TlsSession save & restore

0 votes
asked Oct 12 by tkhasss (120 points)

Hi! I want to save TlsSession instance from TlsSocket to reuse it in future, how do i do it?

1 Answer

0 votes
answered Oct 12 by Lukas Pokorny (115,410 points)

This is currently not supported. We will consider adding this feature to one of the future releases.

I'm not sure this would be useful in TLS 1.2. However, for TLS 1.3, TlsSession represents a pre-shared key, so it might be useful in some scenarios.

commented Oct 12 by tkhasss (120 points)
how do you think how long will it take to add this feature?
commented Oct 13 by Lukas Pokorny (115,410 points)
Just to clarify, which of the following features are you actually looking for?
a) Ability to reuse TlsSession for subsequent TlsSocket instances within the same process (this is already supported).
b) Persist TlsSession instances (into a database or a file), making it possible to reuse them for TlsSocket instances in different processes later.
c) Use static TLS 1.3 pre-shared keys (on client side or server side).
commented Oct 13 by tkhasss (120 points)
edited Oct 13 by tkhasss
second option.
i want to save tlssession into my database to reuse it when i open the app again.
commented Oct 15 by Lukas Pokorny (115,410 points)
We'll consider adding this in Q1 2021. One major problem with this is the fact that TLS 1.2 session actually includes the session's "master secret", which could be used to decrypt the session's communication. Because of that, persisting the session into a permanent storage could pose a security threat.