diff options
Diffstat (limited to 'src/lib/libssl/tls13_key_schedule.c')
| -rw-r--r-- | src/lib/libssl/tls13_key_schedule.c | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/src/lib/libssl/tls13_key_schedule.c b/src/lib/libssl/tls13_key_schedule.c index 91f59e46f9..d112351530 100644 --- a/src/lib/libssl/tls13_key_schedule.c +++ b/src/lib/libssl/tls13_key_schedule.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_key_schedule.c,v 1.8 2019/11/17 21:01:08 beck Exp $ */ | 1 | /* $OpenBSD: tls13_key_schedule.c,v 1.8.6.1 2021/02/03 07:06:14 tb Exp $ */ |
| 2 | /* Copyright (c) 2018, Bob Beck <beck@openbsd.org> | 2 | /* Copyright (c) 2018, Bob Beck <beck@openbsd.org> |
| 3 | * | 3 | * |
| 4 | * Permission to use, copy, modify, and/or distribute this software for any | 4 | * Permission to use, copy, modify, and/or distribute this software for any |
| @@ -174,6 +174,15 @@ tls13_hkdf_expand_label(struct tls13_secret *out, const EVP_MD *digest, | |||
| 174 | const struct tls13_secret *secret, const char *label, | 174 | const struct tls13_secret *secret, const char *label, |
| 175 | const struct tls13_secret *context) | 175 | const struct tls13_secret *context) |
| 176 | { | 176 | { |
| 177 | return tls13_hkdf_expand_label_with_length(out, digest, secret, label, | ||
| 178 | strlen(label), context); | ||
| 179 | } | ||
| 180 | |||
| 181 | int | ||
| 182 | tls13_hkdf_expand_label_with_length(struct tls13_secret *out, | ||
| 183 | const EVP_MD *digest, const struct tls13_secret *secret, | ||
| 184 | const uint8_t *label, size_t label_len, const struct tls13_secret *context) | ||
| 185 | { | ||
| 177 | const char tls13_plabel[] = "tls13 "; | 186 | const char tls13_plabel[] = "tls13 "; |
| 178 | uint8_t *hkdf_label; | 187 | uint8_t *hkdf_label; |
| 179 | size_t hkdf_label_len; | 188 | size_t hkdf_label_len; |
| @@ -188,7 +197,7 @@ tls13_hkdf_expand_label(struct tls13_secret *out, const EVP_MD *digest, | |||
| 188 | goto err; | 197 | goto err; |
| 189 | if (!CBB_add_bytes(&child, tls13_plabel, strlen(tls13_plabel))) | 198 | if (!CBB_add_bytes(&child, tls13_plabel, strlen(tls13_plabel))) |
| 190 | goto err; | 199 | goto err; |
| 191 | if (!CBB_add_bytes(&child, label, strlen(label))) | 200 | if (!CBB_add_bytes(&child, label, label_len)) |
| 192 | goto err; | 201 | goto err; |
| 193 | if (!CBB_add_u8_length_prefixed(&cbb, &child)) | 202 | if (!CBB_add_u8_length_prefixed(&cbb, &child)) |
| 194 | goto err; | 203 | goto err; |
| @@ -207,7 +216,7 @@ tls13_hkdf_expand_label(struct tls13_secret *out, const EVP_MD *digest, | |||
| 207 | return(0); | 216 | return(0); |
| 208 | } | 217 | } |
| 209 | 218 | ||
| 210 | static int | 219 | int |
| 211 | tls13_derive_secret(struct tls13_secret *out, const EVP_MD *digest, | 220 | tls13_derive_secret(struct tls13_secret *out, const EVP_MD *digest, |
| 212 | const struct tls13_secret *secret, const char *label, | 221 | const struct tls13_secret *secret, const char *label, |
| 213 | const struct tls13_secret *context) | 222 | const struct tls13_secret *context) |
| @@ -216,6 +225,15 @@ tls13_derive_secret(struct tls13_secret *out, const EVP_MD *digest, | |||
| 216 | } | 225 | } |
| 217 | 226 | ||
| 218 | int | 227 | int |
| 228 | tls13_derive_secret_with_label_length(struct tls13_secret *out, | ||
| 229 | const EVP_MD *digest, const struct tls13_secret *secret, const uint8_t *label, | ||
| 230 | size_t label_len, const struct tls13_secret *context) | ||
| 231 | { | ||
| 232 | return tls13_hkdf_expand_label_with_length(out, digest, secret, label, | ||
| 233 | label_len, context); | ||
| 234 | } | ||
| 235 | |||
| 236 | int | ||
| 219 | tls13_derive_early_secrets(struct tls13_secrets *secrets, | 237 | tls13_derive_early_secrets(struct tls13_secrets *secrets, |
| 220 | uint8_t *psk, size_t psk_len, const struct tls13_secret *context) | 238 | uint8_t *psk, size_t psk_len, const struct tls13_secret *context) |
| 221 | { | 239 | { |