diff options
author | Matt Caswell <matt@openssl.org> | 2017-06-14 10:37:25 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-06-21 14:45:35 +0100 |
commit | 5eb7273669e5dc05c9b744cbba5a2a2915827746 (patch) | |
tree | 0ac486299e5db770e15394fcf66d6ca409eba12b /doc | |
parent | 7721978ca8033fe4fe89a2fe673fea04436da15b (diff) | |
download | openssl-5eb7273669e5dc05c9b744cbba5a2a2915827746.tar.gz |
Document SSL_SESSION_set1_master_key()
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3670)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man3/SSL_get_client_random.pod | 29 |
1 files changed, 22 insertions, 7 deletions
diff --git a/doc/man3/SSL_get_client_random.pod b/doc/man3/SSL_get_client_random.pod index 7f4e753582..d6918f8dbe 100644 --- a/doc/man3/SSL_get_client_random.pod +++ b/doc/man3/SSL_get_client_random.pod @@ -2,7 +2,11 @@ =head1 NAME -SSL_get_client_random, SSL_get_server_random, SSL_SESSION_get_master_key - retrieve internal TLS/SSL random values and master key +SSL_get_client_random, +SSL_get_server_random, +SSL_SESSION_get_master_key, +SSL_SESSION_set1_master_key +- get internal TLS/SSL random values and get/set master key =head1 SYNOPSIS @@ -12,6 +16,8 @@ SSL_get_client_random, SSL_get_server_random, SSL_SESSION_get_master_key - retri size_t SSL_get_server_random(const SSL *ssl, unsigned char *out, size_t outlen); size_t SSL_SESSION_get_master_key(const SSL_SESSION *session, unsigned char *out, size_t outlen); + int SSL_SESSION_set1_master_key(SSL_SESSION *sess, unsigned char *in, + size_t len); =head1 DESCRIPTION @@ -30,6 +36,13 @@ SSL_SESSION_get_master_key() behaves the same, but extracts the master secret used to guarantee the security of the SSL/TLS session. This one can be dangerous if misused; see NOTES below. +SSL_SESSION_set1_master_key() sets the master key value associated with the +SSL_SESSION B<sess>. For example, this could be used to set up a session based +PSK (see L<SSL_CTX_set_psk_use_session_callback(3)>). The master key of length +B<len> should be provided at B<in>. A copy of the supplied master key is taken +by the function, so the caller is responsible for freeing and cleaning any +memory associated with B<in>. The caller must ensure that the length of the ke +is suitable for the ciphersuite associated with the SSL_SESSION. =head1 NOTES @@ -64,22 +77,24 @@ values based on their view of the current time. =head1 RETURN VALUES -If B<outlen> is greater than 0, these functions return the number of bytes -actually copied, which will be less than or equal to B<outlen>. +SSL_SESSION_set1_master_key() returns 1 on success or 0 on failure. -If B<outlen> is 0, these functions return the maximum number -of bytes they would copy--that is, the length of the underlying field. +For the other functions, if B<outlen> is greater than 0 then these functions +return the number of bytes actually copied, which will be less than or equal to +B<outlen>. If B<outlen> is 0 then these functions return the maximum number +of bytes they would copy -- that is, the length of the underlying field. =head1 SEE ALSO L<ssl(7)>, L<RAND_bytes(3)>, -L<SSL_export_keying_material(3)> +L<SSL_export_keying_material(3)>, +L<SSL_CTX_set_psk_use_session_callback(3)> =head1 COPYRIGHT -Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy |