From stephen.farrell at cs.tcd.ie Tue May 21 20:41:49 2024 From: stephen.farrell at cs.tcd.ie (Stephen Farrell) Date: Tue, 21 May 2024 21:41:49 +0100 Subject: [ech] ECH-PR comments and a question Message-ID: <8dfca324-c900-4af1-a2f1-32245a4e3520@cs.tcd.ie> Hi all, I'm finally starting to get some substantive comments on the ECH-PR, [1] which is great. Please do jump in and send yours! (The more the merrier from my POV and its easier to make a set of changes over a short duration rather than have big gaps between changes.) One of the comments raised an issue for which I've not yet figured out a good answer so I wondered if anyone here has any advice that might help. What I'd like to do is make a test that injects an ECH extension into a TLSv1.2 client hello to check that an ECH-enabled (and configured) server handles that out-of-spec combination correctly. The code in the PR of course provides no way to emit a TLSv1.2 CH containing an ECH, so what I tried was to create a TLSv1.2 connection and add an ECH via the custom extension handler. But the code still detected that as there's a check that nobody adds an extension type that is built-in via the custom exts APIs. So, for now, I've just #define'd a symbol that when defined omits that last check and runs the test code. (That's in this commit. [2]). Question: any ideas for a better way to do this so that the TLSv1.2 session with an ECH-enabled (and configured) server succeeds? Ta, S. [1] https://github.com/openssl/openssl/pull/22938 [2] https://github.com/sftcd/openssl/commit/f22a83085425d1177884cc8927bec161814bf8a3 -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_0xE4D8E9F997A833DD.asc Type: application/pgp-keys Size: 1197 bytes Desc: OpenPGP public key URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_signature.asc Type: application/pgp-signature Size: 236 bytes Desc: OpenPGP digital signature URL: