tttls1.3 0.2.15 → 0.2.18

data/lib/tttls1.3/server.rb

@@ -44,6 +44,11 @@ module TTTLS13
   ].freeze
   private_constant :DEFAULT_SP_NAMED_GROUP_LIST
 
+  DEFAULT_SP_COMPRESS_CERTIFICATE_ALGORITHMS = [
+    Message::Extension::CertificateCompressionAlgorithm::ZLIB
+  ].freeze
+  private_constant :DEFAULT_SP_COMPRESS_CERTIFICATE_ALGORITHMS
+
   DEFAULT_SERVER_SETTINGS = {
     crt_file: nil,
     chain_files: nil,
@@ -53,7 +58,9 @@ module TTTLS13
     supported_groups: DEFAULT_SP_NAMED_GROUP_LIST,
     alpn: nil,
     process_ocsp_response: nil,
+    compress_certificate_algorithms: DEFAULT_SP_COMPRESS_CERTIFICATE_ALGORITHMS,
     compatibility_mode: true,
+    sslkeylogfile: nil,
     loglevel: Logger::WARN
   }.freeze
   private_constant :DEFAULT_SERVER_SETTINGS
@@ -140,9 +147,17 @@ module TTTLS13
       transcript = Transcript.new
       key_schedule = nil # TTTLS13::KeySchedule
       priv_key = nil # OpenSSL::PKey::$Object
-
       hs_wcipher = nil # TTTLS13::Cryptograph::$Object
       hs_rcipher = nil # TTTLS13::Cryptograph::$Object
+      sslkeylogfile = nil # TTTLS13::SslKeyLogFile::Writer
+      unless @settings[:sslkeylogfile].nil?
+        begin
+          sslkeylogfile = SslKeyLogFile::Writer.new(@settings[:sslkeylogfile])
+        rescue SystemCallError => e
+          msg = "\"#{@settings[:sslkeylogfile]}\" file can NOT open: #{e}"
+          logger.warn(msg)
+        end
+      end
 
       @state = ServerState::START
       loop do
@@ -151,7 +166,7 @@ module TTTLS13
           logger.debug('ServerState::START')
 
           receivable_ccs = transcript.include?(CH1)
-          ch = transcript[CH] = recv_client_hello(receivable_ccs)
+          ch, = transcript[CH] = recv_client_hello(receivable_ccs)
 
           # support only TLS 1.3
           terminate(:protocol_version) unless ch.negotiated_tls_1_3?
@@ -183,7 +198,7 @@ module TTTLS13
           logger.debug('ServerState::RECVD_CH')
 
           # select parameters
-          ch = transcript[CH]
+          ch, = transcript[CH]
           @cipher_suite = select_cipher_suite(ch)
           @named_group = select_named_group(ch)
           @signature_scheme = select_signature_scheme(ch, @crt)
@@ -192,8 +207,9 @@ module TTTLS13
 
           # send HRR
           if @named_group.nil?
-            ch1 = transcript[CH1] = transcript.delete(CH)
-            transcript[HRR] = send_hello_retry_request(ch1, @cipher_suite)
+            ch1, = transcript[CH1] = transcript.delete(CH)
+            hrr = send_hello_retry_request(ch1, @cipher_suite)
+            transcript[HRR] = [hrr, hrr.serialize]
             @state = ServerState::START
             next
           end
@@ -201,16 +217,20 @@ module TTTLS13
         when ServerState::NEGOTIATED
           logger.debug('ServerState::NEGOTIATED')
 
-          ch = transcript[CH]
+          ch, = transcript[CH]
           extensions, priv_key = gen_sh_extensions(@named_group)
-          transcript[SH] = send_server_hello(extensions, @cipher_suite,
-                                             ch.legacy_session_id)
+          sh = send_server_hello(
+            extensions,
+            @cipher_suite,
+            ch.legacy_session_id
+          )
+          transcript[SH] = [sh, sh.serialize]
           send_ccs if @settings[:compatibility_mode]
 
