gnutls_prf - derive pseudo-random data using the TLS PRF


#include <gnutls/gnutls.h>

int gnutls_prf(gnutls_session_t session, size_t label_size, const char * label, int server_random_first, size_t extra_size, const char * extra, size_t outsize, char * out);


gnutls_session_t session is a gnutls_session_t structure.
size_t label_size length of the label variable.
const char * label label used in PRF computation, typically a short string.
int server_random_first non-0 if server random field should be first in seed
size_t extra_size length of the extra variable.
const char * extra optional extra data to seed the PRF with.
size_t outsize size of pre-allocated output buffer to hold the output.
char * out pre-allocate buffer to hold the generated data.


Apply the TLS Pseudo-Random-Function (PRF) using the master secret on some data, seeded with the client and server random fields.

The label variable usually contain a string denoting the purpose for the generated data. The server_random_first indicate whether the client random field or the server random field should be first in the seed. Non-0 indicate that the server random field is first, 0 that the client random field is first.

The extra variable can be used to add more data to the seed, after the random variables. It can be used to tie make sure the generated output is strongly connected to some additional data (e.g., a string used in user authentication).

The output is placed in *OUT, which must be pre-allocated.


GNUTLS_E_SUCCESS on success, or an error code.


Report bugs to <>.


Copyright © 2008 Free Software Foundation. Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are preserved on all copies.


The full documentation for gnutls is maintained as a Texinfo manual. If the info and gnutls programs are properly installed at your site, the command
info gnutls
should give you access to the complete manual.

openSUSE Logo