Add an extra key export function
Add an additional function `mbedtls_ssl_export_keys_ext_t()`
for exporting key, that adds additional information such as
the used `tls_prf` and the random bytes.
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index e1415a8..6a6ed0e 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1265,6 +1265,16 @@
mac_key_len, keylen,
iv_copy_len );
}
+
+ if( ssl->conf->f_export_keys_ext != NULL )
+ {
+ ssl->conf->f_export_keys_ext( ssl->conf->p_export_keys,
+ session->master, keyblk,
+ mac_key_len, transform->keylen,
+ iv_copy_len, handshake->tls_prf,
+ handshake->randbytes + 32,
+ handshake->randbytes );
+ }
#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
@@ -8653,6 +8663,14 @@
conf->f_export_keys = f_export_keys;
conf->p_export_keys = p_export_keys;
}
+
+void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf,
+ mbedtls_ssl_export_keys_ext_t *f_export_keys_ext,
+ void *p_export_keys )
+{
+ conf->f_export_keys_ext = f_export_keys_ext;
+ conf->p_export_keys = p_export_keys;
+}
#endif
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)