TlsSession save & restore

0 votes
asked Oct 12, 2020 by tkhasss (150 points)

Hi! I want to save TlsSession instance from TlsSocket to reuse it in future, how do i do it?

1 Answer

0 votes
answered Oct 12, 2020 by Lukas Pokorny (121,330 points)

This is currently not supported. We will consider adding this feature to one of the future releases.

I'm not sure this would be useful in TLS 1.2. However, for TLS 1.3, TlsSession represents a pre-shared key, so it might be useful in some scenarios.

commented Oct 12, 2020 by tkhasss (150 points)
how do you think how long will it take to add this feature?
commented Oct 13, 2020 by Lukas Pokorny (121,330 points)
Just to clarify, which of the following features are you actually looking for?
a) Ability to reuse TlsSession for subsequent TlsSocket instances within the same process (this is already supported).
b) Persist TlsSession instances (into a database or a file), making it possible to reuse them for TlsSocket instances in different processes later.
c) Use static TLS 1.3 pre-shared keys (on client side or server side).
commented Oct 13, 2020 by tkhasss (150 points)
edited Oct 13, 2020 by tkhasss
second option.
i want to save tlssession into my database to reuse it when i open the app again.
commented Oct 15, 2020 by Lukas Pokorny (121,330 points)
We'll consider adding this in Q1 2021. One major problem with this is the fact that TLS 1.2 session actually includes the session's "master secret", which could be used to decrypt the session's communication. Because of that, persisting the session into a permanent storage could pose a security threat.
...