Noratrieb/tls
1
0
Fork 0
mirror of https://github.com/Noratrieb/tls.git synced 2026-01-14 16:45:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

accept more signature algos

Browse source
This commit is contained in:
nora 2023-09-24 21:52:29 +02:00
parent df9e3ea17d
commit 57f6feb70a
5 changed files with 28 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

17
src/lib.rs
View file

@ -33,7 +33,7 @@ impl ClientSetupConnection {
legacy_version: proto::LEGACY_TLSV12, legacy_version: proto::LEGACY_TLSV12,
random: rand::random(), random: rand::random(),
legacy_session_id: rand::random::<[u8; 32]>().to_vec().into(), legacy_session_id: rand::random::<[u8; 32]>().to_vec().into(),
cipher_suites: vec![proto::CipherSuite::TlsAes128GcmSha256].into(), cipher_suites: vec![proto::CipherSuite::TLS_AES_128_GCM_SHA256].into(),
legacy_compressions_methods: vec![0].into(), legacy_compressions_methods: vec![0].into(),
extensions: vec![ extensions: vec![
proto::ExtensionCH::ServerName { proto::ExtensionCH::ServerName {
@ -57,7 +57,20 @@ impl ClientSetupConnection {
.into(), .into(),
}, },
proto::ExtensionCH::SignatureAlgorithms { proto::ExtensionCH::SignatureAlgorithms {
supported_signature_algorithms: vec![proto::SignatureScheme::ED25519].into(), supported_signature_algorithms: vec![
proto::SignatureScheme::ED25519,
proto::SignatureScheme::ED448,
proto::SignatureScheme::ECDSA_SECP256R1_SHA256,
proto::SignatureScheme::ECDSA_SECP384R1_SHA384,
proto::SignatureScheme::ECDSA_SECP521R1_SHA512,
proto::SignatureScheme::RSA_PSS_PSS_SHA256,
proto::SignatureScheme::RSA_PSS_PSS_SHA384,
proto::SignatureScheme::RSA_PSS_PSS_SHA512,
proto::SignatureScheme::RSA_PSS_RSAE_SHA256,
proto::SignatureScheme::RSA_PSS_RSAE_SHA384,
proto::SignatureScheme::RSA_PSS_RSAE_SHA512,
]
.into(),
}, },
proto::ExtensionCH::SupportedVersions { proto::ExtensionCH::SupportedVersions {
versions: vec![proto::TLSV13].into(), versions: vec![proto::TLSV13].into(),

2
src/main.rs
View file

@ -1,4 +1,4 @@
// An example program that makes a shitty HTTP/1.1 request. // An example program that makes a shitty HTTP/1.1 request.
fn main() { fn main() {
tls::ClientConnection::establish("google.com", 443).unwrap(); tls::ClientConnection::establish("nilstrieb.dev", 443).unwrap();
} }

11
src/proto.rs
View file

@ -133,12 +133,13 @@ type LegacySessionId = List<u8, u8>;
proto_enum! { proto_enum! {
#[derive(Debug, Clone, Copy, PartialEq, Eq)] #[derive(Debug, Clone, Copy, PartialEq, Eq)]
#[allow(non_camel_case_types)]
pub enum CipherSuite: [u8; 2] { pub enum CipherSuite: [u8; 2] {
TlsAes128GcmSha256 = [0x13, 0x01], TLS_AES_128_GCM_SHA256 = [0x13, 0x01],
TlsAes256GcmSha384 = [0x13, 0x02], TLS_AES_256_GCM_SHA384 = [0x13, 0x02],
TlsChacha20Poly1305Sha256 = [0x13, 0x03], TLS_CHACHA20_POLY1305_SHA256 = [0x13, 0x03],
TlsAes128CcmSha256 = [0x13, 0x04], TLS_AES_128_CCM_SHA256 = [0x13, 0x04],
TlsAes128Ccm8Sha256 = [0x13, 0x05], TLS_AES_128_CCM_8_SHA256 = [0x13, 0x05],
} }
} }

5
src/proto/ser_de.rs
View file

@ -14,7 +14,10 @@ pub struct FrameReader<R> {
impl<R> FrameReader<R> { impl<R> FrameReader<R> {
pub fn new(read: R) -> Self { pub fn new(read: R) -> Self {
FrameReader { read, is_hello_retry_request: false } FrameReader {
read,
is_hello_retry_request: false,
}
} }
} }

4
src/proto/tests.rs
View file

@ -24,7 +24,7 @@ fn parse_hello_retry_request() {
\x2e\xb3\x98\x96\x32\x81\xad\x8d\x24\x72\x52\x2a\x45\x26\x10\xa2" \x2e\xb3\x98\x96\x32\x81\xad\x8d\x24\x72\x52\x2a\x45\x26\x10\xa2"
.to_vec() .to_vec()
.into(), .into(),
cipher_suite: CipherSuite::TlsAes128GcmSha256, cipher_suite: CipherSuite::TLS_AES_128_GCM_SHA256,
legacy_compression_method: 0, legacy_compression_method: 0,
extensions: vec![ extensions: vec![
ExtensionSH::SupportedVersions { ExtensionSH::SupportedVersions {
@ -67,7 +67,7 @@ fn parse_server_hello() {
\x2b\x66\x87\x44\x02\xbb\xf7\xb7\x1d\x6a\x29\xaf\x93\xaf\xe2\x02" \x2b\x66\x87\x44\x02\xbb\xf7\xb7\x1d\x6a\x29\xaf\x93\xaf\xe2\x02"
.to_vec() .to_vec()
.into(), .into(),
cipher_suite: CipherSuite::TlsAes128GcmSha256, cipher_suite: CipherSuite::TLS_AES_128_GCM_SHA256,
legacy_compression_method: 0, legacy_compression_method: 0,
extensions: vec![ extensions: vec![
ExtensionSH::KeyShare { ExtensionSH::KeyShare {