[gnutls-dev] Re: GnuTLS 1.2.8 with TLS Inner Application (TLS/IA) support

[Simon Josefsson]

Jouni Malinen <jkmaline at cc.hut.fi> writes:

> On Thu, Dec 15, 2005 at 12:54:28PM +0100, Simon Josefsson wrote:
>
>> I have added the API below which should remove the need for your hack.
>> Let me know if you have any thoughts on the API, or can think of any
>> improvements.
>> 
>> This will be part of 1.3.2 which will likely be released later today.
>
> Thanks! This was indeed enough to get rid of the need for including
> internal structure definitions. Using gnutls_prf() means that the master
> secret is not actually exported from the library, so I added a new
> wrapper function for doing this. Somewhat similar functionality was
> already needed for Schannel, so this was a good opportunity to clean up
> the interface by making it more generic.

I have added gnutls_session_get_master_secret() for completeness, it
might be useful in some older protocols.  It will be in 1.3.3.

> gnutls_session_get_server_random() and
> gnutls_session_get_client_random() actually not needed for
> EAP-{TLS,PEAP,TTLS} since gnutls_prf() takes care of that part, too.

Right, that was my hope.

> However, these functions may end up being quite useful if EAP-FAST
> support is added at some point. That would require support for
> SessionTicket TLS extension (draft-salowey-tls-ticket-05.txt) and a
> callback for setting master secret during ServerHello processing so that
> full certificate-based authentication can be skipped. GnuTLS seems to
> have some support for TLS extensions, but I haven't yet looked into
> details of whether this particular use (mainly the callback) could be
> implemented now or whether some changes would be needed in the library.

That document look rather useful, even for non-EAP stuff.  It seem
possible to implement it in GnuTLS.  I have added it to the TODO
list...

Regards,
Simon