Add user-defined argument in TLS 1.3 External PSK callback

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Add user-defined argument in TLS 1.3 External PSK callback

OpenSSL - User mailing list
Hi,

For my project, I need to perform a external PSK mode TLS 1.3 handshake. As per the documentation, I am setting up a callback on client my SSL object using the following:

SSL_set_psk_use_session_callback(ssl, psk_use_session_cb_func)

and the callback's formal arguments are:

typedef int (*SSL_psk_use_session_cb_func)(SSL *ssl, const EVP_MD *md,
                                            const unsigned char **id,
                                            size_t *idlen,
                                            SSL_SESSION **sess);


Currently, the psk_use_session_cb_func() contains a hardcoded PSK and identity value. However, I want to send an extra argument (preferably a custom struct) to this callback that will contain the pre-shared key and identity (ideally read from a config file). Is there any way this can be achieved?

PS: I also need to do it on the server using the find_session callback.

Thanks,
Brandon




Reply | Threaded
Open this post in threaded view
|

Re: Add user-defined argument in TLS 1.3 External PSK callback

Matt Caswell-2


On 16/04/2020 00:12, brandon.murphy1996 via openssl-users wrote:
> Currently, the psk_use_session_cb_func() contains a hardcoded PSK and
> identity value. However, I want to send an extra argument (preferably
> a custom struct) to this callback that will contain the pre-shared
> key and identity (ideally read from a config file). Is there any way
> this can be achieved?

You could store "ex_data" on the SSL object using SSL_set_ex_data():

https://www.openssl.org/docs/man1.1.1/man3/SSL_set_ex_data.html


Matt