_tls13_derive_secret: define secret argument

TLS 1.3 exporters need to derive a secret from exporter_master_secret or early_exporter_master_secret, not the handshake or application secret stored in temp_secret. Add a new argument @secret to _tls13_derive_secret to specify any secret. Signed-off-by: Daiki Ueno <dueno@redhat.com>
author: Daiki Ueno <dueno@redhat.com> 2017-11-24 10:34:26 +0100
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2018-02-19 15:29:35 +0100
commit: fab15d705a024e780493b9c8907a577e7cef838a (patch)
tree: 74cabb4932628769f1bbe3fd02e86c9c22ffb6da /lib/constate.c
parent: 0d850655c92e5d52a531c8a958cc5a0c3e125609 (diff)
download: gnutls-fab15d705a024e780493b9c8907a577e7cef838a.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/constate.c b/lib/constate.c
index db4aa6561a..c0967f7f0a 100644
--- a/lib/constate.c
+++ b/lib/constate.c
@@ -226,6 +226,7 @@ _tls13_set_keys(gnutls_session_t session, hs_stage_t stage, record_parameters_st
 	ret = _tls13_derive_secret(session, label, label_size,
 				   session->internals.handshake_hash_buffer.data,
 				   hsk_len,
+				   session->key.temp_secret,
 				   session->key.hs_ckey);
 	if (ret < 0)
 		return gnutls_assert_val(ret);
@@ -251,6 +252,7 @@ _tls13_set_keys(gnutls_session_t session, hs_stage_t stage, record_parameters_st
 	ret = _tls13_derive_secret(session, label, label_size,
 				   session->internals.handshake_hash_buffer.data,
 				   hsk_len,
+				   session->key.temp_secret,
 				   session->key.hs_skey);
 
 	if (ret < 0)
author	Daiki Ueno <dueno@redhat.com>	2017-11-24 10:34:26 +0100
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-02-19 15:29:35 +0100
commit	fab15d705a024e780493b9c8907a577e7cef838a (patch)
tree	74cabb4932628769f1bbe3fd02e86c9c22ffb6da /lib/constate.c
parent	0d850655c92e5d52a531c8a958cc5a0c3e125609 (diff)
download	gnutls-fab15d705a024e780493b9c8907a577e7cef838a.tar.gz