echspec 0.0.1

data/lib/echspec/spec.rb

@@ -0,0 +1,170 @@
+module EchSpec
+  module Spec
+    class << self
+      using Refinements
+
+      # @param msg [TTTLS13::Message::Record]
+      # @param desc [Symbol]
+      #
+      # @return [Boolean]
+      def expect_alert(msg, desc)
+        msg.is_a?(TTTLS13::Message::Alert) &&
+          msg.description == TTTLS13::Message::ALERT_DESCRIPTION[desc]
+      end
+
+      ResultDesc = Struct.new(:result, :desc)
+
+      # @param rds [Array of ResultDesc] result: EchSpec::Ok | Err, desc: String
+      # @param verbose [Boolean]
+      def print_results(rds, verbose)
+        rds.each { |rd| print_summary(rd.result, rd.desc) }
+        failures = rds.filter { |rd| rd.result.is_a? Err }
+        return if failures.empty?
+
+        puts
+        puts 'Failures:'
+        puts
+        failures.each
+                .with_index { |rd, idx| print_err_details(rd.result, idx, rd.desc, verbose) }
+        puts "#{failures.length} failure".red
+      end
+
+      # @param result [EchSpec::Ok | Err]
+      # @param desc [String]
+      def print_summary(result, desc)
+        check = "\u2714"
+        cross = "\u0078"
+        summary = case result
+                  in Ok
+                    "\t#{check} #{desc}".green
+                  in Err
+                    "\t#{cross} #{desc}".red
+                  end
+        puts summary
+      end
+
+      # @param err [EchSpec::Err]
+      # @param idx [Integer]
+      # @param desc [String]
+      # @param verbose [Boolean]
+      def print_err_details(err, idx, desc, verbose)
+        puts "\t#{idx + 1}) #{desc}"
+        puts "\t\t#{err.details}"
+        warn err.message_stack if verbose && !err.message_stack.nil?
+        puts
+      end
+    end
+
+    class WithSocket
+      def with_socket(hostname, port)
+        socket = TCPSocket.new(hostname, port)
+        yield(socket)
+      rescue Timeout::Error
+        Err.new("#{hostname}:#{port} connection timeout", message_stack)
+      rescue Errno::ECONNREFUSED
+        Err.new("#{hostname}:#{port} connection refused", message_stack)
+      rescue Error::BeforeTargetSituationError => e
+        Err.new(e.message, message_stack)
+      ensure
+        socket&.close
+      end
+
+      def initialize
+        @stack = Log::MessageStack.new
+      end
+
+      def message_stack
+        @stack.marshal
+      end
+    end
+  end
+end
+
+Dir["#{File.dirname(__FILE__)}/spec/*.rb"].sort.each { |f| require f }
+
+module EchSpec
+  module Spec
+    class << self
+      using Refinements
+
+      # @param fpath [String | NilClass]
+      # @param port [Integer]
+      # @param hostname [String]
+      # @param force_compliant [Boolean]
+      # @param verbose [Boolean]
+      def run(fpath, port, hostname, force_compliant, verbose)
+        TTTLS13::Logging.logger.level = Logger::WARN
+        puts 'TLS Encrypted Client Hello Server'
+        ech_config = try_get_ech_config(fpath, hostname, force_compliant)
+
+        do_run(port, hostname, ech_config, spec_groups, verbose)
+      end
+
+      # @param fpath [String | NilClass]
+      # @param port [Integer]
+      # @param hostname [String]
+      # @param sections [Array of String]
+      # @param verbose [Boolean]
+      def run_only(fpath, port, hostname, sections, verbose)
+        targets = spec_groups.filter { |g| sections.include?(g.section) }
+        force_compliant = sections.include?(Spec9.section)
+
+        TTTLS13::Logging.logger.level = Logger::WARN
+        puts 'TLS Encrypted Client Hello Server'
+        ech_config = try_get_ech_config(fpath, hostname, force_compliant)
+
+        do_run(port, hostname, ech_config, targets, verbose)
+      end
+
+      # @param port [Integer]
+      # @param hostname [String]
+      # @param ech_config [ECHConfig]
+      # @param targets [Array of EchSpec::SpecGroup]
+      # @param verbose [Boolean]
+      def do_run(port, hostname, ech_config, targets, verbose)
+        rds = targets.flat_map do |g|
+          g.spec_cases.map do |sc|
+            r = sc.method.call(hostname, port, ech_config)
+            d = "#{sc.description} [#{g.section}]"
+            ResultDesc.new(result: r, desc: d)
+          end
+        end
+
+        print_results(rds, verbose)
+      end
+
+      # @param fpath [String | NilClass]
+      # @param hostname [String]
+      # @param force_compliant [Boolean]
+      #
+      # @return [ECHConfig]
+      def try_get_ech_config(fpath, hostname, force_compliant)
+        # https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni-22#section-9
+        case result = Spec9.try_get_ech_config(fpath, hostname, force_compliant)
+        in Ok(obj) if force_compliant
+          result.tap { |r| print_summary(r, "#{Spec9.description} [#{Spec9.section}]") }
+          obj
+        in Ok(obj)
+          obj
+        in Err(details, _)
+          puts "\t#{details}".red
+          exit 1
+        end
+      end
+
+      def spec_groups
+        # https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni-22#section-5
+        groups = [Spec5_1_9, Spec5_1_10]
+
+        # https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni-22#section-7
+        groups += [Spec7_5, Spec7_1_11, Spec7_1_14_2_1, Spec7_1_1_2, Spec7_1_1_5]
+
+        groups.map(&:spec_group)
+      end
+
+      def sections
+        (spec_groups + [Spec9]).map(&:section)
+      end
+    end
+  end
+end

