crypto/tls: GetCertificate called on resumed sessions #25352
Labels
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
Comments
FiloSottile
added
the
NeedsInvestigation
|
TLS 1.3 already has this behavior. In TLS 1.2 during resumption there is a check that the ciphersuite from the resumed session is still acceptable. That check relies on the certificate private key type in order to determine if the suite uses an acceptable key exchange. Presumably since the key exchange has already happened as long as the cipher is otherwise acceptable it's fine to just ignore whether it contains an acceptable key exchange since the shared secret has already been established and we don't need the cert key for another kex. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
GetCertificate is called just before checking the client session ticket. If the ticket is valid and the session is resumed, that call is probably pointless.
Off the top of my head, I can't remember why the server would need to know its own certificate in a resumed session, but there might be something I'm forgetting around renegotiation. Look into it, and if possible move the GetCertificate call after checkForResumption.
The text was updated successfully, but these errors were encountered: