Open Bug 2046805 Opened 1 day ago Updated 1 day ago

Add option to disable wrapping exported Session Tickets

Categories

(NSS :: Libraries, enhancement, P1)

Product:
NSS
Component:
Libraries
Type:
enhancement

Tracking

(Not tracked)

People

(Reporter: djackson, Assigned: djackson)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

Bug 2046805 - Add SSL_EnablePlaintextResumptionExport experimental API r=#nss-reviewers
48 bytes, text/x-phabricator-request
Details | Review

NSS currently wraps session tickets with a locally held secret before exposing them to an external cache. We should provide an option to disable this and handle the encryption at the cache layer in Firefox instead.

Adds a per-socket opt-in that switches the resumption-token format
delivered to SSLResumptionTokenCallback from the default slot-wrapped
form (version byte 2) to a plaintext form (version byte 3) in which the
resumption master secret is written as raw bytes. The embedder takes
responsibility for at-rest confidentiality of the exported token; the
in-memory client SID cache is unchanged.

On import, v3 tokens are re-wrapped into the receiving NSS slot so the
rest of the resumption machinery sees a normal sid. Both formats remain
readable by SSL_SetResumptionToken and SSL_GetResumptionTokenInfo
regardless of the setting.

The TlsConnectGenericResumptionToken and TlsConnectTls13ResumptionToken
gtest fixtures are parameterized on plaintext_export so the existing
resumption-token suite runs in both modes.

Blocks: 2046812
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: