1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ 2 /* 3 * This file is PRIVATE to SSL. 4 * 5 * This Source Code Form is subject to the terms of the Mozilla Public 6 * License, v. 2.0. If a copy of the MPL was not distributed with this 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 8 9 #ifndef __tls13psk_h_ 10 #define __tls13psk_h_ 11 12 /* 13 * Internally, we have track sslPsk pointers in three locations: 14 * 1) An external PSK can be configured to the socket, in which case ss->psk will hold an owned reference. 15 * For now, this only holds one external PSK. The value will persist across handshake restarts. 16 * 2) When a handshake begins, the ss->psk value is deep-copied into ss->ssl3.hs.psks, which may also hold 17 * a resumption PSK. This is essentially a priority-sorted list (where a resumption PSK has higher 18 * priority than external), and we currently only send one PskIdentity and binder. 19 * 3) During negotiation, ss->xtnData.selectedPsk will either be NULL or it will hold a non-owning refernce 20 * to the PSK that has been (or is being) negotiated. 21 */ 22 23 /* Note: When holding a resumption PSK: 24 * 1. |hash| comes from the original connection. 25 * 2. |label| is ignored: The identity sent in the pre_shared_key_xtn 26 * comes from ss->sec.ci.sid->u.ssl3.locked.sessionTicket. 27 */ 28 struct sslPskStr { 29 PRCList link; 30 PK11SymKey *key; /* A raw PSK. */ 31 PK11SymKey *binderKey; /* The binder key derived from |key|. |key| is NULL after derivation. */ 32 SSLPskType type; /* none, resumption, or external. */ 33 SECItem label; /* Label (identity) for an external PSK. */ 34 SSLHashType hash; /* A hash algorithm associated with a PSK. */ 35 ssl3CipherSuite zeroRttSuite; /* For EPSKs, an explicitly-configured ciphersuite for 0-Rtt. */ 36 PRUint32 maxEarlyData; /* For EPSKs, a limit on early data. Must be > 0 for 0-Rtt. */ 37 }; 38 39 SECStatus SSLExp_AddExternalPsk(PRFileDesc *fd, PK11SymKey *psk, const PRUint8 *identity, 40 unsigned int identitylen, SSLHashType hash); 41 42 SECStatus SSLExp_AddExternalPsk0Rtt(PRFileDesc *fd, PK11SymKey *psk, const PRUint8 *identity, 43 unsigned int identitylen, SSLHashType hash, 44 PRUint16 zeroRttSuite, PRUint32 maxEarlyData); 45 46 SECStatus SSLExp_RemoveExternalPsk(PRFileDesc *fd, const PRUint8 *identity, unsigned int identitylen); 47 48 sslPsk *tls13_CopyPsk(sslPsk *opsk); 49 50 void tls13_DestroyPsk(sslPsk *psk); 51 52 void tls13_DestroyPskList(PRCList *list); 53 54 sslPsk *tls13_MakePsk(PK11SymKey *key, SSLPskType pskType, SSLHashType hashType, const SECItem *label); 55 56 SECStatus tls13_ResetHandshakePsks(sslSocket *ss, PRCList *list); 57 58 #endif 59