Hello, For implementing the TLS Cached Info extension [1] that sends certificate hashes in place of the full certificate (if unchanged from a previous handshake), we need a way to check and modify the cerificate message being sent (for server) and received (for client). The callbacks could be, for example:
void SSL_set_send_certificate_message_cb(SSL *ssl, void (*cb) (SSL *ssl, unsigned char *data, unsigned char **new_data, int *len, void *arg)); void SSL_set_recv_certificate_message_cb(SSL *ssl, void (*cb) (SSL *ssl, unsigned char *data, unsigned char **new_data, int *len, void *arg)); And they would be called while sending and receiving the certificate. Thoughts / comments? [*] https://tools.ietf.org/html/draft-ietf-tls-cached-info-22
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev