[gnutls-devel] GnuTLS | Support QUIC TLS API (#826)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Fri Sep 6 12:03:50 CEST 2019
Daiki Ueno commented:
> (1) https://github.com/openssl/openssl/pull/8797/ (2) https://github.com/tatsuhiro-t/openssl/tree/quic-draft-22
Thank you. Looks like (1) is more up to date than (2) and in fact [the draft-22 branch of ngtcp2](https://github.com/ngtcp2/ngtcp2/blob/draft-22/examples/client.cc#L2114) is assuming [the API from (1)](https://github.com/openssl/openssl/pull/8797/files?short_path=cfb0d9d#diff-cfb0d9dad7f909619348dc0758d9f300).
So we basically would need the following things:
1. a callback to notify the key (epoch) change
2. a callback to write a Handshake messsage, when it is being sent
3. a callback to write an Alert messasge, when it is being sent
4. a callback to flush the message - not sure if this is really needed in GnuTLS
5. a function to push data received from the peer to the TLS layer
I guess (1) would be quite straightforward. Would you like to start with it? Basically you would need to hook the callback where new traffic keys are set, e.g.,:
https://gitlab.com/gnutls/gnutls/blob/master/lib/constate.c#L379
See also the NSS design document linked from my first comment.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/826#note_213450784
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190906/07d5ba58/attachment.html>
More information about the Gnutls-devel
mailing list