Add an extra key export function
Add an additional function `mbedtls_ssl_export_keys_ext_t()`
for exporting key, that adds additional information such as
the used `tls_prf` and the random bytes.
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 135be05..766217c 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -559,6 +559,25 @@
*/
typedef int mbedtls_ssl_get_timer_t( void * ctx );
+/**
+ * \brief Function type: TLS-PRF function.
+ *
+ * \param secret Secret for the key derivation function.
+ * \param slen Length of the secret.
+ * \param label String label for the key derivation function,
+ * terminated with null character.
+ * \param random Random bytes.
+ * \param rlen Length of the random bytes buffer.
+ * \param dstbuf The buffer holding the derived key.
+ * \param dlen Length of the output buffer.
+ *
+ * \return 0 on sucess. An SSL specific error on failure.
+ */
+typedef int mbedtls_ssl_tls_prf( const unsigned char *secret, size_t slen,
+ const char *label,
+ const unsigned char *random, size_t rlen,
+ unsigned char *dstbuf, size_t dlen );
+
/* Defined below */
typedef struct mbedtls_ssl_session mbedtls_ssl_session;
typedef struct mbedtls_ssl_context mbedtls_ssl_context;
@@ -920,6 +939,11 @@
/** Callback to export key block and master secret */
int (*f_export_keys)( void *, const unsigned char *,
const unsigned char *, size_t, size_t, size_t );
+ /** Callback to export key block, master secret,
+ * tls_prf and random bytes. Should replace f_export_keys */
+ int (*f_export_keys_ext)( void *, const unsigned char *,
+ const unsigned char *, size_t, size_t, size_t,
+ mbedtls_ssl_tls_prf *, unsigned char[32], unsigned char[32]);
void *p_export_keys; /*!< context for key export callback */
#endif
@@ -1624,6 +1648,41 @@
size_t maclen,
size_t keylen,
size_t ivlen );
+
+/**
+ * \brief Callback type: Export key block, master secret,
+ * handshake randbytes and the tls_prf function
+ * used to derive keys.
+ *
+ * \note This is required for certain uses of TLS, e.g. EAP-TLS
+ * (RFC 5216) and Thread. The key pointers are ephemeral and
+ * therefore must not be stored. The master secret and keys
+ * should not be used directly except as an input to a key
+ * derivation function.
+ *
+ * \param p_expkey Context for the callback.
+ * \param ms Pointer to master secret (fixed length: 48 bytes).
+ * \param kb Pointer to key block, see RFC 5246 section 6.3.
+ * (variable length: 2 * maclen + 2 * keylen + 2 * ivlen).
+ * \param maclen MAC length.
+ * \param keylen Key length.
+ * \param ivlen IV length.
+ * \param tls_prf The TLS PRF function used in the handshake.
+ * \param client_random The client random bytes.
+ * \param server_random The server random bytes.
+ *
+ * \return 0 if successful, or
+ * a specific MBEDTLS_ERR_XXX code.
+ */
+typedef int mbedtls_ssl_export_keys_ext_t( void *p_expkey,
+ const unsigned char *ms,
+ const unsigned char *kb,
+ size_t maclen,
+ size_t keylen,
+ size_t ivlen,
+ mbedtls_ssl_tls_prf *tls_prf,
+ unsigned char client_random[32],
+ unsigned char server_random[32] );
#endif /* MBEDTLS_SSL_EXPORT_KEYS */
/**
@@ -1689,6 +1748,20 @@
void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf,
mbedtls_ssl_export_keys_t *f_export_keys,
void *p_export_keys );
+
+/**
+ * \brief Configure extended key export callback.
+ * (Default: none.)
+ *
+ * \note See \c mbedtls_ssl_export_keys_ext_t.
+ *
+ * \param conf SSL configuration context
+ * \param f_export_keys_ext Callback for exporting keys
+ * \param p_export_keys Context for the callback
+ */
+void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf,
+ mbedtls_ssl_export_keys_ext_t *f_export_keys_ext,
+ void *p_export_keys );
#endif /* MBEDTLS_SSL_EXPORT_KEYS */
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index e1415a8..6a6ed0e 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1265,6 +1265,16 @@
mac_key_len, keylen,
iv_copy_len );
}
+
+ if( ssl->conf->f_export_keys_ext != NULL )
+ {
+ ssl->conf->f_export_keys_ext( ssl->conf->p_export_keys,
+ session->master, keyblk,
+ mac_key_len, transform->keylen,
+ iv_copy_len, handshake->tls_prf,
+ handshake->randbytes + 32,
+ handshake->randbytes );
+ }
#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
@@ -8653,6 +8663,14 @@
conf->f_export_keys = f_export_keys;
conf->p_export_keys = p_export_keys;
}
+
+void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf,
+ mbedtls_ssl_export_keys_ext_t *f_export_keys_ext,
+ void *p_export_keys )
+{
+ conf->f_export_keys_ext = f_export_keys_ext;
+ conf->p_export_keys = p_export_keys;
+}
#endif
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)