data/lib/echspec/spec_case.rb

@@ -0,0 +1,10 @@
+module EchSpec
+  class SpecCase
+    attr_reader :description, :method
+
+    def initialize(description, method)
+      @description = description
+      @method = method
+    end
+  end
+end

data/lib/echspec/spec_group.rb

@@ -0,0 +1,10 @@
+module EchSpec
+  class SpecGroup
+    attr_reader :section, :spec_cases
+
+    def initialize(section, spec_cases)
+      @section = section
+      @spec_cases = spec_cases
+    end
+  end
+end

data/lib/echspec/tls13_client.rb

@@ -0,0 +1,167 @@
+module EchSpec
+  module TLS13Client
+    class Connection < TTTLS13::Connection
+      # @param socket [Socket]
+      # @param side [:client or :server]
+
+      # @param cipher [TTTLS13::Cryptograph::$Object]
+      #
+      # @return [TTTLS13::Message::$Object]
+      # @return [String]
+      def recv_message(cipher)
+        return @message_queue.shift unless @message_queue.empty?
+
+        messages = nil
+        orig_msgs = []
+        loop do
+          record, orig_msgs = recv_record(cipher)
+          messages = record.messages
+          break unless messages.empty?
+        end
+
+        @message_queue += messages[1..].zip(orig_msgs[1..])
+        message = messages.first
+        orig_msg = orig_msgs.first
+
+        [message, orig_msg]
+      end
+    end
+
+    class << self
+      # @param hostname [String]
+      #
+      # @return [TTTLS13::Message::Extensions]
+      # @return [Hash of NamedGroup => OpenSSL::PKey::EC.$Object]
+      def gen_ch_extensions(hostname)
+        exs = TTTLS13::Message::Extensions.new
+        # server_name
+        exs << TTTLS13::Message::Extension::ServerName.new(hostname)
+
+        # supported_versions: only TLS 1.3
+        exs << TTTLS13::Message::Extension::SupportedVersions.new(
+          msg_type: TTTLS13::Message::HandshakeType::CLIENT_HELLO
+        )
+
+        # signature_algorithms
+        exs << TTTLS13::Message::Extension::SignatureAlgorithms.new(
+          [
+            TTTLS13::SignatureScheme::ECDSA_SECP256R1_SHA256,
+            TTTLS13::SignatureScheme::ECDSA_SECP384R1_SHA384,
+            TTTLS13::SignatureScheme::ECDSA_SECP521R1_SHA512,
+            TTTLS13::SignatureScheme::RSA_PSS_RSAE_SHA256,
+            TTTLS13::SignatureScheme::RSA_PSS_RSAE_SHA384,
+            TTTLS13::SignatureScheme::RSA_PSS_RSAE_SHA512,
+            TTTLS13::SignatureScheme::RSA_PKCS1_SHA256,
+            TTTLS13::SignatureScheme::RSA_PKCS1_SHA384,
+            TTTLS13::SignatureScheme::RSA_PKCS1_SHA512
+          ]
+        )
+
+        # supported_groups
+        groups = [
+          TTTLS13::NamedGroup::SECP256R1,
+          TTTLS13::NamedGroup::SECP384R1,
+          TTTLS13::NamedGroup::SECP521R1
+        ]
+        exs << TTTLS13::Message::Extension::SupportedGroups.new(groups)
+
+        # key_share
+        key_share, priv_keys = TTTLS13::Message::Extension::KeyShare.gen_ch_key_share(
+          groups
+        )
+        exs << key_share
+
+        [exs, priv_keys]
+      end
+
+      # @param ch1 [TTTLS13::Message::ClientHello]
+      # @param hrr [TTTLS13::Message::ServerHello]
+      #
+      # @return [TTTLS13::Message::Extensions]
+      def gen_newch_extensions(ch1, hrr)
+        exs = TTTLS13::Message::Extensions.new
+        # key_share
