diff options
| author | Cory Benfield <lukasaoz@gmail.com> | 2017-01-31 14:56:15 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2017-02-02 09:33:59 +0000 |
| commit | 2c7bd6921172c6a63cb7a111e84578fc7dca5a6f (patch) | |
| tree | 97dede3b5c51a8e4c3d92df1bdaca70f4738e508 /ssl/tls13_enc.c | |
| parent | 3f5616d734a92fdf99ab827f21e5b6cab85e7194 (diff) | |
Add support for logging out TLSv1.3 secrets
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2287)
Diffstat (limited to 'ssl/tls13_enc.c')
| -rw-r--r-- | ssl/tls13_enc.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 7c217c11d3..0d29dae042 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -261,6 +261,7 @@ int tls13_change_cipher_state(SSL *s, int which) unsigned char *hash = hashval; unsigned char *insecret; unsigned char *finsecret = NULL; + const char *log_label = NULL; EVP_CIPHER_CTX *ciph_ctx; const EVP_CIPHER *ciph = s->s3->tmp.new_sym_enc; size_t ivlen, keylen, finsecretlen = 0; @@ -306,10 +307,12 @@ int tls13_change_cipher_state(SSL *s, int which) finsecretlen = EVP_MD_size(ssl_handshake_md(s)); label = client_handshake_traffic; labellen = sizeof(client_handshake_traffic) - 1; + log_label = CLIENT_HANDSHAKE_LABEL; } else { insecret = s->master_secret; label = client_application_traffic; labellen = sizeof(client_application_traffic) - 1; + log_label = CLIENT_APPLICATION_LABEL; /* * For this we only use the handshake hashes up until the server * Finished hash. We do not include the client's Finished, which is @@ -325,10 +328,12 @@ int tls13_change_cipher_state(SSL *s, int which) finsecretlen = EVP_MD_size(ssl_handshake_md(s)); label = server_handshake_traffic; labellen = sizeof(server_handshake_traffic) - 1; + log_label = SERVER_HANDSHAKE_LABEL; } else { insecret = s->master_secret; label = server_application_traffic; labellen = sizeof(server_application_traffic) - 1; + log_label = SERVER_APPLICATION_LABEL; } } @@ -370,6 +375,11 @@ int tls13_change_cipher_state(SSL *s, int which) keylen = EVP_CIPHER_key_length(ciph); ivlen = EVP_CIPHER_iv_length(ciph); + if (!ssl_log_secret(s, log_label, secret, hashlen)) { + SSLerr(SSL_F_TLS13_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR); + goto err; + } + if (!tls13_derive_key(s, secret, key, keylen) || !tls13_derive_iv(s, secret, iv, ivlen) || (finsecret != NULL && !tls13_derive_finishedkey(s, |