1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=head1 NAME 4e71b7053SJung-uk Kim 5e71b7053SJung-uk KimSSL_key_update, 6e71b7053SJung-uk KimSSL_get_key_update_type, 7e71b7053SJung-uk KimSSL_renegotiate, 8e71b7053SJung-uk KimSSL_renegotiate_abbreviated, 9e71b7053SJung-uk KimSSL_renegotiate_pending 10e71b7053SJung-uk Kim- initiate and obtain information about updating connection keys 11e71b7053SJung-uk Kim 12e71b7053SJung-uk Kim=head1 SYNOPSIS 13e71b7053SJung-uk Kim 14e71b7053SJung-uk Kim #include <openssl/ssl.h> 15e71b7053SJung-uk Kim 16e71b7053SJung-uk Kim int SSL_key_update(SSL *s, int updatetype); 176935a639SJung-uk Kim int SSL_get_key_update_type(const SSL *s); 18e71b7053SJung-uk Kim 19e71b7053SJung-uk Kim int SSL_renegotiate(SSL *s); 20e71b7053SJung-uk Kim int SSL_renegotiate_abbreviated(SSL *s); 216935a639SJung-uk Kim int SSL_renegotiate_pending(const SSL *s); 22e71b7053SJung-uk Kim 23e71b7053SJung-uk Kim=head1 DESCRIPTION 24e71b7053SJung-uk Kim 25e71b7053SJung-uk KimSSL_key_update() schedules an update of the keys for the current TLS connection. 26e71b7053SJung-uk KimIf the B<updatetype> parameter is set to B<SSL_KEY_UPDATE_NOT_REQUESTED> then 27e71b7053SJung-uk Kimthe sending keys for this connection will be updated and the peer will be 28e71b7053SJung-uk Kiminformed of the change. If the B<updatetype> parameter is set to 29e71b7053SJung-uk KimB<SSL_KEY_UPDATE_REQUESTED> then the sending keys for this connection will be 30e71b7053SJung-uk Kimupdated and the peer will be informed of the change along with a request for the 31e71b7053SJung-uk Kimpeer to additionally update its sending keys. It is an error if B<updatetype> is 32e71b7053SJung-uk Kimset to B<SSL_KEY_UPDATE_NONE>. 33e71b7053SJung-uk Kim 34e71b7053SJung-uk KimSSL_key_update() must only be called after the initial handshake has been 35*b077aed3SPierre Proncherycompleted and TLSv1.3 has been negotiated, at the same time, the application 36*b077aed3SPierre Proncheryneeds to ensure that the writing of data has been completed. The key update 37*b077aed3SPierre Proncherywill not take place until the next time an IO operation such as SSL_read_ex() 38*b077aed3SPierre Proncheryor SSL_write_ex() takes place on the connection. Alternatively SSL_do_handshake() 39*b077aed3SPierre Proncherycan be called to force the update to take place immediately. 40e71b7053SJung-uk Kim 41e71b7053SJung-uk KimSSL_get_key_update_type() can be used to determine whether a key update 42e71b7053SJung-uk Kimoperation has been scheduled but not yet performed. The type of the pending key 43e71b7053SJung-uk Kimupdate operation will be returned if there is one, or SSL_KEY_UPDATE_NONE 44e71b7053SJung-uk Kimotherwise. 45e71b7053SJung-uk Kim 46e71b7053SJung-uk KimSSL_renegotiate() and SSL_renegotiate_abbreviated() should only be called for 47e71b7053SJung-uk Kimconnections that have negotiated TLSv1.2 or less. Calling them on any other 48e71b7053SJung-uk Kimconnection will result in an error. 49e71b7053SJung-uk Kim 50e71b7053SJung-uk KimWhen called from the client side, SSL_renegotiate() schedules a completely new 51e71b7053SJung-uk Kimhandshake over an existing SSL/TLS connection. The next time an IO operation 52e71b7053SJung-uk Kimsuch as SSL_read_ex() or SSL_write_ex() takes place on the connection a check 53e71b7053SJung-uk Kimwill be performed to confirm that it is a suitable time to start a 54e71b7053SJung-uk Kimrenegotiation. If so, then it will be initiated immediately. OpenSSL will not 55e71b7053SJung-uk Kimattempt to resume any session associated with the connection in the new 56e71b7053SJung-uk Kimhandshake. 