           # generate shared secret
           ke = ch.extensions[Message::ExtensionType::KEY_SHARE]
                 &.key_share_entry
-                &.find { |e| e.group == @named_group }
+                &.find { |kse| kse.group == @named_group }
                 &.key_exchange
           shared_secret = gen_shared_secret(ke, priv_key, @named_group)
           key_schedule = KeySchedule.new(
@@ -224,40 +244,49 @@ module TTTLS13
             key_schedule.server_handshake_write_key,
             key_schedule.server_handshake_write_iv
           )
+          sslkeylogfile&.write_server_handshake_traffic_secret(
+            transcript[CH].first.random,
+            key_schedule.server_handshake_traffic_secret
+          )
           hs_rcipher = gen_cipher(
             @cipher_suite,
             key_schedule.client_handshake_write_key,
             key_schedule.client_handshake_write_iv
           )
+          sslkeylogfile&.write_client_handshake_traffic_secret(
+            transcript[CH].first.random,
+            key_schedule.client_handshake_traffic_secret
+          )
           @state = ServerState::WAIT_FLIGHT2
         when ServerState::WAIT_EOED
           logger.debug('ServerState::WAIT_EOED')
         when ServerState::WAIT_FLIGHT2
           logger.debug('ServerState::WAIT_FLIGHT2')
 
-          ch = transcript[CH]
+          ch, = transcript[CH]
           rsl = @send_record_size \
             if ch.extensions.include?(Message::ExtensionType::RECORD_SIZE_LIMIT)
-          ee = transcript[EE] = gen_encrypted_extensions(ch, @alpn, rsl)
+          ee = gen_encrypted_extensions(ch, @alpn, rsl)
+          transcript[EE] = [ee, ee.serialize]
           # TODO: [Send CertificateRequest]
 
           # status_request
           ocsp_response = fetch_ocsp_response \
             if ch.extensions.include?(Message::ExtensionType::STATUS_REQUEST)
-          ct = transcript[CT] = gen_certificate(@crt, @chain, ocsp_response)
+          ct = gen_certificate(@crt, ch, @chain, ocsp_response)
+          transcript[CT] = [ct, ct.serialize]
           digest = CipherSuite.digest(@cipher_suite)
-          cv = transcript[CV] = gen_certificate_verify(
-            @key,
-            @signature_scheme,
-            transcript.hash(digest, CT)
-          )
+          hash = transcript.hash(digest, CT)
+          cv = gen_certificate_verify(@key, @signature_scheme, hash)
+          transcript[CV] = [cv, cv.serialize]
           finished_key = key_schedule.server_finished_key
           signature = sign_finished(
             digest: digest,
             finished_key: finished_key,
             hash: transcript.hash(digest, CV)
           )
-          sf = transcript[SF] = Message::Finished.new(signature)
+          sf = Message::Finished.new(signature)
+          transcript[SF] = [sf, sf.serialize]
           send_server_parameters([ee, ct, cv, sf], hs_wcipher)
           @state = ServerState::WAIT_FINISHED
         when ServerState::WAIT_CERT
@@ -267,7 +296,7 @@ module TTTLS13
         when ServerState::WAIT_FINISHED
           logger.debug('ServerState::WAIT_FINISHED')
 
-          cf = transcript[CF] = recv_finished(hs_rcipher)
+          cf, = transcript[CF] = recv_finished(hs_rcipher)
           digest = CipherSuite.digest(@cipher_suite)
           verified = verified_finished?(
             finished: cf,
@@ -281,11 +310,19 @@ module TTTLS13
             key_schedule.server_application_write_key,
             key_schedule.server_application_write_iv
           )
+          sslkeylogfile&.write_server_traffic_secret_0(
+            transcript[CH].first.random,
+            key_schedule.server_application_traffic_secret
+          )
           @ap_rcipher = gen_cipher(
             @cipher_suite,
             key_schedule.client_application_write_key,
             key_schedule.client_application_write_iv
           )
+          sslkeylogfile&.write_client_traffic_secret_0(
+            transcript[CH].first.random,
+            key_schedule.client_application_traffic_secret
+          )
           @exporter_master_secret = key_schedule.exporter_master_secret
           @state = ServerState::CONNECTED
         when ServerState::CONNECTED
@@ -294,6 +331,7 @@ module TTTLS13
           break
         end
       end
+      sslkeylogfile&.close
     end
     # rubocop: enable Metrics/AbcSize
     # rubocop: enable Metrics/BlockLength
@@ -325,12 +363,15 @@ module TTTLS13
     # @raise [TTTLS13::Error::ErrorAlerts]
     #
     # @return [TTTLS13::Message::ClientHello]
+    # @return [String]
     def recv_client_hello(receivable_ccs)
-      ch = recv_message(receivable_ccs: receivable_ccs,
-                        cipher: Cryptograph::Passer.new)
+      ch, orig_msg = recv_message(
+        receivable_ccs: receivable_ccs,
+        cipher: Cryptograph::Passer.new
+      )
       terminate(:unexpected_message) unless ch.is_a?(Message::ClientHello)
 
