it works

2026-01-14 08:35:03 +01:00 · 2024-08-03 16:09:42 +02:00 · 2024-08-03 16:09:42 +02:00 · ad3a4d21a5
commit ad3a4d21a5
parent c518c09937
3 changed files with 10 additions and 10 deletions
--- a/src/crypto/aead.rs
+++ b/src/crypto/aead.rs
@ -65,10 +65,12 @@ pub fn decrypt_ciphertext(
    additional_data[3..].copy_from_slice(&ciphertext_len.to_be_bytes());

    // <https://datatracker.ietf.org/doc/html/rfc8446#section-5.3>
+    let nonce = nonce.get_aead_nonce(&iv);
+
    let result = decrypt(
        key,
        encrypted_record,
-        nonce.get_aead_nonce(&iv),
+        nonce,
        &additional_data,
    );

--- a/src/crypto/keys.rs
+++ b/src/crypto/keys.rs
@ -157,9 +157,6 @@ impl KeysAfterServerHello {

        let early_secret_derived =
            derive_secret(&early_secret, b"derived", &sha2::Sha256::new().finalize());
-        println!("early_secret {:?}", early_secret);
-
-        println!("early_secret_derived {:?}", early_secret_derived);

        let (handshake_secret, _) =
            Hkdf::<Sha256>::extract(Some(&early_secret_derived), shared_secret.as_bytes());
--- a/src/lib.rs
+++ b/src/lib.rs
@ -64,6 +64,11 @@ mod stream_state {
            Ok(self.write_seq_id.next())
        }

+        pub fn key_change(&mut self) {
+            self.read_seq_id = SeqIdGen::new();
+            self.write_seq_id = SeqIdGen::new();
+        }
+
        pub fn read_record(&mut self) -> Result<(TLSPlaintext, SeqId)> {
            let seq_id = self.read_seq_id.next();
            let frame = proto::TLSPlaintext::read(&mut self.stream)?;
@ -312,11 +317,6 @@ impl<W: Read + Write> ClientSetupConnection<W> {
                        .unwrap()
                        .diffie_hellman(&server_key);

-                    println!(
-                        "we have established a shared secret. dont leak it!! anyways here is it: {:x?}",
-                        dh_shared_secret.as_bytes()
-                    );
-
                    let keys = KeysAfterServerHello::compute(
                        dh_shared_secret,
                        *cipher_suite,
@ -328,6 +328,7 @@ impl<W: Read + Write> ClientSetupConnection<W> {
                    }
                }
                ConnectState::WaitEncryptedExtensions { keys } => {
+                    self.stream.key_change();
                    let (frame, seq_id) = self.stream.read_record()?;
                    if frame.should_drop() {
                        continue;
@ -340,7 +341,7 @@ impl<W: Read + Write> ClientSetupConnection<W> {
                        return unexpected_message!("expected ApplicationData, got {frame:?}");
                    };
                    // Encrypted with server_handshake_traffic_secret
-                    crypto::aead::decrypt_ciphertext(
+                    let inner = crypto::aead::decrypt_ciphertext(
                        &encrypted_record,
                        &keys
                            .borrow()