Does SChannel support key update requests for TLS v1.3?

Question

How can I request a key update on a TLS v1.3 connection implemented with Win32's SChannel?

In other words, what is the Win32 function that provides similar functionality as SSL_key_update() in OpenSSL?

I did not find any useful information in the Win32 documentation. It seems to suggest that InitializeSecurityContext() (client side) or AcceptSecurityContext() (server side) may provide this functionality, but when I call this with the current security context as suggested in Renegotiating an Schannel Connection, I get SEC_E_OK but no data is returned that I could send to the other side. And I see no flag/parameter where I could specify the update type, as in SSL_key_update.

Answer 1

NO. If providing the same phCredential as for the initial handshake, What do you want to update? As Renegotiating an Schannel Connection you attached said,

1. Update credentials if applicable and/or context attributes.
2. EncryptMessage the generated PSecBufferDesc pOutput.
3. Send the Encrypted data to the other side.
4. the other side DecryptMessage which return SEC_I_RENEGOTIATE the data.
5. the other side return to the negotiation loop and call AcceptSecurityContext (Schannel) or InitializeSecurityContext (Schannel), pass SECBUFFER_EXTRA returned from DecryptMessage()