EVP_PKEY_CTX_set_tls1_prf_md.pod 3.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109
  1. =pod
  2. =head1 NAME
  3. EVP_PKEY_CTX_set_tls1_prf_md,
  4. EVP_PKEY_CTX_set1_tls1_prf_secret, EVP_PKEY_CTX_add1_tls1_prf_seed -
  5. TLS PRF key derivation algorithm
  6. =head1 SYNOPSIS
  7. #include <openssl/kdf.h>
  8. int EVP_PKEY_CTX_set_tls1_prf_md(EVP_PKEY_CTX *pctx, const EVP_MD *md);
  9. int EVP_PKEY_CTX_set1_tls1_prf_secret(EVP_PKEY_CTX *pctx,
  10. unsigned char *sec, int seclen);
  11. int EVP_PKEY_CTX_add1_tls1_prf_seed(EVP_PKEY_CTX *pctx,
  12. unsigned char *seed, int seedlen);
  13. =head1 DESCRIPTION
  14. The B<EVP_PKEY_TLS1_PRF> algorithm implements the PRF key derivation function for
  15. TLS. It has no associated private key and only implements key derivation
  16. using L<EVP_PKEY_derive(3)>.
  17. EVP_PKEY_set_tls1_prf_md() sets the message digest associated with the
  18. TLS PRF. EVP_md5_sha1() is treated as a special case which uses the PRF
  19. algorithm using both B<MD5> and B<SHA1> as used in TLS 1.0 and 1.1.
  20. EVP_PKEY_CTX_set_tls1_prf_secret() sets the secret value of the TLS PRF
  21. to B<seclen> bytes of the buffer B<sec>. Any existing secret value is replaced
  22. and any seed is reset.
  23. EVP_PKEY_CTX_add1_tls1_prf_seed() sets the seed to B<seedlen> bytes of B<seed>.
  24. If a seed is already set it is appended to the existing value.
  25. =head1 STRING CTRLS
  26. The TLS PRF also supports string based control operations using
  27. L<EVP_PKEY_CTX_ctrl_str(3)>.
  28. The B<type> parameter "md" uses the supplied B<value> as the name of the digest
  29. algorithm to use.
  30. The B<type> parameters "secret" and "seed" use the supplied B<value> parameter
  31. as a secret or seed value.
  32. The names "hexsecret" and "hexseed" are similar except they take a hex string
  33. which is converted to binary.
  34. =head1 NOTES
  35. All these functions are implemented as macros.
  36. A context for the TLS PRF can be obtained by calling:
  37. EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);
  38. The digest, secret value and seed must be set before a key is derived or an
  39. error occurs.
  40. The total length of all seeds cannot exceed 1024 bytes in length: this should
  41. be more than enough for any normal use of the TLS PRF.
  42. The output length of the PRF is specified by the length parameter in the
  43. EVP_PKEY_derive() function. Since the output length is variable, setting
  44. the buffer to B<NULL> is not meaningful for the TLS PRF.
  45. Optimised versions of the TLS PRF can be implemented in an ENGINE.
  46. =head1 RETURN VALUES
  47. All these functions return 1 for success and 0 or a negative value for failure.
  48. In particular a return value of -2 indicates the operation is not supported by
  49. the public key algorithm.
  50. =head1 EXAMPLE
  51. This example derives 10 bytes using SHA-256 with the secret key "secret"
  52. and seed value "seed":
  53. EVP_PKEY_CTX *pctx;
  54. unsigned char out[10];
  55. size_t outlen = sizeof(out);
  56. pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);
  57. if (EVP_PKEY_derive_init(pctx) <= 0)
  58. /* Error */
  59. if (EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sha256()) <= 0)
  60. /* Error */
  61. if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, "secret", 6) <= 0)
  62. /* Error */
  63. if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, "seed", 4) <= 0)
  64. /* Error */
  65. if (EVP_PKEY_derive(pctx, out, &outlen) <= 0)
  66. /* Error */
  67. =head1 SEE ALSO
  68. L<EVP_PKEY_CTX_new(3)>,
  69. L<EVP_PKEY_CTX_ctrl_str(3)>,
  70. L<EVP_PKEY_derive(3)>
  71. =head1 COPYRIGHT
  72. Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
  73. Licensed under the OpenSSL license (the "License"). You may not use
  74. this file except in compliance with the License. You can obtain a copy
  75. in the file LICENSE in the source distribution or at
  76. L<https://www.openssl.org/source/license.html>.
  77. =cut