Add set_ticket_key_callback (SSL_CTX_set_tlsext_ticket_key_cb) #330
Conversation
Add a wrapper for the `SSL_CTX_set_tlsext_ticket_key_cb`, which allows consumers to configure the EVP_CIPHER_CTX and HMAC_CTX used for encrypting/decrypting session tickets. See https://docs.openssl.org/1.0.2/man3/SSL_CTX_set_tlsext_ticket_key_cb/ for more details.
boring/src/ssl/mod.rs
Outdated
| /// # Note | ||
| /// | ||
| /// This is a decryption specific status code. | ||
| DecryptTicketUnrecognized, |
There was a problem hiding this comment.
Technically decryption can fail due to a server-side issue, so might be better to name this variant DecryptTicketFailed
There was a problem hiding this comment.
In this mode, callback returns -1 to abort the handshake, 0 if the ticket key was unrecognized, and 1 or 2 on success. If it returns 2, the ticket will be renewed.
I got unrecognized wording from the boring docs and took it to mean that the server couldn't find the ticket when it tried to lookup the key_name in its store. Shouldn't a server-side issue be an Error?
In this mode, callback returns 1 on success, 0 to decline sending a ticket, and -1 on error.
Also since we are on an older version of boring, the "0 to decline sending a ticket" code doesn't apply to our version yet. Once we upgrade, this name should be change to be less Decrypting specific. I am not familiar how liberally we handle breaking changes in this repo and wonder if we should rename this to be more future proof?
There was a problem hiding this comment.
Yeah interestingly boringssl changed the documentation and added support for ejecting from encryption during the callback ~4 months ago
Boringssl breaks its API at will, but we follow semver for our public API, so it's best to future-proof as much as possible
There was a problem hiding this comment.
| #[cfg(feature = "rpk")] | ||
| assert!(!self.is_rpk, "This API is not supported for RPK"); |
There was a problem hiding this comment.
I copied this from the other callbacks and not sure if it applies here. What is RPK and does it apply for this callback?
There was a problem hiding this comment.
RPK is raw public keys (https://datatracker.ietf.org/doc/html/rfc7250), it's fine to leave these callbacks unimplemented there
toidiu
force-pushed
the
toidiu/ticket_key_callback
branch
from
5a54a4d to
28f7678
Compare
Add a wrapper for the
SSL_CTX_set_tlsext_ticket_key_cb, which allows consumers to configure the EVP_CIPHER_CTX and HMAC_CTX used for encrypting/decrypting session tickets.See https://docs.openssl.org/1.0.2/man3/SSL_CTX_set_tlsext_ticket_key_cb/ for more details.