Provide QUIC encryption levels.

QUIC wants to know what "encryption level" handshake messages should be sent at. Provide an ssl_encryption_level_t enum (via BoringSSL) that defines these (of course quictls decided to make this an OSSL_ENCRYPTION_LEVEL typedef, so provide that as well). Wire these through to tls13_record_layer_set_{read,write}_traffic_key() so that they can be used in upcoming commits. ok tb@
author: jsing <> 2022-07-24 14:16:29 +0000
committer: jsing <> 2022-07-24 14:16:29 +0000
commit: 8e1be2bf4fabd0e39f3d547284095e5c4610e056 (patch)
tree: 513bd66d8a8e45ea9b3a80cfdde2155254f69204 /src/lib/libssl/ssl.h
parent: a686a30b94111310bb722a43dfa16c498201047c (diff)
download: openbsd-8e1be2bf4fabd0e39f3d547284095e5c4610e056.tar.gz
openbsd-8e1be2bf4fabd0e39f3d547284095e5c4610e056.tar.bz2
openbsd-8e1be2bf4fabd0e39f3d547284095e5c4610e056.zip
1 files changed, 12 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 03e30441e0..14fb094e71 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.221 2022/07/17 14:49:01 jsing Exp $ */
+/* $OpenBSD: ssl.h,v 1.222 2022/07/24 14:16:29 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1577,6 +1577,17 @@ void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
 int SSL_CTX_get_security_level(const SSL_CTX *ctx);
 #if defined(LIBRESSL_HAS_QUIC) || defined(LIBRESSL_INTERNAL)
+/*
+ * ssl_encryption_level_t specifies the QUIC encryption level used to transmit
+ * handshake messages.
+ */
+typedef enum ssl_encryption_level_t {
+        ssl_encryption_initial = 0,
+        ssl_encryption_early_data,
+        ssl_encryption_handshake,
+        ssl_encryption_application,
+} OSSL_ENCRYPTION_LEVEL;
 int SSL_is_quic(const SSL *ssl);
 /*
author	jsing <>	2022-07-24 14:16:29 +0000
committer	jsing <>	2022-07-24 14:16:29 +0000
commit	8e1be2bf4fabd0e39f3d547284095e5c4610e056 (patch)
tree	513bd66d8a8e45ea9b3a80cfdde2155254f69204 /src/lib/libssl/ssl.h
parent	a686a30b94111310bb722a43dfa16c498201047c (diff)
download	openbsd-8e1be2bf4fabd0e39f3d547284095e5c4610e056.tar.gz openbsd-8e1be2bf4fabd0e39f3d547284095e5c4610e056.tar.bz2 openbsd-8e1be2bf4fabd0e39f3d547284095e5c4610e056.zip

diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h index 03e30441e0..14fb094e71 100644 --- a/src/lib/libssl/ssl.h +++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl.h,v 1.221 2022/07/17 14:49:01 jsing Exp $ */	1	/* $OpenBSD: ssl.h,v 1.222 2022/07/24 14:16:29 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1577,6 +1577,17 @@ void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
1577	int SSL_CTX_get_security_level(const SSL_CTX *ctx);	1577	int SSL_CTX_get_security_level(const SSL_CTX *ctx);
1578		1578
1579	#if defined(LIBRESSL_HAS_QUIC) \|\| defined(LIBRESSL_INTERNAL)	1579	#if defined(LIBRESSL_HAS_QUIC) \|\| defined(LIBRESSL_INTERNAL)
		1580	/*
		1581	* ssl_encryption_level_t specifies the QUIC encryption level used to transmit
		1582	* handshake messages.
		1583	*/
		1584	typedef enum ssl_encryption_level_t {
		1585	ssl_encryption_initial = 0,
		1586	ssl_encryption_early_data,
		1587	ssl_encryption_handshake,
		1588	ssl_encryption_application,
		1589	} OSSL_ENCRYPTION_LEVEL;
		1590
1580	int SSL_is_quic(const SSL *ssl);	1591	int SSL_is_quic(const SSL *ssl);
1581		1592
1582	/*	1593	/*