Skip to content

[ech] rewrite ESNI to ECH draft 15 #437

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 110 commits into from
Dec 7, 2022
Merged

[ech] rewrite ESNI to ECH draft 15 #437

merged 110 commits into from
Dec 7, 2022

Conversation

@kazuho
Copy link
Member

@kazuho kazuho commented Nov 17, 2022
edited
Loading

  • implementation:
    • full handshake
    • resumption
    • HRR
    • retry_config
    • ech_required alert
  • test:
    • confirm interop (done with crypto.cloudflare.com)
    • add basic tests
    • add matrix of tests (incl. rejection, HRR)

kazuho
kazuho commented Nov 17, 2022
View reviewed changes
@huitema
Copy link
Collaborator

huitema commented Nov 30, 2022

@kazuho do you want me to take a look at the failures on the windows test, such as https://ci.appveyor.com/project/kazuho/picotls/builds/45518912/job/ujvonq5v0g948lh5?

@kazuho
Copy link
Member Author

kazuho commented Nov 30, 2022
edited
Loading

@huitema Thanks I would appreciate that!

With this PR, picotls-esni is no longer built (src/esni.c is removed), with the assumption being that we do not need to provide people tools for building ECHConfigList or SVCB / HTTPS resource records.

I think that the removal has to be done on MSVC side.

@kazuho kazuho marked this pull request as ready for review November 30, 2022 02:22
kazuho and others added 16 commits December 2, 2022 12:43
@kazuho
Merge branch 'master' into kazuho/ech
c6d52f3
@kazuho
Merge branch 'master' into kazuho/ech
e8fe79e
@huitema @kazuho
[msvc] remove picotls-esni
7470a50
@huitema @kazuho
explicit cast to suppress warning
398d39c
@huitema @kazuho
fix stuff that MSVC does not like
5bbd77b
@kazuho
use sprintf instead
ae30a2c
@kazuho
use bogus blob rather than adding one byte to only one of the variabl…
bf81477 
…es, as the latter could be confusing
@kazuho
Merge branch 'kazuho/ech-msvc' into kazuho/ech (reorganize & merge #449)
8758ee3
@kazuho
Merge branch 'master' into kazuho/ech
62c4bca
@kazuho
reflect the fact that the supported set of HPKE cipher-suites can be …
04dfe46 
…different between ECHConfigs
@kazuho
add API for encoding ECHConfig
347a32e
@kazuho
turn -E into a read-write file so that it can be used for storing r…
e6d9bd0 
…etry_configs
@kazuho
length of public_name field is 1-byte
113fb5d
@kazuho
immedaetly send alert and exit when ECH_REQUIRED is generated
8641129
@kazuho
send ECH_REQUIRED alert after Finished, as the draft suggests
8755654
@kazuho
update expected behavior following the change in the previous commit
444b745
@kazuho kazuho mentioned this pull request Dec 7, 2022
Merged
4 tasks
@kazuho
Copy link
Member Author

kazuho commented Dec 7, 2022

Let's merge this. It works, we have tests.

The API might be unstable. But the fact is that it cannot become stable until RFC is published.

@kazuho kazuho merged commit 4fe18f3 into master Dec 7, 2022
This was referenced Dec 7, 2022
Merged
Merged
@imsys imsys mentioned this pull request Jul 7, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kazuho @huitema