57e71b7053SJung-uk Kim 58e71b7053SJung-uk KimWhen called from the client side, SSL_renegotiate_abbreviated() works in the 59e71b7053SJung-uk Kimsame was as SSL_renegotiate() except that OpenSSL will attempt to resume the 60e71b7053SJung-uk Kimsession associated with the current connection in the new handshake. 61e71b7053SJung-uk Kim 62e71b7053SJung-uk KimWhen called from the server side, SSL_renegotiate() and 63e71b7053SJung-uk KimSSL_renegotiate_abbreviated() behave identically. They both schedule a request 64e71b7053SJung-uk Kimfor a new handshake to be sent to the client. The next time an IO operation is 65e71b7053SJung-uk Kimperformed then the same checks as on the client side are performed and then, if 66e71b7053SJung-uk Kimappropriate, the request is sent. The client may or may not respond with a new 67e71b7053SJung-uk Kimhandshake and it may or may not attempt to resume an existing session. If 68e71b7053SJung-uk Kima new handshake is started then this will be handled transparently by calling 69e71b7053SJung-uk Kimany OpenSSL IO function. 70e71b7053SJung-uk Kim 71e71b7053SJung-uk KimIf an OpenSSL client receives a renegotiation request from a server then again 72e71b7053SJung-uk Kimthis will be handled transparently through calling any OpenSSL IO function. For 73e71b7053SJung-uk Kima TLS connection the client will attempt to resume the current session in the 74e71b7053SJung-uk Kimnew handshake. For historical reasons, DTLS clients will not attempt to resume 75e71b7053SJung-uk Kimthe session in the new handshake. 76e71b7053SJung-uk Kim 77e71b7053SJung-uk KimThe SSL_renegotiate_pending() function returns 1 if a renegotiation or 78e71b7053SJung-uk Kimrenegotiation request has been scheduled but not yet acted on, or 0 otherwise. 79e71b7053SJung-uk Kim 80e71b7053SJung-uk Kim=head1 RETURN VALUES 81e71b7053SJung-uk Kim 82e71b7053SJung-uk KimSSL_key_update(), SSL_renegotiate() and SSL_renegotiate_abbreviated() return 1 83e71b7053SJung-uk Kimon success or 0 on error. 84e71b7053SJung-uk Kim 85e71b7053SJung-uk KimSSL_get_key_update_type() returns the update type of the pending key update 86e71b7053SJung-uk Kimoperation or SSL_KEY_UPDATE_NONE if there is none. 87e71b7053SJung-uk Kim 88e71b7053SJung-uk KimSSL_renegotiate_pending() returns 1 if a renegotiation or renegotiation request 89e71b7053SJung-uk Kimhas been scheduled but not yet acted on, or 0 otherwise. 90e71b7053SJung-uk Kim 91e71b7053SJung-uk Kim=head1 SEE ALSO 92e71b7053SJung-uk Kim 93e71b7053SJung-uk KimL<ssl(7)>, L<SSL_read_ex(3)>, 94e71b7053SJung-uk KimL<SSL_write_ex(3)>, 95e71b7053SJung-uk KimL<SSL_do_handshake(3)> 96e71b7053SJung-uk Kim 97e71b7053SJung-uk Kim=head1 HISTORY 98e71b7053SJung-uk Kim 99e71b7053SJung-uk KimThe SSL_key_update() and SSL_get_key_update_type() functions were added in 100e71b7053SJung-uk KimOpenSSL 1.1.1. 101e71b7053SJung-uk Kim 102e71b7053SJung-uk Kim=head1 COPYRIGHT 103e71b7053SJung-uk Kim 104*b077aed3SPierre ProncheryCopyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved. 105e71b7053SJung-uk Kim 106*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 107e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 108e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 109e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 110e71b7053SJung-uk Kim 111e71b7053SJung-uk Kim=cut 112