Skip to content

Commit

Permalink
Add support for CID related generators
Browse files Browse the repository at this point in the history 
ConnectionIDGenerator generates connection identifiers that should be
sent by the remote party if it supports the DTLS Connection Identifier
extension, as determined during the handshake. Generated connection
identifiers must always have the same length. Returning a zero-length
connection identifier indicates that the local party supports sending
connection identifiers but does not require the remote party to send
them. A nil ConnectionIDGenerator indicates that connection identifiers
are not supported.

https://datatracker.ietf.org/doc/html/rfc9146

PaddingLengthGenerator generates the number of padding bytes used to
inflate ciphertext size in order to obscure content size from observers.
The length of the content is passed to the generator such that both
deterministic and random padding schemes can be applied while not
exceeding maximum record size.
If no PaddingLengthGenerator is specified, padding will not be applied.

https://datatracker.ietf.org/doc/html/rfc9146#section-4

Signed-off-by: Daniel Mangum <[email protected]>
  • Loading branch information
@hasheddan
hasheddan committed Aug 9, 2023
1 parent 2005135 commit b7b1e44
Showing 1 changed file with 20 additions and 0 deletions.
20 changes: 20 additions & 0 deletions config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -176,6 +176,26 @@ type Config struct {
// skip hello verify phase and receive ServerHello after initial ClientHello.
// This have implication on DoS attack resistance.
InsecureSkipVerifyHello bool

// ConnectionIDGenerator generates connection identifiers that should be
// sent by the remote party if it supports the DTLS Connection Identifier
// extension, as determined during the handshake. Generated connection
// identifiers must always have the same length. Returning a zero-length
// connection identifier indicates that the local party supports sending
// connection identifiers but does not require the remote party to send
// them. A nil ConnectionIDGenerator indicates that connection identifiers
// are not supported.
// https://datatracker.ietf.org/doc/html/rfc9146
ConnectionIDGenerator func() []byte

// PaddingLengthGenerator generates the number of padding bytes used to
// inflate ciphertext size in order to obscure content size from observers.
// The length of the content is passed to the generator such that both
// deterministic and random padding schemes can be applied while not
// exceeding maximum record size.
// If no PaddingLengthGenerator is specified, padding will not be applied.
// https://datatracker.ietf.org/doc/html/rfc9146#section-4
PaddingLengthGenerator func(uint) uint
}

func defaultConnectContextMaker() (context.Context, func()) {
Expand Down

0 comments on commit b7b1e44

Please sign in to comment.