summaryrefslogtreecommitdiff
path: root/src/ssl/tls13_enc.cc
diff options
context:
space:
mode:
Diffstat (limited to 'src/ssl/tls13_enc.cc')
-rw-r--r--src/ssl/tls13_enc.cc8
1 files changed, 2 insertions, 6 deletions
diff --git a/src/ssl/tls13_enc.cc b/src/ssl/tls13_enc.cc
index 73535612..b6a402f4 100644
--- a/src/ssl/tls13_enc.cc
+++ b/src/ssl/tls13_enc.cc
@@ -38,6 +38,7 @@ static bool init_key_schedule(SSL_HANDSHAKE *hs, uint16_t version,
return false;
}
+ assert(hs->transcript.DigestLen() <= SSL_MAX_MD_SIZE);
hs->hash_len = hs->transcript.DigestLen();
// Initialize the secret to the zero key.
@@ -215,7 +216,6 @@ bool tls13_set_traffic_key(SSL *ssl, enum ssl_encryption_level_t level,
static const char kTLS13LabelExporter[] = "exp master";
-static const char kTLS13LabelEarlyExporter[] = "e exp master";
static const char kTLS13LabelClientEarlyTraffic[] = "c e traffic";
static const char kTLS13LabelClientHandshakeTraffic[] = "c hs traffic";
@@ -229,13 +229,9 @@ bool tls13_derive_early_secrets(SSL_HANDSHAKE *hs) {
kTLS13LabelClientEarlyTraffic,
strlen(kTLS13LabelClientEarlyTraffic)) ||
!ssl_log_secret(ssl, "CLIENT_EARLY_TRAFFIC_SECRET",
- hs->early_traffic_secret, hs->hash_len) ||
- !derive_secret(hs, ssl->s3->early_exporter_secret, hs->hash_len,
- kTLS13LabelEarlyExporter,
- strlen(kTLS13LabelEarlyExporter))) {
+ hs->early_traffic_secret, hs->hash_len)) {
return false;
}
- ssl->s3->early_exporter_secret_len = hs->hash_len;
if (ssl->quic_method != nullptr) {
if (ssl->server) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-26 09:57:47 +0000