On Thu, Feb 7, 2013 at 9:00 AM, Trevor Jordan <jordan.tre...@gmail.com> wrote: > From what I understand so far, the "KeyBlock" is the place to look for the > key? It's just a matter of getting the sizes and order of the individual > Keys and IV's so that I can extract the bits I need. Any pointers in that > area?
While it is technically possible to extract keys (search for tls_openssl.c in hostap.git for an example), I would not recommend doing this unless you really have to get a specific key derivation mechanism matching with a defined use. This will be ugly and OpenSSL version dependent.. TLS keying material exporter, i.e., SSL_export_keying_material(), will make your life much easier if you are just looking for a mechanism to derive suitable keys for other uses assuming you are using recent enough OpenSSL. That tls_openssl.c file I mentioned above has an example of this, too. - Jouni ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org