diff options
author | Kevin Jacobs <kjacobs@mozilla.com> | 2020-11-17 23:43:25 +0000 |
---|---|---|
committer | Kevin Jacobs <kjacobs@mozilla.com> | 2020-11-17 23:43:25 +0000 |
commit | 2bd4e6f231c8e7c262495fed7c147b4cc67c834c (patch) | |
tree | 8061769b2983efc148bd7c5e9336d0bb79820e4a /cpputil | |
parent | 0961c8ab43fc3d5b8a446364366628035a4a2240 (diff) | |
download | nss-hg-2bd4e6f231c8e7c262495fed7c147b4cc67c834c.tar.gz |
Bug 1654332 - Update ESNI to draft-08 (ECH). r=mt
This patch adds support for Encrypted Client Hello (draft-ietf-tls-esni-08), replacing the existing ESNI (draft -02) support.
There are five new experimental functions to enable this:
- SSL_EncodeEchConfig: Generates an encoded (not BASE64) ECHConfig given a set of parameters.
- SSL_SetClientEchConfigs: Configures the provided ECHConfig to the given socket. When configured, an ephemeral HPKE keypair will be generated for the CH encryption.
- SSL_SetServerEchConfigs: Configures the provided ECHConfig and keypair to the socket. The keypair specified will be used for HPKE operations in order to decrypt encrypted Client Hellos as they are received.
- SSL_GetEchRetryConfigs: If ECH is rejected by the server and compatible retry_configs are provided, this API allows the application to extract those retry_configs for use in a new connection.
- SSL_EnableTls13GreaseEch: When enabled, non-ECH Client Hellos will have a "GREASE ECH" (i.e. fake) extension appended. GREASE ECH is disabled by default, as there are known compatibility issues that will be addressed in a subsequent draft.
The following ESNI experimental functions are deprecated by this update:
- SSL_EncodeESNIKeys
- SSL_EnableESNI
- SSL_SetESNIKeyPair
In order to be used, NSS must be compiled with `NSS_ENABLE_DRAFT_HPKE` defined.
Differential Revision: https://phabricator.services.mozilla.com/D86106
Diffstat (limited to 'cpputil')
-rw-r--r-- | cpputil/tls_parser.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/cpputil/tls_parser.h b/cpputil/tls_parser.h index 6636b3c6a..41d760ed0 100644 --- a/cpputil/tls_parser.h +++ b/cpputil/tls_parser.h @@ -56,6 +56,7 @@ const uint8_t kTlsAlertUnsupportedExtension = 110; const uint8_t kTlsAlertUnrecognizedName = 112; const uint8_t kTlsAlertCertificateRequired = 116; const uint8_t kTlsAlertNoApplicationProtocol = 120; +const uint8_t kTlsAlertEchRequired = 121; const uint8_t kTlsFakeChangeCipherSpec[] = { ssl_ct_change_cipher_spec, // Type |