Closed Bug 1643123 Opened 4 years ago Closed 4 years ago

Support SSL_ExportEarlyKeyingMaterial with External PSKs

Categories

(NSS :: Libraries, defect)

3.54
defect

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: kjacobs, Assigned: kjacobs)

References

Details

Attachments

(1 file)

Bug 1603042 added external PSK support, but it did not enable such PSKs to work with Early Export.

We also don't seem to have any test coverage around SSL_ExportEarlyKeyingMaterial, so this bug will fix both issues. We do have coverage for resumption PSKs already. This was a searchfox bug that shows no usages of the function.

This patch adjusts tls13_exporter to pull the hash algorithm from the first PSK when a suite is not configured yet, which allows early export with external PSKs.

Status: ASSIGNED → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.54
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: