xref: /third_party/mbedtls/library/ssl_tls.c

401 typedef int (*tls_prf_fn)(const unsigned char *secret, size_t slen,
430 static int tls_prf_sha256(const unsigned char *secret, size_t slen,
441 static int tls_prf_sha384(const unsigned char *secret, size_t slen,
467                          const unsigned char *secret, size_t slen,
491     return tls_prf(secret, slen, label, random, rlen, dstbuf, dlen);
6747                            const unsigned char *secret, size_t slen,
6764     /* Normally a "secret" should be long enough to be impossible to
6767      * and for this use case it makes sense to have a 0-length "secret".
6770      * to mean a 0-length "secret" input. */
6777         status = psa_import_key(&key_attributes, secret, slen, &master_key);
6827                            const unsigned char *secret, size_t slen,
6862      * Compute P_<hash>(secret, label + random)[0..dlen]
6868     ret = mbedtls_md_hmac_starts(&md_ctx, secret, slen);
6933 static int tls_prf_sha256(const unsigned char *secret, size_t slen,
6938     return tls_prf_generic(MBEDTLS_MD_SHA256, secret, slen,
6945 static int tls_prf_sha384(const unsigned char *secret, size_t slen,
6950     return tls_prf_generic(MBEDTLS_MD_SHA384, secret, slen,
6994  * Compute master secret if needed
7015      * "The master secret is always exactly 48 bytes in length." */
7023      * This is either "master secret" or "extended master secret"
7026     char const *lbl = "master secret";
7053         lbl  = "extended master secret";
7060         MBEDTLS_SSL_DEBUG_BUF(3, "session hash for extended master secret",
7090             /* Provide other secret.
7091              * Other secret is stored in premaster, where first 2 bytes hold the
7189         MBEDTLS_SSL_DEBUG_BUF(3, "premaster secret",
7216     /* Compute master secret if needed */
7403          * the shared secret without PSK.
8932     MBEDTLS_SSL_DEBUG_BUF(3, "master secret", master, 48);

Indexes created Thu Nov 07 10:32:03 CST 2024