Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expose client-side ECH #282

Open
jrose-signal opened this issue Sep 27, 2024 · 1 comment
Open

Expose client-side ECH #282

jrose-signal opened this issue Sep 27, 2024 · 1 comment
Assignees
@rushilmehra

Comments

@jrose-signal
Copy link
Contributor

Now that Cloudflare is rolling out ECH again, it'd be great to see the ECH client APIs exposed in boring:

  • SSL_set1_ech_config_list for basic support
  • SSL_get0_ech_retry_configs for recovery from key mismatches
  • SSL_get0_ech_name_override for custom verifiers to support fallback to non-ECH
  • SSL_ech_accepted for completeness

The server APIs would also be good to add, and might be the best way to write a test, but they're a little more involved (EVP_HPKE_KEY has to be exposed in order to provide SSL_ECH_KEYS_add).
@rushilmehra
Copy link
Collaborator

Hi, yes, I'll be getting to this shortly as we want to implement ECH for some internal rust projects. I'll add the client APIs as well. Will use this issue to track

@rushilmehra rushilmehra self-assigned this Sep 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rushilmehra rushilmehra

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jrose-signal @rushilmehra