Tobias Brunner
f6aafb3005
Fixed some typos, courtesy of codespell
...
Main change is the conversion from the British cancelling/-ed to the
American canceling/-ed.
2021-06-25 11:32:29 +02:00
Pascal Knecht
7797c058d9
tls-hkdf: Implement binder PSK generation
2021-02-12 14:35:23 +01:00
Pascal Knecht
3e535c31b4
tls-hkdf: Implement resumption key generation
2021-02-12 14:35:23 +01:00
Pascal Knecht
534a781646
tls-hkdf: Always use correct base key to derive finished message
...
The cached traffic secrets change once the application traffic secrets
are derived, but we must always use the correct base key to derive the
finished message, which are the handshake traffic secrets (RFC 8446,
section 4.4).
2021-02-12 14:35:23 +01:00
Pascal Knecht
328d7af6d2
tls-crypto: Rename parameter to be more consistent
...
Also add missing parameter in documentation of calculate_finished method.
2021-02-12 14:35:23 +01:00
Tobias Brunner
d2fe921cf5
tls-hkdf: Add method that allows exporting key material
2021-02-12 11:45:44 +01:00
Tobias Brunner
86cda1a3c0
tls-hkdf: Handle label expansion inside expand_label()
...
We have to expand arbitrary external labels the same way when exporting
key material.
2021-02-12 11:45:44 +01:00
Tobias Brunner
3e89d26e1c
tls-hkdf: Pass secret to derive_secret() explicitly
2021-02-12 11:45:44 +01:00
Tobias Brunner
4e2b8f9c71
tls-hkdf: Store OKM in local variables
2021-02-12 11:45:44 +01:00
Tobias Brunner
b51c1d468e
tls-hkdf: Support updating client/server traffic secrets
2021-02-12 11:45:44 +01:00
Tobias Brunner
a9f661f52a
tls-hkdf: Add helper method to allocate data from the internal PRF
2021-02-12 11:45:44 +01:00
Tobias Brunner
6a0ee0c23c
tls-hkdf: Cleanups and refactorings
...
The main refactoring is how secrets (PSK/DH) are handled.
2021-02-12 11:45:44 +01:00
Tobias Brunner
fff1974012
tls-hkdf: Make labels enum a proper type
2021-02-12 11:45:44 +01:00
Pascal K
02d7405512
libtls: Implement HKDF for TLS 1.3
...
TLS 1.3 uses HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
as defined in RFC 5869 to compute traffic secrets.
Co-authored-by: bytinbit <meline.sieber@hsr.ch>
2021-02-12 11:45:44 +01:00