tttls1.3 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (93) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +16 -0
  3. data/.rspec +3 -0
  4. data/.rubocop.yml +16 -0
  5. data/.travis.yml +8 -0
  6. data/Gemfile +13 -0
  7. data/LICENSE.txt +21 -0
  8. data/README.md +52 -0
  9. data/Rakefile +133 -0
  10. data/example/helper.rb +17 -0
  11. data/example/https_client.rb +32 -0
  12. data/example/https_client_using_0rtt.rb +64 -0
  13. data/example/https_client_using_hrr.rb +35 -0
  14. data/example/https_client_using_ticket.rb +56 -0
  15. data/lib/tttls1.3/cipher_suites.rb +102 -0
  16. data/lib/tttls1.3/client.rb +745 -0
  17. data/lib/tttls1.3/connection.rb +380 -0
  18. data/lib/tttls1.3/cryptograph/aead.rb +118 -0
  19. data/lib/tttls1.3/cryptograph/passer.rb +22 -0
  20. data/lib/tttls1.3/cryptograph.rb +3 -0
  21. data/lib/tttls1.3/error.rb +22 -0
  22. data/lib/tttls1.3/key_schedule.rb +242 -0
  23. data/lib/tttls1.3/message/alert.rb +86 -0
  24. data/lib/tttls1.3/message/application_data.rb +27 -0
  25. data/lib/tttls1.3/message/certificate.rb +121 -0
  26. data/lib/tttls1.3/message/certificate_verify.rb +59 -0
  27. data/lib/tttls1.3/message/change_cipher_spec.rb +26 -0
  28. data/lib/tttls1.3/message/client_hello.rb +100 -0
  29. data/lib/tttls1.3/message/encrypted_extensions.rb +65 -0
  30. data/lib/tttls1.3/message/end_of_early_data.rb +29 -0
  31. data/lib/tttls1.3/message/extension/alpn.rb +70 -0
  32. data/lib/tttls1.3/message/extension/cookie.rb +47 -0
  33. data/lib/tttls1.3/message/extension/early_data_indication.rb +58 -0
  34. data/lib/tttls1.3/message/extension/key_share.rb +236 -0
  35. data/lib/tttls1.3/message/extension/pre_shared_key.rb +205 -0
  36. data/lib/tttls1.3/message/extension/psk_key_exchange_modes.rb +54 -0
  37. data/lib/tttls1.3/message/extension/record_size_limit.rb +46 -0
  38. data/lib/tttls1.3/message/extension/server_name.rb +91 -0
  39. data/lib/tttls1.3/message/extension/signature_algorithms.rb +69 -0
  40. data/lib/tttls1.3/message/extension/signature_algorithms_cert.rb +25 -0
  41. data/lib/tttls1.3/message/extension/status_request.rb +106 -0
  42. data/lib/tttls1.3/message/extension/supported_groups.rb +145 -0
  43. data/lib/tttls1.3/message/extension/supported_versions.rb +98 -0
  44. data/lib/tttls1.3/message/extension/unknown_extension.rb +38 -0
  45. data/lib/tttls1.3/message/extensions.rb +173 -0
  46. data/lib/tttls1.3/message/finished.rb +44 -0
  47. data/lib/tttls1.3/message/new_session_ticket.rb +89 -0
  48. data/lib/tttls1.3/message/record.rb +232 -0
  49. data/lib/tttls1.3/message/server_hello.rb +116 -0
  50. data/lib/tttls1.3/message.rb +48 -0
  51. data/lib/tttls1.3/sequence_number.rb +31 -0
  52. data/lib/tttls1.3/signature_scheme.rb +31 -0
  53. data/lib/tttls1.3/transcript.rb +69 -0
  54. data/lib/tttls1.3/utils.rb +91 -0
  55. data/lib/tttls1.3/version.rb +5 -0
  56. data/lib/tttls1.3.rb +16 -0
  57. data/spec/aead_spec.rb +95 -0
  58. data/spec/alert_spec.rb +54 -0
  59. data/spec/alpn_spec.rb +55 -0
  60. data/spec/application_data_spec.rb +26 -0
  61. data/spec/certificate_spec.rb +55 -0
  62. data/spec/certificate_verify_spec.rb +51 -0
  63. data/spec/change_cipher_spec_spec.rb +26 -0
  64. data/spec/cipher_suites_spec.rb +39 -0
  65. data/spec/client_hello_spec.rb +83 -0
