Make sure that exporting keying material is allowed
authorTatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Sun, 21 Jan 2018 02:30:36 +0000 (11:30 +0900)
committerMatt Caswell <matt@openssl.org>
Fri, 2 Feb 2018 23:54:14 +0000 (23:54 +0000)
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4944)

ssl/statem/statem.c
ssl/statem/statem.h
ssl/tls13_enc.c
test/tls13secretstest.c

index 45cb9ab..95c369a 100644 (file)
@@ -941,3 +941,13 @@ int ossl_statem_app_data_allowed(SSL *s)
 
     return 0;
 }
+
+/*
+ * This function returns 1 if TLS exporter is ready to export keying
+ * material, or 0 if otherwise.
+ */
+int ossl_statem_export_allowed(SSL *s)
+{
+    return s->s3->previous_server_finished_len != 0
+           && s->statem.hand_state != TLS_ST_SW_FINISHED;
+}
index e8d9174..3242c78 100644 (file)
@@ -132,6 +132,7 @@ __owur int ossl_statem_skip_early_data(SSL *s);
 void ossl_statem_check_finish_init(SSL *s, int send);
 void ossl_statem_set_hello_verify_done(SSL *s);
 __owur int ossl_statem_app_data_allowed(SSL *s);
+__owur int ossl_statem_export_allowed(SSL *s);
 
 /* Flush the write BIO */
 int statem_flush(SSL *s);
index f555df5..05355fb 100644 (file)
@@ -666,7 +666,7 @@ int tls13_export_keying_material(SSL *s, unsigned char *out, size_t olen,
     unsigned int hashsize, datalen;
     int ret = 0;
 
-    if (ctx == NULL)
+    if (ctx == NULL || !ossl_statem_export_allowed(s))
         goto err;
 
     if (!use_context)
index 16542c4..f08b5d3 100644 (file)
@@ -212,6 +212,11 @@ void ossl_statem_fatal(SSL *s, int al, int func, int reason, const char *file,
 {
 }
 
+int ossl_statem_export_allowed(SSL *s)
+{
+    return 1;
+}
+
 /* End of mocked out code */
 
 static int test_secret(SSL *s, unsigned char *prk,