tttls1.3 0.1.0

data/lib/tttls1.3/message/extension/supported_groups.rb

@@ -0,0 +1,145 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+module TTTLS13
+  using Refinements
+  module Message
+    module Extension
+      module NamedGroup
+        SECP256R1 = "\x00\x17"
+        SECP384R1 = "\x00\x18"
+        SECP521R1 = "\x00\x19"
+        # X25519    = "\x00\x1d" # UNSUPPORTED
+        # X448      = "\x00\x1e" # UNSUPPORTED
+        # FFDHE2048 = "\x01\x00" # UNSUPPORTED
+        # FFDHE3072 = "\x01\x01" # UNSUPPORTED
+        # FFDHE4096 = "\x01\x02" # UNSUPPORTED
+        # FFDHE6144 = "\x01\x03" # UNSUPPORTED
+        # FFDHE8192 = "\x01\x04" # UNSUPPORTED
+        # ffdhe_private_use "\x01\xfc" ~ "\x01\xff"
+        # ecdhe_private_use "\xfe\x00" ~ "\xfe\xff"
+
+        class << self
+          # NOTE:
+          # For secp256r1, secp384r1, and secp521r1
+          #
+          #     struct {
+          #         uint8 legacy_form = 4;
+          #         opaque X[coordinate_length];
+          #         opaque Y[coordinate_length];
+          #     } UncompressedPointRepresentation;
+          #
+          # @param group [TTTLS13::Message::Extension::NamedGroup]
+          #
+          # @raise [TTTLS13::Error::ErrorAlerts]
+          #
+          # @return [Integer]
+          def key_exchange_len(group)
+            case group
+            when SECP256R1
+              65
+            when SECP384R1
+              97
+            when SECP521R1
+              133
+            # NOTE:
+            # not supported other NamedGroup
+            # when X25519
+            #   32
+            # when X448
+            #   56
+            # when FFDHE2048
+            #   256
+            # when FFDHE4096
+            #   512
+            # when FFDHE6144
+            #   768
+            # when FFDHE8192
+            #   1024
+            else
+              raise Error::ErrorAlerts, :internal_error
+            end
+          end
+
+          # NOTE:
+          # SECG        |  ANSI X9.62   |  NIST
+          # ------------+---------------+-------------
+          # secp256r1   |  prime256v1   |   NIST P-256
+          # secp384r1   |               |   NIST P-384
+          # secp521r1   |               |   NIST P-521
+          #
+          # https://tools.ietf.org/html/rfc4492#appendix-A
+          #
+          # @param groups [Array of TTTLS13::Message::Extension::NamedGroup]
+          #
+          # @raise [TTTLS13::Error::ErrorAlerts]
+          #
+          # @return [String] EC_builtin_curves
+          def curve_name(group)
+            case group
+            when NamedGroup::SECP256R1
+              'prime256v1'
+            when NamedGroup::SECP384R1
+              'secp384r1'
+            when NamedGroup::SECP521R1
+              'secp521r1'
+            else
+              # NOTE:
+              # not supported other NamedGroup
+              raise Error::ErrorAlerts, :internal_error
+            end
+          end
+        end
+      end
+
+      class SupportedGroups
+        attr_reader :extension_type
+        attr_reader :named_group_list
+
+        # @param named_group_list [Array of NamedGroup]
+        #
+        # @raise [TTTLS13::Error::ErrorAlerts]
+        def initialize(named_group_list)
+          @extension_type = ExtensionType::SUPPORTED_GROUPS
+          @named_group_list = named_group_list || []
+          raise Error::ErrorAlerts, :internal_error \
+            if @named_group_list.empty? || @named_group_list.length >= 2**15 - 1
+        end
+
+        # @return [String]
+        def serialize
+          binary = @named_group_list.join
+
+          @extension_type + binary.prefix_uint16_length.prefix_uint16_length
+        end
+
+        # @param binary [String]
+        #
+        # @raise [TTTLS13::Error::ErrorAlerts]
+        #
+        # @return [TTTLS13::Message::Extension::SupportedGroups, nil]
+        # rubocop: disable Metrics/CyclomaticComplexity
+        def self.deserialize(binary)
+          raise Error::ErrorAlerts, :internal_error if binary.nil?
+
+          return nil if binary.length < 2
+
+          nglist_len = Convert.bin2i(binary.slice(0, 2))
+          i = 2
+          named_group_list = []
+          while i < nglist_len + 2
+            return nil if i + 2 > binary.length
+
+            named_group_list << binary.slice(i, 2)
+            i += 2
+          end
+          return nil unless i == binary.length &&
+                            nglist_len + 2 == binary.length
+
+          SupportedGroups.new(named_group_list)
+        end
+        # rubocop: enable Metrics/CyclomaticComplexity
+      end
+    end
+  end
+end

data/lib/tttls1.3/message/extension/supported_versions.rb

@@ -0,0 +1,98 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+module TTTLS13
+  using Refinements
+  module Message
+    module Extension
+      class SupportedVersions
+        attr_reader   :extension_type
+        attr_accessor :msg_type
+        attr_accessor :versions
+
+        # @param msg_type [TTTLS13::Message::ContentType]
+        # @param versions [Array of ProtocolVersion]
+        #
+        # @raise [TTTLS13::Error::ErrorAlerts]
+        # rubocop: disable Metrics/CyclomaticComplexity
+        def initialize(msg_type:, versions: DEFAULT_VERSIONS)
+          @extension_type = ExtensionType::SUPPORTED_VERSIONS
+          @msg_type = msg_type
+          @versions = versions || []
+          case @msg_type
+          when HandshakeType::CLIENT_HELLO
+            raise Error::ErrorAlerts, :internal_error \
+              if @versions.empty? || @versions.length > 127
+          when HandshakeType::SERVER_HELLO, HandshakeType::HELLO_RETRY_REQUEST
+            raise Error::ErrorAlerts, :internal_error \
+              unless @versions.length == 1
+          else
+            raise Error::ErrorAlerts, :internal_error
+          end
+        end
+        # rubocop: enable Metrics/CyclomaticComplexity
+
+        # @return [String]
+        def serialize
+          binary = ''
+          binary += (@versions.length * 2).to_uint8 \
+            if @msg_type == HandshakeType::CLIENT_HELLO
+          binary += @versions.join
+
+          @extension_type + binary.prefix_uint16_length
+        end
+
+        # @param binary [String]
+        # @param msg_type [TTTLS13::Message::HandshakeType]
+        #
+        # @raise [TTTLS13::Error::ErrorAlerts]
+        #
+        # @return [TTTLS13::Message::Extensions::SupportedVersions, nil]
+        def self.deserialize(binary, msg_type)
+          raise Error::ErrorAlerts, :internal_error if binary.nil?
+
+          versions = []
+          case msg_type
+          when HandshakeType::CLIENT_HELLO
+            versions = deserialize_versions(binary)
+            return nil if versions.nil? # unparsable versions
+
+          when HandshakeType::SERVER_HELLO, HandshakeType::HELLO_RETRY_REQUEST
+            return nil if binary.length != 2
+
+            versions << binary.slice(0, 2)
+          else
+            return nil
+          end
+          SupportedVersions.new(msg_type: msg_type, versions: versions)
+        end
+
+        # @param binary [String]
+        #
+        # @raise [TTTLS13::Error::ErrorAlerts]
+        #
+        # @return [Array of String, nil]
+        # rubocop: disable Metrics/CyclomaticComplexity
+        def self.deserialize_versions(binary)
+          raise Error::ErrorAlerts, :internal_error if binary.nil?
+
+          return nil if binary.empty?
+
+          versions_len = Convert.bin2i(binary[0])
+          i = 1
+          versions = []
+          while i < versions_len + 1
+            return nil if i + 2 > binary.length
+
+            versions << binary.slice(i, 2)
+            i += 2
+          end
+          return nil if i != binary.length || i != versions_len + 1
+
+          versions
+        end
+        # rubocop: enable Metrics/CyclomaticComplexity
+      end
+    end
+  end
+end

