From 73e18c3d9f407f18cd1094dce90bce00a3cd9d09 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Thu, 14 Feb 2019 18:06:11 +0000
Subject: Switch to application traffic keys as appropriate.

Switch the read traffic key to the server application traffic key once
the server finished message has been processed. Switch the write traffic
key to the client application traffic key after sending the client
finished message.

ok tb@
---
 src/lib/libssl/tls13_client.c | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

(limited to 'src/lib')

diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c
index 5353b5a3c8..63dff31061 100644
--- a/src/lib/libssl/tls13_client.c
+++ b/src/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.9 2019/02/14 17:55:31 jsing Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.10 2019/02/14 18:06:11 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -622,6 +622,14 @@ tls13_server_finished_recv(struct tls13_ctx *ctx)
 	if (!tls13_derive_application_secrets(secrets, &context))
 		return TLS13_IO_FAILURE;
 
+	/*
+	 * Any records following the server finished message must be encrypted
+	 * using the server application traffic keys.
+	 */
+	if (!tls13_record_layer_set_read_traffic_key(ctx->rl,
+	    &secrets->server_application_traffic))
+		return TLS13_IO_FAILURE;
+
 	ret = 1;
 
  err:
@@ -679,6 +687,14 @@ tls13_client_finished_send(struct tls13_ctx *ctx)
 	if (!tls13_handshake_msg_finish(ctx->hs_msg))
 		goto err;
 
+	/*
+	 * Any records following the client finished message must be encrypted
+	 * using the client application traffic keys.
+	 */
+	if (!tls13_record_layer_set_write_traffic_key(ctx->rl,
+	    &secrets->client_application_traffic))
+		return TLS13_IO_FAILURE;
+
 	ret = 1;
 
  err:
-- 
cgit v1.2.3-55-g6feb