Extended master secret support. This change implements support for the extended master secret. See https://tools.ietf.org/html/draft-ietf-tls-session-hash-01 https://secure-resumption.com/ Change-Id: Ifc7327763149ab0894b4f1d48cdc35e0f1093b93 Reviewed-on: https://boringssl-review.googlesource.com/1930 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>

commit: 7571292eaca1745f3ecda2374ba1e8163b58c3b5 [log] [tgz]
author: Adam Langley <agl@google.com> Fri Oct 10 16:23:43 2014 -0700
committer: Adam Langley <agl@google.com> Fri Oct 24 21:19:44 2014 +0000
tree: b1d31320bc47132e373b8ee8d0d277227ba8b0f9
parent: 89abaea141b60061dacb6e03d58345d50ae23b81 [diff] [blame]
diff --git a/include/openssl/ssl3.h b/include/openssl/ssl3.h
index 2a201aa..3d62763 100644
--- a/include/openssl/ssl3.h
+++ b/include/openssl/ssl3.h

@@ -485,6 +485,15 @@
 		 * this extension to the client. */
 		uint16_t *peer_ellipticcurvelist;
 		size_t peer_ellipticcurvelist_length;
+
+		/* extended_master_secret indicates whether the extended master
+		 * secret computation is used in this handshake. Note that this
+		 * is different from whether it was used for the current
+		 * session. If this is a resumption handshake then EMS might be
+		 * negotiated in the client and server hello messages, but it
+		 * doesn't matter if the session that's being resumed didn't
+		 * use it to create the master secret initially. */
+		char extended_master_secret;
 		} tmp;
 
         /* Connection binding to prevent renegotiation attacks */
commit	7571292eaca1745f3ecda2374ba1e8163b58c3b5	[log] [tgz]
author	Adam Langley <agl@google.com>	Fri Oct 10 16:23:43 2014 -0700
committer	Adam Langley <agl@google.com>	Fri Oct 24 21:19:44 2014 +0000
tree	b1d31320bc47132e373b8ee8d0d277227ba8b0f9
parent	89abaea141b60061dacb6e03d58345d50ae23b81 [diff] [blame]