Lines Matching full:secret
86 * HKDF-Expand-Label( Secret, Label, Context, Length ) =
87 * HKDF-Expand( Secret, HkdfLabel, Length )
91 * \param secret The \c Secret argument to \c HKDF-Expand-Label.
94 * \param secret_len The length of \p secret in Bytes.
102 * \param buf The destination buffer to hold the expanded secret.
104 * \param buf_len The desired size of the expanded secret in Bytes.
113 const unsigned char *secret, size_t secret_len,
126 * [sender]_write_key = HKDF-Expand-Label(Secret, "key", "", key_length)
127 * [sender]_write_iv = HKDF-Expand-Label(Secret, "iv", "", iv_length)*
131 * for the HKDF-based expansion of the secret.
132 * \param client_secret The client traffic secret.
135 * \param server_secret The server traffic secret.
158 * \brief The \c Derive-Secret function from the TLS 1.3 standard RFC 8446.
161 * Derive-Secret( Secret, Label, Messages ) =
162 * HKDF-Expand-Label( Secret, Label,
169 * \param secret The \c Secret argument to the \c Derive-Secret function.
172 * \param secret_len The length of \p secret in Bytes.
173 * \param label The \c Label argument to the \c Derive-Secret function.
178 * \c Derive-Secret function, or the \c Messages argument
183 * \c Derive-Secret function
189 * \c Derive-Secret to. This must be a writable buffer of
199 const unsigned char *secret, size_t secret_len,
206 * \brief Derive TLS 1.3 early data key material from early secret.
212 * Early Secret
214 * +-----> Derive-Secret(., "c e traffic", ClientHello)
217 * +-----> Derive-Secret(., "e exp master", ClientHello)
224 * the client secret derived by this function need to be
227 * \note The binder key, which is also generated from the early secret,
233 * \param early_secret The early secret from which the early data key material
255 * \brief Derive TLS 1.3 handshake key material from the handshake secret.
261 * Handshake Secret
263 * +-----> Derive-Secret( ., "c hs traffic",
267 * +-----> Derive-Secret( ., "s hs traffic",
274 * the client and server secret derived by this function need to be
279 * \param handshake_secret The handshake secret from which the handshake key
301 * \brief Derive TLS 1.3 application key material from the master secret.
307 * Master Secret
309 * +-----> Derive-Secret( ., "c ap traffic",
313 * +-----> Derive-Secret( ., "s ap traffic",
317 * +-----> Derive-Secret( ., "exp master",
324 * the client and server secret derived by this function need to be
329 * \param master_secret The master secret from which the application key
352 * \brief Derive TLS 1.3 resumption master secret from the master secret.
359 * \param application_secret The application secret from which the resumption master
360 * secret should be derived. This must be a readable
370 * store the resumption master secret.
383 * \brief Compute the next secret in the TLS 1.3 key schedule
387 * secret for early data, the handshake secret for all
389 * secret for all application traffic.
395 * PSK -> HKDF-Extract = Early Secret
398 * Derive-Secret( ., "derived", "" )
401 * (EC)DHE -> HKDF-Extract = Handshake Secret
404 * Derive-Secret( ., "derived", "" )
407 * 0 -> HKDF-Extract = Master Secret
420 * Derive-Secret( ., "derived", "" )
428 * \param secret_old The address of the buffer holding the old secret
435 * ephemeral (EC)DH secret). If not \c NULL, this must be
439 * \param secret_new The address of the buffer holding the new secret
530 * \brief Begin TLS 1.3 key schedule by calculating early secret.
545 * \brief Compute TLS 1.3 resumption master secret.
595 * \warning The function does not compute the early master secret. Call
597 * call this function to generate the early master secret.
610 * \param ssl The SSL context to operate on. The early secret must have been
622 * \param ssl The SSL context to operate on. The early secret must have been