Noratrieb/tls
1
0
Fork 0
mirror of https://github.com/Noratrieb/tls.git synced 2026-01-14 16:45:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

improvements

Browse source
This commit is contained in:
nora 2023-09-24 17:39:42 +02:00
parent 8f212576e5
commit 87c6ba8484
3 changed files with 104 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/lib.rs
View file

@ -28,7 +28,7 @@ impl ClientSetupConnection {
let handshake = proto::Handshake::ClientHello { let handshake = proto::Handshake::ClientHello {
legacy_version: proto::LEGACY_TLSV12, legacy_version: proto::LEGACY_TLSV12,
random: rand::random(), random: rand::random(),
legacy_session_id: [(); 32].map(|()| rand::random()).to_vec().into(), legacy_session_id: rand::random::<[u8; 32]>().to_vec().into(),
cipher_suites: vec![proto::CipherSuite::TlsAes128GcmSha256].into(), cipher_suites: vec![proto::CipherSuite::TlsAes128GcmSha256].into(),
legacy_compressions_methods: vec![0].into(), legacy_compressions_methods: vec![0].into(),
extensions: vec![ extensions: vec![
@ -44,6 +44,17 @@ impl ClientSetupConnection {
proto::ExtensionCH::SupportedGroups { proto::ExtensionCH::SupportedGroups {
groups: vec![proto::NamedGroup::X25519].into(), groups: vec![proto::NamedGroup::X25519].into(),
}, },
// passing this doesnt work and shows up as TLSv1.2 in wireshark and gives a handshake error
/*proto::ExtensionCH::KeyShare {
entries: vec![proto::KeyShareEntry::X25519 {
len: 32,
key_exchange: rand::random(),
}]
.into(),
},
proto::ExtensionCH::SignatureAlgorithms {
supported_signature_algorithms: vec![proto::SignatureScheme::ED25519].into(),
},*/
proto::ExtensionCH::SupportedVersions { proto::ExtensionCH::SupportedVersions {
versions: vec![proto::TLSV13].into(), versions: vec![proto::TLSV13].into(),
}, },
@ -54,7 +65,6 @@ impl ClientSetupConnection {
plaintext.write(&mut stream)?; plaintext.write(&mut stream)?;
stream.flush()?; stream.flush()?;
println!("hello!");
let out = proto::TLSPlaintext::read(stream.get_mut())?; let out = proto::TLSPlaintext::read(stream.get_mut())?;
dbg!(&out); dbg!(&out);

