api - DTLS 1.2 Master key derivation -
i implementing dtls 1.2 , using cipher tls_ecdhe_rsa_with_aes_128_gcm_sha256
i creating pre-master secret , master secret key using following steps
1- open algorithm provider using api bcryptopenalgorithmprovider
2- generate key pair using api bcryptgeneratekeypair
3- export public key using api bcryptexportkey
4- import other party public key using api bcryptimportkeypair
5- after generate secret agreement handle using private key , other party public key using api bcryptsecretagreement
6- secret key using api bcryptderivekey
am missing because master key not correct.
i guess depends on parameters passing bcryptderivekey. should specify tls 1.2 pseudorandom function in parameters based on sha256 , not on md5 , sha1 tls 1.1 / dtls 1.0.
Comments
Post a Comment