Add |SSL_key_update|.
This function allows a client to send a TLS 1.3 KeyUpdate message.
Change-Id: I69935253795a79d65a8c85b652378bf04b7058e2
Reviewed-on: https://boringssl-review.googlesource.com/c/33706
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/ssl/tls13_both.cc b/ssl/tls13_both.cc
index 6baeaf7..f6e359c 100644
--- a/ssl/tls13_both.cc
+++ b/ssl/tls13_both.cc
@@ -607,6 +607,25 @@
return true;
}
+bool tls13_add_key_update(SSL *ssl, int update_requested) {
+ ScopedCBB cbb;
+ CBB body_cbb;
+ if (!ssl->method->init_message(ssl, cbb.get(), &body_cbb,
+ SSL3_MT_KEY_UPDATE) ||
+ !CBB_add_u8(&body_cbb, update_requested) ||
+ !ssl_add_message_cbb(ssl, cbb.get()) ||
+ !tls13_rotate_traffic_key(ssl, evp_aead_seal)) {
+ return false;
+ }
+
+ // Suppress KeyUpdate acknowledgments until this change is written to the
+ // wire. This prevents us from accumulating write obligations when read and
+ // write progress at different rates. See RFC 8446, section 4.6.3.
+ ssl->s3->key_update_pending = true;
+
+ return true;
+}
+
static bool tls13_receive_key_update(SSL *ssl, const SSLMessage &msg) {
CBS body = msg.body;
uint8_t key_update_request;
@@ -625,21 +644,9 @@
// Acknowledge the KeyUpdate
if (key_update_request == SSL_KEY_UPDATE_REQUESTED &&
- !ssl->s3->key_update_pending) {
- ScopedCBB cbb;
- CBB body_cbb;
- if (!ssl->method->init_message(ssl, cbb.get(), &body_cbb,
- SSL3_MT_KEY_UPDATE) ||
- !CBB_add_u8(&body_cbb, SSL_KEY_UPDATE_NOT_REQUESTED) ||
- !ssl_add_message_cbb(ssl, cbb.get()) ||
- !tls13_rotate_traffic_key(ssl, evp_aead_seal)) {
- return false;
- }
-
- // Suppress KeyUpdate acknowledgments until this change is written to the
- // wire. This prevents us from accumulating write obligations when read and
- // write progress at different rates. See RFC 8446, section 4.6.3.
- ssl->s3->key_update_pending = true;
+ !ssl->s3->key_update_pending &&
+ !tls13_add_key_update(ssl, SSL_KEY_UPDATE_NOT_REQUESTED)) {
+ return false;
}
return true;