+        if hrr.extensions.include?(TTTLS13::Message::ExtensionType::KEY_SHARE)
+          group = hrr.extensions[TTTLS13::Message::ExtensionType::KEY_SHARE]
+                     .key_share_entry.first.group
+          key_share, = TTTLS13::Message::Extension::KeyShare.gen_ch_key_share([group])
+          exs << key_share
+        end
+
+        # cookie
+        exs << hrr.extensions[TTTLS13::Message::ExtensionType::COOKIE] \
+          if hrr.extensions.include?(TTTLS13::Message::ExtensionType::COOKIE)
+
+        ch1.extensions.merge(exs)
+      end
+
+      # @param conf [ECHConfig::ECHConfigContents::HpkeKeyConfig]
+      #
+      # @return [Boolean]
+      def select_ech_hpke_cipher_suite(conf)
+        TTTLS13::STANDARD_CLIENT_ECH_HPKE_SYMMETRIC_CIPHER_SUITES.find do |cs|
+          conf.cipher_suites.include?(cs)
+        end
+      end
+
+      # @param socket [TCPSocket]
+      # @param hostname [String]
+      # @param ech_config [ECHConfig]
+      # @param stack [EchSpec::Log::MessageStack]
+      #
+      # @raise [EchSpec::Error::BeforeTargetSituationError]
+      #
+      # @return [EchSpec::TLS13Client::Connection]
+      # @return [TTTLS13::Message::ClientHello] ClientHelloInner
+      # @return [TTTLS13::Message::ClientHello]
+      # @return [TTTLS13::Message::ServerHello] HelloRetryRequest
+      # @return [TTTLS13::EchState]
+      # rubocop: disable Metrics/MethodLength
+      def recv_hrr(socket, hostname, ech_config, stack)
+        # send 1st ClientHello
+        conn = TLS13Client::Connection.new(socket, :client)
+        inner_ech = TTTLS13::Message::Extension::ECHClientHello.new_inner
+        exs, = TLS13Client.gen_ch_extensions(hostname)
+        # for HRR
+        key_share = TTTLS13::Message::Extension::KeyShare.new(
+          msg_type: TTTLS13::Message::HandshakeType::CLIENT_HELLO,
+          key_share_entry: [] # empty client_shares vector
+        )
+        exs[TTTLS13::Message::ExtensionType::KEY_SHARE] = key_share
+        inner = TTTLS13::Message::ClientHello.new(
+          cipher_suites: TTTLS13::CipherSuites.new(
+            [
+              TTTLS13::CipherSuite::TLS_AES_256_GCM_SHA384,
+              TTTLS13::CipherSuite::TLS_CHACHA20_POLY1305_SHA256,
+              TTTLS13::CipherSuite::TLS_AES_128_GCM_SHA256
+            ]
+          ),
+          extensions: exs.merge(
+            TTTLS13::Message::ExtensionType::ENCRYPTED_CLIENT_HELLO => inner_ech
+          )
+        )
+        stack << inner
+
+        selector = proc { |x| TLS13Client.select_ech_hpke_cipher_suite(x) }
+        ch, _inner, ech_state = TTTLS13::Ech.offer_ech(inner, ech_config, selector)
+        conn.send_record(
+          TTTLS13::Message::Record.new(
+            type: TTTLS13::Message::ContentType::HANDSHAKE,
+            messages: [ch],
+            cipher: TTTLS13::Cryptograph::Passer.new
+          )
+        )
+        stack << ch
+
+        # receive HelloRetryRequest
+        recv, = conn.recv_message(TTTLS13::Cryptograph::Passer.new)
+        stack << recv
+        raise Error::BeforeTargetSituationError, 'did not send expected handshake message: HelloRetryRequest' \
+          unless recv.is_a?(TTTLS13::Message::ServerHello) && recv.hrr?
+
+        [conn, inner, ch, recv, ech_state]
+      end
+      # rubocop: enable Metrics/MethodLength
+    end
+  end
+end

data/lib/echspec/utils.rb

@@ -0,0 +1,21 @@
+module EchSpec
+  module Refinements
+    refine String do
+      def colorize(code)
+        "\e[#{code}m#{self}\e[0m"
+      end
+
+      def red
+        colorize(31)
+      end
+
+      def green
+        colorize(32)
+      end
+
+      def yellow
+        colorize(33)
+      end
+    end
+  end
+end

data/lib/echspec/version.rb

@@ -0,0 +1,3 @@
+module EchSpec
+  VERSION = '0.0.1'.freeze
+end

data/lib/echspec.rb

@@ -0,0 +1,16 @@
+require 'base64'
+require 'optparse'
+require 'resolv'
+require 'timeout'
+require 'tttls1.3'
+
+require 'echspec/version'
+require 'echspec/utils'
+require 'echspec/log'
+require 'echspec/error'
+require 'echspec/result'
+require 'echspec/tls13_client'
+require 'echspec/spec_case'
+require 'echspec/spec_group'
+require 'echspec/spec'
+require 'echspec/cli'

data/spec/9_spec.rb

@@ -0,0 +1,13 @@
+require_relative 'spec_helper'
+
+RSpec.describe EchSpec::Spec::Spec9 do
+  context 'parse_pem' do
+    let(:pem) do
+      File.open("#{__dir__}/../fixtures/echconfigs.pem").read
+    end
+
+    it 'could parse' do
+      expect(EchSpec::Spec::Spec9.send(:parse_pem, pem)).to be_a EchSpec::Ok
+    end
+  end
+end

