From 2d26434ac7f134727276153bcb39e02d3bf28b5e Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Fri, 1 Jun 2018 17:52:18 +0300
Subject: [PATCH] EAP-TLS server: Fix EMSK derivation with TLS v1.3

The new label string for TLS-Exporter was taken into use for MSK
derivation, but it was missed from EMSK deriation in the server side
implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/eap_server/eap_server_tls.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/eap_server/eap_server_tls.c b/src/eap_server/eap_server_tls.c
index 9d4e69dbe..8b9e53c61 100644
--- a/src/eap_server/eap_server_tls.c
+++ b/src/eap_server/eap_server_tls.c
@@ -330,11 +330,15 @@ static u8 * eap_tls_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
 {
 	struct eap_tls_data *data = priv;
 	u8 *eapKeyData, *emsk;
-	const char *label = "client EAP encryption";
+	const char *label;
 
 	if (data->state != SUCCESS)
 		return NULL;
 
+	if (data->ssl.tls_v13)
+		label = "EXPORTER_EAP_TLS_Key_Material";
+	else
+		label = "client EAP encryption";
 	eapKeyData = eap_server_tls_derive_key(sm, &data->ssl, label,
 					       EAP_TLS_KEY_LEN + EAP_EMSK_LEN);
 	if (eapKeyData) {