summaryrefslogtreecommitdiffstats
path: root/doc/functions/gnutls_prf_raw
diff options
context:
space:
mode:
Diffstat (limited to 'doc/functions/gnutls_prf_raw')
-rw-r--r--doc/functions/gnutls_prf_raw43
1 files changed, 43 insertions, 0 deletions
diff --git a/doc/functions/gnutls_prf_raw b/doc/functions/gnutls_prf_raw
new file mode 100644
index 0000000..0058c85
--- /dev/null
+++ b/doc/functions/gnutls_prf_raw
@@ -0,0 +1,43 @@
+
+
+
+
+@deftypefun {int} {gnutls_prf_raw} (gnutls_session_t @var{session}, size_t @var{label_size}, const char * @var{label}, size_t @var{seed_size}, const char * @var{seed}, size_t @var{outsize}, char * @var{out})
+@var{session}: is a @code{gnutls_session_t} type.
+
+@var{label_size}: length of the @code{label} variable.
+
+@var{label}: label used in PRF computation, typically a short string.
+
+@var{seed_size}: length of the @code{seed} variable.
+
+@var{seed}: optional extra data to seed the PRF with.
+
+@var{outsize}: size of pre-allocated output buffer to hold the output.
+
+@var{out}: pre-allocated buffer to hold the generated data.
+
+Apply the TLS Pseudo-Random-Function (PRF) on the master secret
+and the provided data.
+
+The @code{label} variable usually contains a string denoting the purpose
+for the generated data. The @code{seed} usually contains data such as the
+client and server random, perhaps together with some additional
+data that is added to guarantee uniqueness of the output for a
+particular purpose.
+
+Because the output is not guaranteed to be unique for a particular
+session unless @code{seed} includes the client random and server random
+fields (the PRF would output the same data on another connection
+resumed from the first one), it is not recommended to use this
+function directly. The @code{gnutls_prf()} function seeds the PRF with the
+client and server random fields directly, and is recommended if you
+want to generate pseudo random data unique for each session.
+
+@strong{Note:} This function will only operate under TLS versions prior to 1.3.
+In TLS1.3 the use of PRF is replaced with HKDF and the generic
+exporters like @code{gnutls_prf_rfc5705()} should be used instead. Under
+TLS1.3 this function returns @code{GNUTLS_E_INVALID_REQUEST} .
+
+@strong{Returns:} @code{GNUTLS_E_SUCCESS} on success, or an error code.
+@end deftypefun
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-13 20:42:22 +0000