DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

wolfSSL: Use wolfSSL_export_keying_material() when available

Browse source 
This is needed to work with TLS 1.3 key derivation. It looks the needed
functionality was added in wolfSSL 4.7.0.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2022-04-18 16:27:47 +03:00
parent 387b341ead
commit 94e0f39d97
1 changed files with 12 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
src/crypto/tls_wolfssl.c
View file

@ -1977,11 +1977,21 @@ int tls_connection_export_key(void *tls_ctx, struct tls_connection *conn,
const char *label, const u8 *context, const char *label, const u8 *context,
size_t context_len, u8 *out, size_t out_len) size_t context_len, u8 *out, size_t out_len)
{ {
if (context) if (!conn)
return -1; return -1;
if (!conn || wolfSSL_make_eap_keys(conn->ssl, out, out_len, label) != 0) #if LIBWOLFSSL_VERSION_HEX >= 0x04007000
if (wolfSSL_export_keying_material(conn->ssl, out, out_len,
label, os_strlen(label),
context, context_len,
context != NULL) != WOLFSSL_SUCCESS)
return -1; return -1;
return 0; return 0;
#else
if (context ||
wolfSSL_make_eap_keys(conn->ssl, out, out_len, label) != 0)
return -1;
#endif
return 0;
} }