diff options
Diffstat (limited to 'lib/ext/pre_shared_key.c')
-rw-r--r-- | lib/ext/pre_shared_key.c | 25 |
1 files changed, 13 insertions, 12 deletions
diff --git a/lib/ext/pre_shared_key.c b/lib/ext/pre_shared_key.c index 11e1a40a9b..00d88339f1 100644 --- a/lib/ext/pre_shared_key.c +++ b/lib/ext/pre_shared_key.c @@ -36,7 +36,7 @@ #include <assert.h> static int -compute_psk_from_ticket(const tls13_ticket_st *ticket, gnutls_datum_t *key) +compute_psk_from_ticket(const tls13_ticket_st *ticket, gnutls_datum_t *key, transport_t type) { int ret; @@ -50,7 +50,7 @@ compute_psk_from_ticket(const tls13_ticket_st *ticket, gnutls_datum_t *key) } key->size = ticket->prf->output_size; - ret = _tls13_expand_secret2(ticket->prf, + ret = _tls13_expand_secret2(ticket->prf, type, RESUMPTION_LABEL, sizeof(RESUMPTION_LABEL)-1, ticket->nonce, ticket->nonce_size, ticket->resumption_master_secret, @@ -63,7 +63,7 @@ compute_psk_from_ticket(const tls13_ticket_st *ticket, gnutls_datum_t *key) } static int -compute_binder_key(const mac_entry_st *prf, +compute_binder_key(const mac_entry_st *prf, transport_t type, const uint8_t *key, size_t keylen, bool resuming, void *out) @@ -83,7 +83,7 @@ compute_binder_key(const mac_entry_st *prf, return ret; /* Compute Derive-Secret(secret, label, transcript_hash) */ - ret = _tls13_derive_secret2(prf, label, label_len, + ret = _tls13_derive_secret2(prf, type, label, label_len, NULL, 0, tmp_key, out); if (ret < 0) return ret; @@ -167,7 +167,7 @@ compute_psk_binder(gnutls_session_t session, } } - ret = compute_binder_key(prf, + ret = compute_binder_key(prf, session->internals.transport, psk->data, psk->size, resuming, binder_key); if (ret < 0) { @@ -175,9 +175,8 @@ compute_psk_binder(gnutls_session_t session, goto error; } - ret = _gnutls13_compute_finished(prf, binder_key, - &handshake_buf, - out); + ret = _gnutls13_compute_finished(prf, session->internals.transport, + binder_key, &handshake_buf, out); if (ret < 0) { gnutls_assert(); goto error; @@ -195,7 +194,8 @@ generate_early_secrets(gnutls_session_t session, { int ret; - ret = _tls13_derive_secret2(prf, EARLY_TRAFFIC_LABEL, sizeof(EARLY_TRAFFIC_LABEL)-1, + ret = _tls13_derive_secret2(prf, session->internals.transport, EARLY_TRAFFIC_LABEL, + sizeof(EARLY_TRAFFIC_LABEL)-1, session->internals.handshake_hash_buffer.data, session->internals.handshake_hash_buffer_client_hello_len, session->key.proto.tls13.temp_secret, @@ -209,7 +209,8 @@ generate_early_secrets(gnutls_session_t session, if (ret < 0) return gnutls_assert_val(ret); - ret = _tls13_derive_secret2(prf, EARLY_EXPORTER_MASTER_LABEL, sizeof(EARLY_EXPORTER_MASTER_LABEL)-1, + ret = _tls13_derive_secret2(prf, session->internals.transport, EARLY_EXPORTER_MASTER_LABEL, + sizeof(EARLY_EXPORTER_MASTER_LABEL)-1, session->internals.handshake_hash_buffer.data, session->internals.handshake_hash_buffer_client_hello_len, session->key.proto.tls13.temp_secret, @@ -322,7 +323,7 @@ client_send_params(gnutls_session_t session, goto ignore_ticket; } - ret = compute_psk_from_ticket(ticket, &rkey); + ret = compute_psk_from_ticket(ticket, &rkey, session->internals.transport); if (ret < 0) { tls13_ticket_deinit(ticket); goto ignore_ticket; @@ -603,7 +604,7 @@ static int server_recv_params(gnutls_session_t session, continue; } - ret = compute_psk_from_ticket(&ticket_data, &key); + ret = compute_psk_from_ticket(&ticket_data, &key, session->internals.transport); if (ret < 0) { gnutls_assert(); tls13_ticket_deinit(&ticket_data); |