summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>2017-12-16 16:46:18 +0900
committerMatt Caswell <matt@openssl.org>2018-02-02 23:52:59 +0000
commit2221ec10ab2771d7effad839392c88f35cde04a3 (patch)
treef6ebbcfc6a9ca2f084496b2d915b5f876a045bed
parent50ea9d2b3521467a11559be41dcf05ee05feabd6 (diff)
Generate exporter_master_secret after server Finished
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4944)
Diffstat
-rw-r--r--ssl/tls13_enc.c15
1 files changed, 12 insertions, 3 deletions
diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
index fe817f8f65..7975be54a8 100644
--- a/ssl/tls13_enc.c
+++ b/ssl/tls13_enc.c
@@ -581,9 +581,18 @@ int tls13_change_cipher_state(SSL *s, int which)
goto err;
}
- if (label == server_application_traffic)
+ if (label == server_application_traffic) {
memcpy(s->server_app_traffic_secret, secret, hashlen);
- else if (label == client_application_traffic)
+ /* Now we create the exporter master secret */
+ if (!tls13_hkdf_expand(s, ssl_handshake_md(s), insecret,
+ exporter_master_secret,
+ sizeof(exporter_master_secret) - 1,
+ hash, hashlen, s->exporter_master_secret,
+ hashlen)) {
+ /* SSLfatal() already called */
+ goto err;
+ }
+ } else if (label == client_application_traffic)
memcpy(s->client_app_traffic_secret, secret, hashlen);
if (!ssl_log_secret(s, log_label, secret, hashlen)) {
@@ -667,7 +676,7 @@ int tls13_export_keying_material(SSL *s, unsigned char *out, size_t olen,
unsigned int hashsize, datalen;
int ret = 0;
- if (ctx == NULL || !SSL_is_init_finished(s))
+ if (ctx == NULL)
goto err;
if (!use_context)
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-20 15:23:11 +0000