Key material generation. More...
#include "tls.h"#include "tls_key_material.h"#include "tls_transcript_hash.h"#include "tls13_key_material.h"#include "debug.h"Go to the source code of this file.
Macros | |
| #define | TRACE_LEVEL TLS_TRACE_LEVEL |
Functions | |
| error_t | tlsGenerateSessionKeys (TlsContext *context) |
| Generate session keys. More... | |
| __weak_func error_t | tlsGenerateMasterSecret (TlsContext *context) |
| Master secret computation. More... | |
| error_t | tlsGenerateExtendedMasterSecret (TlsContext *context) |
| Extended master secret computation. More... | |
| error_t | tlsGeneratePskPremasterSecret (TlsContext *context) |
| Premaster secret generation (for PSK cipher suites) More... | |
| __weak_func error_t | tlsGenerateKeyBlock (TlsContext *context, size_t keyBlockLen) |
| Key expansion function. More... | |
| error_t | tlsExportKeyingMaterial (TlsContext *context, const char_t *label, bool_t useContextValue, const uint8_t *contextValue, size_t contextValueLen, uint8_t *output, size_t outputLen) |
| Export keying material per RFC 5705 standard. More... | |
| error_t | tlsPrf (const uint8_t *secret, size_t secretLen, const char_t *label, const uint8_t *seed, size_t seedLen, uint8_t *output, size_t outputLen) |
| Pseudorandom function (TLS 1.0 and 1.1) More... | |
| error_t | tls12Prf (const HashAlgo *hash, const uint8_t *secret, size_t secretLen, const char_t *label, const uint8_t *seed, size_t seedLen, uint8_t *output, size_t outputLen) |
| Pseudorandom function (TLS 1.2) More... | |
| void | tlsDumpSecret (TlsContext *context, const char_t *label, const uint8_t *secret, size_t secretLen) |
| Dump secret key (for debugging purpose only) More... | |
Detailed Description
Key material generation.
License
SPDX-License-Identifier: GPL-2.0-or-later
Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.
This file is part of CycloneSSL Open.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- Version
- 2.4.4
Definition in file tls_key_material.c.
Macro Definition Documentation
◆ TRACE_LEVEL
| #define TRACE_LEVEL TLS_TRACE_LEVEL |
Definition at line 32 of file tls_key_material.c.
Function Documentation
◆ tls12Prf()
| error_t tls12Prf | ( | const HashAlgo * | hash, |
| const uint8_t * | secret, | ||
| size_t | secretLen, | ||
| const char_t * | label, | ||
| const uint8_t * | seed, | ||
| size_t | seedLen, | ||
| uint8_t * | output, | ||
| size_t | outputLen | ||
| ) |
Pseudorandom function (TLS 1.2)
The pseudorandom function (PRF) takes as input a secret, a seed, and an identifying label and produces an output of arbitrary length. This function is used to expand secrets into blocks of data for the purpose of key generation
- Parameters
-
[in] hash Hash function used to compute PRF [in] secret Pointer to the secret [in] secretLen Length of the secret [in] label Identifying label (NULL-terminated string) [in] seed Pointer to the seed [in] seedLen Length of the seed [out] output Pointer to the output [in] outputLen Desired output length
- Returns
- Error code
Definition at line 729 of file tls_key_material.c.
◆ tlsDumpSecret()
| void tlsDumpSecret | ( | TlsContext * | context, |
| const char_t * | label, | ||
| const uint8_t * | secret, | ||
| size_t | secretLen | ||
| ) |
Dump secret key (for debugging purpose only)
- Parameters
-
[in] context Pointer to the TLS context [in] label Identifying label (NULL-terminated string) [in] secret Pointer to the secret key [in] secretLen Length of the secret key, in bytes
Definition at line 810 of file tls_key_material.c.
◆ tlsExportKeyingMaterial()
| error_t tlsExportKeyingMaterial | ( | TlsContext * | context, |
| const char_t * | label, | ||
| bool_t | useContextValue, | ||
| const uint8_t * | contextValue, | ||
| size_t | contextValueLen, | ||
| uint8_t * | output, | ||
| size_t | outputLen | ||
| ) |
Export keying material per RFC 5705 standard.
- Parameters
-
[in] context Pointer to the TLS context [in] label Identifying label (NULL-terminated string) [in] useContextValue Specifies whether upper-layer context should be used when exporting keying material [in] contextValue Pointer to the upper-layer context [in] contextValueLen Length of the upper-layer context [out] output Pointer to the output [in] outputLen Desired output length
- Returns
- Error code
Definition at line 448 of file tls_key_material.c.
◆ tlsGenerateExtendedMasterSecret()
| error_t tlsGenerateExtendedMasterSecret | ( | TlsContext * | context | ) |
Extended master secret computation.
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 193 of file tls_key_material.c.
◆ tlsGenerateKeyBlock()
| __weak_func error_t tlsGenerateKeyBlock | ( | TlsContext * | context, |
| size_t | keyBlockLen | ||
| ) |
Key expansion function.
- Parameters
-
[in] context Pointer to the TLS context [in] keyBlockLen Desired length for the resulting key block
- Returns
- Error code
Definition at line 392 of file tls_key_material.c.
◆ tlsGenerateMasterSecret()
| __weak_func error_t tlsGenerateMasterSecret | ( | TlsContext * | context | ) |
Master secret computation.
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 143 of file tls_key_material.c.
◆ tlsGeneratePskPremasterSecret()
| error_t tlsGeneratePskPremasterSecret | ( | TlsContext * | context | ) |
Premaster secret generation (for PSK cipher suites)
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 290 of file tls_key_material.c.
◆ tlsGenerateSessionKeys()
| error_t tlsGenerateSessionKeys | ( | TlsContext * | context | ) |
Generate session keys.
- Parameters
-
[in] context Pointer to the TLS context
- Returns
- Error code
Definition at line 51 of file tls_key_material.c.
◆ tlsPrf()
| error_t tlsPrf | ( | const uint8_t * | secret, |
| size_t | secretLen, | ||
| const char_t * | label, | ||
| const uint8_t * | seed, | ||
| size_t | seedLen, | ||
| uint8_t * | output, | ||
| size_t | outputLen | ||
| ) |
Pseudorandom function (TLS 1.0 and 1.1)
The pseudorandom function (PRF) takes as input a secret, a seed, and an identifying label and produces an output of arbitrary length. This function is used to expand secrets into blocks of data for the purpose of key generation
- Parameters
-
[in] secret Pointer to the secret [in] secretLen Length of the secret [in] label Identifying label (NULL-terminated string) [in] seed Pointer to the seed [in] seedLen Length of the seed [out] output Pointer to the output [in] outputLen Desired output length
- Returns
- Error code
Definition at line 602 of file tls_key_material.c.