tttls1.3 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (93) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +16 -0
  3. data/.rspec +3 -0
  4. data/.rubocop.yml +16 -0
  5. data/.travis.yml +8 -0
  6. data/Gemfile +13 -0
  7. data/LICENSE.txt +21 -0
  8. data/README.md +52 -0
  9. data/Rakefile +133 -0
  10. data/example/helper.rb +17 -0
  11. data/example/https_client.rb +32 -0
  12. data/example/https_client_using_0rtt.rb +64 -0
  13. data/example/https_client_using_hrr.rb +35 -0
  14. data/example/https_client_using_ticket.rb +56 -0
  15. data/lib/tttls1.3/cipher_suites.rb +102 -0
  16. data/lib/tttls1.3/client.rb +745 -0
  17. data/lib/tttls1.3/connection.rb +380 -0
  18. data/lib/tttls1.3/cryptograph/aead.rb +118 -0
  19. data/lib/tttls1.3/cryptograph/passer.rb +22 -0
  20. data/lib/tttls1.3/cryptograph.rb +3 -0
  21. data/lib/tttls1.3/error.rb +22 -0
  22. data/lib/tttls1.3/key_schedule.rb +242 -0
  23. data/lib/tttls1.3/message/alert.rb +86 -0
  24. data/lib/tttls1.3/message/application_data.rb +27 -0
  25. data/lib/tttls1.3/message/certificate.rb +121 -0
  26. data/lib/tttls1.3/message/certificate_verify.rb +59 -0
  27. data/lib/tttls1.3/message/change_cipher_spec.rb +26 -0
  28. data/lib/tttls1.3/message/client_hello.rb +100 -0
  29. data/lib/tttls1.3/message/encrypted_extensions.rb +65 -0
  30. data/lib/tttls1.3/message/end_of_early_data.rb +29 -0
  31. data/lib/tttls1.3/message/extension/alpn.rb +70 -0
  32. data/lib/tttls1.3/message/extension/cookie.rb +47 -0
  33. data/lib/tttls1.3/message/extension/early_data_indication.rb +58 -0
  34. data/lib/tttls1.3/message/extension/key_share.rb +236 -0
  35. data/lib/tttls1.3/message/extension/pre_shared_key.rb +205 -0
  36. data/lib/tttls1.3/message/extension/psk_key_exchange_modes.rb +54 -0
  37. data/lib/tttls1.3/message/extension/record_size_limit.rb +46 -0
  38. data/lib/tttls1.3/message/extension/server_name.rb +91 -0
  39. data/lib/tttls1.3/message/extension/signature_algorithms.rb +69 -0
  40. data/lib/tttls1.3/message/extension/signature_algorithms_cert.rb +25 -0
  41. data/lib/tttls1.3/message/extension/status_request.rb +106 -0
  42. data/lib/tttls1.3/message/extension/supported_groups.rb +145 -0
  43. data/lib/tttls1.3/message/extension/supported_versions.rb +98 -0
  44. data/lib/tttls1.3/message/extension/unknown_extension.rb +38 -0
  45. data/lib/tttls1.3/message/extensions.rb +173 -0
  46. data/lib/tttls1.3/message/finished.rb +44 -0
  47. data/lib/tttls1.3/message/new_session_ticket.rb +89 -0
  48. data/lib/tttls1.3/message/record.rb +232 -0
  49. data/lib/tttls1.3/message/server_hello.rb +116 -0
  50. data/lib/tttls1.3/message.rb +48 -0
  51. data/lib/tttls1.3/sequence_number.rb +31 -0
  52. data/lib/tttls1.3/signature_scheme.rb +31 -0
  53. data/lib/tttls1.3/transcript.rb +69 -0
  54. data/lib/tttls1.3/utils.rb +91 -0
  55. data/lib/tttls1.3/version.rb +5 -0
  56. data/lib/tttls1.3.rb +16 -0
  57. data/spec/aead_spec.rb +95 -0
  58. data/spec/alert_spec.rb +54 -0
  59. data/spec/alpn_spec.rb +55 -0
  60. data/spec/application_data_spec.rb +26 -0
  61. data/spec/certificate_spec.rb +55 -0
  62. data/spec/certificate_verify_spec.rb +51 -0
  63. data/spec/change_cipher_spec_spec.rb +26 -0
  64. data/spec/cipher_suites_spec.rb +39 -0
