TLS Pseudorandom Function.
The PRF used by SSL/TLS varies based on the version of the protocol and (for TLS 1.2) possibly the Hash algorithm of the negotiated cipher suite. The various uses of the PRF (key derivation, computation of verify_data, computation of pre_master_secret values) for the different versions of the protocol also changes. In order to abstract those elements, the common _tls_PRF() object is provided. It is expected to be initialised in the context of the connection state using the tls_version and the cipher suite.
compute_master_secret(pre_master_secret, client_random, server_random)¶
Return the 48-byte master_secret, computed from pre_master_secret, client_random and server_random. See RFC 5246, section 6.3.
compute_verify_data(con_end, read_or_write, handshake_msg, master_secret)¶
Return verify_data based on handshake messages, connection end, master secret, and read_or_write position. See RFC 5246, section 7.4.9.
Every TLS 1.2 cipher suite has a verify_data of length 12. Note also:
"This PRF with the SHA-256 hash function is used for all cipher suites defined in this document and in TLS documents published prior to this document when TLS 1.2 is negotiated."
Cipher suites using SHA-384 were defined later on.
derive_key_block(master_secret, server_random, client_random, req_len)¶
Perform the derivation of master_secret into a key_block of req_len requested length. See RFC 5246, section 6.3.
generate_iv_for_export(client_random, server_random, con_end, read_or_write, req_len)¶
Generate IV for EXPORT ciphersuite, i.e. weakens it. An export IV generation example is given in section 6.3.1 of RFC 2246. See also page 86 of EKR’s book.
postprocess_key_for_export(key, client_random, server_random, con_end, read_or_write, req_len)¶
Postprocess cipher key for EXPORT ciphersuite, i.e. weakens it. An export key generation example is given in section 6.3.1 of RFC 2246. See also page 86 of EKR’s book.