[ech] APIs for ECH

Stephen Farrell stephen.farrell at cs.tcd.ie
Sun Feb 5 22:58:59 UTC 2023


On 03/02/2023 22:20, Stephen Farrell wrote:
>>> int SSL_ech_set1_echconfig(
>>> int SSL_ech_set1_svcb(
>>> int SSL_CTX_ech_set1_echconfig(
>> Do we need both forms, echconfig and svcb?  Maybe a utility to parse 
>> SVCB into echconfig separately? 
> Fair point - one can argue these functions are doing a
> little bit too much. I'd be fine with splitting things
> as you suggest and actually now I think about it, it's
> a good suggestion - it should take any heuristic format
> guessing out of the mainstream and make for more useful
> test code, so I'll look into doing that unless someone
> thinks it's better as-is.

I took a stab at that and reckon I prefer the result, so
thanks for the suggestion!

I added an ``ossl_ech_find_echconfigs()`` that tries to
extract ECHConfig values from variously formatted strings
and simplified ``SSL_ech_set1_echconfig()``. (Still work
needed on the implementation of those - they work fine but
could be re-factored some.)

Updated API descriptions still at [1], and I'm all ears
for more comments/review!


-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE4D8E9F997A833DD.asc
Type: application/pgp-keys
Size: 1197 bytes
Desc: OpenPGP public key
URL: <https://mta.openssl.org/pipermail/ech/attachments/20230205/333251b5/attachment.asc>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://mta.openssl.org/pipermail/ech/attachments/20230205/333251b5/attachment.sig>

More information about the ech mailing list