Commit a599574b authored by Matt Caswell's avatar Matt Caswell
Browse files

Updates following review of SSL_export_key_material() changes 



Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3782)
parent e88c40af

doc/man3/SSL_export_keying_material.pod

+1 −1
Original line number Diff line number Diff line
@@ -33,7 +33,7 @@ pointed to by B<context> and should be B<contextlen> bytes long. Provision of 
a context is optional. If the context should be omitted entirely then

B<use_context> should be set to 0. Otherwise it should be any other value. If

B<use_context> is 0 then the values of B<context> and B<contextlen> are ignored.

Note that in TLSv1.2 and below a zero length context is treated differently to

Note that in TLSv1.2 and below a zero length context is treated differently from

no context at all, and will result in different keying material being returned.

In TLSv1.3 a zero length context is that same as no context at all and will

result in the same keying material being returned.

ssl/tls13_enc.c

+1 −4
Original line number Diff line number Diff line
@@ -611,10 +611,7 @@ int tls13_export_keying_material(SSL *s, unsigned char *out, size_t olen, 
    unsigned int hashsize;

    int ret = 0;



    if (ctx == NULL)

        goto err;



    if (!SSL_is_init_finished(s))

    if (ctx == NULL || !SSL_is_init_finished(s))

        goto err;



    if (!use_context)

test/sslapitest.c

+10 −23
Original line number Diff line number Diff line
@@ -2493,7 +2493,7 @@ static int test_serverinfo(int tst) 
 */

static int test_export_key_mat(int tst)

{

    int testresult = 0, proto;

    int testresult = 0;

    SSL_CTX *cctx = NULL, *sctx = NULL, *sctx2 = NULL;

    SSL *clientssl = NULL, *serverssl = NULL;

    const char label[] = "test label";
@@ -2501,6 +2501,12 @@ static int test_export_key_mat(int tst) 
    const unsigned char *emptycontext = NULL;

    unsigned char ckeymat1[80], ckeymat2[80], ckeymat3[80];

    unsigned char skeymat1[80], skeymat2[80], skeymat3[80];

    const int protocols[] = {

        TLS1_VERSION,

        TLS1_1_VERSION,

        TLS1_2_VERSION,

        TLS1_3_VERSION

    };



#ifdef OPENSSL_NO_TLS1

    if (tst == 0)
@@ -2523,28 +2529,9 @@ static int test_export_key_mat(int tst) 
                                       &cctx, cert, privkey)))

        goto end;



    switch (tst) {

    case 0:

        proto = TLS1_VERSION;

        break;



    case 1:

        proto = TLS1_1_VERSION;

        break;



    case 2:

        proto = TLS1_2_VERSION;

        break;



    case 3:

        proto = TLS1_3_VERSION;

        break;



    default:

        goto end;

    }

    SSL_CTX_set_max_proto_version(cctx, proto);

    SSL_CTX_set_min_proto_version(cctx, proto);

    OPENSSL_assert(tst >= 0 && (size_t)tst < OSSL_NELEM(protocols));

    SSL_CTX_set_max_proto_version(cctx, protocols[tst]);

    SSL_CTX_set_min_proto_version(cctx, protocols[tst]);



    if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL,

                                      NULL))