data/lib/tttls1.3/message/extension/unknown_extension.rb

@@ -0,0 +1,38 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+module TTTLS13
+  using Refinements
+  module Message
+    module Extension
+      # NOTE:
+      # Client/Server MUST ignore unrecognized extensions,
+      # but transcript MUST include unrecognized extensions.
+      class UnknownExtension
+        attr_accessor :extension_type
+        attr_accessor :extension_data
+
+        # @param extension_type [String]
+        # @param extension_data [String]
+        def initialize(extension_type:, extension_data: '')
+          @extension_type = extension_type
+          @extension_data = extension_data || ''
+        end
+
+        # @return [String]
+        def serialize
+          @extension_type + @extension_data.prefix_uint16_length
+        end
+
+        # @param binary [String]
+        # @param extension_type [String]
+        #
+        # @return [TTTLS13::Message::Extension::UnknownExtension]
+        def self.deserialize(binary, extension_type)
+          UnknownExtension.new(extension_type: extension_type,
+                               extension_data: binary)
+        end
+      end
+    end
+  end
+end

data/lib/tttls1.3/message/extensions.rb

@@ -0,0 +1,173 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+Dir[File.dirname(__FILE__) + '/extension/*.rb'].each { |f| require f }
+
+module TTTLS13
+  using Refinements
+  module Message
+    module ExtensionType
+      SERVER_NAME                            = "\x00\x00"
+      MAX_FRAGMENT_LENGTH                    = "\x00\x01"
+      STATUS_REQUEST                         = "\x00\x05"
+      SUPPORTED_GROUPS                       = "\x00\x0a"
+      SIGNATURE_ALGORITHMS                   = "\x00\x0d"
+      USE_SRTP                               = "\x00\x0e"
+      HEARTBEAT                              = "\x00\x0f"
+      APPLICATION_LAYER_PROTOCOL_NEGOTIATION = "\x00\x10"
+      SIGNED_CERTIFICATE_TIMESTAMP           = "\x00\x12"
+      CLIENT_CERTIFICATE_TYPE                = "\x00\x13"
+      SERVER_CERTIFICATE_TYPE                = "\x00\x14"
+      PADDING                                = "\x00\x15"
+      RECORD_SIZE_LIMIT                      = "\x00\x1c"
+      PRE_SHARED_KEY                         = "\x00\x29"
+      EARLY_DATA                             = "\x00\x2a"
+      SUPPORTED_VERSIONS                     = "\x00\x2b"
+      COOKIE                                 = "\x00\x2c"
+      PSK_KEY_EXCHANGE_MODES                 = "\x00\x2d"
+      CERTIFICATE_AUTHORITIES                = "\x00\x2f"
+      OID_FILTERS                            = "\x00\x30"
+      POST_HANDSHAKE_AUTH                    = "\x00\x31"
+      SIGNATURE_ALGORITHMS_CERT              = "\x00\x32"
+      KEY_SHARE                              = "\x00\x33"
+    end
+
+    class Extensions < Hash
+      # @param extensions [Array of TTTLS13::Message::Extension::$Object]
+      #
+      # @example
+      #   Extensions.new([SupportedVersions.new, ServerName.new('example.com')]
+      def initialize(extensions = [])
+        extensions.each do |ex|
+          super[ex.extension_type] = ex
+        end
+      end
+
+      alias super_fetch fetch
+
+      # NOTE:
+      # "pre_shared_key" MUST be the last extension in the ClientHello
+      #
+      # @return [String]
+      def serialize
+        except_ch_psk = values.reject do |ex|
+          ex.extension_type == ExtensionType::PRE_SHARED_KEY &&
+            ex.msg_type == HandshakeType::CLIENT_HELLO
+        end
+        binary = except_ch_psk.map(&:serialize).join
+
+        psk = super_fetch(ExtensionType::PRE_SHARED_KEY, nil)
+        binary += psk.serialize if psk&.msg_type == HandshakeType::CLIENT_HELLO
+
+        binary.prefix_uint16_length
+      end
+
+      # @param binary [String]
+      # @param msg_type [TTTLS13::Message::HandshakeType]
+      #
+      # @raise [TTTLS13::Error::ErrorAlerts]
+      #
