BUG/MINOR: quic: retry token remove one useless intermediate expand

According to rfc 5869 about hkdf, extract function returns a
pseudo random key usable to perform expand using labels to derive keys.
So the intermediate expand on a label is useless, the key should be strong
enought using only one expand.

This patch should be backported until v2.6

diff --git a/src/quic_tls.c b/src/quic_tls.c
index 5e4366368d2ed18e587c3567c22b0860dac61f58..3efea45a6e3de128e544544695a344485169c2a0 100644 (file)
--- a/src/quic_tls.c
+++ b/src/quic_tls.c
@@ -766,13 +766,11 @@ int quic_tls_derive_retry_token_secret(const EVP_MD *md,
                                        const unsigned char *secret, size_t secretlen)
 {
        unsigned char tmpkey[QUIC_TLS_KEY_LEN];
-       const unsigned char tmpkey_label[] = "retry token";
        const unsigned char key_label[] = "retry token key";
        const unsigned char iv_label[] = "retry token iv";
 
-       if (!quic_hkdf_extract_and_expand(md, tmpkey, sizeof tmpkey,
-                                         secret, secretlen, salt, saltlen,
-                                         tmpkey_label, sizeof tmpkey_label - 1) ||
+       if (!quic_hkdf_extract(md, tmpkey, sizeof tmpkey,
+                              secret, secretlen, salt, saltlen) ||
            !quic_hkdf_expand(md, key, keylen, tmpkey, sizeof tmpkey,
                              key_label, sizeof key_label - 1) ||
            !quic_hkdf_expand(md, iv, ivlen, tmpkey, sizeof tmpkey,