diff options
| author | Daiki Ueno <dueno@redhat.com> | 2017-11-24 10:55:43 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-11-27 08:56:50 +0100 |
| commit | cfd4c0c7db76926567832dcb2b18c71335f3ad10 (patch) | |
| tree | 3e137772cd4472a2057c06efb797e2b2ad5e6ea2 | |
| parent | 80cfa67a6459674466ee236accf2b0d1d9fb3167 (diff) | |
| download | gnutls-cfd4c0c7db76926567832dcb2b18c71335f3ad10.tar.gz | |
handshake-tls13: derive and store exporter_master_secret
Signed-off-by: Daiki Ueno <dueno@redhat.com>
| -rw-r--r-- | lib/gnutls_int.h | 1 | ||||
| -rw-r--r-- | lib/handshake-tls13.c | 8 | ||||
| -rw-r--r-- | lib/handshake.h | 4 |
3 files changed, 11 insertions, 2 deletions
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 9e50af67ce..bbd777c6b5 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -438,6 +438,7 @@ struct gnutls_key_st { unsigned temp_secret_size; /* depends on negotiated PRF size */ uint8_t hs_ckey[MAX_HASH_SIZE]; /* client_handshake_traffic_secret */ uint8_t hs_skey[MAX_HASH_SIZE]; /* server_handshake_traffic_secret */ + uint8_t ap_expkey[MAX_HASH_SIZE]; /* exporter_master_secret */ /* For ECDH KX */ gnutls_pk_params_st ecdh_params; /* private part */ diff --git a/lib/handshake-tls13.c b/lib/handshake-tls13.c index 2c03d7bb71..02889dc90d 100644 --- a/lib/handshake-tls13.c +++ b/lib/handshake-tls13.c @@ -154,6 +154,14 @@ static int generate_ap_traffic_keys(gnutls_session_t session) if (ret < 0) return gnutls_assert_val(ret); + ret = _tls13_derive_secret(session, EXPORTER_MASTER_LABEL, sizeof(EXPORTER_MASTER_LABEL)-1, + session->internals.handshake_hash_buffer.data, + session->internals.handshake_hash_buffer_server_finished_len, + session->key.temp_secret, + session->key.ap_expkey); + if (ret < 0) + return gnutls_assert_val(ret); + _gnutls_epoch_bump(session); ret = _gnutls_epoch_dup(session); if (ret < 0) diff --git a/lib/handshake.h b/lib/handshake.h index fb944925e9..6c84631839 100644 --- a/lib/handshake.h +++ b/lib/handshake.h @@ -113,13 +113,13 @@ int _gnutls_check_if_cert_hash_is_same(gnutls_session_t session, gnutls_certific #define EARLY_TRAFFIC_LABEL "c e traffic" #define EXT_BINDER_LABEL "ext binder" #define RES_BINDER_LABEL "res binder" -#define EARLY_EXPORTER_LABEL "e exp master" +#define EARLY_EXPORTER_MASTER_LABEL "e exp master" #define HANDSHAKE_CLIENT_TRAFFIC_LABEL "c hs traffic" #define HANDSHAKE_SERVER_TRAFFIC_LABEL "s hs traffic" #define DERIVED_LABEL "derived" #define APPLICATION_CLIENT_TRAFFIC_LABEL "c ap traffic" #define APPLICATION_SERVER_TRAFFIC_LABEL "s ap traffic" -#define EXPORTER_LABEL "exp master" +#define EXPORTER_MASTER_LABEL "exp master" #define RES_LABEL "res master" int _gnutls_run_verify_callback(gnutls_session_t session, unsigned int side); |