Conversation
signing can return `PTLS_ERROR_ASYNC_OPERATION` which will set the TLS state to `PTLS_STATE_SERVER_GENERATING_CERTIFICATE_VERIFY` It is up to the contract between the crypto implementation/application to notify and retry `ptls_handshake`
in the case of asynchronous operation we are waiting on data, a new buffer cannot be re-used
This reverts commit 5fd2318.
"The data pointed to by args and of size size will be copied and then passed as an argument to func when the job starts" https://www.openssl.org/docs/man1.1.1/man3/ASYNC_start_job.html
when set the callback is called in `ptls_free`
proceed as normal if openssl async is not available
kazuho
left a comment
kazuho
left a comment
There was a problem hiding this comment.
Thank you for the changes. Looks good, I only have a few questions.
| } | ||
| if (tls->server.sign_certificate.cb != NULL) { | ||
| tls->server.sign_certificate.cb(tls->server.sign_certificate.sign_certificate_ctx); | ||
| } |
There was a problem hiding this comment.
Am I correct to understand that the intent of the design is to invoke this callback only when the operation is to be cancelled?
Assuming that is the case,
- Could you point me to the code that clears the callback when the signature is obtained from the backend? I think that's necessary because once the operation is complete async context would be destroyed.
- It might make sense to call this callback
cancel_cbor similar, as the only role of the callback is cancellation.
There was a problem hiding this comment.
That's correct.
The callback is being set and cleared in the backend implementation:
The cancel callback is set when an async job is started (ASYNC_PAUSE) https://github.com/sharksforarms/picotls/blob/sharksforarms/async/lib/openssl.c#L861 and cleared at the end of the function (on error or job finished) https://github.com/sharksforarms/picotls/blob/sharksforarms/async/lib/openssl.c#L901
| /** | ||
| * boolean indicating if handshaking should be asynchronous | ||
| */ | ||
| unsigned async_handshake : 1; |
There was a problem hiding this comment.
How about containing this state within the openssl backend? It can be a flag of ptls_openssl_sign_certificate_t. If a backend can calculate synchrously (or asynchronously) depends on each backend. To give an example, a crypto token device can only do asynchronous operation.
IMO, all we need is a mechanism that allows the backend signal picotls if the operation has started asynchronously, the capability being provided by the error code being added.
There was a problem hiding this comment.
Yes you're correct here, I don't think this flag should be needed in the end. I've added it as a way to temporarily disable async, for example in QUIC context, quicly uses a different code path, which I haven't gotten around to yet.
|
Subsumed by #422. |
2 participants
For: h2o/h2o#3064
Splits the certificate and certificate verify function and adds a
PTLS_STATE_SERVER_GENERATING_CERTIFICATE_VERIFYstate andPTLS_ERROR_ASYNC_OPERATIONreturn codeReferences:
#291