Document SSL_SESSION_set1_master_key()
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3670)
This commit is contained in:
Matt Caswell
parent
7721978ca8
commit
5eb7273669
1 changed files with 22 additions and 7 deletions
|
|
@ -2,7 +2,11 @@
|
|||
|
||||
=head1 NAME
|
||||
|
||||
SSL_get_client_random, SSL_get_server_random, SSL_SESSION_get_master_key - retrieve internal TLS/SSL random values and master key
|
||||
SSL_get_client_random,
|
||||
SSL_get_server_random,
|
||||
SSL_SESSION_get_master_key,
|
||||
SSL_SESSION_set1_master_key
|
||||
- get internal TLS/SSL random values and get/set master key
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
|
|
@ -12,6 +16,8 @@ SSL_get_client_random, SSL_get_server_random, SSL_SESSION_get_master_key - retri
|
|||
size_t SSL_get_server_random(const SSL *ssl, unsigned char *out, size_t outlen);
|
||||
size_t SSL_SESSION_get_master_key(const SSL_SESSION *session,
|
||||
unsigned char *out, size_t outlen);
|
||||
int SSL_SESSION_set1_master_key(SSL_SESSION *sess, unsigned char *in,
|
||||
size_t len);
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
|
|
@ -30,6 +36,13 @@ SSL_SESSION_get_master_key() behaves the same, but extracts the master
|
|||
secret used to guarantee the security of the SSL/TLS session. This one
|
||||
can be dangerous if misused; see NOTES below.
|
||||
|
||||
SSL_SESSION_set1_master_key() sets the master key value associated with the
|
||||
SSL_SESSION B<sess>. For example, this could be used to set up a session based
|
||||
PSK (see L<SSL_CTX_set_psk_use_session_callback(3)>). The master key of length
|
||||
B<len> should be provided at B<in>. A copy of the supplied master key is taken
|
||||
by the function, so the caller is responsible for freeing and cleaning any
|
||||
memory associated with B<in>. The caller must ensure that the length of the ke
|
||||
is suitable for the ciphersuite associated with the SSL_SESSION.
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
|
|
@ -64,22 +77,24 @@ values based on their view of the current time.
|
|||
|
||||
=head1 RETURN VALUES
|
||||
|
||||
If B<outlen> is greater than 0, these functions return the number of bytes
|
||||
actually copied, which will be less than or equal to B<outlen>.
|
||||
SSL_SESSION_set1_master_key() returns 1 on success or 0 on failure.
|
||||
|
||||
If B<outlen> is 0, these functions return the maximum number
|
||||
of bytes they would copy--that is, the length of the underlying field.
|
||||
For the other functions, if B<outlen> is greater than 0 then these functions
|
||||
return the number of bytes actually copied, which will be less than or equal to
|
||||
B<outlen>. If B<outlen> is 0 then these functions return the maximum number
|
||||
of bytes they would copy -- that is, the length of the underlying field.
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<ssl(7)>,
|
||||
L<RAND_bytes(3)>,
|
||||
L<SSL_export_keying_material(3)>
|
||||
L<SSL_export_keying_material(3)>,
|
||||
L<SSL_CTX_set_psk_use_session_callback(3)>
|
||||
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.
|
||||
|
||||
Licensed under the OpenSSL license (the "License"). You may not use
|
||||
this file except in compliance with the License. You can obtain a copy
|
||||
|
|
|
|||
Loading…
Reference in a new issue