Key material generation. More...
Go to the source code of this file.
Macros | |
| #define | TRACE_LEVEL TLS_TRACE_LEVEL |
Functions | |
| error_t | tlsGenerateSessionKeys (TlsContext *context) |
| Generate session keys. More... | |
| __weak_func error_t | tlsGenerateMasterSecret (TlsContext *context) |
| Master secret computation. More... | |
| error_t | tlsGenerateExtendedMasterSecret (TlsContext *context) |
| Extended master secret computation. More... | |
| error_t | tlsGeneratePskPremasterSecret (TlsContext *context) |
| Premaster secret generation (for PSK cipher suites) More... | |
| __weak_func error_t | tlsGenerateKeyBlock (TlsContext *context, size_t keyBlockLen) |
| Key expansion function. More... | |
| error_t | tlsPrf (const uint8_t *secret, size_t secretLen, const char_t *label, const uint8_t *seed, size_t seedLen, uint8_t *output, size_t outputLen) |
| Pseudorandom function (TLS 1.0 and 1.1) More... | |
| error_t | tls12Prf (const HashAlgo *hash, const uint8_t *secret, size_t secretLen, const char_t *label, const uint8_t *seed, size_t seedLen, uint8_t *output, size_t outputLen) |
| Pseudorandom function (TLS 1.2) More... | |
| void | tlsDumpSecret (TlsContext *context, const char_t *label, const uint8_t *secret, size_t secretLen) |
| Dump secret key (for debugging purpose only) More... | |
Detailed Description
Key material generation.
License
SPDX-License-Identifier: GPL-2.0-or-later
Copyright (C) 2010-2025 Oryx Embedded SARL. All rights reserved.
This file is part of CycloneSSL Open.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- Version
- 2.5.0
Definition in file tls_key_material.c.
Macro Definition Documentation
◆ TRACE_LEVEL
| #define TRACE_LEVEL TLS_TRACE_LEVEL |
Definition at line 32 of file tls_key_material.c.
Function Documentation
◆ tls12Prf()
| error_t tls12Prf | ( | const HashAlgo * | hash, |
| const uint8_t * | secret, | ||
| size_t | secretLen, | ||
| const char_t * | label, | ||
| const uint8_t * | seed, | ||
| size_t | seedLen, | ||
| uint8_t * | output, | ||
| size_t | outputLen | ||
| ) |
Pseudorandom function (TLS 1.2)
The pseudorandom function (PRF) takes as input a secret, a seed, and an identifying label and produces an output of arbitrary length. This function is used to expand secrets into blocks of data for the purpose of key generation
- Parameters
-
[in] hash Hash function used to compute PRF [in] secret Pointer to the secret [in] secretLen Length of the secret [in] label Identifying label (NULL-terminated string) [in] seed Pointer to the seed [in] seedLen Length of the seed [out] output Pointer to the output [in] outputLen Desired output length
- Returns
- Error code
Definition at line 580 of file tls_key_material.c.
◆ tlsDumpSecret()
| void tlsDumpSecret | ( | TlsContext * | context, |
| const char_t * | label, | ||
| const uint8_t * | secret, | ||
| size_t | secretLen | ||
| ) |
Dump secret key (for debugging purpose only)
- Parameters
-
[in] context Pointer to the TLS context [in] label Identifying label (NULL-terminated string) [in] secret Pointer to the secret key [in] secretLen Length of the secret key, in bytes
Definition at line 661 of file tls_key_material.c.
◆ tlsGenerateExtendedMasterSecret()
| error_t tlsGenerateExtendedMasterSecret | ( | TlsContext * | context | ) |
Extended master secret computation.
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 192 of file tls_key_material.c.
◆ tlsGenerateKeyBlock()
| __weak_func error_t tlsGenerateKeyBlock | ( | TlsContext * | context, |
| size_t | keyBlockLen | ||
| ) |
Key expansion function.
- Parameters
-
[in] context Pointer to the TLS context [in] keyBlockLen Desired length for the resulting key block
- Returns
- Error code
Definition at line 392 of file tls_key_material.c.
◆ tlsGenerateMasterSecret()
| __weak_func error_t tlsGenerateMasterSecret | ( | TlsContext * | context | ) |
Master secret computation.
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 142 of file tls_key_material.c.
◆ tlsGeneratePskPremasterSecret()
| error_t tlsGeneratePskPremasterSecret | ( | TlsContext * | context | ) |
Premaster secret generation (for PSK cipher suites)
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 290 of file tls_key_material.c.
◆ tlsGenerateSessionKeys()
| error_t tlsGenerateSessionKeys | ( | TlsContext * | context | ) |
Generate session keys.
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 50 of file tls_key_material.c.
◆ tlsPrf()
| error_t tlsPrf | ( | const uint8_t * | secret, |
| size_t | secretLen, | ||
| const char_t * | label, | ||
| const uint8_t * | seed, | ||
| size_t | seedLen, | ||
| uint8_t * | output, | ||
| size_t | outputLen | ||
| ) |
Pseudorandom function (TLS 1.0 and 1.1)
The pseudorandom function (PRF) takes as input a secret, a seed, and an identifying label and produces an output of arbitrary length. This function is used to expand secrets into blocks of data for the purpose of key generation
- Parameters
-
[in] secret Pointer to the secret [in] secretLen Length of the secret [in] label Identifying label (NULL-terminated string) [in] seed Pointer to the seed [in] seedLen Length of the seed [out] output Pointer to the output [in] outputLen Desired output length
- Returns
- Error code
Definition at line 453 of file tls_key_material.c.