-      ch
+      [ch, orig_msg]
     end
 
     # @param extensions [TTTLS13::Message::Extensions]
@@ -408,19 +449,39 @@ module TTTLS13
     end
 
     # @param crt [OpenSSL::X509::Certificate]
+    # @param ch [TTTLS13::Message::ClientHell]
     # @param chain [Array of OpenSSL::X509::Certificate]
     # @param ocsp_response [OpenSSL::OCSP::Response]
     #
-    # @return [TTTLS13::Message::Certificate, nil]
-    def gen_certificate(crt, chain = [], ocsp_response = nil)
+    # @return [TTTLS13::Message::Certificate, CompressedCertificate, nil]
+    # rubocop: disable Metrics/CyclomaticComplexity
+    def gen_certificate(crt, ch, chain = [], ocsp_response = nil)
       exs = Message::Extensions.new
       # status_request
       exs << Message::Extension::OCSPResponse.new(ocsp_response) \
         unless ocsp_response.nil?
       ces = [Message::CertificateEntry.new(crt, exs)] \
             + (chain || []).map { |c| Message::CertificateEntry.new(c) }
-      Message::Certificate.new(certificate_list: ces)
+      ct = Message::Certificate.new(certificate_list: ces)
+
+      # compress_certificate
+      cc = ch.extensions[Message::ExtensionType::COMPRESS_CERTIFICATE]
+      if !cc.nil? && !cc.algorithms.empty?
+        cca = (@settings[:compress_certificate_algorithms] || []).find do |a|
+          cc.algorithms.include?(a)
+        end
+
+        unless cca.nil?
+          ct = Message::CompressedCertificate.new(
+            certificate_message: ct,
+            algorithm: cca
+          )
+        end
+      end
+
+      ct
     end
+    # rubocop: enable Metrics/CyclomaticComplexity
 
     # @param key [OpenSSL::PKey::PKey]
     # @param signature_scheme [TTTLS13::SignatureScheme]
@@ -442,11 +503,12 @@ module TTTLS13
     # @raise [TTTLS13::Error::ErrorAlerts]
     #
     # @return [TTTLS13::Message::Finished]
+    # @return [String]
     def recv_finished(cipher)
-      cf = recv_message(receivable_ccs: true, cipher: cipher)
+      cf, orig_msg = recv_message(receivable_ccs: true, cipher: cipher)
       terminate(:unexpected_message) unless cf.is_a?(Message::Finished)
 
