From fadf42665c7a7c3f57477391d121ad2ca8698164 Mon Sep 17 00:00:00 2001 From: Todd Short Date: Tue, 24 Sep 2019 10:26:42 -0400 Subject: [PATCH 16/43] QUIC: Add support for more secrets --- ssl/tls13_enc.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -456,10 +456,14 @@ static int quic_change_cipher_state(SSL sizeof(client_handshake_traffic)-1, hash, hashlen, s->client_hand_traffic_secret, hashlen, 1) || !ssl_log_secret(s, CLIENT_HANDSHAKE_LABEL, s->client_hand_traffic_secret, hashlen) + || !tls13_derive_finishedkey(s, md, s->client_hand_traffic_secret, + s->client_finished_secret, hashlen) || !tls13_hkdf_expand(s, md, s->handshake_secret, server_handshake_traffic, sizeof(server_handshake_traffic)-1, hash, hashlen, s->server_hand_traffic_secret, hashlen, 1) - || !ssl_log_secret(s, SERVER_HANDSHAKE_LABEL, s->server_hand_traffic_secret, hashlen)) { + || !ssl_log_secret(s, SERVER_HANDSHAKE_LABEL, s->server_hand_traffic_secret, hashlen) + || !tls13_derive_finishedkey(s, md, s->server_hand_traffic_secret, + s->server_finished_secret, hashlen)) { /* SSLfatal() already called */ goto err; } @@ -473,7 +477,10 @@ static int quic_change_cipher_state(SSL || !tls13_hkdf_expand(s, md, s->master_secret, server_application_traffic, sizeof(server_application_traffic)-1, hash, hashlen, s->server_app_traffic_secret, hashlen, 1) - || !ssl_log_secret(s, SERVER_APPLICATION_LABEL, s->server_app_traffic_secret, hashlen)) { + || !ssl_log_secret(s, SERVER_APPLICATION_LABEL, s->server_app_traffic_secret, hashlen) + || !tls13_hkdf_expand(s, md, s->master_secret, resumption_master_secret, + sizeof(resumption_master_secret)-1, hash, hashlen, + s->resumption_master_secret, hashlen, 1)) { /* SSLfatal() already called */ goto err; }