Add support for logging TLS 1.3 exporter secret (6329ce8f) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

ssl/ssl_locl.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -2554,6 +2554,7 @@ __owur int ssl_log_secret(SSL ssl, const char label,
		#define SERVER_HANDSHAKE_LABEL "SERVER_HANDSHAKE_TRAFFIC_SECRET"
		#define CLIENT_APPLICATION_LABEL "CLIENT_TRAFFIC_SECRET_0"
		#define SERVER_APPLICATION_LABEL "SERVER_TRAFFIC_SECRET_0"
		#define EXPORTER_SECRET_LABEL "EXPORTER_SECRET"

		/* s3_cbc.c */
		__owur char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);

ssl/tls13_enc.c

+6 −0

Original line number	Diff line number	Diff line
		@@ -594,6 +594,12 @@ int tls13_change_cipher_state(SSL *s, int which)
		/* SSLfatal() already called */
		goto err;
		}

		if (!ssl_log_secret(s, EXPORTER_SECRET_LABEL, s->exporter_master_secret,
		hashlen)) {
		/* SSLfatal() already called */
		goto err;
		}
		} else if (label == client_application_traffic)
		memcpy(s->client_app_traffic_secret, secret, hashlen);

test/sslapitest.c

+10 −2

Original line number	Diff line number	Diff line
		@@ -58,6 +58,7 @@ struct sslapitest_log_counts {
		unsigned int server_handshake_secret_count;
		unsigned int client_application_secret_count;
		unsigned int server_application_secret_count;
		unsigned int exporter_secret_count;
		};


		@@ -143,6 +144,7 @@ static int test_keylog_output(char buffer, const SSL ssl,
		unsigned int server_handshake_secret_count = 0;
		unsigned int client_application_secret_count = 0;
		unsigned int server_application_secret_count = 0;
		unsigned int exporter_secret_count = 0;

		for (token = strtok(buffer, " \n"); token != NULL;
		token = strtok(NULL, " \n")) {
		@@ -199,7 +201,8 @@ static int test_keylog_output(char buffer, const SSL ssl,
		} else if (strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0
		\|\| strcmp(token, "SERVER_HANDSHAKE_TRAFFIC_SECRET") == 0
		\|\| strcmp(token, "CLIENT_TRAFFIC_SECRET_0") == 0
		\|\| strcmp(token, "SERVER_TRAFFIC_SECRET_0") == 0) {
		\|\| strcmp(token, "SERVER_TRAFFIC_SECRET_0") == 0
		\|\| strcmp(token, "EXPORTER_SECRET") == 0) {
		/*
		* TLSv1.3 secret. Tokens should be: 64 ASCII bytes of hex-encoded
		* client random, and then the hex-encoded secret. In this case,
		@@ -214,6 +217,8 @@ static int test_keylog_output(char buffer, const SSL ssl,
		client_application_secret_count++;
		else if (strcmp(token, "SERVER_TRAFFIC_SECRET_0") == 0)
		server_application_secret_count++;
		else if (strcmp(token, "EXPORTER_SECRET") == 0)
		exporter_secret_count++;

		client_random_size = SSL_get_client_random(ssl,
		actual_client_random,
		@@ -254,7 +259,9 @@ static int test_keylog_output(char buffer, const SSL ssl,
		\|\| !TEST_size_t_eq(client_application_secret_count,
		expected->client_application_secret_count)
		\|\| !TEST_size_t_eq(server_application_secret_count,
		expected->server_application_secret_count))
		expected->server_application_secret_count)
		\|\| !TEST_size_t_eq(exporter_secret_count,
		expected->exporter_secret_count))
		return 0;
		return 1;
		}
		@@ -390,6 +397,7 @@ static int test_keylog_no_master_key(void)
		expected.server_handshake_secret_count = 1;
		expected.client_application_secret_count = 1;
		expected.server_application_secret_count = 1;
		expected.exporter_secret_count = 1;
		if (!TEST_true(test_keylog_output(client_log_buffer, clientssl,
		SSL_get_session(clientssl), &expected))
		\|\| !TEST_true(test_keylog_output(server_log_buffer, serverssl,