runner: Rename 'masterSecret' on session objects to plain 'secret'.
This mirrors a change on the C side. Sessions may store the master
secret (main secret as of draft-ietf-tls-rfc8446bis-01) in TLS 1.2 or
the resumption PSK in TLS 1.3, so giving it any description other than
plain 'secret' isn't even accurate.
(Doing this separately from the rfc8446bis names since it's a bit less
mechanical.)
Change-Id: Iaf2b72fe298f17eeb4f4957cfd78b0015c3a9d89
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/45824
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index 733debd..f209f4a 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go
@@ -289,7 +289,7 @@
vers uint16 // SSL/TLS version negotiated for the session
wireVersion uint16 // Wire SSL/TLS version negotiated for the session
cipherSuite uint16 // Ciphersuite negotiated for the session
- masterSecret []byte // MasterSecret generated by client on a full handshake
+ secret []byte // Secret associated with the session
handshakeHash []byte // Handshake hash for Channel ID purposes.
serverCertificates []*x509.Certificate // Certificate chain presented by the server
extendedMasterSecret bool // Whether an extended master secret was used to generate the session
diff --git a/ssl/test/runner/conn.go b/ssl/test/runner/conn.go
index d699938..55a2ad2 100644
--- a/ssl/test/runner/conn.go
+++ b/ssl/test/runner/conn.go
@@ -1624,7 +1624,7 @@
vers: c.vers,
wireVersion: c.wireVersion,
cipherSuite: cipherSuite.id,
- masterSecret: c.resumptionSecret,
+ secret: deriveSessionPSK(cipherSuite, c.wireVersion, c.resumptionSecret, newSessionTicket.ticketNonce),
serverCertificates: c.peerCertificates,
sctList: c.sctList,
ocspResponse: c.ocspResponse,
@@ -1638,8 +1638,6 @@
peerApplicationSettings: c.peerApplicationSettings,
}
- session.masterSecret = deriveSessionPSK(cipherSuite, c.wireVersion, c.resumptionSecret, newSessionTicket.ticketNonce)
-
cacheKey := clientSessionCacheKey(c.conn.RemoteAddr(), c.config)
_, ok := c.config.ClientSessionCache.Get(cacheKey)
if !ok || !c.config.Bugs.UseFirstSessionTicket {
@@ -2027,7 +2025,7 @@
state := sessionState{
vers: c.vers,
cipherSuite: c.cipherSuite.id,
- masterSecret: deriveSessionPSK(c.cipherSuite, c.wireVersion, c.resumptionSecret, nonce),
+ secret: deriveSessionPSK(c.cipherSuite, c.wireVersion, c.resumptionSecret, nonce),
certificates: peerCertificatesRaw,
ticketCreationTime: c.config.time(),
ticketExpiration: c.config.time().Add(time.Duration(m.ticketLifetime) * time.Second),
diff --git a/ssl/test/runner/handshake_client.go b/ssl/test/runner/handshake_client.go
index 586cbe5..efb8a18 100644
--- a/ssl/test/runner/handshake_client.go
+++ b/ssl/test/runner/handshake_client.go
@@ -472,7 +472,7 @@
if session.vers < VersionTLS13 {
version = VersionTLS13
}
- generatePSKBinders(version, hello, pskCipherSuite, session.masterSecret, []byte{}, []byte{}, c.config)
+ generatePSKBinders(version, hello, pskCipherSuite, session.secret, []byte{}, []byte{}, c.config)
}
if c.config.Bugs.SendClientHelloWithFixes != nil {
helloBytes, err = fixClientHellos(hello, c.config.Bugs.SendClientHelloWithFixes)
@@ -514,7 +514,7 @@
// Derive early write keys and set Conn state to allow early writes.
