You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are implementing TLS 1.3 Server & Client wihtin our application using OpenSSL 3.1.0
using the callback pair SSL_CTX_set_psk_use_session_callback & SSL_CTX_set_psk_find_session_callback
to set up PSK sessions with externally established PSKs.
But we could not find a suitable API functionality to configure a client to send multiple PSK identities
in the corresponding extension. the psk_use_session_callback only allows to set one
const unsigned char* id with size_t idlen
Did we miss something or is it possible that sending multiple psk ids is not yet supported by the library?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
According to the TLS 1.3 rfc8446 the client should be able to send a list of PSK Identities
within its Pre-Shared Key extension (https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.11).
We are implementing TLS 1.3 Server & Client wihtin our application using OpenSSL 3.1.0
using the callback pair SSL_CTX_set_psk_use_session_callback & SSL_CTX_set_psk_find_session_callback
to set up PSK sessions with externally established PSKs.
But we could not find a suitable API functionality to configure a client to send multiple PSK identities
in the corresponding extension. the psk_use_session_callback only allows to set one
const unsigned char* id with size_t idlen
Did we miss something or is it possible that sending multiple psk ids is not yet supported by the library?
Thanks in advance!
Kind regards
Tamec
Beta Was this translation helpful? Give feedback.
All reactions