diff options
author | Matt Caswell <matt@openssl.org> | 2016-11-08 10:34:28 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-11-09 14:08:14 +0000 |
commit | 34574f193bf9961256d5b8bdb6950dcc890e0336 (patch) | |
tree | 8fecf61766bcbe05fdcb50607f82985222d30acb /ssl/ssl_locl.h | |
parent | 9b36b7d9bdb33d1edbc2bbfd8a773a0eb8645788 (diff) | |
download | openssl-34574f193bf9961256d5b8bdb6950dcc890e0336.tar.gz |
Add support for TLS1.3 secret generation
Nothing is using this yet, it just adds the underlying functions necesary
for generating the TLS1.3 secrets.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'ssl/ssl_locl.h')
-rw-r--r-- | ssl/ssl_locl.h | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index dcc2336661..0c7aeedfeb 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -944,6 +944,12 @@ struct ssl_st { * be 'copied' into these ones */ uint32_t mac_flags; + /* + * The TLS1.3 early_secret and handshake_secret. The master_secret is stored + * in the session. + */ + unsigned char early_secret[EVP_MAX_MD_SIZE]; + unsigned char handshake_secret[EVP_MAX_MD_SIZE]; EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */ EVP_MD_CTX *read_hash; /* used for mac generation */ COMP_CTX *compress; /* compression */ @@ -2004,6 +2010,21 @@ __owur size_t tls1_final_finish_mac(SSL *s, const char *str, size_t slen, __owur int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, size_t len, size_t *secret_size); +__owur int tls13_derive_secret(SSL *s, const unsigned char *insecret, + const unsigned char *label, size_t labellen, + unsigned char *secret); +__owur int tls13_derive_key(SSL *s, const unsigned char *secret, + unsigned char *key, size_t keylen); +__owur int tls13_derive_iv(SSL *s, const unsigned char *secret, + unsigned char *iv, size_t ivlen); +__owur int tls13_generate_early_secret(SSL *s, const unsigned char *insecret, + size_t insecretlen); +__owur int tls13_generate_handshake_secret(SSL *s, + const unsigned char *insecret, + size_t insecretlen); +__owur int tls13_generate_master_secret(SSL *s, unsigned char *out, + unsigned char *prev, size_t prevlen, + size_t *secret_size); __owur int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, const char *label, size_t llen, const unsigned char *p, size_t plen, |