diff options
author | Cory Benfield <lukasaoz@gmail.com> | 2017-01-31 14:56:15 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-02-02 09:33:59 +0000 |
commit | 2c7bd6921172c6a63cb7a111e84578fc7dca5a6f (patch) | |
tree | 97dede3b5c51a8e4c3d92df1bdaca70f4738e508 /ssl/ssl_locl.h | |
parent | 3f5616d734a92fdf99ab827f21e5b6cab85e7194 (diff) | |
download | openssl-2c7bd6921172c6a63cb7a111e84578fc7dca5a6f.tar.gz |
Add support for logging out TLSv1.3 secrets
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2287)
Diffstat (limited to 'ssl/ssl_locl.h')
-rw-r--r-- | ssl/ssl_locl.h | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 26580b06a7..53a33e9fdf 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -2287,13 +2287,19 @@ __owur int ssl_log_rsa_client_key_exchange(SSL *ssl, const uint8_t *premaster, size_t premaster_len); -/* ssl_log_master_secret logs |master| to the SSL_CTX associated with |ssl|, if - * logging is enabled. It returns one on success and zero on failure. The entry - * is identified by |client_random|. +/* + * ssl_log_secret logs |secret| to the SSL_CTX associated with |ssl|, if + * logging is available. It returns one on success and zero on failure. It tags + * the entry with |label|. */ -__owur int ssl_log_master_secret(SSL *ssl, const uint8_t *client_random, - size_t client_random_len, - const uint8_t *master, size_t master_len); +__owur int ssl_log_secret(SSL *ssl, const char *label, + const uint8_t *secret, size_t secret_len); + +#define MASTER_SECRET_LABEL "CLIENT_RANDOM" +#define CLIENT_HANDSHAKE_LABEL "CLIENT_HANDSHAKE_TRAFFIC_SECRET" +#define SERVER_HANDSHAKE_LABEL "SERVER_HANDSHAKE_TRAFFIC_SECRET" +#define CLIENT_APPLICATION_LABEL "CLIENT_TRAFFIC_SECRET_0" +#define SERVER_APPLICATION_LABEL "SERVER_TRAFFIC_SECRET_0" /* s3_cbc.c */ __owur char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx); |