99
src/proto.rs
View file

@ -1,4 +1,4 @@
mod ser_de; pub mod ser_de;
use std::{ use std::{
fmt::Debug, fmt::Debug,
@ -155,25 +155,29 @@ proto_enum! {
ECPointFormat { ECPointFormat {
formats: ECPointFormatList, formats: ECPointFormatList,
} = 11, } = 11,
SignatureAlgorithms{ todo: Todo, } = 13, SignatureAlgorithms {
UseSrtp{ todo: Todo, } = 14, supported_signature_algorithms: List<SignatureScheme, u16>,
Heartbeat { todo: Todo, }= 15, } = 13,
ApplicationLayerProtocolNegotiation{ todo: Todo, } = 16, UseSrtp { todo: Todo, } = 14,
SignedCertificateTimestamp{ todo: Todo, } = 18, Heartbeat { todo: Todo, } = 15,
ClientCertificateType{ todo: Todo, } = 19, ApplicationLayerProtocolNegotiation { todo: Todo, } = 16,
ServerCertificateType { todo: Todo, }= 20, SignedCertificateTimestamp { todo: Todo, } = 18,
Padding{ todo: Todo, } = 21, ClientCertificateType { todo: Todo, } = 19,
PreSharedKey { todo: Todo, }= 41, ServerCertificateType { todo: Todo, } = 20,
EarlyData{ todo: Todo, } = 42, Padding { todo: Todo, } = 21,
PreSharedKey { todo: Todo, } = 41,
EarlyData { todo: Todo, } = 42,
SupportedVersions { SupportedVersions {
versions: List<ProtocolVersion, u8>, versions: List<ProtocolVersion, u8>,
} = 43, } = 43,
Cookie{ todo: Todo, } = 44, Cookie{ todo: Todo, } = 44,
PskKeyExchangeModes { todo: Todo, }= 45, PskKeyExchangeModes { todo: Todo, } = 45,
CertificateAuthorities { todo: Todo, }= 47, CertificateAuthorities { todo: Todo, } = 47,
PostHandshakeAuth { todo: Todo, }= 49, PostHandshakeAuth { todo: Todo, } = 49,
SignatureAlgorithmsCert{ todo: Todo, } = 50, SignatureAlgorithmsCert{ todo: Todo, } = 50,
KeyShare { todo: Todo, }= 51, KeyShare {
entries: List<KeyShareEntry, u16>,
} = 51,
} }
} }
@ -213,29 +217,74 @@ type ECPointFormatList = List<ECPointFormat, u8>;
proto_enum! { proto_enum! {
#[derive(Debug, Clone, PartialEq, Eq)] #[derive(Debug, Clone, PartialEq, Eq)]
pub enum KeyShareEntry: super::NamedGroup {
X25519 {
len: u16,
key_exchange: [u8; 32],
} = super::NamedGroup::X25519,
}
}
proto_enum! {
#[derive(Debug, Clone, PartialEq, Eq)]
#[allow(non_camel_case_types)]
pub enum NamedGroup: u16 { pub enum NamedGroup: u16 {
/* Elliptic Curve Groups (ECDHE) */ /* Elliptic Curve Groups (ECDHE) */
Secp256r1 = 0x0017, SECP256R1 = 0x0017,
Secp384r1 = 0x0018, SECP384R1 = 0x0018,
Secp521r1 = 0x0019, SECP521R1 = 0x0019,
X25519 = 0x001D, X25519 = 0x001D,
X448 = 0x001E, X448 = 0x001E,
/* Finite Field Groups (DHE) */ /* Finite Field Groups (DHE) */
Ffdhe2048 = 0x0100, FFDHE2048 = 0x0100,
Ffdhe3072 = 0x0101, FFDHE3072 = 0x0101,
Ffdhe4096 = 0x0102, FFDHE4096 = 0x0102,
Ffdhe6144 = 0x0103, FFDHE6144 = 0x0103,
Ffdhe8192 = 0x0104, FFDHE8192 = 0x0104,
} }
} }
type NamedGroupList = List<NamedGroup, u16>; type NamedGroupList = List<NamedGroup, u16>;
proto_enum! {
#[derive(Debug, Clone, PartialEq, Eq)]
#[allow(non_camel_case_types)]
pub enum SignatureScheme: u32 {
/* RSASSA-PKCS1-v1_5 algorithms */
RSA_PKCS1_SHA256 = 0x0401,
RSA_PKCS1_SHA384 = 0x0501,
RSA_PKCS1_SHA512 = 0x0601,
/* ECDSA algorithms */
ECDSA_SECP256R1_SHA256 = 0x0403,
ECDSA_SECP384R1_SHA384 = 0x0503,
ECDSA_SECP521R1_SHA512 = 0x0603,
/* RSASSA-PSS algorithms with public key OID rsaEncryption */
RSA_PSS_RSAE_SHA256 = 0x0804,
RSA_PSS_RSAE_SHA384 = 0x0805,
RSA_PSS_RSAE_SHA512 = 0x0806,
/* EdDSA algorithms */
ED25519 = 0x0807,
ED448 = 0x0808,
/* RSASSA-PSS algorithms with public key OID RSASSA-PSS */
RSA_PSS_PSS_SHA256 = 0x0809,
RSA_PSS_PSS_SHA384 = 0x080a,
RSA_PSS_PSS_SHA512 = 0x080b,
/* Legacy algorithms */
RSA_PKCS1_SHA1 = 0x0201,
ECDSA_SHA1 = 0x0203,
}
}
proto_struct! { proto_struct! {
#[derive(Debug, Clone, Copy, PartialEq, Eq)] #[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub struct Alert { pub struct Alert {
level: AlertLevel, pub level: AlertLevel,
description: AlertDescription, pub description: AlertDescription,
} }
} }

27
src/proto/ser_de.rs
View file

@ -1,16 +1,24 @@
use byteorder::{BigEndian as B, ReadBytesExt, WriteBytesExt}; use byteorder::{BigEndian as B, ReadBytesExt, WriteBytesExt};
use std::fmt::Debug; use std::{
fmt::Debug,
io::{self, Read, Write},
marker::PhantomData,
num::TryFromIntError,
};
/// ```ignore
/// proto_struct! {}
/// ```
macro_rules! proto_struct { macro_rules! proto_struct {
{$(#[$meta:meta])* pub struct $name:ident { {$(#[$meta:meta])* pub struct $name:ident {
$( $(
$field_name:ident : $field_ty:ty, pub $field_name:ident : $field_ty:ty,
)* )*
}} => { }} => {
$(#[$meta])* $(#[$meta])*
pub struct $name { pub struct $name {
$( $(
$field_name: $field_ty, pub $field_name: $field_ty,
)* )*
} }
@ -39,14 +47,12 @@ macro_rules! proto_struct {
} }
}; };
} }
use std::{
io::{self, Read, Write},
marker::PhantomData,
num::TryFromIntError,
};
pub(crate) use proto_struct; pub(crate) use proto_struct;
/// ```ignore
/// proto_enum! {}
/// ```
macro_rules! proto_enum { macro_rules! proto_enum {
{$(#[$meta:meta])* pub enum $name:ident: $discr_ty:ty $( ,(length: $len_ty:ty) )? { {$(#[$meta:meta])* pub enum $name:ident: $discr_ty:ty $( ,(length: $len_ty:ty) )? {
$( $(
@ -116,13 +122,16 @@ macro_rules! proto_enum {
fn read<R: Read>(r: &mut R) -> crate::Result<Self> { fn read<R: Read>(r: &mut R) -> crate::Result<Self> {
mod discr_consts { mod discr_consts {
#[allow(unused_imports)]
use super::*;
pub type Type = $discr_ty;
$( $(
#[allow(non_upper_case_globals)] #[allow(non_upper_case_globals)]
pub(super) const $KindName: $discr_ty = $discriminant; pub(super) const $KindName: $discr_ty = $discriminant;
)* )*
} }
let kind: $discr_ty = crate::proto::ser_de::Value::read(r)?; let kind: discr_consts::Type = crate::proto::ser_de::Value::read(r)?;
$( $(
let _len = <$len_ty>::read(r)?; let _len = <$len_ty>::read(r)?;