[gnutls-devel] GnuTLS | prf: add function to retrieve early keying material (!894)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Mon Apr 15 15:44:13 CEST 2019




Daiki Ueno commented on a discussion on lib/prf.c: https://gitlab.com/gnutls/gnutls/merge_requests/894#note_160899365

>  }
>  
> +/**
> + * gnutls_prf_early:
> + * @session: is a #gnutls_session_t type.
> + * @label_size: length of the @label variable.
> + * @label: label used in PRF computation, typically a short string.
> + * @context_size: length of the @extra variable.
> + * @context: optional extra data to seed the PRF with.
> + * @outsize: size of pre-allocated output buffer to hold the output.
> + * @out: pre-allocated buffer to hold the generated data.
> + *
> + * This function is similar to gnutls_prf_rfc5705(), but only works in
> + * TLS 1.3 or later to export early keying material.
> + *
> + * Note that the keying material is only available after the

Certainly we can, but I am not sure if it's worth it, as it could only save one call of HKDF-Expand.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/894#note_160899365
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190415/907c1da0/attachment-0001.html>


More information about the Gnutls-devel mailing list