  65. data/spec/client_hello_spec.rb +83 -0
  66. data/spec/client_spec.rb +319 -0
  67. data/spec/connection_spec.rb +114 -0
  68. data/spec/cookie_spec.rb +98 -0
  69. data/spec/early_data_indication_spec.rb +64 -0
  70. data/spec/encrypted_extensions_spec.rb +94 -0
  71. data/spec/error_spec.rb +18 -0
  72. data/spec/extensions_spec.rb +170 -0
  73. data/spec/finished_spec.rb +55 -0
  74. data/spec/key_schedule_spec.rb +198 -0
  75. data/spec/key_share_spec.rb +199 -0
  76. data/spec/new_session_ticket_spec.rb +80 -0
  77. data/spec/pre_shared_key_spec.rb +167 -0
  78. data/spec/psk_key_exchange_modes_spec.rb +45 -0
  79. data/spec/record_size_limit_spec.rb +61 -0
  80. data/spec/record_spec.rb +105 -0
  81. data/spec/server_hello_spec.rb +101 -0
  82. data/spec/server_name_spec.rb +110 -0
  83. data/spec/signature_algorithms_cert_spec.rb +73 -0
  84. data/spec/signature_algorithms_spec.rb +100 -0
  85. data/spec/spec_helper.rb +872 -0
  86. data/spec/status_request_spec.rb +73 -0
  87. data/spec/supported_groups_spec.rb +79 -0
  88. data/spec/supported_versions_spec.rb +136 -0
  89. data/spec/transcript_spec.rb +69 -0
  90. data/spec/unknown_extension_spec.rb +90 -0
  91. data/spec/utils_spec.rb +215 -0
  92. data/tttls1.3.gemspec +25 -0
  93. metadata +197 -0
@@ -0,0 +1,73 @@
1
+ # encoding: ascii-8bit
2
+ # frozen_string_literal: true
3
+
4
+ require 'spec_helper'
5
+ using Refinements
6
+
7
+ RSpec.describe SignatureAlgorithmsCert do
8
+ context 'valid signature_algorithms' do
9
+ let(:supported_signature_algorithms) do
10
+ [
11
+ SignatureScheme::ECDSA_SECP256R1_SHA256,
12
+ SignatureScheme::RSA_PSS_RSAE_SHA256,
13
+ SignatureScheme::RSA_PKCS1_SHA256,
14
+ SignatureScheme::ECDSA_SECP384R1_SHA384,
15
+ SignatureScheme::RSA_PSS_RSAE_SHA384,
16
+ SignatureScheme::RSA_PKCS1_SHA384,
17
+ SignatureScheme::RSA_PSS_RSAE_SHA512,
18
+ SignatureScheme::RSA_PKCS1_SHA512
19
+ ]
20
+ end
21
+
22
+ let(:extension) do
23
+ SignatureAlgorithmsCert.new(supported_signature_algorithms)
24
+ end
25
+
26
+ it 'should be generated' do
27
+ expect(extension.extension_type)
28
+ .to eq ExtensionType::SIGNATURE_ALGORITHMS_CERT
29
+ expect(extension.supported_signature_algorithms)
30
+ .to eq supported_signature_algorithms
31
+ end
32
+
33
+ it 'should be serialized' do
34
+ expect(extension.serialize)
35
+ .to eq ExtensionType::SIGNATURE_ALGORITHMS_CERT \
36
+ + 18.to_uint16 \
37
+ + 16.to_uint16 \
38
+ + supported_signature_algorithms.join
39
+ end
40
+ end
41
+
42
+ context 'valid signature_algorithms binary' do
43
+ let(:extension) do
44
+ SignatureAlgorithmsCert.deserialize(TESTBINARY_SIGNATURE_ALGORITHMS_CERT)
45
+ end
46
+
47
+ let(:supported_signature_algorithms) do
48
+ [
49
+ SignatureScheme::ECDSA_SECP256R1_SHA256,
50
+ SignatureScheme::RSA_PSS_RSAE_SHA256,
51
+ SignatureScheme::RSA_PKCS1_SHA256,
52
+ SignatureScheme::ECDSA_SECP384R1_SHA384,
53
+ SignatureScheme::RSA_PSS_RSAE_SHA384,
54
+ SignatureScheme::RSA_PKCS1_SHA384,
55
+ SignatureScheme::RSA_PSS_RSAE_SHA512,
56
+ SignatureScheme::RSA_PKCS1_SHA512
57
+ ]
58
+ end
59
+
60
+ it 'should generate valid object' do
61
+ expect(extension.extension_type)
62
+ .to eq ExtensionType::SIGNATURE_ALGORITHMS_CERT
63
+ expect(extension.supported_signature_algorithms)
64
+ .to eq supported_signature_algorithms
65
+ end
66
+
67
+ it 'should generate serializable object' do
68
+ expect(extension.serialize)
69
+ .to eq ExtensionType::SIGNATURE_ALGORITHMS_CERT \
70
+ + TESTBINARY_SIGNATURE_ALGORITHMS_CERT.prefix_uint16_length
71
+ end
72
+ end
73
+ end
@@ -0,0 +1,100 @@
1
+ # encoding: ascii-8bit
2
+ # frozen_string_literal: true
3
+
4
+ require 'spec_helper'
5
+ using Refinements
6
+
7
+ RSpec.describe SignatureAlgorithms do
8
+ context 'valid signature_algorithms' do
9
+ let(:supported_signature_algorithms) do
10
+ [
11
+ SignatureScheme::ECDSA_SECP256R1_SHA256,
12
+ SignatureScheme::RSA_PSS_RSAE_SHA256,
13
+ SignatureScheme::RSA_PKCS1_SHA256,
14
+ SignatureScheme::ECDSA_SECP384R1_SHA384,
15
+ SignatureScheme::RSA_PSS_RSAE_SHA384,
16
+ SignatureScheme::RSA_PKCS1_SHA384,
17
+ SignatureScheme::RSA_PSS_RSAE_SHA512,
18
+ SignatureScheme::RSA_PKCS1_SHA512
19
+ ]
20
+ end
21
+
22
+ let(:extension) do
23
+ SignatureAlgorithms.new(supported_signature_algorithms)
24
+ end
25
+
26
+ it 'should be generated' do
27
+ expect(extension.extension_type).to eq ExtensionType::SIGNATURE_ALGORITHMS
28
+ expect(extension.supported_signature_algorithms)
29
+ .to eq supported_signature_algorithms
30
+ end
31
+
32
+ it 'should be serialized' do
33
+ expect(extension.serialize).to eq ExtensionType::SIGNATURE_ALGORITHMS \
34
+ + 18.to_uint16 \
35
+ + 16.to_uint16 \
36
+ + supported_signature_algorithms.join
37
+ end
38
+ end
39
+
40
+ context 'invalid signature_algorithms, empty,' do
41
+ let(:extension) do
42
+ SignatureAlgorithms.new([])
43
+ end
44
+
45
+ it 'should not be generated' do
46
+ expect { extension }.to raise_error(ErrorAlerts)
47
+ end
48
+ end
49
+
50
+ context 'invalid signature_algorithms, too long,' do
51
+ let(:extension) do
52
+ SignatureAlgorithms.new((0..2**15 - 2).to_a.map(&:to_uint16))
53
+ end
54
+
55
+ it 'should not be generated' do
56
+ expect { extension }.to raise_error(ErrorAlerts)
57
+ end
58
+ end
59
+
60
+ context 'valid signature_algorithms binary' do
61
+ let(:extension) do
62
+ SignatureAlgorithms.deserialize(TESTBINARY_SIGNATURE_ALGORITHMS)
63
+ end
64
+
65
+ let(:supported_signature_algorithms) do
66
+ [
67
+ SignatureScheme::ECDSA_SECP256R1_SHA256,
68
+ SignatureScheme::RSA_PSS_RSAE_SHA256,
69
+ SignatureScheme::RSA_PKCS1_SHA256,
70
+ SignatureScheme::ECDSA_SECP384R1_SHA384,
71
+ SignatureScheme::RSA_PSS_RSAE_SHA384,
72
+ SignatureScheme::RSA_PKCS1_SHA384,
73
+ SignatureScheme::RSA_PSS_RSAE_SHA512,
74
+ SignatureScheme::RSA_PKCS1_SHA512
75
+ ]
76
+ end
77
+
78
+ it 'should generate valid object' do
79
+ expect(extension.extension_type).to eq ExtensionType::SIGNATURE_ALGORITHMS
80
+ expect(extension.supported_signature_algorithms)
81
+ .to eq supported_signature_algorithms
82
+ end
83
+
84
+ it 'should generate serializable object' do
85
+ expect(extension.serialize)
86
+ .to eq ExtensionType::SIGNATURE_ALGORITHMS \
87
+ + TESTBINARY_SIGNATURE_ALGORITHMS.prefix_uint16_length
88
+ end
89
+ end
90
+
91
+ context 'invalid signature_algorithms binary, malformed binary,' do
92
+ let(:extension) do
93
+ SignatureAlgorithms.deserialize(TESTBINARY_SIGNATURE_ALGORITHMS[0...-1])
94
+ end
95
+
96
+ it 'should return nil' do
97
+ expect(extension).to be nil
98
+ end
99
+ end
100
+ end