Hello,
For implementing the TLS Cached Info extension [1] that sends certificate
hashes in place of the full certificate (if unchanged from a previous
handshake), we need a way to check and modify the cerificate message being
sent (for server) and received (for client). The callbacks could be, for
example:
void SSL_set_send_certificate_message_cb(SSL *ssl,
void (*cb) (SSL *ssl, unsigned char *data,
unsigned char **new_data, int *len, void
*arg));
void SSL_set_recv_certificate_message_cb(SSL *ssl,
void (*cb) (SSL *ssl, unsigned char *data,
unsigned char **new_data, int *len, void
*arg));
And they would be called while sending and receiving the certificate.
Thoughts / comments?
[*] https://tools.ietf.org/html/draft-ietf-tls-cached-info-22
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