-      cf
+      [cf, orig_msg]
     end
 
     # @param named_group [TTTLS13::NamedGroup]

data/lib/tttls1.3/sslkeylogfile.rb

@@ -0,0 +1,87 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+module TTTLS13
+  module SslKeyLogFile
+    module Label
+      CLIENT_EARLY_TRAFFIC_SECRET     = 'CLIENT_EARLY_TRAFFIC_SECRET'
+      CLIENT_HANDSHAKE_TRAFFIC_SECRET = 'CLIENT_HANDSHAKE_TRAFFIC_SECRET'
+      SERVER_HANDSHAKE_TRAFFIC_SECRET = 'SERVER_HANDSHAKE_TRAFFIC_SECRET'
+      CLIENT_TRAFFIC_SECRET_0         = 'CLIENT_TRAFFIC_SECRET_0'
+      SERVER_TRAFFIC_SECRET_0         = 'SERVER_TRAFFIC_SECRET_0'
+    end
+
+    class Writer
+      # @param path [String]
+      #
+      # @raise [SystemCallError]
+      def initialize(path)
+        @file = File.new(path, 'a+')
+      end
+
+      # @param client_random [String]
+      # @param secret [String]
+      def write_client_early_traffic_secret(client_random, secret)
+        write_key_log(
+          Label::CLIENT_EARLY_TRAFFIC_SECRET,
+          client_random,
+          secret
+        )
+      end
+
+      # @param client_random [String]
+      # @param secret [String]
+      def write_client_handshake_traffic_secret(client_random, secret)
+        write_key_log(
+          Label::CLIENT_HANDSHAKE_TRAFFIC_SECRET,
+          client_random,
+          secret
+        )
+      end
+
+      # @param client_random [String]
+      # @param secret [String]
+      def write_server_handshake_traffic_secret(client_random, secret)
+        write_key_log(
+          Label::SERVER_HANDSHAKE_TRAFFIC_SECRET,
+          client_random,
+          secret
+        )
+      end
+
+      # @param client_random [String]
+      # @param secret [String]
+      def write_client_traffic_secret_0(client_random, secret)
+        write_key_log(
+          Label::CLIENT_TRAFFIC_SECRET_0,
+          client_random,
+          secret
+        )
+      end
+
+      # @param client_random [String]
+      # @param secret [String]
+      def write_server_traffic_secret_0(client_random, secret)
+        write_key_log(
+          Label::SERVER_TRAFFIC_SECRET_0,
+          client_random,
+          secret
+        )
+      end
+
+      def close
+        @file&.close
+      end
+
+      private
+
+      # @param label [TTTLS13::SslKeyLogFile::Label]
+      # @param client_random [String]
+      # @param secret [String]
+      def write_key_log(label, client_random, secret)
+        s = "#{label} #{client_random.unpack1('H*')} #{secret.unpack1('H*')}\n"
+        @file&.print(s)
+      end
+    end
+  end
+end

data/lib/tttls1.3/transcript.rb

@@ -19,10 +19,6 @@ module TTTLS13
   CF   = 12
 
   class Transcript < Hash
-    def initialize
-      super
-    end
-
     alias super_include? include?
 
     # @param digest [String] name of digest algorithm
@@ -62,12 +58,12 @@ module TTTLS13
         exc_prefix = Message::HandshakeType::MESSAGE_HASH \
                      + "\x00\x00" \
                      + OpenSSL::Digest.new(digest).digest_length.to_uint8 \
-                     + OpenSSL::Digest.digest(digest, self[CH1].serialize) \
-                     + self[HRR].serialize
+                     + OpenSSL::Digest.digest(digest, self[CH1].last) \
+                     + self[HRR].last
       end
 
       messages = (CH..end_index).to_a.map do |m|
-        include?(m) ? self[m].serialize : ''
+        include?(m) ? self[m].last : ''
       end
       exc_prefix + messages.join
     end

data/lib/tttls1.3/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module TTTLS13
-  VERSION = '0.2.15'
+  VERSION = '0.2.18'
 end

data/lib/tttls1.3.rb

@@ -17,6 +17,7 @@ require 'tttls1.3/transcript'
 require 'tttls1.3/key_schedule'
 require 'tttls1.3/message'
 require 'tttls1.3/sequence_number'
+require 'tttls1.3/sslkeylogfile'
 require 'tttls1.3/connection'
 require 'tttls1.3/client'
 require 'tttls1.3/server'

data/spec/client_spec.rb

@@ -11,7 +11,7 @@ RSpec.describe Client do
       client = Client.new(mock_socket, 'localhost')
       extensions, _priv_keys = client.send(:gen_ch_extensions)
       client.send(:send_client_hello, extensions)
-      Record.deserialize(mock_socket.read, Cryptograph::Passer.new)
+      Record.deserialize(mock_socket.read, Cryptograph::Passer.new).first
     end
 
     it 'should send default ClientHello' do
@@ -37,7 +37,7 @@ RSpec.describe Client do
                         + msg_len.to_uint16 \
                         + TESTBINARY_SERVER_HELLO)
       client = Client.new(mock_socket, 'localhost')
-      client.send(:recv_server_hello)
+      client.send(:recv_server_hello).first
     end
 
     it 'should receive ServerHello' do
@@ -65,20 +65,20 @@ RSpec.describe Client do
     end
 
