crypto/tls: add ClientSessionState.ResumptionState and NewResumptionState

For #60105 Fixes #25351 Change-Id: Iffd658f2663cfc47b48157824226ed6c0260a59e Reviewed-on: https://go-review.googlesource.com/c/go/+/496820 TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Matthew Dempsky <mdempsky@google.com> Run-TryBot: Filippo Valsorda <filippo@golang.org> Reviewed-by: Marten Seemann <martenseemann@gmail.com>
2025-04-03 20:17:36 +03:00 · 2023-05-21 21:27:48 +02:00 · 2023-05-21 21:27:48 +02:00 · 170472af9d
commit 170472af9d
parent e911b27e23
2 changed files with 70 additions and 8 deletions
--- a/ticket.go
+++ b/ticket.go
@ -71,15 +71,9 @@ type SessionState struct {
 	ageAdd uint32
 }

-// ClientSessionState contains the state needed by clients to resume TLS
-// sessions.
-type ClientSessionState struct {
-	ticket  []byte
-	session *SessionState
-}
-
 // Bytes encodes the session, including any private fields, so that it can be
-// parsed by [ParseSessionState]. The encoding contains secret values.
+// parsed by [ParseSessionState]. The encoding contains secret values critical
+// to the security of future and possibly past sessions.
 //
 // The specific encoding should be considered opaque and may change incompatibly
 // between Go versions.
@ -293,3 +287,30 @@ func (c *Conn) decryptTicket(encrypted []byte) []byte {

 	return nil
 }
+
+// ClientSessionState contains the state needed by a client to
+// resume a previous TLS session.
+type ClientSessionState struct {
+	ticket  []byte
+	session *SessionState
+}
+
+// ResumptionState returns the session ticket sent by the server (also known as
+// the session's identity) and the state necessary to resume this session.
+//
+// It can be called by [ClientSessionCache.Put] to serialize (with
+// [SessionState.Bytes]) and store the session.
+func (cs *ClientSessionState) ResumptionState() (ticket []byte, state *SessionState, err error) {
+	return cs.ticket, cs.session, nil
+}
+
+// NewResumptionState returns a state value that can be returned by
+// [ClientSessionCache.Get] to resume a previous session.
+//
+// state needs to be returned by [ParseSessionState], and the ticket and session
+// state must have been returned by [ClientSessionState.ResumptionState].
+func NewResumptionState(ticket []byte, state *SessionState) (*ClientSessionState, error) {
+	return &ClientSessionState{
+		ticket: ticket, session: state,
+	}, nil
+}