Set service indicator for TLS 1.3 KDF.
Change-Id: Ia6fffb4c1fbe9edc62a4c22b45408e41ac6ae086
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67547
Reviewed-by: David Benjamin <davidben@google.com>
Auto-Submit: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
diff --git a/crypto/fipsmodule/service_indicator/service_indicator_test.cc b/crypto/fipsmodule/service_indicator/service_indicator_test.cc
index a3f06eb..e7221fa 100644
--- a/crypto/fipsmodule/service_indicator/service_indicator_test.cc
+++ b/crypto/fipsmodule/service_indicator/service_indicator_test.cc
@@ -1800,6 +1800,21 @@
EXPECT_EQ(approved, test.expect_approved);
}
+TEST_P(KDF_ServiceIndicatorTest, TLS13KDF) {
+ const KDFTestVector &test = GetParam();
+
+ FIPSStatus approved = FIPSStatus::NOT_APPROVED;
+
+ uint8_t output[32];
+ ASSERT_TRUE(CALL_SERVICE_AND_CHECK_APPROVED(
+ approved, CRYPTO_tls13_hkdf_expand_label(
+ output, sizeof(output), test.func(), kTLSSecret,
+ sizeof(kTLSSecret), /*label=*/kTLSSeed1, sizeof(kTLSSeed1),
+ /*hash=*/kTLSSeed2, sizeof(kTLSSeed2))));
+
+ EXPECT_EQ(approved, test.expect_approved);
+}
+
TEST(ServiceIndicatorTest, CMAC) {
FIPSStatus approved = FIPSStatus::NOT_APPROVED;
diff --git a/crypto/fipsmodule/tls/kdf.c b/crypto/fipsmodule/tls/kdf.c
index c4f4976..7a7d12d 100644
--- a/crypto/fipsmodule/tls/kdf.c
+++ b/crypto/fipsmodule/tls/kdf.c
@@ -189,6 +189,7 @@
uint8_t *hkdf_label = NULL;
size_t hkdf_label_len;
+ FIPS_service_indicator_lock_state();
CBB_zero(&cbb);
if (!CBB_init(&cbb, 2 + 1 + sizeof(kProtocolLabel) - 1 + label_len + 1 +
hash_len) ||
@@ -200,12 +201,18 @@
!CBB_add_bytes(&child, hash, hash_len) ||
!CBB_finish(&cbb, &hkdf_label, &hkdf_label_len)) {
CBB_cleanup(&cbb);
+ FIPS_service_indicator_unlock_state();
return 0;
}
const int ret = HKDF_expand(out, out_len, digest, secret, secret_len,
hkdf_label, hkdf_label_len);
OPENSSL_free(hkdf_label);
+
+ FIPS_service_indicator_unlock_state();
+ if (ret) {
+ TLSKDF_verify_service_indicator(digest);
+ }
return ret;
}