On 1/18/19 8:05 PM, Gary E. Miller via devel wrote: > Section 5.1, they come from RFC 5706 using the PRF() function.
Agreed. > The question is where the master key used by PRF() comes from. That comes from the TLS session. See RFC 5705's mentions of "TLS master secret". For more specifics, note that the code in RFC 5705 section 5.1 uses master_secret, client_random, and server_random out of something called SecurityParameters, and then see RFC 5246, section 6.1, especially page 16 and 17: https://tools.ietf.org/html/rfc5246#section-6.1 struct { ConnectionEnd entity; PRFAlgorithm prf_algorithm; BulkCipherAlgorithm bulk_cipher_algorithm; CipherType cipher_type; uint8 enc_key_length; uint8 block_length; uint8 fixed_iv_length; uint8 record_iv_length; MACAlgorithm mac_algorithm; uint8 mac_length; uint8 mac_key_length; CompressionMethod compression_algorithm; opaque master_secret[48]; opaque client_random[32]; opaque server_random[32]; } SecurityParameters; -- Richard
signature.asc
Description: OpenPGP digital signature
_______________________________________________ devel mailing list [email protected] http://lists.ntpsec.org/mailman/listinfo/devel
