package prf

Import Path
	github.com/pion/dtls/v3/pkg/crypto/prf (on go.dev)

Dependency Relation
	imports 10 packages, and imported by 3 packages


Involved Source Files

	
		Package prf implements TLS 1.2 Pseudorandom functions


Package-Level Type Names (total 2)


	/* sort by:  |  */
	
		EncryptionKeys is all the state needed for a TLS CipherSuite.

		
			ClientMACKey []byte
			ClientWriteIV []byte
			ClientWriteKey []byte
			MasterSecret []byte
			ServerMACKey []byte
			ServerWriteIV []byte
			ServerWriteKey []byte
		
			(*EncryptionKeys) String() string
		
			*EncryptionKeys : expvar.Var
			*EncryptionKeys : fmt.Stringer
		
			func GenerateEncryptionKeys(masterSecret, clientRandom, serverRandom []byte, macLen, keyLen, ivLen int, h HashFunc) (*EncryptionKeys, error)


	
		HashFunc allows callers to decide what hash is used in PRF.

		
			func ExtendedMasterSecret(preMasterSecret, sessionHash []byte, h HashFunc) ([]byte, error)
			func GenerateEncryptionKeys(masterSecret, clientRandom, serverRandom []byte, macLen, keyLen, ivLen int, h HashFunc) (*EncryptionKeys, error)
			func MasterSecret(preMasterSecret, clientRandom, serverRandom []byte, h HashFunc) ([]byte, error)
			func PHash(secret, seed []byte, requestedLength int, hashFunc HashFunc) ([]byte, error)
			func VerifyDataClient(masterSecret, handshakeBodies []byte, h HashFunc) ([]byte, error)
			func VerifyDataServer(masterSecret, handshakeBodies []byte, h HashFunc) ([]byte, error)
			func github.com/pion/dtls/v3/pkg/crypto/ciphersuite.NewCBC(localKey, localWriteIV, localMac, remoteKey, remoteWriteIV, remoteMac []byte, hashFunc HashFunc) (*ciphersuite.CBC, error)




Package-Level Functions (total 9)


	
		EcdhePSKPreMasterSecret implements TLS 1.2 Premaster Secret generation given a psk, a keypair and a curve
		
		https://datatracker.ietf.org/doc/html/rfc5489#section-2


	
		ExtendedMasterSecret generates a Extended MasterSecret as defined in
		https://tools.ietf.org/html/rfc7627


	
		GenerateEncryptionKeys is the final step TLS 1.2 PRF. Given all state generated so far generates
		the final keys need for encryption.


	
		MasterSecret generates a TLS 1.2 MasterSecret.


	
		PHash is PRF is the SHA-256 hash function is used for all cipher suites
		defined in this TLS 1.2 document and in TLS documents published prior to this
		document when TLS 1.2 is negotiated.  New cipher suites MUST explicitly
		specify a PRF and, in general, SHOULD use the TLS PRF with SHA-256 or a
		stronger standard hash function.
		
			P_hash(secret, seed) = HMAC_hash(secret, A(1) + seed) +
			                       HMAC_hash(secret, A(2) + seed) +
			                       HMAC_hash(secret, A(3) + seed) + ...
		
		A() is defined as:
		
			A(0) = seed
			A(i) = HMAC_hash(secret, A(i-1))
		
		P_hash can be iterated as many times as necessary to produce the
		required quantity of data.  For example, if P_SHA256 is being used to
		create 80 bytes of data, it will have to be iterated three times
		(through A(3)), creating 96 bytes of output data; the last 16 bytes
		of the final iteration will then be discarded, leaving 80 bytes of
		output data.
		
		https://tools.ietf.org/html/rfc4346w


	
		PreMasterSecret implements TLS 1.2 Premaster Secret generation given a keypair and a curve.


	
		PSKPreMasterSecret generates the PSK Premaster Secret
		The premaster secret is formed as follows: if the PSK is N octets
		long, concatenate a uint16 with the value N, N zero octets, a second
		uint16 with the value N, and the PSK itself.
		
		https://tools.ietf.org/html/rfc4279#section-2


	
		VerifyDataClient is caled on the Client Side to either verify or generate the VerifyData message.


	
		VerifyDataServer is caled on the Server Side to either verify or generate the VerifyData message.