tls13_update_key(SSL *s, int sending) memcpy(insecret, secret, hashlen); + /* Call Key log on successful traffic secret update */ + log_label = s->server == sending ? SERVER_APPLICATION_N_LABEL : CLIENT_APPLICATION_N_LABEL; + if (!ssl_log_secret(s, log_label, secret, hashlen)) { + /* SSLfatal() already called */ + goto err; + } + s->statem.enc_write_state = ENC_WRITE_STATE_VALID; ret = 1; err: |