ekmFromMasterSecret generates exported keying material as defined in RFC 5705.
(version uint16, suite *cipherSuite, masterSecret, clientRandom, serverRandom []byte)
| 268 | |
| 269 | // ekmFromMasterSecret generates exported keying material as defined in RFC 5705. |
| 270 | func ekmFromMasterSecret(version uint16, suite *cipherSuite, masterSecret, clientRandom, serverRandom []byte) func(string, []byte, int) ([]byte, error) { |
| 271 | return func(label string, context []byte, length int) ([]byte, error) { |
| 272 | switch label { |
| 273 | case "client finished", "server finished", "master secret", "key expansion": |
| 274 | // These values are reserved and may not be used. |
| 275 | return nil, fmt.Errorf("crypto/tls: reserved ExportKeyingMaterial label: %s", label) |
| 276 | } |
| 277 | |
| 278 | seedLen := len(serverRandom) + len(clientRandom) |
| 279 | if context != nil { |
| 280 | seedLen += 2 + len(context) |
| 281 | } |
| 282 | seed := make([]byte, 0, seedLen) |
| 283 | |
| 284 | seed = append(seed, clientRandom...) |
| 285 | seed = append(seed, serverRandom...) |
| 286 | |
| 287 | if context != nil { |
| 288 | if len(context) >= 1<<16 { |
| 289 | return nil, fmt.Errorf("crypto/tls: ExportKeyingMaterial context too long") |
| 290 | } |
| 291 | seed = append(seed, byte(len(context)>>8), byte(len(context))) |
| 292 | seed = append(seed, context...) |
| 293 | } |
| 294 | |
| 295 | return prfForVersion(version, suite)(masterSecret, label, seed, length), nil |
| 296 | } |
| 297 | } |
no test coverage detected
searching dependent graphs…