+      # @return [TTTLS13::Message::Extensions]
+      # rubocop: disable Metrics/CyclomaticComplexity
+      def self.deserialize(binary, msg_type)
+        raise Error::ErrorAlerts, :internal_error if binary.nil?
+
+        extensions = []
+        i = 0
+        while i < binary.length
+          raise Error::ErrorAlerts, :decode_error if i + 4 > binary.length
+
+          extension_type = binary.slice(i, 2)
+          i += 2
+          ex_len = Convert.bin2i(binary.slice(i, 2))
+          i += 2
+
+          raise Error::ErrorAlerts, :decode_error if i + ex_len > binary.length
+
+          ex_bin = binary.slice(i, ex_len)
+          ex = deserialize_extension(ex_bin, extension_type, msg_type)
+          if ex.nil?
+            # ignore unparsable binary, but only transcript
+            ex = Extension::UnknownExtension.new(extension_type, ex_bin)
+          end
+          extensions << ex
+          i += ex_len
+        end
+        raise Error::ErrorAlerts, :decode_error unless i == binary.length
+
+        Extensions.new(extensions)
+      end
+      # rubocop: enable Metrics/CyclomaticComplexity
+
+      # @param key [TTTLS13::Message::ExtensionType]
+      #
+      # @return [TTTLS13::Message::Extension::$Object]
+      def [](key)
+        return nil if super_fetch(key, nil).is_a?(Extension::UnknownExtension)
+
+        super_fetch(key, nil)
+      end
+
+      # @param key [TTTLS13::Message::ExtensionType]
+      # @param default
+      #
+      # @return [TTTLS13::Message::Extension::$Object]
+      def fetch(key, default = nil)
+        return nil if super_fetch(key, nil).is_a?(Extension::UnknownExtension)
+
+        super_fetch(key, default)
+      end
+
+      class << self
+        private
+
+        # NOTE:
+        # deserialize_extension ignores unparsable extension.
+        # Received unparsable binary, returns nil, doesn't raise
+        # ErrorAlerts :decode_error.
+        #
+        # @param binary [String]
+        # @param extension_type [TTTLS13::Message::ExtensionType]
+        # @param msg_type [TTTLS13::Message::HandshakeType]
+        #
+        # @raise [TTTLS13::Error::ErrorAlerts]
+        #
+        # @return [TTTLS13::Message::Extension::$Object, nil]
+        # rubocop: disable Metrics/CyclomaticComplexity
+        def deserialize_extension(binary, extension_type, msg_type)
+          raise Error::ErrorAlerts, :internal_error if binary.nil?
+
+          case extension_type
+          when ExtensionType::SERVER_NAME
+            Extension::ServerName.deserialize(binary)
+          when ExtensionType::SUPPORTED_GROUPS
+            Extension::SupportedGroups.deserialize(binary)
+          when ExtensionType::SIGNATURE_ALGORITHMS
+            Extension::SignatureAlgorithms.deserialize(binary)
+          when ExtensionType::APPLICATION_LAYER_PROTOCOL_NEGOTIATION
+            Extension::Alpn..deserialize(binary)
+          when ExtensionType::RECORD_SIZE_LIMIT
+            Extension::RecordSizeLimit.deserialize(binary)
+          when ExtensionType::PRE_SHARED_KEY
+            Extension::PreSharedKey.deserialize(binary, msg_type)
+          when ExtensionType::EARLY_DATA
+            Extension::EarlyDataIndication.deserialize(binary, msg_type)
+          when ExtensionType::SUPPORTED_VERSIONS
+            Extension::SupportedVersions.deserialize(binary, msg_type)
+          when ExtensionType::COOKIE
+            Extension::Cookie.deserialize(binary)
+          when ExtensionType::PSK_KEY_EXCHANGE_MODES
+            Extension::PskKeyExchangeModes.deserialize(binary)
+          when ExtensionType::SIGNATURE_ALGORITHMS_CERT
+            Extension::SignatureAlgorithmsCert.deserialize(binary)
+          when ExtensionType::KEY_SHARE
+            Extension::KeyShare.deserialize(binary, msg_type)
+          else
+            Extension::UnknownExtension.deserialize(binary, extension_type)
+          end
+        end
+        # rubocop: enable Metrics/CyclomaticComplexity
+      end
+    end
+  end
+end