  66. data/spec/client_spec.rb +319 -0
  67. data/spec/connection_spec.rb +114 -0
  68. data/spec/cookie_spec.rb +98 -0
  69. data/spec/early_data_indication_spec.rb +64 -0
  70. data/spec/encrypted_extensions_spec.rb +94 -0
  71. data/spec/error_spec.rb +18 -0
  72. data/spec/extensions_spec.rb +170 -0
  73. data/spec/finished_spec.rb +55 -0
  74. data/spec/key_schedule_spec.rb +198 -0
  75. data/spec/key_share_spec.rb +199 -0
  76. data/spec/new_session_ticket_spec.rb +80 -0
  77. data/spec/pre_shared_key_spec.rb +167 -0
  78. data/spec/psk_key_exchange_modes_spec.rb +45 -0
  79. data/spec/record_size_limit_spec.rb +61 -0
  80. data/spec/record_spec.rb +105 -0
  81. data/spec/server_hello_spec.rb +101 -0
  82. data/spec/server_name_spec.rb +110 -0
  83. data/spec/signature_algorithms_cert_spec.rb +73 -0
  84. data/spec/signature_algorithms_spec.rb +100 -0
  85. data/spec/spec_helper.rb +872 -0
  86. data/spec/status_request_spec.rb +73 -0
  87. data/spec/supported_groups_spec.rb +79 -0
  88. data/spec/supported_versions_spec.rb +136 -0
  89. data/spec/transcript_spec.rb +69 -0
  90. data/spec/unknown_extension_spec.rb +90 -0
  91. data/spec/utils_spec.rb +215 -0
  92. data/tttls1.3.gemspec +25 -0
  93. metadata +197 -0
data/spec/signature_algorithms_cert_spec.rb ADDED
@@ -0,0 +1,73 @@
1
+ # encoding: ascii-8bit
2
+ # frozen_string_literal: true
3
+
4
+ require 'spec_helper'
5
+ using Refinements
6
+
7
+ RSpec.describe SignatureAlgorithmsCert do
8
+ context 'valid signature_algorithms' do
9
+ let(:supported_signature_algorithms) do
10
+ [
11
+ SignatureScheme::ECDSA_SECP256R1_SHA256,
12
+ SignatureScheme::RSA_PSS_RSAE_SHA256,
13
+ SignatureScheme::RSA_PKCS1_SHA256,
14
+ SignatureScheme::ECDSA_SECP384R1_SHA384,
15
+ SignatureScheme::RSA_PSS_RSAE_SHA384,
16
+ SignatureScheme::RSA_PKCS1_SHA384,
17
+ SignatureScheme::RSA_PSS_RSAE_SHA512,
18
+ SignatureScheme::RSA_PKCS1_SHA512
19
+ ]
20
+ end
21
+
22
+ let(:extension) do
23
+ SignatureAlgorithmsCert.new(supported_signature_algorithms)
24
+ end
25
+
26
+ it 'should be generated' do
27
+ expect(extension.extension_type)
28
+ .to eq ExtensionType::SIGNATURE_ALGORITHMS_CERT
29
+ expect(extension.supported_signature_algorithms)
30
+ .to eq supported_signature_algorithms
31
+ end
32
+
33
+ it 'should be serialized' do
34
+ expect(extension.serialize)
35
+ .to eq ExtensionType::SIGNATURE_ALGORITHMS_CERT \
36
+ + 18.to_uint16 \
37
+ + 16.to_uint16 \
38
+ + supported_signature_algorithms.join
39
+ end
40
+ end
41
+
42
+ context 'valid signature_algorithms binary' do
43
+ let(:extension) do
44
+ SignatureAlgorithmsCert.deserialize(TESTBINARY_SIGNATURE_ALGORITHMS_CERT)
45
+ end
46
+
47
+ let(:supported_signature_algorithms) do
48
+ [
49
+ SignatureScheme::ECDSA_SECP256R1_SHA256,
50
+ SignatureScheme::RSA_PSS_RSAE_SHA256,
51
+ SignatureScheme::RSA_PKCS1_SHA256,
52
+ SignatureScheme::ECDSA_SECP384R1_SHA384,
53
+ SignatureScheme::RSA_PSS_RSAE_SHA384,
54
+ SignatureScheme::RSA_PKCS1_SHA384,
55
+ SignatureScheme::RSA_PSS_RSAE_SHA512,
56
+ SignatureScheme::RSA_PKCS1_SHA512
57
+ ]
58
+ end
59
+
60
+ it 'should generate valid object' do
61
+ expect(extension.extension_type)
62
+ .to eq ExtensionType::SIGNATURE_ALGORITHMS_CERT
63
+ expect(extension.supported_signature_algorithms)
64
+ .to eq supported_signature_algorithms
