From 5ec50039927601005534460385bbe9206dcf7ad0 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 22 Jun 2021 13:41:56 +0100 Subject: [PATCH] Document the return type change in the migration guide Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.d/key-export.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/3.0-migration-guide.d/key-export.md b/docs/3.0-migration-guide.d/key-export.md index 967ecf87b..f8b3505b5 100644 --- a/docs/3.0-migration-guide.d/key-export.md +++ b/docs/3.0-migration-guide.d/key-export.md @@ -18,6 +18,10 @@ the previous key export API in the following ways: - A secret type parameter has been added to identify which key is being exported. For TLS 1.2, only the master secret is exported, but upcoming TLS 1.3 support will add other kinds of keys. +- The callback now specifies a void return type, rather than + returning an error code. It is the responsibility of the application + to handle failures in the key export callback, for example by + shutting down the TLS connection. For users which do not rely on raw keys and IV, adjusting to the new callback type should be straightforward - see the example programs