if sendEarlyData {
finishedHash := newFinishedHash(session.wireVersion, c.isDTLS, pskCipherSuite)
- finishedHash.addEntropy(session.masterSecret)
+ finishedHash.addEntropy(session.secret)
finishedHash.Write(helloBytes)
if !c.config.Bugs.SkipChangeCipherSpec {
@@ -657,7 +657,7 @@
hello.raw = nil
if len(hello.pskIdentities) > 0 {
- generatePSKBinders(c.wireVersion, hello, pskCipherSuite, session.masterSecret, helloBytes, helloRetryRequest.marshal(), c.config)
+ generatePSKBinders(c.wireVersion, hello, pskCipherSuite, session.secret, helloBytes, helloRetryRequest.marshal(), c.config)
}
secondHelloBytes = hello.marshal()
secondHelloBytesToWrite := secondHelloBytes
@@ -879,7 +879,7 @@
c.sendAlert(alertHandshakeFailure)
return errors.New("tls: server resumed an invalid session for the cipher suite")
}
- hs.finishedHash.addEntropy(hs.session.masterSecret)
+ hs.finishedHash.addEntropy(hs.session.secret)
c.didResume = true
} else {
hs.finishedHash.addEntropy(zeroSecret)
@@ -1834,7 +1834,7 @@
}
// Restore masterSecret and peerCerts from previous state
- hs.masterSecret = hs.session.masterSecret
+ hs.masterSecret = hs.session.secret
c.peerCertificates = hs.session.serverCertificates
c.extendedMasterSecret = hs.session.extendedMasterSecret
c.sctList = hs.session.sctList
@@ -1891,7 +1891,7 @@
vers: c.vers,
wireVersion: c.wireVersion,
cipherSuite: hs.suite.id,
- masterSecret: hs.masterSecret,
+ secret: hs.masterSecret,
handshakeHash: hs.finishedHash.Sum(),
serverCertificates: c.peerCertificates,
sctList: c.sctList,
diff --git a/ssl/test/runner/handshake_server.go b/ssl/test/runner/handshake_server.go
index 35e9933..907ea6f 100644
--- a/ssl/test/runner/handshake_server.go
+++ b/ssl/test/runner/handshake_server.go
@@ -534,7 +534,7 @@
// Resolve PSK and compute the early secret.
if hs.sessionState != nil {
- hs.finishedHash.addEntropy(hs.sessionState.masterSecret)
+ hs.finishedHash.addEntropy(hs.sessionState.secret)
} else {
hs.finishedHash.addEntropy(hs.finishedHash.zeroSecret())
}
@@ -1639,7 +1639,7 @@
}
}
- hs.masterSecret = hs.sessionState.masterSecret
+ hs.masterSecret = hs.sessionState.secret
c.extendedMasterSecret = hs.sessionState.extendedMasterSecret
return nil
@@ -2007,7 +2007,7 @@
state := sessionState{
vers: c.vers,
cipherSuite: hs.suite.id,
- masterSecret: hs.masterSecret,
+ secret: hs.masterSecret,
certificates: hs.certsFromClient,
handshakeHash: hs.finishedHash.Sum(),
}
@@ -2279,7 +2279,7 @@
return errors.New("tls: Unknown cipher suite for PSK in session")
}
- binder := computePSKBinder(sessionState.masterSecret, version, resumptionPSKBinderLabel, pskCipherSuite, firstClientHello, helloRetryRequest, truncatedHello)
+ binder := computePSKBinder(sessionState.secret, version, resumptionPSKBinderLabel, pskCipherSuite, firstClientHello, helloRetryRequest, truncatedHello)
if !bytes.Equal(binder, binderToVerify) {
return errors.New("tls: PSK binder does not verify")
}
diff --git a/ssl/test/runner/ticket.go b/ssl/test/runner/ticket.go
index f5163e1..347edb5 100644
--- a/ssl/test/runner/ticket.go
+++ b/ssl/test/runner/ticket.go
@@ -20,7 +20,7 @@
type sessionState struct {
vers uint16
cipherSuite uint16
- masterSecret []byte
+ secret []byte
handshakeHash []byte
certificates [][]byte
extendedMasterSecret bool
@@ -38,8 +38,8 @@
msg := newByteBuilder()
msg.addU16(s.vers)
msg.addU16(s.cipherSuite)
- masterSecret := msg.addU16LengthPrefixed()
- masterSecret.addBytes(s.masterSecret)
+ secret := msg.addU16LengthPrefixed()
+ secret.addBytes(s.secret)
handshakeHash := msg.addU16LengthPrefixed()
handshakeHash.addBytes(s.handshakeHash)
msg.addU16(uint16(len(s.certificates)))
@@ -96,7 +96,7 @@
var numCerts uint16
if !reader.readU16(&s.vers) ||
!reader.readU16(&s.cipherSuite) ||
- !reader.readU16LengthPrefixedBytes(&s.masterSecret) ||
+ !reader.readU16LengthPrefixedBytes(&s.secret) ||
!reader.readU16LengthPrefixedBytes(&s.handshakeHash) ||
!reader.readU16(&numCerts) {
return false