65
+ end
66
+
67
+ it 'should generate serializable object' do
68
+ expect(extension.serialize)
69
+ .to eq ExtensionType::SIGNATURE_ALGORITHMS_CERT \
70
+ + TESTBINARY_SIGNATURE_ALGORITHMS_CERT.prefix_uint16_length
71
+ end
72
+ end
73
+ end
data/spec/signature_algorithms_spec.rb ADDED
@@ -0,0 +1,100 @@
1
+ # encoding: ascii-8bit
2
+ # frozen_string_literal: true
3
+
4
+ require 'spec_helper'
5
+ using Refinements
6
+
7
+ RSpec.describe SignatureAlgorithms do
8
+ context 'valid signature_algorithms' do
9
+ let(:supported_signature_algorithms) do
10
+ [
11
+ SignatureScheme::ECDSA_SECP256R1_SHA256,
12
+ SignatureScheme::RSA_PSS_RSAE_SHA256,
13
+ SignatureScheme::RSA_PKCS1_SHA256,
14
+ SignatureScheme::ECDSA_SECP384R1_SHA384,
15
+ SignatureScheme::RSA_PSS_RSAE_SHA384,
16
+ SignatureScheme::RSA_PKCS1_SHA384,
17
+ SignatureScheme::RSA_PSS_RSAE_SHA512,
18
+ SignatureScheme::RSA_PKCS1_SHA512
19
+ ]
20
+ end
21
+
22
+ let(:extension) do
23
+ SignatureAlgorithms.new(supported_signature_algorithms)
24
+ end
25
+
26
+ it 'should be generated' do
27
+ expect(extension.extension_type).to eq ExtensionType::SIGNATURE_ALGORITHMS
28
+ expect(extension.supported_signature_algorithms)
29
+ .to eq supported_signature_algorithms
30
+ end
31
+
32
+ it 'should be serialized' do
33
+ expect(extension.serialize).to eq ExtensionType::SIGNATURE_ALGORITHMS \
34
+ + 18.to_uint16 \
35
+ + 16.to_uint16 \
36
+ + supported_signature_algorithms.join
37
+ end
38
+ end
39
+
40
+ context 'invalid signature_algorithms, empty,' do
41
+ let(:extension) do
42
+ SignatureAlgorithms.new([])
43
+ end
44
+
45
+ it 'should not be generated' do
46
+ expect { extension }.to raise_error(ErrorAlerts)
47
+ end
48
+ end
49
+
50
+ context 'invalid signature_algorithms, too long,' do
51
+ let(:extension) do
52
+ SignatureAlgorithms.new((0..2**15 - 2).to_a.map(&:to_uint16))
53
+ end
54
+
55
+ it 'should not be generated' do
56
+ expect { extension }.to raise_error(ErrorAlerts)
57
+ end
58
+ end
59
+
60
+ context 'valid signature_algorithms binary' do
61
+ let(:extension) do
62
+ SignatureAlgorithms.deserialize(TESTBINARY_SIGNATURE_ALGORITHMS)
63
+ end
64
+
65
+ let(:supported_signature_algorithms) do
66
+ [
67
+ SignatureScheme::ECDSA_SECP256R1_SHA256,
68
+ SignatureScheme::RSA_PSS_RSAE_SHA256,
69
+ SignatureScheme::RSA_PKCS1_SHA256,
70
+ SignatureScheme::ECDSA_SECP384R1_SHA384,
71
+ SignatureScheme::RSA_PSS_RSAE_SHA384,
72
+ SignatureScheme::RSA_PKCS1_SHA384,
73
+ SignatureScheme::RSA_PSS_RSAE_SHA512,
74
+ SignatureScheme::RSA_PKCS1_SHA512
75
+ ]
76
+ end
77
+
78
+ it 'should generate valid object' do
79
+ expect(extension.extension_type).to eq ExtensionType::SIGNATURE_ALGORITHMS
80
+ expect(extension.supported_signature_algorithms)
81
+ .to eq supported_signature_algorithms
82
+ end
83
+
84
+ it 'should generate serializable object' do
85
+ expect(extension.serialize)
86
+ .to eq ExtensionType::SIGNATURE_ALGORITHMS \
87
+ + TESTBINARY_SIGNATURE_ALGORITHMS.prefix_uint16_length
88
+ end
89
+ end
90
+
91
+ context 'invalid signature_algorithms binary, malformed binary,' do
92
+ let(:extension) do
93
+ SignatureAlgorithms.deserialize(TESTBINARY_SIGNATURE_ALGORITHMS[0...-1])
94
+ end
95
+
96
+ it 'should return nil' do
97
+ expect(extension).to be nil
98
+ end
99
+ end
100
+ end