pyca · kelbyludwig · Aug 26, 2017 · Sep 9, 2017 · Oct 23, 2017 · Oct 23, 2017
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
@@ -1941,6 +1941,31 @@ def master_key(self):
         _lib.SSL_SESSION_get_master_key(session, outp, length)
         return _ffi.buffer(outp, length)[:]
 
+    def export_keying_material(self, label, olen, context=None):
+        """
+        Obtain keying material for application use.
+
+        :param label - a disambiguating label string as described in RFC 5705
+        :param olen - the length of the exported key material in bytes
+        :param context - a per-association context value
+        :return the exported key material bytes or None
+        """
+        outp = _no_zero_allocator("unsigned char[]", olen)
+        # RFC 5705: "Labels here have the same definition as in TLS, i.e., an
+        # ASCII string with no terminating NULL."
+        # So we must remove the NULL terminator.
+        label_buf = _ffi.new("char[]", label)[0:len(label)]
+        context_buf, context_len, use_context, success = _ffi.NULL, 0, 0, 0
+        if context is not None:
+            context_buf = _ffi.new("unsigned char[]", context)
+            context_len = len(context)
+            use_context = 1
+        success = _lib.SSL_export_keying_material(self._ssl, outp, olen,
+                                                  label_buf, len(label),
+                                                  context_buf, context_len,
+                                                  use_context)
+        return _ffi.buffer(outp, olen)[:] if success == 1 else None
+
     def sock_shutdown(self, *args, **kwargs):
         """
         See shutdown(2)

diff --git a/tests/test_ssl.py b/tests/test_ssl.py
@@ -3354,6 +3354,21 @@ def test_memory_connect(self):
         assert server_conn.client_random() != server_conn.server_random()
         assert client_conn.client_random() != client_conn.server_random()
 
+        # Export key material for other uses.
+        cekm = client_conn.export_keying_material(b'LABEL', 32)
+        sekm = server_conn.export_keying_material(b'LABEL', 32)
+        assert cekm is not None
+        assert sekm is not None
+        assert cekm == sekm
+        assert len(sekm) == 32
+
+        # Export key material for other uses with additional context.
+        cekmc = client_conn.export_keying_material(b'LABEL', 32, b'CONTEXT')
+        sekmc = server_conn.export_keying_material(b'LABEL', 32, b'CONTEXT')
+        assert cekmc is not None
+        assert sekmc is not None
+        assert cekmc == sekmc
+
         # Here are the bytes we'll try to send.
         important_message = b'One if by land, two if by sea.'
 

diff --git a/tox.ini b/tox.ini
@@ -10,7 +10,7 @@ extras =
 deps =
     coverage>=4.2
     cryptographyMaster: git+https://github.com/pyca/cryptography.git
-    cryptographyMinimum: cryptography<=1.9
+    cryptographyMinimum: cryptography<=2.1
 setenv =
     # Do not allow the executing environment to pollute the test environment
     # with extra packages.