diff options
| author | Aniketh01 <anikethgireesh@gmail.com> | 2019-10-03 12:12:10 +0530 |
|---|---|---|
| committer | Daiki Ueno <dueno@redhat.com> | 2019-12-01 18:32:33 +0100 |
| commit | 51eed2631d3e216b0fe4a56a713f4665dbfe1c5c (patch) | |
| tree | 4c0293c452bddb5b7dcc46c81b24ad5879841ace /lib/quic-api.c | |
| parent | 25ae05fdc0e5627b6e53c17c2c55a987117d9cfb (diff) | |
| download | gnutls-tmp-secret-hook.tar.gz | |
gnutls_session_set_secret_hook_function: new functiontmp-secret-hook
This adds a callback to get notified when a new traffic secret is
set. This is particularly useful with QUIC, where the QUIC
implementations calculate actual traffic keys from the TLS secrets.
Signed-off-by: Aniketh01 <anikethgireesh@gmail.com>
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Diffstat (limited to 'lib/quic-api.c')
| -rw-r--r-- | lib/quic-api.c | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/lib/quic-api.c b/lib/quic-api.c new file mode 100644 index 0000000000..31908ac507 --- /dev/null +++ b/lib/quic-api.c @@ -0,0 +1,63 @@ +/* + * Copyright (C) 2019 Free Software Foundation, Inc. + * + * Author: Aniketh Girish + * + * This file is part of GnuTLS. + * + * The GnuTLS is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * as published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program. If not, see <https://www.gnu.org/licenses/> + * + */ + +/* This file contains TLS API for QUIC protocol related types, prototypes and includes. + */ + +#include "gnutls_int.h" +#include "quic.h" +#include <gnutls/gnutls.h> + + +/** + * gnutls_session_set_secret_hook_function: + * @session: is #gnutls_session_t type + * @func: is the function to be called + * + * This function will set a callback to be called when a new traffic + * secret is installed. The callback will only be called when TLS 1.3 + * or later is negotiated. + * + * Since: 3.6.11 + */ +void +gnutls_session_set_secret_hook_function(gnutls_session_t session, + gnutls_secret_hook_func func) +{ + session->internals.secret_hook = func; +} + +void +_gnutls_call_secret_hook_func(gnutls_session_t session, + gnutls_encryption_level_t level, + unsigned int sender, + const uint8_t *secret, + size_t secret_size) +{ + if (session->internals.secret_hook != NULL) { + unsigned int incoming = + sender != session->security_parameters.entity; + gnutls_datum_t data = {(void*)secret, secret_size}; + + session->internals.secret_hook(session, level, incoming, &data); + } +} |