Provide QUIC encryption levels.

QUIC wants to know what "encryption level" handshake messages should be
sent at. Provide an ssl_encryption_level_t enum (via BoringSSL) that
defines these (of course quictls decided to make this an
OSSL_ENCRYPTION_LEVEL typedef, so provide that as well).

Wire these through to tls13_record_layer_set_{read,write}_traffic_key() so
that they can be used in upcoming commits.

ok tb@

1 files changed, 5 insertions, 3 deletions

diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c
index 8d0e030b5a..9d62479f15 100644
--- a/src/lib/libssl/tls13_lib.c
+++ b/src/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: tls13_lib.c,v 1.67 2022/07/20 06:32:24 jsing Exp $ */
+/*      $OpenBSD: tls13_lib.c,v 1.68 2022/07/24 14:16:29 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -230,7 +230,8 @@ tls13_phh_update_read_traffic_secret(struct tls13_ctx *ctx)
                         return 0;
         }
 
-        return tls13_record_layer_set_read_traffic_key(ctx->rl, secret);
+        return tls13_record_layer_set_read_traffic_key(ctx->rl,
+            secret, ssl_encryption_application);
 }
 
 static int
@@ -249,7 +250,8 @@ tls13_phh_update_write_traffic_secret(struct tls13_ctx *ctx)
                         return 0;
         }
 
-        return tls13_record_layer_set_write_traffic_key(ctx->rl, secret);
+        return tls13_record_layer_set_write_traffic_key(ctx->rl,
+            secret, ssl_encryption_application);
 }
 
 /*