From: Jouni Malinen <j@w1.fi>
Date: Thu, 16 Aug 2012 16:29:34 +0000 (+0300)
Subject: OpenSSL: Use internal keying material exporter when possible
X-Git-Tag: hostap_2_0~408
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=68770ccd6ef5274ee2ad541ce01a7a14d0affab4;p=thirdparty%2Fhostap.git

OpenSSL: Use internal keying material exporter when possible

Use SSL_export_keying_material() if possible, i.e., if OpenSSL is
version 1.0.1 or newer and if client random value is used first. This
allows MSK derivation with TLS-based EAP methods (apart from EAP-FAST)
without exporting the master key from OpenSSL.

Signed-hostap: Jouni Malinen <j@w1.fi>
---

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index baf206ee9..50ce23a61 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -2323,6 +2323,19 @@ int tls_connection_prf(void *tls_ctx, struct tls_connection *conn,
 		       const char *label, int server_random_first,
 		       u8 *out, size_t out_len)
 {
+#if OPENSSL_VERSION_NUMBER >= 0x10001000L
+	SSL *ssl;
+	if (conn == NULL)
+		return -1;
+	if (server_random_first)
+		return -1;
+	ssl = conn->ssl;
+	if (SSL_export_keying_material(ssl, out, out_len, label,
+				       os_strlen(label), NULL, 0, 0) == 1) {
+		wpa_printf(MSG_DEBUG, "OpenSSL: Using internal PRF");
+		return 0;
+	}
+#endif
 	return -1;
 }