[TLS 1.3] Extend CredentialsManager for upcoming TLS 1.3 PSK#3622
Merged
randombit merged 3 commits intorandombit:masterfrom Jul 18, 2023
Merged
[TLS 1.3] Extend CredentialsManager for upcoming TLS 1.3 PSK#3622randombit merged 3 commits intorandombit:masterfrom
randombit merged 3 commits intorandombit:masterfrom
Conversation
Merged
reneme
commented
Jul 11, 2023
Collaborator
Author
reneme
left a comment
There was a problem hiding this comment.
Self-review for tomorrow.
This introduces new explicit methods for the session ticket key, the DTLS hello cookie and a more generic PSK search method. The existing psk() method now has a default implementation that orchestrates the new methods via the `context` and `type` parameters just like before. Co-Authored-By: Fabian Albert <fabian.albert@rohde-schwarz.com>
21efe5b to
8d1c89c
Compare
randombit
approved these changes
Jul 17, 2023
|
|
||
| // New applications should use the appropriate credentials methods. This is a | ||
| // retrofit of the behaviour before Botan 3.2.0 and will be removed in a | ||
| // future major release. |
Owner
There was a problem hiding this comment.
We should note this in doc/deprecated.rst
Collaborator
Author
There was a problem hiding this comment.
Done: c575c31
Please merge at will, if the text in doc/deprecated.rst is sufficient.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This attempts to step away from the generic
Credentials_Manager::psk()method that is parameterized withtypeandcontext. Instead, the class now has dedicated getter-methods for the specific keys it manages.Credentials_Manager::session_ticket_key()Credentials_Manager::dtls_cookie_secret()Credentials_Manager::find_preshared_keys()The TLS 1.2 implementation keeps using the
::psk()method as before -- so existing applications that override it will continue to work as before. We think, dedicated methods for specific artefacts is much more on-par with the other TLS dependency classes (e.g.CallbacksandPolicy). Additionally, its easier to understand the API like that.New applications can make use of the added default implementation of
::psk()that orchestrates the new dedicated methods as shown in the table above. With Botan 4.0 the::psk()method should probably disappear entirely. (AndCredentials_Managershould perhaps move into theTLSnamespace.)The new methods
find_preshared_keys()andchoose_preshared_key()take into account that one can offer multiple PSKs in a TLS 1.3 Client Hello. The server then gets to choose which PSK it wants to negotiate with.Given that TLS 1.2 pre-negotiates a singular PSK identity prior to actually requesting the actual PSK-value, it can benefit from the same
find_preshared_keys()(through the legacypsk()). If exactly one PSK identity is requested, it should be guaranteed that at most one PSK is returned byfind_preshared_keys().The actual TLS 1.3 PSK implementation will come in a follow-up.