diff options
author | Matt Caswell <matt@openssl.org> | 2022-11-14 14:19:53 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2023-01-24 17:16:29 +0000 |
commit | 3f9175c7a46b13a3528d9b5776030a78eb1f9454 (patch) | |
tree | d114752dce6626fe749c8bec4b8721424c701461 /ssl/tls13_enc.c | |
parent | bea8d70498c9ad0e2cca3652c748d327be7b841e (diff) |
Extend the new_record_layer function
Add the ability to pass the main secret and length, as well as the
digest used for the KDF.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19748)
Diffstat (limited to 'ssl/tls13_enc.c')
-rw-r--r-- | ssl/tls13_enc.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 6d2f46441a..30ef3a8410 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -678,8 +678,9 @@ int tls13_change_cipher_state(SSL_CONNECTION *s, int which) if (!ssl_set_new_record_layer(s, s->version, direction, - level, key, keylen, iv, ivlen, NULL, 0, - cipher, taglen, NID_undef, NULL, NULL)) { + level, insecret, hashlen, key, keylen, iv, + ivlen, NULL, 0, cipher, taglen, NID_undef, + NULL, NULL, md)) { /* SSLfatal already called */ goto err; } @@ -736,9 +737,9 @@ int tls13_update_key(SSL_CONNECTION *s, int sending) if (!ssl_set_new_record_layer(s, s->version, direction, OSSL_RECORD_PROTECTION_LEVEL_APPLICATION, - key, keylen, iv, ivlen, NULL, 0, + insecret, hashlen, key, keylen, iv, ivlen, NULL, 0, s->s3.tmp.new_sym_enc, taglen, NID_undef, NULL, - NULL)) { + NULL, md)) { /* SSLfatal already called */ goto err; } |