manpagez: man pages & more
info gnutls
Home | html | info | man
[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

7.8 Keying Material Exporters

The TLS PRF can be used by other protocols to derive data. The API to use is gnutls_prf. The function needs to be provided with the label in the parameter label, and the extra data to mix in the extra parameter. Depending on whether you want to mix in the client or server random data first, you can set the server_random_first parameter.

For example, after establishing a TLS session using gnutls_handshake, you can invoke the TLS PRF with this call:

 
#define MYLABEL "EXPORTER-FOO"
#define MYCONTEXT "some context data"
char out[32];
rc = gnutls_prf (session, strlen (MYLABEL), MYLABEL, 0,
                 strlen (MYCONTEXT), MYCONTEXT, 32, out);

If you don’t want to mix in the client/server random, there is a more low-level TLS PRF interface called gnutls_prf_raw. 

© manpagez.com 2000-2024
Individual documents may contain additional copyright information.