From 371abcf7180358640b69afa3403b849e47bb9164 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Thu, 2 Jul 2020 02:11:53 +0200
Subject: [PATCH] Add key material export method

---
 src/ssl.c | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

diff --git a/src/ssl.c b/src/ssl.c
index 642272a..0a1a92e 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -671,6 +671,42 @@ static int meth_getpeerfinished(lua_State *L)
   return 1;
 }
 
+/**
+ */
+static int meth_exportkeyingmaterial(lua_State *L)
+{
+	p_ssl ssl = (p_ssl)luaL_checkudata(L, 1, "SSL:Connection");
+
+	if(ssl->state != LSEC_STATE_CONNECTED) {
+		lua_pushnil(L);
+		lua_pushstring(L, "closed");
+		return 0;
+	}
+
+	size_t llen = 0;
+	const char *label = luaL_checklstring(L, 2, &llen);
+	int olen = luaL_checkinteger(L, 3);
+	size_t contextlen = 0;
+	const unsigned char *context = NULL;
+
+	if(!lua_isnoneornil(L, 4)) {
+		const unsigned char *context = (unsigned char *)luaL_checklstring(L, 4, &contextlen);
+	}
+
+	/* temporary buffer memory-managed by Lua itself */
+	unsigned char *out = lua_newuserdata(L, olen);
+
+	if(SSL_export_keying_material(ssl->ssl, out, olen, label, llen, context, contextlen, context != NULL) != 1) {
+		lua_pushnil(L);
+		/* Could not find whether OpenSSL keeps any details anywhere */
+		lua_pushstring(L, "error exporting keying material");
+		return 2;
+	}
+
+	lua_pushlstring(L, (char *)out, olen);
+	return 1;
+}
+
 /**
  * Object information -- tostring metamethod
  */
@@ -876,6 +912,7 @@ static luaL_Reg methods[] = {
   {"getpeerchain",        meth_getpeerchain},
   {"getpeerverification", meth_getpeerverification},
   {"getpeerfinished",     meth_getpeerfinished},
+  {"exportkeyingmaterial",meth_exportkeyingmaterial},
   {"getsniname",          meth_getsniname},
   {"getstats",            meth_getstats},
   {"setstats",            meth_setstats},