data/spec/log_spec.rb

@@ -0,0 +1,58 @@
+require_relative 'spec_helper'
+
+RSpec.describe EchSpec::Log::MessageStack do
+  context 'obj2json' do
+    let(:crt) do
+      File.open("#{__dir__}/../fixtures/server.crt").read
+    end
+
+    it 'should convert' do
+      expect(EchSpec::Log::MessageStack.obj2json(OpenSSL::X509::Certificate.new(crt)))
+        .to eq "#{crt.split("\n").join('\n')}\\n"
+    end
+
+    it 'should convert' do
+      expect(EchSpec::Log::MessageStack.obj2json(1)).to eq '1'
+    end
+
+    it 'should convert' do
+      expect(EchSpec::Log::MessageStack.obj2json(0.1)).to eq '0.1'
+    end
+
+    it 'should convert' do
+      expect(EchSpec::Log::MessageStack.obj2json(true)).to eq 'true'
+    end
+
+    it 'should convert' do
+      expect(EchSpec::Log::MessageStack.obj2json(false)).to eq 'false'
+    end
+
+    it 'should convert' do
+      expect(EchSpec::Log::MessageStack.obj2json('')).to eq '""'
+    end
+
+    it 'should convert' do
+      expect(EchSpec::Log::MessageStack.obj2json('string')).to eq '"0x737472696e67"'
+    end
+
+    it 'should convert' do
+      expect(EchSpec::Log::MessageStack.obj2json(nil)).to eq 'null'
+    end
+
+    it 'should convert' do
+      expect(EchSpec::Log::MessageStack.obj2json([1, true, '', 'string', nil])).to eq '[1,true,"","0x737472696e67",null]'
+    end
+
+    it 'should convert' do
+      expect(EchSpec::Log::MessageStack.obj2json(1 => true, '' => 'string', nil => [])).to eq '{1:true,"":"0x737472696e67",null:[]}'
+    end
+
+    it 'should convert' do
+      expect(EchSpec::Log::MessageStack.obj2json(C.new('string'))).to eq '{"name":"0x737472696e67"}'
+    end
+
+    it 'should convert' do
+      expect(EchSpec::Log::MessageStack.obj2json(D.new)).to eq '"$D"'
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,12 @@
+RSpec.configure(&:disable_monkey_patching!)
+
+require 'echspec'
+
+class C
+  def initialize(name)
+    @name = name
+  end
+end
+
+class D
+end

data/spec/with_socket_spec.rb

@@ -0,0 +1,77 @@
+require_relative 'spec_helper'
+
+module EchSpec
+  module Spec
+    class SpecX < WithSocket
+      def validate(hostname, port)
+        with_socket(hostname, port) do |_socket|
+          # not return
+        end
+      end
+    end
+
+    class SpecY < WithSocket
+      def validate(hostname, port)
+        with_socket(hostname, port) do |_socket|
+          return EchSpec::Ok.new(1)
+        end
+      end
+    end
+
+    class SpecZ < WithSocket
+      def validate(hostname, port)
+        with_socket(hostname, port) do |_socket|
+          msg = TTTLS13::Message::Alert.new(
+            level: TTTLS13::Message::AlertLevel::FATAL,
+            description: "\x0a"
+          )
+          return EchSpec::Err.new('details', [msg])
+        end
+      end
+    end
+
+    class SpecW < WithSocket
+      def validate(hostname, port)
+        with_socket(hostname, port) do |_socket|
+          raise EchSpec::Error::BeforeTargetSituationError, 'not received ClientHello'
+        end
+      end
+    end
+  end
+end
+
+RSpec.describe EchSpec::Spec::WithSocket do
+  context 'with_socket' do
+    before do
+      socket = StringIO.new
+      allow(TCPSocket).to receive(:new).and_return(socket)
+    end
+
+    it 'should return nil' do
+      result = EchSpec::Spec::SpecX.new.validate('localhost', 4433)
+      expect(result).to eq nil
+    end
+
+    it 'should return Ok(1)' do
+      result = EchSpec::Spec::SpecY.new.validate('localhost', 4433)
+      expect(result).to be_a EchSpec::Ok
+      expect(result.obj).to eq 1
+    end
+
+    it 'should return Err(details, message_stack)' do
+      result = EchSpec::Spec::SpecZ.new.validate('localhost', 4433)
+      expect(result).to be_a EchSpec::Err
+      expect(result.details).to eq 'details'
+      expect(result.message_stack.length).to be 1
+      expect(result.message_stack.first.level).to be TTTLS13::Message::AlertLevel::FATAL
+      expect(result.message_stack.first.description).to eq "\x0a"
+    end
+
+    it 'should return Err(details, message_stack), raised BeforeTargetSituationError' do
+      result = EchSpec::Spec::SpecW.new.validate('localhost', 4433)
+      expect(result).to be_a EchSpec::Err
+      expect(result.details).to eq 'not received ClientHello'
+      expect(result.message_stack).to eq '{}'
+    end
+  end
+end