nsresult TransportLayerDtls::ExportKeyingMaterial(const std::string& label, bool use_context, const std::string& context, unsigned char *out, unsigned int outlen) { CheckThread(); if (state_ != TS_OPEN) { MOZ_ASSERT(false, "Transport must be open for ExportKeyingMaterial"); return NS_ERROR_NOT_AVAILABLE; } SECStatus rv = SSL_ExportKeyingMaterial(ssl_fd_, label.c_str(), label.size(), use_context, reinterpret_cast<const unsigned char *>( context.c_str()), context.size(), out, outlen); if (rv != SECSuccess) { MOZ_MTLOG(ML_ERROR, "Couldn't export SSL keying material"); return NS_ERROR_FAILURE; } return NS_OK; }
int tls_connection_prf(void *tls_ctx, struct tls_connection *conn, const char *label, int server_random_first, u8 *out, size_t out_len) { if (conn == NULL || server_random_first) { wpa_printf(MSG_INFO, "NSS: Unsupported PRF request " "(server_random_first=%d)", server_random_first); return -1; } if (SSL_ExportKeyingMaterial(conn->fd, label, NULL, 0, out, out_len) != SECSuccess) { wpa_printf(MSG_INFO, "NSS: Failed to use TLS extractor " "(label='%s' out_len=%d", label, (int) out_len); return -1; } return 0; }
nsresult TransportLayerDtls::ExportKeyingMaterial(const std::string& label, bool use_context, const std::string& context, unsigned char *out, unsigned int outlen) { CheckThread(); SECStatus rv = SSL_ExportKeyingMaterial(ssl_fd_, label.c_str(), label.size(), use_context, reinterpret_cast<const unsigned char *>( context.c_str()), context.size(), out, outlen); if (rv != SECSuccess) { MOZ_MTLOG(PR_LOG_ERROR, "Couldn't export SSL keying material"); return NS_ERROR_FAILURE; } return NS_OK; }