Add SSL_SESSION_get_master_key. Opaquifying SSL_SESSION is less important than the other structs, but this will cause less turbulence in wpa_supplicant if we add this API too. Semantics and name taken from OpenSSL 1.1.0 to match. BUG=6 Change-Id: Ic39f58d74640fa19a60aafb434dd2c4cb43cdea9 Reviewed-on: https://boringssl-review.googlesource.com/7725 Reviewed-by: Adam Langley <agl@google.com>

commit: 818aff01fb41b1e46aed9b9ec3bcfc76ae6cf0dd [log] [tgz]
author: David Benjamin <davidben@google.com> Thu Apr 21 16:58:49 2016 -0400
committer: Adam Langley <agl@google.com> Thu Apr 21 21:14:36 2016 +0000
tree: 8b40d81c8701a1df2ac3317c720f16015a92dd28
parent: 7fadfc6135aecb4ae44543bf94950593979c3547 [diff] [blame]
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 26e504d..7cb12f1 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h

@@ -1496,6 +1496,12 @@
  * TODO(davidben): This should return a const X509 *. */
 OPENSSL_EXPORT X509 *SSL_SESSION_get0_peer(const SSL_SESSION *session);
 
+/* SSL_SESSION_get_master_key writes up to |max_out| bytes of |session|'s master
+ * secret to |out| and returns the number of bytes written. If |max_out| is
+ * zero, it returns the size of the master secret. */
+OPENSSL_EXPORT size_t SSL_SESSION_get_master_key(const SSL_SESSION *session,
+                                                 uint8_t *out, size_t max_out);
+
 /* SSL_SESSION_set_time sets |session|'s creation time to |time| and returns
  * |time|. This function may be useful in writing tests but otherwise should not
  * be used. */
commit	818aff01fb41b1e46aed9b9ec3bcfc76ae6cf0dd	[log] [tgz]
author	David Benjamin <davidben@google.com>	Thu Apr 21 16:58:49 2016 -0400
committer	Adam Langley <agl@google.com>	Thu Apr 21 21:14:36 2016 +0000
tree	8b40d81c8701a1df2ac3317c720f16015a92dd28
parent	7fadfc6135aecb4ae44543bf94950593979c3547 [diff] [blame]