MCPcopy
hub / github.com/XTLS/REALITY / ekmFromMasterSecret

Function ekmFromMasterSecret

prf.go:270–297  ·  view source on GitHub ↗

ekmFromMasterSecret generates exported keying material as defined in RFC 5705.

(version uint16, suite *cipherSuite, masterSecret, clientRandom, serverRandom []byte)

Source from the content-addressed store, hash-verified

268
269// ekmFromMasterSecret generates exported keying material as defined in RFC 5705.
270func ekmFromMasterSecret(version uint16, suite *cipherSuite, masterSecret, clientRandom, serverRandom []byte) func(string, []byte, int) ([]byte, error) {
271 return func(label string, context []byte, length int) ([]byte, error) {
272 switch label {
273 case "client finished", "server finished", "master secret", "key expansion":
274 // These values are reserved and may not be used.
275 return nil, fmt.Errorf("crypto/tls: reserved ExportKeyingMaterial label: %s", label)
276 }
277
278 seedLen := len(serverRandom) + len(clientRandom)
279 if context != nil {
280 seedLen += 2 + len(context)
281 }
282 seed := make([]byte, 0, seedLen)
283
284 seed = append(seed, clientRandom...)
285 seed = append(seed, serverRandom...)
286
287 if context != nil {
288 if len(context) >= 1<<16 {
289 return nil, fmt.Errorf("crypto/tls: ExportKeyingMaterial context too long")
290 }
291 seed = append(seed, byte(len(context)>>8), byte(len(context)))
292 seed = append(seed, context...)
293 }
294
295 return prfForVersion(version, suite)(masterSecret, label, seed, length), nil
296 }
297}

Callers 2

handshakeMethod · 0.85
handshakeMethod · 0.85

Calls 1

prfForVersionFunction · 0.85

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…