| [ << ] | [ < ] | [ Up ] | [ > ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
7.9.3 Keying material exporters
The TLS PRF can be used by other protocols to derive data. The API to
use is gnutls_prf. The function needs to be provided with the
label in the parameter label, and the extra data to mix in the
extra parameter. Depending on whether you want to mix in the
client or server random data first, you can set the
server_random_first parameter.
For example, after establishing a TLS session using gnutls_handshake, you can invoke the TLS PRF with this call:
#define MYLABEL "EXPORTER-FOO"
#define MYCONTEXT "some context data"
char out[32];
rc = gnutls_prf (session, strlen (MYLABEL), MYLABEL, 0,
strlen (MYCONTEXT), MYCONTEXT, 32, out);
If you don’t want to mix in the client/server random, there is a more low-level TLS PRF interface called gnutls_prf_raw.
This document was generated on January 4, 2012 using texi2html 5.0.