Hi Neo, On Jun 1, 2011, at 4:02 AM, Neo Liu wrote:
> On Tue, May 31, 2011 at 6:41 PM, Michael Tüxen > <michael.tue...@lurchi.franken.de> wrote: > > What about using SSL_tls1_key_extractor()? > > I didn't this function in OpenSSL source. > I can get master secret from SSL_SESSION->master_key, but how can I find the > PRF api used to calculate: > > RPF(master_secret, "client EAP encryption", client_random || > server_random) as Michael stated, the function SSL_tls1_key_exporter() is exactly what you're looking for. The TLS Key Exporter is described in RFC 5705. The patch #1830, which Michael also mentioned, is available for the current OpenSSL 1.0.0 release on http://sctp.fh-muenster.de/dtls-patches.html and already included in the development version of OpenSSL 1.0.1 in the CVS, which can be checked out with: cvs -d anonym...@cvs.openssl.org:/openssl-cvs co -rOpenSSL_1_0_1-stable openssl Best regards Robin ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
