Add client early traffic secret storage

tmshort · tmshort · commit f550eca47f9e · 2019-08-30T09:11:06.000-04:00
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
@@ -1360,6 +1360,7 @@ struct ssl_st {
     unsigned char server_app_traffic_secret[EVP_MAX_MD_SIZE];
     unsigned char client_hand_traffic_secret[EVP_MAX_MD_SIZE];
     unsigned char server_hand_traffic_secret[EVP_MAX_MD_SIZE];
+    unsigned char client_early_traffic_secret[EVP_MAX_MD_SIZE];
     unsigned char exporter_master_secret[EVP_MAX_MD_SIZE];
     unsigned char early_exporter_master_secret[EVP_MAX_MD_SIZE];
     EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
diff --git a/ssl/ssl_quic.c b/ssl/ssl_quic.c
@@ -207,7 +207,7 @@ int quic_set_encryption_secrets(SSL *ssl, OSSL_ENCRYPTION_LEVEL level)
     /* secrets from the POV of the client */
     switch (level) {
     case ssl_encryption_early_data:
-        c2s_secret = ssl->early_secret;
+        c2s_secret = ssl->client_early_traffic_secret;
         break;
     case ssl_encryption_handshake:
         c2s_secret = ssl->client_hand_traffic_secret;
diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
@@ -744,6 +744,8 @@ int tls13_change_cipher_state(SSL *s, int which)
         memcpy(s->client_hand_traffic_secret, secret, hashlen);
     else if (label == server_handshake_traffic)
         memcpy(s->server_hand_traffic_secret, secret, hashlen);
+    else if (label == client_early_traffic)
+        memcpy(s->client_early_traffic_secret, secret, hashlen);
 #endif
 
     if (!ssl_log_secret(s, log_label, secret, hashlen)) {
