diff options
author | Kevin Jacobs <kjacobs@mozilla.com> | 2021-01-25 17:42:03 +0000 |
---|---|---|
committer | Kevin Jacobs <kjacobs@mozilla.com> | 2021-01-25 17:42:03 +0000 |
commit | d841f5ce8ed0e775c21c8d56feb55e83dd733c41 (patch) | |
tree | ea915cd091aee604a4ce4560a589e483560910e8 /cmd | |
parent | e7e4a4a881bc28422834df5b5370a35cf21ba149 (diff) | |
download | nss-hg-d841f5ce8ed0e775c21c8d56feb55e83dd733c41.tar.gz |
Bug 1681585 - Update ECH to Draft-09. r=mt
This patch updates ECH implementation to draft-09. Changes of note are:
- Acceptance signal derivation is now based on the handshake secret.
- `config_id` hint changes from 32B to 8B, trial decryption added on the server.
- Duplicate code in HRR cookie handling has been consolidated into `tls13_HandleHrrCookie`.
- `ech_is_inner` extension is added, which causes a server to indicate ECH acceptance.
- Per the above, support signaling ECH acceptance when acting as a backend server in split-mode
(i.e. when there is no other local Encrypted Client Hello state).
Differential Revision: https://phabricator.services.mozilla.com/D101049
Diffstat (limited to 'cmd')
0 files changed, 0 insertions, 0 deletions