11.12.3.4.130. Function Se05x_API_TLSPerformPRF

11.12.3.4.130.1. Function Documentation

smStatus_t Se05x_API_TLSPerformPRF(pSe05xSession_t session_ctx, uint32_t objectID, uint8_t digestAlgo, const uint8_t *label, size_t labelLen, const uint8_t *random, size_t randomLen, uint16_t reqLen, uint8_t *outputData, size_t *poutputDataLen, const SE05x_TLSPerformPRFType_t tlsprf)

Se05x_API_TLSPerformPRF

The command TLSPerformPRF will compute either:

  • the master secret for TLS according [RFC5246], section 8.1

  • key expansion data from a master secret for TLS according [RFC5246], section 6.3

Each time before calling this function, TLSGenerateRandom must be called. Executing this function will clear the random that is stored in the SE05X .

The function can be called as client or as server and either using the pre- master secret or master secret as input, stored in an HMACKey. The input length must be either 16, 32, 48 or 64 bytes.

This results in P2 having 4 possibilities:

  • P2_TLS_PRF_CLI_HELLO: pass the clientHelloRandom to calculate a master secret, the serverHelloRandom is in SE05X , generated by TLSGenerateRandom.

  • P2_TLS_PRF_SRV_HELLO: pass the serverHelloRandom to calculate a master secret, the clientHelloRandom is in SE05X , generated by TLSGenerateRandom.

  • P2_TLS_PRF_CLI_RANDOM: pass the clientRandom to generate key expansion data, the serverRandom is in SE05X , generated by TLSGenerateRandom.

  • P2_TLS_PRF_SRV_RANDOM: pass the serverRandom to generate key expansion data, the clientRandom is in SE05X

Command to Applet

Field

Value

Description

CLA

0x80

INS

INS_CRYPTO

See SE05x_INS_t

P1

P1_TLS

See SE05x_P1_t

P2

See description above.

See SE05x_P2_t

Lc

#(Payload)

TLV[TAG_1]

4-byte HMACKey identifier.

TLV[TAG_2]

1-byte SE05x_DigestMode_t, except DIGEST_NO_HASH.

TLV[TAG_3]

Label (1 to 64 bytes)

TLV[TAG_4]

32-byte random

TLV[TAG_5]

2-byte requested length

Le

0x00

R-APDU Body

Value

Description

TLV[TAG_1]

Byte array containing requested output data.

R-APDU Trailer

SW

Description

SW_NO_ERROR

The command is handled successfully.

Return

The sm status.

Parameters
  • [in] session_ctx: The session context

  • [in] objectID: The object id

  • [in] digestAlgo: The digest algorithm

  • [in] label: The label

  • [in] labelLen: The label length

  • [in] random: The random

  • [in] randomLen: The random length

  • [in] reqLen: The request length

  • outputData: The output data

  • poutputDataLen: The poutput data length

  • [in] tlsprf: The tlsprf