提交 5eb72736 编写于 作者: M Matt Caswell

Document SSL_SESSION_set1_master_key()

Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3670)
上级 7721978c
...@@ -2,7 +2,11 @@ ...@@ -2,7 +2,11 @@
=head1 NAME =head1 NAME
SSL_get_client_random, SSL_get_server_random, SSL_SESSION_get_master_key - retrieve internal TLS/SSL random values and master key SSL_get_client_random,
SSL_get_server_random,
SSL_SESSION_get_master_key,
SSL_SESSION_set1_master_key
- get internal TLS/SSL random values and get/set master key
=head1 SYNOPSIS =head1 SYNOPSIS
...@@ -12,6 +16,8 @@ SSL_get_client_random, SSL_get_server_random, SSL_SESSION_get_master_key - retri ...@@ -12,6 +16,8 @@ SSL_get_client_random, SSL_get_server_random, SSL_SESSION_get_master_key - retri
size_t SSL_get_server_random(const SSL *ssl, unsigned char *out, size_t outlen); size_t SSL_get_server_random(const SSL *ssl, unsigned char *out, size_t outlen);
size_t SSL_SESSION_get_master_key(const SSL_SESSION *session, size_t SSL_SESSION_get_master_key(const SSL_SESSION *session,
unsigned char *out, size_t outlen); unsigned char *out, size_t outlen);
int SSL_SESSION_set1_master_key(SSL_SESSION *sess, unsigned char *in,
size_t len);
=head1 DESCRIPTION =head1 DESCRIPTION
...@@ -30,6 +36,13 @@ SSL_SESSION_get_master_key() behaves the same, but extracts the master ...@@ -30,6 +36,13 @@ SSL_SESSION_get_master_key() behaves the same, but extracts the master
secret used to guarantee the security of the SSL/TLS session. This one secret used to guarantee the security of the SSL/TLS session. This one
can be dangerous if misused; see NOTES below. can be dangerous if misused; see NOTES below.
SSL_SESSION_set1_master_key() sets the master key value associated with the
SSL_SESSION B<sess>. For example, this could be used to set up a session based
PSK (see L<SSL_CTX_set_psk_use_session_callback(3)>). The master key of length
B<len> should be provided at B<in>. A copy of the supplied master key is taken
by the function, so the caller is responsible for freeing and cleaning any
memory associated with B<in>. The caller must ensure that the length of the ke
is suitable for the ciphersuite associated with the SSL_SESSION.
=head1 NOTES =head1 NOTES
...@@ -64,22 +77,24 @@ values based on their view of the current time. ...@@ -64,22 +77,24 @@ values based on their view of the current time.
=head1 RETURN VALUES =head1 RETURN VALUES
If B<outlen> is greater than 0, these functions return the number of bytes SSL_SESSION_set1_master_key() returns 1 on success or 0 on failure.
actually copied, which will be less than or equal to B<outlen>.
If B<outlen> is 0, these functions return the maximum number For the other functions, if B<outlen> is greater than 0 then these functions
of bytes they would copy--that is, the length of the underlying field. return the number of bytes actually copied, which will be less than or equal to
B<outlen>. If B<outlen> is 0 then these functions return the maximum number
of bytes they would copy -- that is, the length of the underlying field.
=head1 SEE ALSO =head1 SEE ALSO
L<ssl(7)>, L<ssl(7)>,
L<RAND_bytes(3)>, L<RAND_bytes(3)>,
L<SSL_export_keying_material(3)> L<SSL_export_keying_material(3)>,
L<SSL_CTX_set_psk_use_session_callback(3)>
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册