data/lib/tttls1.3/message/finished.rb

@@ -0,0 +1,44 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+module TTTLS13
+  using Refinements
+  module Message
+    class Finished
+      attr_reader :msg_type
+      attr_reader :verify_data
+
+      # @param verify_data [String]
+      def initialize(verify_data)
+        @msg_type = HandshakeType::FINISHED
+        @verify_data = verify_data
+      end
+
+      # @return [String]
+      def serialize
+        @msg_type + @verify_data.prefix_uint24_length
+      end
+
+      alias fragment serialize
+
+      # @param binary [String]
+      #
+      # @raise [TTTLS13::Error::ErrorAlerts]
+      #
+      # @return [TTTLS13::Message::Finished]
+      def self.deserialize(binary)
+        raise Error::ErrorAlerts, :internal_error if binary.nil?
+        raise Error::ErrorAlerts, :decode_error if binary.length < 4
+        raise Error::ErrorAlerts, :internal_error \
+          unless binary[0] == HandshakeType::FINISHED
+
+        msg_len = Convert.bin2i(binary.slice(1, 3))
+        verify_data = binary.slice(4, msg_len)
+        raise Error::ErrorAlerts, :decode_error \
+          unless msg_len + 4 == binary.length
+
+        Finished.new(verify_data)
+      end
+    end
+  end
+end

data/lib/tttls1.3/message/new_session_ticket.rb

@@ -0,0 +1,89 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+module TTTLS13
+  using Refinements
+  module Message
+    class NewSessionTicket
+      attr_reader :msg_type
+      attr_reader :ticket_lifetime
+      attr_reader :ticket_age_add
+      attr_reader :ticket_nonce
+      attr_reader :ticket
+      attr_reader :extensions
+      attr_reader :timestamp
+
+      # @param ticket_lifetime [Integer]
+      # @param ticket_age_add [String]
+      # @param ticket_nonce [String]
+      # @param ticket [String]
+      # @param extensions [TTTLS13::Message::Extensions]
+      #
+      # @raise [TTTLS13::Error::ErrorAlerts]
+      def initialize(ticket_lifetime:, ticket_age_add:,
+                     ticket_nonce:, ticket:, extensions: Extensions.new)
+        @msg_type = HandshakeType::NEW_SESSION_TICKET
+        @ticket_lifetime = ticket_lifetime
+        @ticket_age_add = ticket_age_add
+        raise Error::ErrorAlerts, :internal_error \
+          unless ticket_age_add.length == 4
+
+        @ticket_nonce = ticket_nonce
+        @ticket = ticket
+        @extensions = extensions || Extensions.new
+        @timestamp = Time.now.to_i
+      end
+
+      # @return [String]
+      def serialize
+        binary = ''
+        binary += @ticket_lifetime.to_uint32
+        binary += @ticket_age_add
+        binary += @ticket_nonce.prefix_uint8_length
+        binary += @ticket.prefix_uint16_length
+        binary += @extensions.serialize
+
+        @msg_type + binary.prefix_uint24_length
+      end
+
+      # @param binary [String]
+      #
+      # @raise [TTTLS13::Error::ErrorAlerts]
+      #
+      # @return [TTTLS13::Message::NewSessionTicket]
+      # rubocop: disable Metrics/AbcSize
+      def self.deserialize(binary)
+        raise Error::ErrorAlerts, :internal_error if binary.nil?
+        raise Error::ErrorAlerts, :decode_error if binary.length < 13
+        raise Error::ErrorAlerts, :internal_error \
+          unless binary[0] == HandshakeType::NEW_SESSION_TICKET
+
+        msg_len = Convert.bin2i(binary.slice(1, 3))
+        ticket_lifetime = Convert.bin2i(binary.slice(4, 4))
+        ticket_age_add = binary.slice(8, 4)
+        tn_len = Convert.bin2i(binary[12])
+        ticket_nonce = binary.slice(13, tn_len)
+        i = 13 + tn_len
+        ticket_len = Convert.bin2i(binary.slice(i, 2))
+        i += 2
+        ticket = binary.slice(i, ticket_len)
+        i += ticket_len
+        exs_len = Convert.bin2i(binary.slice(i, 2))
+        i += 2
+        exs_bin = binary.slice(i, exs_len)
+        extensions = Extensions.deserialize(exs_bin,
+                                            HandshakeType::NEW_SESSION_TICKET)
+        i += exs_len
+        raise Error::ErrorAlerts, :decode_error unless i == msg_len + 4 &&
+                                                       i == binary.length
+
+        NewSessionTicket.new(ticket_lifetime: ticket_lifetime,
+                             ticket_age_add: ticket_age_add,
+                             ticket_nonce: ticket_nonce,
+                             ticket: ticket,
+                             extensions: extensions)
+      end
+      # rubocop: enable Metrics/AbcSize
+    end
+  end
+end