}
}
+static int pkey_tls1_prf_ctrl_str(EVP_PKEY_CTX *ctx,
+ const char *type, const char *value)
+{
+ if (value == NULL)
+ return 0;
+ if (strcmp(type, "md") == 0) {
+ TLS1_PRF_PKEY_CTX *kctx = ctx->data;
+
+ const EVP_MD *md = EVP_get_digestbyname(value);
+ if (md == NULL)
+ return 0;
+ kctx->md = md;
+ return 1;
+ }
+ if (strcmp(type, "secret") == 0)
+ return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_TLS_SECRET, value);
+ if (strcmp(type, "hexsecret") == 0)
+ return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_TLS_SECRET, value);
+ if (strcmp(type, "seed") == 0)
+ return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_TLS_SEED, value);
+ if (strcmp(type, "hexseed") == 0)
+ return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_TLS_SEED, value);
+ return -2;
+}
+
static int pkey_tls1_prf_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
size_t *keylen)
{
0,
pkey_tls1_prf_derive,
pkey_tls1_prf_ctrl,
- 0
+ pkey_tls1_prf_ctrl_str
};
static int tls1_prf_P_hash(const EVP_MD *md,
EVP_PKEY_CTX_add1_tls1_prf_seed() sets the seed to B<seedlen> bytes of B<seed>.
If a seed is already set it is appended to the existing value.
+=head1 STRING CTRLS
+
+The TLS PRF also supports string based control operations using
+EVP_PKEY_CTX_ctrl_str(). The B<type> parameters "secret" and "seed" use
+the supplied B<value> parameter as a secret or seed value. The names
+"hexsecret" and "hexseed" are similar except they take a hex string which
+is converted to binary.
+
=head1 NOTES
All these functions are implemented as macros.
=head1 SEE ALSO
L<EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_derive(3)>,
+L<EVP_PKEY_CTX_ctrl(3)>,
+L<EVP_PKEY_derive(3)>
=cut