wolfSSL: Use wolfSSL_export_keying_material() when available
This is needed to work with TLS 1.3 key derivation. It looks the needed functionality was added in wolfSSL 4.7.0. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen
parent
387b341ead
commit
94e0f39d97
1 changed files with 12 additions and 2 deletions
|
|
@ -1977,11 +1977,21 @@ int tls_connection_export_key(void *tls_ctx, struct tls_connection *conn,
|
|||
const char *label, const u8 *context,
|
||||
size_t context_len, u8 *out, size_t out_len)
|
||||
{
|
||||
if (context)
|
||||
if (!conn)
|
||||
return -1;
|
||||
if (!conn || wolfSSL_make_eap_keys(conn->ssl, out, out_len, label) != 0)
|
||||
#if LIBWOLFSSL_VERSION_HEX >= 0x04007000
|
||||
if (wolfSSL_export_keying_material(conn->ssl, out, out_len,
|
||||
label, os_strlen(label),
|
||||
context, context_len,
|
||||
context != NULL) != WOLFSSL_SUCCESS)
|
||||
return -1;
|
||||
return 0;
|
||||
#else
|
||||
if (context ||
|
||||
wolfSSL_make_eap_keys(conn->ssl, out, out_len, label) != 0)
|
||||
return -1;
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue