path: root/src/crypto/tls_openssl.c
diff options
authorErvin Oro <ervin.oro@aalto.fi>2019-03-11 11:21:36 (GMT)
committerJouni Malinen <j@w1.fi>2019-03-16 16:52:09 (GMT)
commita916ff5cd819ad4410374f421eb4f04fa683604a (patch)
tree021950449e1f6a5322a4d17df699fff86676f09a /src/crypto/tls_openssl.c
parentfab49f6145f44760e888b3844a9fff9440a85b27 (diff)
Add support for an optional context parameter to TLS exporter
Allow an additional context value to be passed to TLS exporter as specified in RFC 5705 section 4. This does not yet implement it for the internal TLS implementation. However, as currently nothing uses context yet, this will not break anything right now. WolfSSL maintainers also stated that they are not going to add context support yet, but would look into it if/when this is required by a published draft or a standard. Signed-off-by: Ervin Oro <ervin.oro@aalto.fi>
Diffstat (limited to 'src/crypto/tls_openssl.c')
1 files changed, 4 insertions, 2 deletions
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index b8d0556..fc55518 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -3908,11 +3908,13 @@ static int openssl_get_keyblock_size(SSL *ssl)
int tls_connection_export_key(void *tls_ctx, struct tls_connection *conn,
- const char *label, u8 *out, size_t out_len)
+ const char *label, const u8 *context,
+ size_t context_len, u8 *out, size_t out_len)
if (!conn ||
SSL_export_keying_material(conn->ssl, out, out_len, label,
- os_strlen(label), NULL, 0, 0) != 1)
+ os_strlen(label), context, context_len,
+ context != NULL) != 1)
return -1;
return 0;