From 507fa1d35b3c6713745d9cd2e079eb2d8931466c Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Wed, 29 Nov 2017 11:18:40 +0100
Subject: keylogfile: write TLS 1.3 secrets

Signed-off-by: Daiki Ueno <dueno@redhat.com>
---
 lib/handshake-tls13.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'lib/handshake-tls13.c')

diff --git a/lib/handshake-tls13.c b/lib/handshake-tls13.c
index 02889dc90d..9a36bacc40 100644
--- a/lib/handshake-tls13.c
+++ b/lib/handshake-tls13.c
@@ -162,6 +162,10 @@ static int generate_ap_traffic_keys(gnutls_session_t session)
 	if (ret < 0)
 		return gnutls_assert_val(ret);
 
+	_gnutls_nss_keylog_write(session, "EXPORTER_SECRET",
+				 session->key.ap_expkey,
+				 session->security_parameters.prf->output_size);
+
 	_gnutls_epoch_bump(session);
 	ret = _gnutls_epoch_dup(session);
 	if (ret < 0)
-- 
cgit v1.2.1