Switch client secrets here if we're not using 0RTT

mmaehren · mmaehren · commit 5c9912d8d24b · 2017-12-11T10:26:09.000+01:00
diff --git a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/handler/FinishedHandler.java b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/handler/FinishedHandler.java
@@ -11,6 +11,7 @@
 import de.rub.nds.modifiablevariable.util.ArrayConverter;
 import de.rub.nds.tlsattacker.core.constants.AlgorithmResolver;
 import de.rub.nds.tlsattacker.core.constants.DigestAlgorithm;
+import de.rub.nds.tlsattacker.core.constants.ExtensionType;
 import de.rub.nds.tlsattacker.core.constants.HKDFAlgorithm;
 import de.rub.nds.tlsattacker.core.constants.Tls13KeySetType;
 import de.rub.nds.tlsattacker.core.crypto.HKDFunction;
@@ -60,7 +61,8 @@ public void adjustTLSContext(FinishedMessage message) {
                 } else {
                     setClientRecordCipher(Tls13KeySetType.APPLICATION_TRAFFIC_SECRETS);
                 }
-            } else if (tlsContext.getChooser().getConnectionEndType() == ConnectionEndType.CLIENT) {
+            } else if (tlsContext.getChooser().getConnectionEndType() == ConnectionEndType.CLIENT
+                    || tlsContext.isExtensionNegotiated(ExtensionType.EARLY_DATA) == false) {
                 setClientRecordCipher(Tls13KeySetType.HANDSHAKE_TRAFFIC_SECRETS);
             }
         }
diff --git a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/message/ClientHelloMessage.java b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/message/ClientHelloMessage.java
@@ -199,8 +199,8 @@ public ClientHelloMessage(Config tlsConfig) {
         }
         if (tlsConfig.isAddPreSharedKeyExtension()) {
             addExtension(new PreSharedKeyExtensionMessage(tlsConfig));
-        } 
-        //In TLS 1.3, the PSK ext has to be the last ClientHello extension
+        }
+        // In TLS 1.3, the PSK ext has to be the last ClientHello extension
     }
 
     public ModifiableInteger getCompressionLength() {

Original file line number	Diff line number	Diff line change
`@@ -11,6 +11,7 @@`
`11`	`11`	`import de.rub.nds.modifiablevariable.util.ArrayConverter;`
`12`	`12`	`import de.rub.nds.tlsattacker.core.constants.AlgorithmResolver;`
`13`	`13`	`import de.rub.nds.tlsattacker.core.constants.DigestAlgorithm;`
	`14`	`+import de.rub.nds.tlsattacker.core.constants.ExtensionType;`
`14`	`15`	`import de.rub.nds.tlsattacker.core.constants.HKDFAlgorithm;`
`15`	`16`	`import de.rub.nds.tlsattacker.core.constants.Tls13KeySetType;`
`16`	`17`	`import de.rub.nds.tlsattacker.core.crypto.HKDFunction;`
`@@ -60,7 +61,8 @@ public void adjustTLSContext(FinishedMessage message) {`
`60`	`61`	`} else {`
`61`	`62`	`setClientRecordCipher(Tls13KeySetType.APPLICATION_TRAFFIC_SECRETS);`
`62`	`63`	`}`
`63`		`- } else if (tlsContext.getChooser().getConnectionEndType() == ConnectionEndType.CLIENT) {`
	`64`	`+ } else if (tlsContext.getChooser().getConnectionEndType() == ConnectionEndType.CLIENT`
	`65`	`+ \|\| tlsContext.isExtensionNegotiated(ExtensionType.EARLY_DATA) == false) {`
`64`	`66`	`setClientRecordCipher(Tls13KeySetType.HANDSHAKE_TRAFFIC_SECRETS);`
`65`	`67`	`}`
`66`	`68`	`}`
Original file line number	Diff line number	Diff line change
`@@ -199,8 +199,8 @@ public ClientHelloMessage(Config tlsConfig) {`
`199`	`199`	`}`
`200`	`200`	`if (tlsConfig.isAddPreSharedKeyExtension()) {`
`201`	`201`	`addExtension(new PreSharedKeyExtensionMessage(tlsConfig));`
`202`		`- }`
`203`		`- //In TLS 1.3, the PSK ext has to be the last ClientHello extension`
	`202`	`+ }`
	`203`	`+ // In TLS 1.3, the PSK ext has to be the last ClientHello extension`
`204`	`204`	`}`
`205`	`205`
`206`	`206`	`public ModifiableInteger getCompressionLength() {`