Google Git
Sign in
boringssl / boringssl.git / 5b9860827f46c2cf5b620fefb3cda35f6c28318a^! / . / ssl / tls13_server.c
commit5b9860827f46c2cf5b620fefb3cda35f6c28318a[log] [tgz]
authorSteven Valdez <svaldez@google.com>Thu Sep 01 12:29:49 2016 -0400
committerCQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>Thu Oct 06 14:36:12 2016 +0000
treecea96ea91c9e20066068ba87e6a6484647703f11
parent5ecb88b95b7930c7b83f26a76ed13aeeb71de88a [diff] [blame]
Updating NewSessionTicket message and updating PSK to Draft 15.

BUG=77

Change-Id: Id8c45e98c4c22cdd437cbba1e9375239e123b261
Reviewed-on: https://boringssl-review.googlesource.com/10763
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/tls13_server.c b/ssl/tls13_server.c
index 53e5363..9e146e6 100644
--- a/ssl/tls13_server.c
+++ b/ssl/tls13_server.c

@@ -141,10 +141,8 @@
 
   uint16_t resumption_cipher;
   if (session != NULL &&
-      /* We currently only support ECDHE-PSK resumption. */
-      ((session->ticket_flags & SSL_TICKET_ALLOW_DHE_RESUMPTION) == 0 ||
-       /* Only resume if the session's version matches. */
-       session->ssl_version != ssl->version ||
+      /* Only resume if the session's version matches. */
+      (session->ssl_version != ssl->version ||
        !ssl_cipher_get_ecdhe_psk_cipher(session->cipher, &resumption_cipher) ||
        !ssl_client_cipher_list_contains_cipher(&client_hello,
                                                resumption_cipher))) {
@@ -556,22 +554,21 @@
                                                      SSL_HANDSHAKE *hs) {
   SSL_SESSION *session = ssl->s3->new_session;
   session->tlsext_tick_lifetime_hint = session->timeout;
-  session->ticket_flags = SSL_TICKET_ALLOW_DHE_RESUMPTION;
-  if (!RAND_bytes((uint8_t *)&session->ticket_age_add,
-                  sizeof(session->ticket_age_add))) {
-    return 0;
-  }
-  session->ticket_age_add_valid = 1;
 
-  CBB cbb, body, ticket;
+  /* TODO(svaldez): Add support for sending 0RTT through TicketEarlyDataInfo
+   * extension. */
+
+  CBB cbb, body, ke_modes, auth_modes, ticket;
   if (!ssl->method->init_message(ssl, &cbb, &body,
                                  SSL3_MT_NEW_SESSION_TICKET) ||
       !CBB_add_u32(&body, session->tlsext_tick_lifetime_hint) ||
-      !CBB_add_u32(&body, session->ticket_flags) ||
-      !CBB_add_u32(&body, session->ticket_age_add) ||
-      !CBB_add_u16(&body, 0 /* no ticket extensions */) ||
+      !CBB_add_u8_length_prefixed(&body, &ke_modes) ||
+      !CBB_add_u8(&ke_modes, SSL_PSK_DHE_KE) ||
+      !CBB_add_u8_length_prefixed(&body, &auth_modes) ||
+      !CBB_add_u8(&auth_modes, SSL_PSK_AUTH) ||
       !CBB_add_u16_length_prefixed(&body, &ticket) ||
       !ssl_encrypt_ticket(ssl, &ticket, session) ||
+      !CBB_add_u16(&body, 0 /* no ticket extensions */) ||
       !ssl->method->finish_message(ssl, &cbb)) {
     CBB_cleanup(&cbb);
     return ssl_hs_error;