PR: 1830

Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>, Steve Henson

Support for RFC5705 key extractor.
上级 b9e7793d
master OpenHarmony-2.2-Beta2 OpenHarmony-2.3-Beta OpenHarmony-3.0-LTS OpenHarmony-3.1-API8-SDK-Public OpenHarmony-3.1-API9-SDK-Canary OpenHarmony-3.1-Beta OpenHarmony-3.1-Release OpenHarmony-3.2-Beta1 OpenHarmony-3.2-Beta2 OpenHarmony-3.2-Beta3 OpenHarmony-3.2-Beta4 OpenHarmony-3.2-Beta5 OpenHarmony-3.2-Release OpenHarmony-4.0-Beta1 OpenHarmony-4.0-Beta2 OpenHarmony-v2.2-Beta OpenHarmony_1.0.1_release OpenHarmony_filemanager_develop_20220505 OpenHarmony_filemanager_develop_20220614 add_issus_pr_template_for_master add_issus_pr_template_for_release feature_IDL_20220811 master_dy monthly_20220614 monthly_20220816 monthly_20221018 monthly_20230815 revert-merge-109-master weekly_20220105 weekly_20220111 weekly_20220118 weekly_20220125 weekly_20220201 weekly_20220208 weekly_20220215 weekly_20220222 weekly_20220301 weekly_20220406 weekly_20220412 weekly_20220419 weekly_20220426 weekly_20220503 weekly_20220510 weekly_20220524 weekly_20220531 weekly_20220607 weekly_20220614 weekly_20220621 weekly_20220628 weekly_20220705 weekly_20220712 weekly_20220719 weekly_20220726 weekly_20220802 weekly_20220809 weekly_20220816 weekly_20220823 weekly_20220830 weekly_20220906 weekly_20220913 weekly_20220920 weekly_20220927 weekly_20221004 weekly_20221011 weekly_20221018 weekly_20221025 weekly_20221101 weekly_20221108 weekly_20221115 weekly_20221122 weekly_20221129 weekly_20221206 weekly_20221213 weekly_20221220 weekly_20221227 weekly_20230103 weekly_20230110 weekly_20230117 weekly_20230124 weekly_20230131 weekly_20230207 weekly_20230214 weekly_20230221 weekly_20230228 weekly_20230307 weekly_20230314 weekly_20230321 weekly_20230328 weekly_20230404 weekly_20230411 weekly_20230418 weekly_20230425 weekly_20230502 weekly_20230509 weekly_20230516 weekly_20230523 weekly_20230530 weekly_20230606 weekly_20230613 weekly_20230619 weekly_20230626 weekly_20230627 weekly_20230704 weekly_20230712 weekly_20230725 weekly_20230801 weekly_20230808 weekly_20230815 weekly_20230822 weekly_20230829 OpenHarmony_v1.1.1-LTS OpenHarmony_release_v1.1.0 OpenHarmony-v4.0-Beta2 OpenHarmony-v4.0-Beta1 OpenHarmony-v3.2.2-Release OpenHarmony-v3.2.1-Release OpenHarmony-v3.2-Release OpenHarmony-v3.2-Beta5 OpenHarmony-v3.2-Beta4 OpenHarmony-v3.2-Beta3 OpenHarmony-v3.2-Beta2 OpenHarmony-v3.2-Beta1 OpenHarmony-v3.1.7-Release OpenHarmony-v3.1.6-Release OpenHarmony-v3.1.5-Release OpenHarmony-v3.1.4-Release OpenHarmony-v3.1.3-Release OpenHarmony-v3.1.2-Release OpenHarmony-v3.1.1-Release OpenHarmony-v3.1-Release OpenHarmony-v3.1-Beta OpenHarmony-v3.0.8-LTS OpenHarmony-v3.0.7-LTS OpenHarmony-v3.0.6-LTS OpenHarmony-v3.0.5-LTS OpenHarmony-v3.0.3-LTS OpenHarmony-v3.0.2-LTS OpenHarmony-v3.0.1-LTS OpenHarmony-v3.0-LTS OpenHarmony-v3.0-Beta1 OpenHarmony-v2.2-Beta2 OpenHarmony-v1.1.5-LTS OpenHarmony-v1.1.4-LTS OpenHarmony-v1.1.3-LTS OpenHarmony-v1.1.2-LTS OpenHarmony-v1.1.1-LTS OpenHarmony-2.0-Canary OpenHarmony-1.0
无相关合并请求
......@@ -71,16 +71,6 @@
multi-process servers.
[Steve Henson]
*) Initial TLSv1.1 support. Since TLSv1.1 is very similar to TLS v1.0 only
a few changes are required:
Add SSL_OP_NO_TLSv1_1 flag.
Add TLSv1_1 methods.
Update version checking logic to handle version 1.1.
Add explicit IV handling (ported from DTLS code).
Add command line options to s_client/s_server.
[Steve Henson]
*) Experiemental password based recipient info support for CMS library:
implementing RFC3211.
[Steve Henson]
......@@ -104,6 +94,21 @@
whose return value is often ignored.
[Steve Henson]
Changes between 1.0.0 and 1.0.1 [xx XXX xxxx]
*) Add support for TLS key exporter as described in RFC5705.
[Robin Seggelmann <seggelmann@fh-muenster.de>, Steve Henson]
*) Initial TLSv1.1 support. Since TLSv1.1 is very similar to TLS v1.0 only
a few changes are required:
Add SSL_OP_NO_TLSv1_1 flag.
Add TLSv1_1 methods.
Update version checking logic to handle version 1.1.
Add explicit IV handling (ported from DTLS code).
Add command line options to s_client/s_server.
[Steve Henson]
Changes between 1.0.0 and 1.0.0a [xx XXX xxxx]
*) Check return value of int_rsa_verify in pkey_rsa_verifyrecover
......
......@@ -1812,6 +1812,10 @@ int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
/* Pre-shared secret session resumption functions */
int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg);
int SSL_tls1_key_exporter(SSL *s, unsigned char *label, int label_len,
unsigned char *context, int context_len,
unsigned char *out, int olen);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
......
......@@ -1071,3 +1071,26 @@ int tls1_alert_code(int code)
}
}
int SSL_tls1_key_exporter(SSL *s, unsigned char *label, int label_len,
unsigned char *context, int context_len,
unsigned char *out, int olen)
{
unsigned char *tmp;
int rv;
tmp = OPENSSL_malloc(olen);
if (!tmp)
return 0;
rv = tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
label, label_len,
s->s3->client_random,SSL3_RANDOM_SIZE,
s->s3->server_random,SSL3_RANDOM_SIZE,
context, context_len, NULL, 0,
s->session->master_key, s->session->master_key_length,
out, tmp, olen);
OPENSSL_free(tmp);
return rv;
}
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册
反馈
建议
客服 返回
顶部