diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-11-08 13:08:02 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-02-19 15:29:36 +0100 |
| commit | dcf2a8d3bd69ed0b994bed1753fe47a83366786e (patch) | |
| tree | 26580c38aeb0885204502169032df04521793d54 /lib/constate.c | |
| parent | 62ea232f180b980a0d4b6462c468706db6cc4700 (diff) | |
| download | gnutls-dcf2a8d3bd69ed0b994bed1753fe47a83366786e.tar.gz | |
session state: organized key exchange keys into structures
That is, with the view of separating the data needed for
TLS1.2 and earlier and TLS1.3.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/constate.c')
| -rw-r--r-- | lib/constate.c | 36 |
1 files changed, 18 insertions, 18 deletions
diff --git a/lib/constate.c b/lib/constate.c index 95e574b1fd..a1a1d96221 100644 --- a/lib/constate.c +++ b/lib/constate.c @@ -252,32 +252,32 @@ _tls13_update_keys(gnutls_session_t session, hs_stage_t stage, ret = _tls13_derive_secret(session, APPLICATION_TRAFFIC_UPDATE, sizeof(APPLICATION_TRAFFIC_UPDATE)-1, NULL, 0, - session->key.temp_secret, - session->key.hs_ckey); + session->key.proto.kshare.temp_secret, + session->key.proto.kshare.hs_ckey); if (ret < 0) return gnutls_assert_val(ret); - ret = _tls13_expand_secret(session, "key", 3, NULL, 0, session->key.hs_ckey, key_size, key_block); + ret = _tls13_expand_secret(session, "key", 3, NULL, 0, session->key.proto.kshare.hs_ckey, key_size, key_block); if (ret < 0) return gnutls_assert_val(ret); - ret = _tls13_expand_secret(session, "iv", 2, NULL, 0, session->key.hs_ckey, iv_size, iv_block); + ret = _tls13_expand_secret(session, "iv", 2, NULL, 0, session->key.proto.kshare.hs_ckey, iv_size, iv_block); if (ret < 0) return gnutls_assert_val(ret); } else { ret = _tls13_derive_secret(session, APPLICATION_TRAFFIC_UPDATE, sizeof(APPLICATION_TRAFFIC_UPDATE)-1, NULL, 0, - session->key.temp_secret, - session->key.hs_skey); + session->key.proto.kshare.temp_secret, + session->key.proto.kshare.hs_skey); if (ret < 0) return gnutls_assert_val(ret); - ret = _tls13_expand_secret(session, "key", 3, NULL, 0, session->key.hs_skey, key_size, key_block); + ret = _tls13_expand_secret(session, "key", 3, NULL, 0, session->key.proto.kshare.hs_skey, key_size, key_block); if (ret < 0) return gnutls_assert_val(ret); - ret = _tls13_expand_secret(session, "iv", 2, NULL, 0, session->key.hs_skey, iv_size, iv_block); + ret = _tls13_expand_secret(session, "iv", 2, NULL, 0, session->key.proto.kshare.hs_skey, iv_size, iv_block); if (ret < 0) return gnutls_assert_val(ret); } @@ -344,21 +344,21 @@ _tls13_set_keys(gnutls_session_t session, hs_stage_t stage, ret = _tls13_derive_secret(session, label, label_size, session->internals.handshake_hash_buffer.data, hsk_len, - session->key.temp_secret, - session->key.hs_ckey); + session->key.proto.kshare.temp_secret, + session->key.proto.kshare.hs_ckey); if (ret < 0) return gnutls_assert_val(ret); _gnutls_nss_keylog_write(session, keylog_label, - session->key.hs_ckey, + session->key.proto.kshare.hs_ckey, session->security_parameters.prf->output_size); /* client keys */ - ret = _tls13_expand_secret(session, "key", 3, NULL, 0, session->key.hs_ckey, key_size, ckey_block); + ret = _tls13_expand_secret(session, "key", 3, NULL, 0, session->key.proto.kshare.hs_ckey, key_size, ckey_block); if (ret < 0) return gnutls_assert_val(ret); - ret = _tls13_expand_secret(session, "iv", 2, NULL, 0, session->key.hs_ckey, iv_size, civ_block); + ret = _tls13_expand_secret(session, "iv", 2, NULL, 0, session->key.proto.kshare.hs_ckey, iv_size, civ_block); if (ret < 0) return gnutls_assert_val(ret); @@ -376,21 +376,21 @@ _tls13_set_keys(gnutls_session_t session, hs_stage_t stage, ret = _tls13_derive_secret(session, label, label_size, session->internals.handshake_hash_buffer.data, hsk_len, - session->key.temp_secret, - session->key.hs_skey); + session->key.proto.kshare.temp_secret, + session->key.proto.kshare.hs_skey); if (ret < 0) return gnutls_assert_val(ret); _gnutls_nss_keylog_write(session, keylog_label, - session->key.hs_skey, + session->key.proto.kshare.hs_skey, session->security_parameters.prf->output_size); - ret = _tls13_expand_secret(session, "key", 3, NULL, 0, session->key.hs_skey, key_size, skey_block); + ret = _tls13_expand_secret(session, "key", 3, NULL, 0, session->key.proto.kshare.hs_skey, key_size, skey_block); if (ret < 0) return gnutls_assert_val(ret); - ret = _tls13_expand_secret(session, "iv", 2, NULL, 0, session->key.hs_skey, iv_size, siv_block); + ret = _tls13_expand_secret(session, "iv", 2, NULL, 0, session->key.proto.kshare.hs_skey, iv_size, siv_block); if (ret < 0) return gnutls_assert_val(ret); |