EAP-TLS: Derive Session-Id using TLS-Exporter when TLS v1.3 is used

This updates Session-Id derivation with TLS v1.3 per
draft-ietf-emu-eap-tls13-00.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2018-06-01 17:58:56 +03:00
parent 925584689b
commit 3a11c69e0d
2 changed files with 14 additions and 0 deletions

View file

@ -387,6 +387,13 @@ u8 * eap_peer_tls_derive_session_id(struct eap_sm *sm,
struct tls_random keys; struct tls_random keys;
u8 *out; u8 *out;
if (eap_type == EAP_TYPE_TLS && data->tls_v13) {
*len = 64;
return eap_peer_tls_derive_key(sm, data,
"EXPORTER_EAP_TLS_Session-Id",
64);
}
if (tls_connection_get_random(sm->ssl_ctx, data->conn, &keys) || if (tls_connection_get_random(sm->ssl_ctx, data->conn, &keys) ||
keys.client_random == NULL || keys.server_random == NULL) keys.client_random == NULL || keys.server_random == NULL)
return NULL; return NULL;

View file

@ -145,6 +145,13 @@ u8 * eap_server_tls_derive_session_id(struct eap_sm *sm,
struct tls_random keys; struct tls_random keys;
u8 *out; u8 *out;
if (eap_type == EAP_TYPE_TLS && data->tls_v13) {
*len = 64;
return eap_server_tls_derive_key(sm, data,
"EXPORTER_EAP_TLS_Session-Id",
64);
}
if (tls_connection_get_random(sm->ssl_ctx, data->conn, &keys)) if (tls_connection_get_random(sm->ssl_ctx, data->conn, &keys))
return NULL; return NULL;