[openssl-users] session resumption tls1.2/tls1.3

Neetish Pathak npathak2 at ncsu.edu
Fri Jul 14 19:18:02 UTC 2017

On Fri, Jul 14, 2017 at 2:54 AM, Matt Caswell <matt at openssl.org> wrote:

> On 13/07/17 23:52, Neetish Pathak wrote:
> > Hi All,
> > Help with these queries please,
> >
> > 1) Is it possible to use external session files (with session info as
> > identifiers or tickets for out of band resumption) for session
> > resumption in TLS 1.2. Does it need some kind of callback like the way
> > it is used in TLS 1.3  with (SSL_set_psk_find_session_callback) /
> > SSL_set_psk_use_session_callback
> I'm not entirely clear what you're asking here. The callbacks you
> mention are for setting up an external PSK in TLSv1.3. In TLSv1.3 we use
> an SSL_SESSION object to encapsulate the PSK details. This is different
> to session resumption, where the server sends the session details in a
> NewSessionTicket message in one connection, so that we can "resume" it
> in a later connection.
> So if your question is really "can you external session files for PSK in
> TLSv1.2" then the answer is no. PSK works completely differently in
> TLSv1.2.

Thanks Matt, Apologies for ambiguity in the question

What I mean to ask is it possible to use out of band resumption in TLS 1.2?
How I perform the resumption in my programs using TLS 1.2 is as follows :
1)  Connect client to the server  for the first time
2) when the server sends session id or tickets as the case may be,
new_session_callback is invoked on the client side and I save the session
in a pem file using PEM_write_bio_SSL_SESSION
3)Now when connecting client to the server next time, I read the session
from the pem file and set using SSL_set_session.
4)Session resumption is initiated from the client side and the server works
as expected since it had been caching the session and was not killed.

I observe that the second connection (and subsequent connections) takes
place using resumption. As per my understanding, this is called in-band

Now my question is if, I kill the server. I re-initialze the server and
want to use the session(pem) file to connect to the server (this is a fresh
connection which should take place using resumption).
In that case, I will need to set the session on both the ends right? Is
this approach correct? In that case, how should one implement it.
This is out-of-band resumption for TLS 1.2 as per my understanding.
Please correct me if I am wrong

Best Regards,


> > 2) In TLS 1.3, is early data not enabled for out of band PSK session
> > resumption. Is it only possible with in-band session resumption.
> > SSL_write_early_data always fails when I load a session from a session
> > file to perform external PSK resumption before sending the session data.
> > For in-band resumption it succeeds.
> Currently we only support early-data for ticket based resumption. You
> cannot do it with an external PSK. However this PR (which is currently
> going through review) will add that capability:
> https://github.com/openssl/openssl/pull/3926
> Matt
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170714/eb34dcc5/attachment-0001.html>

More information about the openssl-users mailing list