MINOR: quic: Optional header protection key for quic_tls_derive_keys()

quic_tls_derive_keys() is responsible to derive the AEAD keys, IVs and$
header protection key from a secret provided by the TLS stack. We want
to make the derivation of the header protection key be optional. This
is required for the Key Update process where there is no update for
the header protection key.

diff --git a/src/quic_tls.c b/src/quic_tls.c
index 2e354430c86f9fcf73c3cc43d578ad661fb2c5c8..fcb80a34f90cbdad56c729b618501882073e36eb 100644 (file)
--- a/src/quic_tls.c
+++ b/src/quic_tls.c
@@ -189,7 +189,7 @@ int quic_tls_derive_keys(const EVP_CIPHER *aead, const EVP_CIPHER *hp,
 {
        size_t aead_keylen = (size_t)EVP_CIPHER_key_length(aead);
        size_t aead_ivlen = (size_t)EVP_CIPHER_iv_length(aead);
-       size_t hp_len = (size_t)EVP_CIPHER_key_length(hp);
+       size_t hp_len = hp ? (size_t)EVP_CIPHER_key_length(hp) : 0;
        const unsigned char    key_label[] = "quic key";
        const unsigned char     iv_label[] = "quic iv";
        const unsigned char hp_key_label[] = "quic hp";
@@ -201,8 +201,8 @@ int quic_tls_derive_keys(const EVP_CIPHER *aead, const EVP_CIPHER *hp,
                                    key_label, sizeof key_label - 1) ||
            !quic_hkdf_expand_label(md, iv, aead_ivlen, secret, secretlen,
                                    iv_label, sizeof iv_label - 1) ||
-           !quic_hkdf_expand_label(md, hp_key, hp_len, secret, secretlen,
-                                   hp_key_label, sizeof hp_key_label - 1))
+           (hp_key && !quic_hkdf_expand_label(md, hp_key, hp_len, secret, secretlen,
+                                              hp_key_label, sizeof hp_key_label - 1)))
                return 0;
 
        return 1;