aboutsummaryrefslogtreecommitdiffstats
path: root/src/libtls/tls_crypto.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libtls/tls_crypto.c')
-rw-r--r--src/libtls/tls_crypto.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c
index 0bbfd81fb..b8eb87bf6 100644
--- a/src/libtls/tls_crypto.c
+++ b/src/libtls/tls_crypto.c
@@ -316,9 +316,14 @@ struct private_tls_crypto_t {
chunk_t iv_out;
/**
- * EAP-TLS MSK
+ * EAP-[T]TLS MSK
*/
chunk_t msk;
+
+ /**
+ * ASCII string constant used as seed for EAP-[T]TLS MSK PRF
+ */
+ char *msk_label;
};
typedef struct {
@@ -855,7 +860,7 @@ METHOD(tls_crypto_t, derive_eap_msk, void,
seed = chunk_cata("cc", client_random, server_random);
free(this->msk.ptr);
this->msk = chunk_alloc(64);
- this->prf->get_bytes(this->prf, "client EAP encryption", seed,
+ this->prf->get_bytes(this->prf, this->msk_label, seed,
this->msk.len, this->msk.ptr);
}
@@ -884,7 +889,7 @@ METHOD(tls_crypto_t, destroy, void,
/**
* See header
*/
-tls_crypto_t *tls_crypto_create(tls_t *tls)
+tls_crypto_t *tls_crypto_create(tls_t *tls, char *msk_label)
{
private_tls_crypto_t *this;
@@ -904,6 +909,7 @@ tls_crypto_t *tls_crypto_create(tls_t *tls)
.destroy = _destroy,
},
.tls = tls,
+ .msk_label = msk_label
);
build_cipher_suite_list(this);
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-01 08:02:52 +0000