Construct the ticket_early_data_info extension (3fc8d856) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

include/openssl/ssl.h

+6 −0

Original line number	Diff line number	Diff line
		@@ -797,6 +797,11 @@ void SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SSL_CTX_keylog_cb_func cb);
		*/
		SSL_CTX_keylog_cb_func SSL_CTX_get_keylog_callback(const SSL_CTX *ctx);

		int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
		uint32_t SSL_CTX_get_max_early_data(SSL_CTX *ctx);
		int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
		uint32_t SSL_get_max_early_data(SSL_CTX *s);

		#ifdef __cplusplus
		}
		#endif
		@@ -2355,6 +2360,7 @@ int ERR_load_SSL_strings(void);
		# define SSL_F_TLS_CONSTRUCT_STOC_CERTIFICATE 374
		# define SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG 452
		# define SSL_F_TLS_CONSTRUCT_STOC_DONE 375
		# define SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA_INFO 525
		# define SSL_F_TLS_CONSTRUCT_STOC_EC_PT_FORMATS 453
		# define SSL_F_TLS_CONSTRUCT_STOC_EMS 454
		# define SSL_F_TLS_CONSTRUCT_STOC_ETM 455

+1 −0

Original line number	Diff line number	Diff line
		@@ -180,6 +180,7 @@ extern "C" {
		# define TLSEXT_TYPE_psk 41
		# define TLSEXT_TYPE_supported_versions 43
		# define TLSEXT_TYPE_psk_kex_modes 45
		# define TLSEXT_TYPE_early_data_info 46

		/* Temporary extension type */
		# define TLSEXT_TYPE_renegotiate 0xff01

+2 −0

Original line number	Diff line number	Diff line
		@@ -357,6 +357,8 @@ static ERR_STRING_DATA SSL_str_functs[] = {
		{ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG),
		"tls_construct_stoc_cryptopro_bug"},
		{ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_DONE), "TLS_CONSTRUCT_STOC_DONE"},
		{ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA_INFO),
		"tls_construct_stoc_early_data_info"},
		{ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_EC_PT_FORMATS),
		"tls_construct_stoc_ec_pt_formats"},
		{ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_EMS), "tls_construct_stoc_ems"},

+25 −0

Original line number	Diff line number	Diff line
		@@ -551,6 +551,7 @@ SSL SSL_new(SSL_CTX ctx)
		s->mode = ctx->mode;
		s->max_cert_list = ctx->max_cert_list;
		s->references = 1;
		s->max_early_data = ctx->max_early_data;

		/*
		* Earlier library versions used to copy the pointer to the CERT, not
		@@ -4657,3 +4658,27 @@ int bytes_to_cipher_list(SSL s, PACKET cipher_suites,
		sk_SSL_CIPHER_free(scsvs);
		return 0;
		}

		int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data)
		{
		ctx->max_early_data = max_early_data;

		return 1;
		}

		uint32_t SSL_CTX_get_max_early_data(SSL_CTX *ctx)
		{
		return ctx->max_early_data;
		}

		int SSL_set_max_early_data(SSL *s, uint32_t max_early_data)
		{
		s->max_early_data = max_early_data;

		return 1;
		}

		uint32_t SSL_get_max_early_data(SSL_CTX *s)
		{
		return s->max_early_data;
		}

+7 −0

Original line number	Diff line number	Diff line
		@@ -922,6 +922,9 @@ struct ssl_ctx_st {
		* Wireshark. The callback should log `line` followed by a newline.
		*/
		SSL_CTX_keylog_cb_func keylog_callback;

		/* The maximum number of bytes that can be sent as early data */
		uint32_t max_early_data;
		};

		struct ssl_st {
		@@ -1218,6 +1221,9 @@ struct ssl_st {
		ASYNC_WAIT_CTX *waitctx;
		size_t asyncrw;

		/* The maximum number of bytes that can be sent as early data */
		uint32_t max_early_data;

		CRYPTO_RWLOCK *lock;
		};

		@@ -1724,6 +1730,7 @@ typedef enum tlsext_index_en {
		TLSEXT_IDX_renegotiate,
		TLSEXT_IDX_server_name,
		TLSEXT_IDX_srp,
		TLSEXT_IDX_early_data_info,
		TLSEXT_IDX_ec_point_formats,
		TLSEXT_IDX_supported_groups,
		TLSEXT_IDX_session_ticket,