[openssl-users] SSL_CTX_set_tlsext_ticket_key_cb - creating a valid ctx and hmac ctx in callback.

Henderson, Karl KHenderson at verisign.com
Tue Apr 3 15:00:48 UTC 2018

I know there may be a million reasons people can tell me not to do this, but for some dome code, I need to have a client contact a server with an RFC5077 ticket (not one previously sent from the server) with a propriety payload in the IV. I’d like to use the key_name in the ticket to get a key. And then I’d like to use this and create a valid context and hmac so that I can have a 0-RTT startup.


Are there any good examples on how this might be done?


Note, I’m running 1.1.0 with opaqueness, so I’ll need to use CTX accessor functions.






-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180403/6d8bb5e3/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5263 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180403/6d8bb5e3/attachment.bin>

More information about the openssl-users mailing list