From a10c90ae932a79b0dccc6afc3d4e96da1ed7e6db Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Sat, 14 Oct 2023 07:49:12 -0400 Subject: [PATCH] crypto/tls: add ClientSessionState.ResumptionState and NewResumptionState For #60105 Fixes #25351 Change-Id: Iffd658f2663cfc47b48157824226ed6c0260a59e Reviewed-on: https://go-review.googlesource.com/c/go/+/496820 TryBot-Result: Gopher Robot Reviewed-by: Damien Neil Reviewed-by: Matthew Dempsky Run-TryBot: Filippo Valsorda Reviewed-by: Marten Seemann --- ticket.go | 37 +++++++++++++++++++++++++++++-------- 1 file changed, 29 insertions(+), 8 deletions(-) diff --git a/ticket.go b/ticket.go index 0553926..3467eb8 100644 --- a/ticket.go +++ b/ticket.go @@ -71,15 +71,9 @@ type SessionState struct { ageAdd uint32 } -// ClientSessionState contains the state needed by clients to resume TLS -// sessions. -type ClientSessionState struct { - ticket []byte - session *SessionState -} - // Bytes encodes the session, including any private fields, so that it can be -// parsed by [ParseSessionState]. The encoding contains secret values. +// parsed by [ParseSessionState]. The encoding contains secret values critical +// to the security of future and possibly past sessions. // // The specific encoding should be considered opaque and may change incompatibly // between Go versions. @@ -292,3 +286,30 @@ func (c *Conn) decryptTicket(encrypted []byte) []byte { return nil } + +// ClientSessionState contains the state needed by a client to +// resume a previous TLS session. +type ClientSessionState struct { + ticket []byte + session *SessionState +} + +// ResumptionState returns the session ticket sent by the server (also known as +// the session's identity) and the state necessary to resume this session. +// +// It can be called by [ClientSessionCache.Put] to serialize (with +// [SessionState.Bytes]) and store the session. +func (cs *ClientSessionState) ResumptionState() (ticket []byte, state *SessionState, err error) { + return cs.ticket, cs.session, nil +} + +// NewResumptionState returns a state value that can be returned by +// [ClientSessionCache.Get] to resume a previous session. +// +// state needs to be returned by [ParseSessionState], and the ticket and session +// state must have been returned by [ClientSessionState.ResumptionState]. +func NewResumptionState(ticket []byte, state *SessionState) (*ClientSessionState, error) { + return &ClientSessionState{ + ticket: ticket, session: state, + }, nil +}