Update TLS 1.3 PSK 1-RTT

2026-05-07 00:46:17 +08:00 · 2026-03-23 10:32:16 +08:00
parent 0d1acec6df
commit 5efe2005d4
3 changed files with 801 additions and 119 deletions
--- a/include/gmssl/tls.h
+++ b/include/gmssl/tls.h
@@ -51,6 +51,7 @@ int tls_uint8array_from_bytes(const uint8_t **data, size_t *datalen, const uint8
 int tls_uint16array_from_bytes(const uint8_t **data, size_t *datalen, const uint8_t **in, size_t *inlen);
 int tls_uint24array_from_bytes(const uint8_t **data, size_t *datalen, const uint8_t **in, size_t *inlen);
 int tls_length_is_zero(size_t len);
+int tls_uint16array_from_file(uint8_t *arr, size_t *arrlen, size_t maxlen, FILE *fp);


 typedef enum {
@@ -724,6 +725,28 @@ typedef struct {
 } TLS_CERTS;


+
+typedef struct {
+	char hostname[256];
+
+	uint8_t pre_shared_key[32];
+	uint16_t protocol_version;
+	uint16_t cipher_suite;
+	uint32_t ticket_issue_time;
+	uint32_t ticket_lifetime;
+
+	uint32_t ticket_age_add;
+	uint8_t ticket[256];
+	size_t ticketlen;
+
+
+	// TODO: SNI, ALPN, client_certificate (dgst or subject), ticket_age_add, max_early_data_size
+} TLS_SESSION;
+
+
+
+
+
 typedef struct {
 	int protocol;

@@ -775,6 +798,13 @@ typedef struct {

 	int new_session_ticket;

+
+	// 设置客户端是否启用PSK模式
+	int pre_shared_key;
+
+	TLS_SESSION session;
+
+
 	int quiet;
 } TLS_CTX;

@@ -811,6 +841,8 @@ void tls_ctx_cleanup(TLS_CTX *ctx);
 enum {
 	TLS_state_handshake_init = 0,
 	TLS_state_client_hello,
+	TLS_state_hello_retry_request,
+	TLS_state_client_hello_again,
 	TLS_state_server_hello,
 	TLS_state_encrypted_extensions,
 	TLS_state_server_certificate,
@@ -833,6 +865,8 @@ enum {
 typedef struct {
 	int is_client;

+	const char *hostname;
+
 	int protocol;


@@ -968,6 +1002,8 @@ typedef struct {

 	uint8_t pre_master_secret[48]; // 是否可以重用master_secret作为pre_master_secret呢？			
 	uint8_t master_secret[48];
+	uint8_t resumption_master_secret[48];
+
 	uint8_t key_block[96];

 	uint8_t early_secret[32];
@@ -983,12 +1019,19 @@ typedef struct {
 	int certificate_request;
 	int early_data;
 	int new_session_ticket;
+	int pre_shared_key;
+	uint8_t psk[32];
+
+	int selected_psk_identity;

 	int client_certificate_verify; // TLS1.2 TLCP需要这个

 	uint8_t cookie[512];
 	size_t cookielen;

+	FILE *out_session;
+	FILE *in_session;
+


 } TLS_CONNECT;
@@ -1041,6 +1084,7 @@ void tls_clean_record(TLS_CONNECT *conn);
 int tls_print_record(FILE *fp, int fmt, int ind, const char *label, TLS_CONNECT *conn);

 int tls_init(TLS_CONNECT *conn, const TLS_CTX *ctx);
+int tls_set_hostname(TLS_CONNECT *conn, const char *hostname);
 int tls_set_socket(TLS_CONNECT *conn, tls_socket_t sock);
 int tls_do_handshake(TLS_CONNECT *conn);
 int tls_send(TLS_CONNECT *conn, const uint8_t *in, size_t inlen, size_t *sentlen);
--- a/src/tls.c
+++ b/src/tls.c
@@ -2260,13 +2260,12 @@ int tls_ctx_init(TLS_CTX *ctx, int protocol, int is_client)
 	size_t supported_versions_cnt = sizeof(supported_versions)/sizeof(supported_versions[0]);

 	const int supported_groups[] = {
-		TLS_curve_secp256r1,
 		TLS_curve_sm2p256v1,
+		TLS_curve_secp256r1,
 	};
 	size_t supported_groups_cnt = sizeof(supported_groups)/sizeof(supported_groups[0]);


-
 	const int signature_algorithms[] = {
 		TLS_sig_sm2sig_sm3,
 		TLS_sig_ecdsa_secp256r1_sha256,
@@ -2310,12 +2309,14 @@ int tls_ctx_init(TLS_CTX *ctx, int protocol, int is_client)

 	ctx->new_session_ticket = 1;

+
+	// TODO: 需要通过函数或者其他设置来启用这个开关
+	ctx->pre_shared_key = 1;
+
 	return 1;
 }


-
-
 int tls_ctx_set_cipher_suites(TLS_CTX *ctx, const int *cipher_suites, size_t cipher_suites_cnt)
 {
 	size_t i;
@@ -2580,10 +2581,12 @@ int tls_init(TLS_CONNECT *conn, const TLS_CTX *ctx)
 	conn->ctx = ctx;


-	conn->key_exchanges_cnt = 1;
+	conn->key_exchanges_cnt = 2;

 	conn->new_session_ticket = ctx->new_session_ticket;

+	conn->pre_shared_key = ctx->pre_shared_key;
+
 	return 1;
 }

@@ -2592,6 +2595,16 @@ void tls_cleanup(TLS_CONNECT *conn)
 	gmssl_secure_clear(conn, sizeof(TLS_CONNECT));
 }

+int tls_set_hostname(TLS_CONNECT *conn, const char *hostname)
+{
+	if (strlen(hostname) > 255) {
+		error_print();
+		return -1;
+	}
+	conn->hostname = hostname;
+	return 1;
+}
+
 int tls_set_socket(TLS_CONNECT *conn, tls_socket_t sock)
 {
 #ifdef WIN32
@@ -2640,3 +2653,46 @@ int tls_get_verify_result(TLS_CONNECT *conn, int *result)
 	*result = conn->verify_result;
 	return 1;
 }
+
+
+
+int tls_uint16array_from_file(uint8_t *arr, size_t *arrlen, size_t maxlen, FILE *fp)
+{
+	uint16_t datalen;
+	const uint8_t *cp;
+	size_t len = 2;
+
+	if (!arr || !arrlen || !fp) {
+		error_print();
+		return -1;
+	}
+	if (maxlen < 2) {
+		error_print();
+		return -1;
+	}
+
+	if (fread(arr, 1, 2, fp) != 2) {
+		error_print();
+		return -1;
+	}
+	cp = arr;
+	len = 2;
+	if (tls_uint16_from_bytes(&datalen, &cp, &len) != 1
+		|| tls_length_is_zero(len) != 1) {
+		error_print();
+		return -1;
+	}
+	*arrlen = 2 + datalen;
+	if (2 + datalen > maxlen) {
+		error_print();
+		return 0;
+	}
+	if (fread(arr + 2, 1, datalen, fp) != datalen) {
+		error_print();
+		return -1;
+	}
+	return 1;
+}
+
+
+
--- a/src/tls13.c
+++ b/src/tls13.c