MINOR: quic: Add a function to derive the key update secrets

This is the function used to derive an n+1th secret from the nth one as described in RFC9001 par. 6.1.
2025-03-31 15:47:10 +00:00 · 2021-11-30 10:10:24 +01:00 · 2021-11-30 10:10:24 +01:00 · 39484de813
commit 39484de813
parent fc768ecc88
2 changed files with 17 additions and 0 deletions
--- a/include/haproxy/quic_tls.h
+++ b/include/haproxy/quic_tls.h
@ -75,6 +75,10 @@ int quic_tls_derive_keys(const EVP_CIPHER *aead, const EVP_CIPHER *hp,
                         unsigned char *hp_key, size_t hp_keylen,
                         const unsigned char *secret, size_t secretlen);

+int quic_tls_sec_update(const EVP_MD *md,
+                        unsigned char *new_sec, size_t new_seclen,
+                        const unsigned char *sec, size_t seclen);
+
 int quic_aead_iv_build(unsigned char *iv, size_t ivlen,
                       unsigned char *aead_iv, size_t aead_ivlen, uint64_t pn);

--- a/src/quic_tls.c
+++ b/src/quic_tls.c
@ -261,6 +261,19 @@ int quic_tls_derive_initial_secrets(const EVP_MD *md,
 	return 1;
 }

+/* Update <sec> secret key into <new_sec> according to RFC 9001 6.1.
+ * Always succeeds.
+ */
+int quic_tls_sec_update(const EVP_MD *md,
+                        unsigned char *new_sec, size_t new_seclen,
+                        const unsigned char *sec, size_t seclen)
+{
+	const unsigned char ku_label[] = "quic ku";
+
+	return quic_hkdf_expand_label(md, new_sec, new_seclen, sec, seclen,
+	                              ku_label, sizeof ku_label - 1);
+}
+
 /*
 * Build an IV into <iv> buffer with <ivlen> as size from <aead_iv> with
 * <aead_ivlen> as size depending on <pn> packet number.