提交 7470cefc 编写于 作者: N Nick Mathewson 提交者: Matt Caswell

Clarify that SSL3_RANDOM_SIZE is a constant, for now.

Signed-off-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NTim Hudson <tjh@openssl.org>
上级 858618e7
...@@ -15,12 +15,12 @@ SSL_get_client_random, SSL_get_server_random, SSL_SESSION_get_master_key - retri ...@@ -15,12 +15,12 @@ SSL_get_client_random, SSL_get_server_random, SSL_SESSION_get_master_key - retri
=head1 DESCRIPTION =head1 DESCRIPTION
SSL_get_client_random() extracts the random value sent from the client SSL_get_client_random() extracts the random value sent from the client
to the server during the initial SSL/TLS handshake. It copies this to the server during the initial SSL/TLS handshake. It copies as many
value into the buffer provided in B<out>, which must have at least bytes as it can of this value into the buffer provided in B<out>,
B<outlen> bytes available. It returns the total number of bytes that were which must have at least B<outlen> bytes available. It returns the
actually copied. total number of bytes that were actually copied. If B<outlen> is less
If B<outlen> is less than zero, SSL_get_client_random() copies nothing, and than zero, SSL_get_client_random() copies nothing, and returns the
returns the total size of the client_random value. total size of the client_random value.
SSL_get_server_random() behaves the same, but extracts the random value SSL_get_server_random() behaves the same, but extracts the random value
sent from the server to the client during the initial SSL/TLS handshake. sent from the server to the client during the initial SSL/TLS handshake.
...@@ -50,6 +50,12 @@ If you need to calculate another secret value that depends on the master ...@@ -50,6 +50,12 @@ If you need to calculate another secret value that depends on the master
secret, you should probably use SSL_export_keying_material() instead, and secret, you should probably use SSL_export_keying_material() instead, and
forget that you ever saw these functions. forget that you ever saw these functions.
In current versions of the TLS protocols, the length of client_random
(and also server_random) is always SSL3_RANDOM_SIZE bytes. Support for
other outlen arguments to the SSL_get_*_random() functions is provided
in case of the unlikely event that a future version or variant of TLS
uses some other length there.
Finally, though the "client_random" and "server_random" values are called Finally, though the "client_random" and "server_random" values are called
"random", many TLS implementations will generate four bytes of those "random", many TLS implementations will generate four bytes of those
values based on their view of the current time. values based on their view of the current time.
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册