Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Correct tls1.3-draft19 intermediate secret derivation #2989

Closed
wants to merge 2 commits into from
Closed

Correct tls1.3-draft19 intermediate secret derivation #2989

wants to merge 2 commits into from

Conversation

ctz
Copy link
Contributor

@ctz ctz commented Mar 19, 2017

Checklist
  • tests are updated
Description of change

Prior to this change, openssl truncated the label "derived secret" to 7 or 3 bytes by mistake (depending on the host's pointer size). The problem was the usual sizeof(ptr-to-char) vs sizeof(char[]) confusion.

With this change in place, I can handshake with another draft19 implementation. I've regenerated the tests, and corroborated those values with the other implementation.

ctz added 2 commits March 19, 2017 16:40
@ctz
TLS1.3: Correct intermediate secret derivation
936dcf2 
This label for this derivation was incorrectly "derived" or "der" depending
on the pointer size of the build(!). The correct string is "derived secret".
@ctz
Update test vectors in tls13secretstest
eae1982 
These were still generated by openssl, but with
the previous commit are corroborated by rustls.
@t-j-h
Copy link
Member

t-j-h commented Mar 19, 2017

Note this assumes @snhenson or @mattcaswell can confirm the test case changes - I just reviewed the actual code change itself.

levitte pushed a commit that referenced this pull request Mar 19, 2017
@ctz @mattcaswell
TLS1.3: Correct intermediate secret derivation
b0c9fc9 
This label for this derivation was incorrectly "derived" or "der" depending
on the pointer size of the build(!). The correct string is "derived secret".

(cherry picked from commit 936dcf2)

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from #2989)
levitte pushed a commit that referenced this pull request Mar 19, 2017
@ctz @mattcaswell
Update test vectors in tls13secretstest
bf6af21 
These were still generated by openssl, but with
the previous commit are corroborated by rustls.

(cherry picked from commit eae1982)

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from #2989)
@mattcaswell
Copy link
Member

Awesome! Thanks @ctz!

@t-j-h I have verified the test results. All looks good.

Pushed!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@t-j-h t-j-h t-j-h approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ctz @t-j-h @mattcaswell