11.12.3.4.130. Function Se05x_API_TLSPerformPRF¶
Defined in File se05x_APDU_apis.h
11.12.3.4.130.1. Function Documentation¶
-
smStatus_t
Se05x_API_TLSPerformPRF
(pSe05xSession_t session_ctx, uint32_t objectID, uint8_t digestAlgo, const uint8_t *label, size_t labelLen, const uint8_t *random, size_t randomLen, uint16_t reqLen, uint8_t *outputData, size_t *poutputDataLen, const SE05x_TLSPerformPRFType_t tlsprf)¶ Se05x_API_TLSPerformPRF
The command TLSPerformPRF will compute either:
the master secret for TLS according [RFC5246], section 8.1
key expansion data from a master secret for TLS according [RFC5246], section 6.3
Each time before calling this function, TLSGenerateRandom must be called. Executing this function will clear the random that is stored in the SE05X .
The function can be called as client or as server and either using the pre- master secret or master secret as input, stored in an HMACKey. The input length must be either 16, 32, 48 or 64 bytes.
This results in P2 having 4 possibilities:
P2_TLS_PRF_CLI_HELLO: pass the clientHelloRandom to calculate a master secret, the serverHelloRandom is in SE05X , generated by TLSGenerateRandom.
P2_TLS_PRF_SRV_HELLO: pass the serverHelloRandom to calculate a master secret, the clientHelloRandom is in SE05X , generated by TLSGenerateRandom.
P2_TLS_PRF_CLI_RANDOM: pass the clientRandom to generate key expansion data, the serverRandom is in SE05X , generated by TLSGenerateRandom.
P2_TLS_PRF_SRV_RANDOM: pass the serverRandom to generate key expansion data, the clientRandom is in SE05X
Command to Applet
Field
Value
Description
CLA
0x80
INS
INS_CRYPTO
See
SE05x_INS_t
P1
P1_TLS
See
SE05x_P1_t
P2
See description above.
See
SE05x_P2_t
Lc
#(Payload)
TLV[TAG_1]
4-byte HMACKey identifier.
TLV[TAG_2]
1-byte
SE05x_DigestMode_t
, except DIGEST_NO_HASH.TLV[TAG_3]
Label (1 to 64 bytes)
TLV[TAG_4]
32-byte random
TLV[TAG_5]
2-byte requested length
Le
0x00
R-APDU Body
Value
Description
TLV[TAG_1]
Byte array containing requested output data.
R-APDU Trailer
SW
Description
SW_NO_ERROR
The command is handled successfully.
- Return
The sm status.
- Parameters
[in] session_ctx
: The session context[in] objectID
: The object id[in] digestAlgo
: The digest algorithm[in] label
: The label[in] labelLen
: The label length[in] random
: The random[in] randomLen
: The random length[in] reqLen
: The request lengthoutputData
: The output datapoutputDataLen
: The poutput data length[in] tlsprf
: The tlsprf