[gnutls-devel] GnuTLS | Add compress_certificate extension (RFC8879) (!1512)

[Read-only notification of GnuTLS library development activities]

Zoltán Fridrich commented on a discussion on lib/ext/compress_certificate.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1512#note_851495093

> +        return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
> +
> +    for (unsigned i = 0; i < methods_len; ++i) {
> +        tmp = _gnutls_compress_certificate_method2num(methods[i]);
> +        if (tmp == GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER ||
> +            gnutls_compression_get_name(tmp) == NULL)
> +            return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
> +        _gnutls_write_uint16(tmp, (uint8_t *)(algs + i));
> +    }
> +
> +    _gnutls_hello_ext_unset_priv(session, GNUTLS_EXTENSION_COMPRESS_CERTIFICATE);
> +
> +    priv.data = (unsigned char *)algs;
> +    priv.size = methods_len * sizeof(uint16_t);
> +
> +    ret = _gnutls_hello_ext_set_datum(session, GNUTLS_EXTENSION_COMPRESS_CERTIFICATE, &priv);

I am not quite sure if I want to store an array of `gnutls_compression_method_t`. Currently, in `gnutls_compress_certificate_set_methods` function I have to parse the input anyway and then I am storing it in a format that is ready to be sent. That's why `_gnutls_compress_certificate_send_params` function does not have to do any conversions because it can just retrieve the private data and immediately send them. I don't think that storing the data as `gnutls_compression_method_t` would be any beneficial.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1512#note_851495093
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20220222/73cb43e9/attachment.html>