ret = _tls13_derive_secret(session, label, label_size,
session->internals.handshake_hash_buffer.data,
hsk_len,
+ session->key.temp_secret,
session->key.hs_ckey);
if (ret < 0)
return gnutls_assert_val(ret);
ret = _tls13_derive_secret(session, label, label_size,
session->internals.handshake_hash_buffer.data,
hsk_len,
+ session->key.temp_secret,
session->key.hs_skey);
if (ret < 0)
uint8_t zero[MAX_HASH_SIZE];
ret = _tls13_derive_secret(session, DERIVED_LABEL, sizeof(DERIVED_LABEL)-1,
- NULL, 0, session->key.temp_secret);
+ NULL, 0, session->key.temp_secret,
+ session->key.temp_secret);
if (ret < 0)
return gnutls_assert_val(ret);
return gnutls_assert_val(ret);
ret = _tls13_derive_secret(session, DERIVED_LABEL, sizeof(DERIVED_LABEL)-1,
- NULL, 0, session->key.temp_secret);
+ NULL, 0, session->key.temp_secret,
+ session->key.temp_secret);
if (ret < 0)
return gnutls_assert_val(ret);
if (vers->tls13_sem) {
ret = _tls13_derive_secret(session, DERIVED_LABEL, sizeof(DERIVED_LABEL)-1,
- NULL, 0, session->key.temp_secret);
+ NULL, 0, session->key.temp_secret,
+ session->key.temp_secret);
if (ret < 0) {
gnutls_assert();
goto fail;
session->key.temp_secret);
}
-static
-int _tls13_expand_hash_secret(gnutls_session_t session,
+/* Derive-Secret(Secret, Label, Messages) */
+int _tls13_derive_secret(gnutls_session_t session,
const char *label, unsigned label_size,
const uint8_t *tbh, size_t tbh_size,
- const uint8_t secret[MAX_CIPHER_KEY_SIZE],
- unsigned out_size,
+ const uint8_t secret[MAX_HASH_SIZE],
void *out)
{
uint8_t digest[MAX_HASH_SIZE];
if (ret < 0)
return gnutls_assert_val(ret);
- return _tls13_expand_secret(session, label, label_size, digest, digest_size, secret, out_size, out);
+ return _tls13_expand_secret(session, label, label_size, digest, digest_size, secret, digest_size, out);
}
/* HKDF-Expand-Label(Secret, Label, HashValue, Length) */
int _tls13_expand_secret(gnutls_session_t session,
const char *label, unsigned label_size,
const uint8_t *msg, size_t msg_size,
- const uint8_t secret[MAX_CIPHER_KEY_SIZE],
+ const uint8_t secret[MAX_HASH_SIZE],
unsigned out_size,
void *out)
{
_gnutls_buffer_clear(&str);
return ret;
}
-
-/* Derive-Secret(Secret, Label, Messages) */
-int _tls13_derive_secret(gnutls_session_t session,
- const char *label, unsigned label_size,
- const uint8_t *msg, size_t msg_size,
- void *out)
-{
- return _tls13_expand_hash_secret(session, label, label_size, msg, msg_size,
- session->key.temp_secret,
- session->key.temp_secret_size,
- out);
-}
int _tls13_init_secret(gnutls_session_t session, const uint8_t *psk, size_t psk_size);
int _tls13_update_secret(gnutls_session_t session, const uint8_t *key, size_t key_size);
int _tls13_derive_secret(gnutls_session_t session,
- const char *label, unsigned label_size,
- const uint8_t *msg, size_t msg_size,
- void *out /* of enough length to hold PRF MAC */);
+ const char *label, unsigned label_size,
+ const uint8_t *msg, size_t msg_size,
+ const uint8_t secret[MAX_HASH_SIZE],
+ void *out /* of enough length to hold PRF MAC */);
int _tls13_expand_secret(gnutls_session_t session,
const char *label, unsigned label_size,
const uint8_t *msg, size_t msg_size,
- const uint8_t secret[MAX_CIPHER_KEY_SIZE],
+ const uint8_t secret[MAX_HASH_SIZE],
unsigned out_size,
void *out);
projects / thirdparty / gnutls.git / commitdiff
