rust/rustls
rust
/
rustls
mirror of https://github.com/ctz/rustls
1
0
Fork 0
Code Issues Releases Wiki Activity

tls13: let key schedule handle encrypter updates

This commit is contained in:
Dirkjan Ochtman 2023-01-13 09:56:35 +01:00
parent 849aff0034
commit be41ca54a9
3 changed files with 12 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
rustls/src/client/tls13.rs
View File

@ -1155,13 +1155,8 @@ impl State<ClientConnectionData> for ExpectTraffic {
if self.want_write_key_update {
self.want_write_key_update = false;
common.send_msg_encrypt(Message::build_key_update_notify().into());
let write_key = self
.key_schedule
.next_application_traffic_secret(Side::Client);
common
.record_layer
.set_message_encrypter(self.suite.derive_encrypter(&write_key));
self.key_schedule
.update_encrypter(common);
}
}

9
rustls/src/server/tls13.rs
View File

@ -1352,13 +1352,8 @@ impl State<ServerConnectionData> for ExpectTraffic {
if self.want_write_key_update {
self.want_write_key_update = false;
common.send_msg_encrypt(Message::build_key_update_notify().into());
let write_key = self
.key_schedule
.next_application_traffic_secret(Side::Server);
common
.record_layer
.set_message_encrypter(self.suite.derive_encrypter(&write_key));
self.key_schedule
.update_encrypter(common);
}
}

9
rustls/src/tls13/key_schedule.rs
View File

@ -1,5 +1,5 @@
use crate::cipher::{Iv, IvLen};
use crate::conn::Side;
use crate::conn::{CommonState, Side};
use crate::error::Error;
use crate::msgs::base::PayloadU8;
#[cfg(feature = "secret_extraction")]
@ -298,6 +298,13 @@ impl KeyScheduleTraffic {
}
}
pub(crate) fn update_encrypter(&mut self, common: &mut CommonState) {
let secret = self.next_application_traffic_secret(common.side);
common
.record_layer
.set_message_encrypter(self.ks.suite.derive_encrypter(&secret));
}
pub(crate) fn next_application_traffic_secret(&mut self, side: Side) -> hkdf::Prk {
let current = match side {
Side::Client => &mut self.current_client_traffic_secret,