[gnutls-dev] GnuTLS 1.4.0 release candidate 1
Emile van Bergen
emile-gnutls at e-advies.nl
Tue Mar 21 19:07:04 CET 2006
Hi,
On Tue, Mar 21, 2006 at 06:51:35PM +0100, Simon Josefsson wrote:
> We expect to release 1.4.0 shortly, and anything you'd like to change
> in the software or in the final announcement (which will look much
> like the below) should be sent to us within a few days...
[SNIP]
> ** Support for TLS Inner application (TLS/IA). This is per
> draft-funk-tls-inner-application-extension-01, and is compatible
> with the recent -02 version too.
I have a patch for that with a proposed API change, hope the FSF's
confirmation of the copyright assignment reaches you in time for you to
review it.
> ** New APIs to access the TLS Pseudo-Random-Function (PRF) and the
> client and server random fields in a session. This is primarily
> intended for when GnuTLS is used as a component in other
> authentication protocols, such as the EAP mechanism PEAP and TTLS.
I also have a patch for that; it's attached. The purpose is to allow you
to use the higher level PRF function (the one that derives from the
TLS MSK and the randoms) for generating IV material, that's supposed to
be dependent on the randoms, but not on the MSK.
This is useful for PEAPv2 etc. Basically, the server_random_first flag
is changed to a 'type' flag that contains the server_random_first flag
and a 'empty_master_secret' flag in bits 0 and 1, respectively.
Of course one could pull the randoms manually and then call the raw PRF,
but this seemed the cleaner way to do it.
Cheers,
Emile.
--
E-Advies - Emile van Bergen emile at e-advies.nl
tel. +31 (0)78 6136282 http://www.e-advies.nl
-------------- next part --------------
diff -ur gnutls-1.3.4-evb0/includes/gnutls/gnutls.h.in gnutls-1.3.4-evb1/includes/gnutls/gnutls.h.in
--- gnutls-1.3.4-evb0/includes/gnutls/gnutls.h.in 2006-02-14 12:13:50.000000000 +0100
+++ gnutls-1.3.4-evb1/includes/gnutls/gnutls.h.in 2006-03-17 12:42:22.000000000 +0100
@@ -399,7 +399,7 @@
int gnutls_prf (gnutls_session_t session,
size_t label_size, const char *label,
- int server_random_first,
+ int type,
size_t extra_size, const char *extra,
size_t outsize, char *out);
diff -ur gnutls-1.3.4-evb0/lib/gnutls_state.c gnutls-1.3.4-evb1/lib/gnutls_state.c
--- gnutls-1.3.4-evb0/lib/gnutls_state.c 2005-12-16 12:11:39.000000000 +0100
+++ gnutls-1.3.4-evb1/lib/gnutls_state.c 2006-03-17 13:06:31.000000000 +0100
@@ -949,7 +949,10 @@
* @session: is a #gnutls_session_t structure.
* @label_size: length of the @label variable.
* @label: label used in PRF computation, typically a short string.
- * @server_random_first: non-0 if server random field should be first in seed
+ * @type: flags specifying the type of material to derive
+ * if bit 0 set, server random is put before client random in seed
+ * if bit 1 set, use an empty secret instead of the TLS master secret;
+ * useful for deriving IV material
* @extra_size: length of the @extra variable.
* @extra: optional extra data to seed the PRF with.
* @outsize: size of pre-allocated output buffer to hold the output.
@@ -977,10 +980,10 @@
gnutls_prf (gnutls_session_t session,
size_t label_size,
const char *label,
- int server_random_first,
+ int type,
size_t extra_size, const char *extra, size_t outsize, char *out)
{
- int ret;
+ int ret, server_random_first = (type & 1), no_msk = (type & 2);
opaque *seed;
size_t seedsize = 2 * TLS_RANDOM_SIZE + extra_size;
@@ -1000,8 +1003,10 @@
memcpy (seed + 2 * TLS_RANDOM_SIZE, extra, extra_size);
- ret = _gnutls_PRF (session->security_parameters.master_secret,
- TLS_MASTER_SIZE,
+ ret = _gnutls_PRF (no_msk ? (const opaque *)""
+ : session->security_parameters.master_secret,
+ no_msk ? 0
+ : TLS_MASTER_SIZE,
label, label_size, seed, seedsize, outsize, out);
gnutls_free (seed);
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: </pipermail/attachments/20060321/597c9de8/attachment.pgp>
More information about the Gnutls-devel
mailing list