From a599574be17579496877bcdcc5e1eeaf5b014cf3 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Wed, 28 Jun 2017 17:18:27 +0100 Subject: [PATCH 1/1] Updates following review of SSL_export_key_material() changes Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/3782) --- doc/man3/SSL_export_keying_material.pod | 2 +- ssl/tls13_enc.c | 5 +--- test/sslapitest.c | 33 ++++++++----------------- 3 files changed, 12 insertions(+), 28 deletions(-) diff --git a/doc/man3/SSL_export_keying_material.pod b/doc/man3/SSL_export_keying_material.pod index f2fba4746b..532b1446d9 100644 --- a/doc/man3/SSL_export_keying_material.pod +++ b/doc/man3/SSL_export_keying_material.pod @@ -33,7 +33,7 @@ pointed to by B and should be B bytes long. Provision of a context is optional. If the context should be omitted entirely then B should be set to 0. Otherwise it should be any other value. If B is 0 then the values of B and B are ignored. -Note that in TLSv1.2 and below a zero length context is treated differently to +Note that in TLSv1.2 and below a zero length context is treated differently from no context at all, and will result in different keying material being returned. In TLSv1.3 a zero length context is that same as no context at all and will result in the same keying material being returned. diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 67ae0a3541..55e68c60db 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -611,10 +611,7 @@ int tls13_export_keying_material(SSL *s, unsigned char *out, size_t olen, unsigned int hashsize; int ret = 0; - if (ctx == NULL) - goto err; - - if (!SSL_is_init_finished(s)) + if (ctx == NULL || !SSL_is_init_finished(s)) goto err; if (!use_context) diff --git a/test/sslapitest.c b/test/sslapitest.c index 8006d7e657..ae5c4c0bd1 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -2493,7 +2493,7 @@ static int test_serverinfo(int tst) */ static int test_export_key_mat(int tst) { - int testresult = 0, proto; + int testresult = 0; SSL_CTX *cctx = NULL, *sctx = NULL, *sctx2 = NULL; SSL *clientssl = NULL, *serverssl = NULL; const char label[] = "test label"; @@ -2501,6 +2501,12 @@ static int test_export_key_mat(int tst) const unsigned char *emptycontext = NULL; unsigned char ckeymat1[80], ckeymat2[80], ckeymat3[80]; unsigned char skeymat1[80], skeymat2[80], skeymat3[80]; + const int protocols[] = { + TLS1_VERSION, + TLS1_1_VERSION, + TLS1_2_VERSION, + TLS1_3_VERSION + }; #ifdef OPENSSL_NO_TLS1 if (tst == 0) @@ -2523,28 +2529,9 @@ static int test_export_key_mat(int tst) &cctx, cert, privkey))) goto end; - switch (tst) { - case 0: - proto = TLS1_VERSION; - break; - - case 1: - proto = TLS1_1_VERSION; - break; - - case 2: - proto = TLS1_2_VERSION; - break; - - case 3: - proto = TLS1_3_VERSION; - break; - - default: - goto end; - } - SSL_CTX_set_max_proto_version(cctx, proto); - SSL_CTX_set_min_proto_version(cctx, proto); + OPENSSL_assert(tst >= 0 && (size_t)tst < OSSL_NELEM(protocols)); + SSL_CTX_set_max_proto_version(cctx, protocols[tst]); + SSL_CTX_set_min_proto_version(cctx, protocols[tst]); if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) -- 2.34.1