From fc37d72d0cd2021205ee99d8110ad1648055fde7 Mon Sep 17 00:00:00 2001
From: beck <>
Date: Sun, 17 Nov 2019 21:01:08 +0000
Subject: Correct update of application traffic secrets to use an empty context
 rather than the hash of an empty context

ok jsing@
---
 src/lib/libssl/tls13_key_schedule.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libssl/tls13_key_schedule.c b/src/lib/libssl/tls13_key_schedule.c
index 8a0b3e8af4..91f59e46f9 100644
--- a/src/lib/libssl/tls13_key_schedule.c
+++ b/src/lib/libssl/tls13_key_schedule.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_key_schedule.c,v 1.7 2018/11/13 01:25:13 beck Exp $ */
+/* $OpenBSD: tls13_key_schedule.c,v 1.8 2019/11/17 21:01:08 beck Exp $ */
 /* Copyright (c) 2018, Bob Beck <beck@openbsd.org>
  *
  * Permission to use, copy, modify, and/or distribute this software for any
@@ -354,23 +354,27 @@ tls13_derive_application_secrets(struct tls13_secrets *secrets,
 int
 tls13_update_client_traffic_secret(struct tls13_secrets *secrets)
 {
+	struct tls13_secret context = { .data = "", .len = 0 };
+
 	if (!secrets->init_done || !secrets->early_done ||
 	    !secrets->handshake_done || !secrets->schedule_done)
 		return 0;
 
 	return tls13_hkdf_expand_label(&secrets->client_application_traffic,
 	    secrets->digest, &secrets->client_application_traffic,
-	    "traffic upd", &secrets->empty_hash);
+	    "traffic upd", &context);
 }
 
 int
 tls13_update_server_traffic_secret(struct tls13_secrets *secrets)
 {
+	struct tls13_secret context = { .data = "", .len = 0 };
+
 	if (!secrets->init_done || !secrets->early_done ||
 	    !secrets->handshake_done || !secrets->schedule_done)
 		return 0;
 
 	return tls13_hkdf_expand_label(&secrets->server_application_traffic,
 	    secrets->digest, &secrets->server_application_traffic,
-	    "traffic upd", &secrets->empty_hash);
+	    "traffic upd", &context);
 }
-- 
cgit v1.2.3-55-g6feb