     it 'should receive EncryptedExtensions' do
-      message = client.send(:recv_encrypted_extensions, cipher)
+      message, = client.send(:recv_encrypted_extensions, cipher)
       expect(message.msg_type).to eq HandshakeType::ENCRYPTED_EXTENSIONS
     end
 
     it 'should receive Certificate' do
       client.send(:recv_encrypted_extensions, cipher) # to skip
-      message = client.send(:recv_certificate, cipher)
+      message, = client.send(:recv_certificate, cipher)
       expect(message.msg_type).to eq HandshakeType::CERTIFICATE
     end
 
     it 'should receive CertificateVerify' do
       client.send(:recv_encrypted_extensions, cipher) # to skip
       client.send(:recv_certificate, cipher)          # to skip
-      message = client.send(:recv_certificate_verify, cipher)
+      message, = client.send(:recv_certificate_verify, cipher)
       expect(message.msg_type).to eq HandshakeType::CERTIFICATE_VERIFY
     end
 
@@ -86,7 +86,7 @@ RSpec.describe Client do
       client.send(:recv_encrypted_extensions, cipher) # to skip
       client.send(:recv_certificate, cipher)          # to skip
       client.send(:recv_certificate_verify, cipher)   # to skip
-      message = client.send(:recv_finished, cipher)
+      message, = client.send(:recv_finished, cipher)
       expect(message.msg_type).to eq HandshakeType::FINISHED
     end
   end
@@ -97,14 +97,20 @@ RSpec.describe Client do
     end
 
     let(:transcript) do
+      ch = ClientHello.deserialize(TESTBINARY_CLIENT_HELLO)
+      sh = ServerHello.deserialize(TESTBINARY_SERVER_HELLO)
+      ee = EncryptedExtensions.deserialize(TESTBINARY_ENCRYPTED_EXTENSIONS)
+      ct = Certificate.deserialize(TESTBINARY_CERTIFICATE)
+      cv = CertificateVerify.deserialize(TESTBINARY_CERTIFICATE_VERIFY)
+      sf = Finished.deserialize(TESTBINARY_SERVER_FINISHED)
       transcript = Transcript.new
       transcript.merge!(
-        CH => ClientHello.deserialize(TESTBINARY_CLIENT_HELLO),
-        SH => ServerHello.deserialize(TESTBINARY_SERVER_HELLO),
-        EE => EncryptedExtensions.deserialize(TESTBINARY_ENCRYPTED_EXTENSIONS),
-        CT => Certificate.deserialize(TESTBINARY_CERTIFICATE),
-        CV => CertificateVerify.deserialize(TESTBINARY_CERTIFICATE_VERIFY),
-        SF => Finished.deserialize(TESTBINARY_SERVER_FINISHED)
+        CH => [ch, TESTBINARY_CLIENT_HELLO],
+        SH => [sh, TESTBINARY_SERVER_HELLO],
+        EE => [ee, TESTBINARY_ENCRYPTED_EXTENSIONS],
+        CT => [ct, TESTBINARY_CERTIFICATE],
+        CV => [cv, TESTBINARY_CERTIFICATE_VERIFY],
+        SF => [sf, TESTBINARY_SERVER_FINISHED]
       )
       transcript
     end
@@ -140,7 +146,7 @@ RSpec.describe Client do
         write_iv: TESTBINARY_CLIENT_FINISHED_WRITE_IV,
         sequence_number: SequenceNumber.new
       )
-      Record.deserialize(mock_socket.read, hs_rcipher)
+      Record.deserialize(mock_socket.read, hs_rcipher).first
     end
 
     it 'should send Finished' do
@@ -170,14 +176,17 @@ RSpec.describe Client do
     end
 
     let(:transcript) do
+      ch = ClientHello.deserialize(TESTBINARY_CLIENT_HELLO)
+      sh = ServerHello.deserialize(TESTBINARY_SERVER_HELLO)
+      ee = EncryptedExtensions.deserialize(TESTBINARY_ENCRYPTED_EXTENSIONS)
       transcript = Transcript.new
       transcript.merge!(
-        CH => ClientHello.deserialize(TESTBINARY_CLIENT_HELLO),
-        SH => ServerHello.deserialize(TESTBINARY_SERVER_HELLO),
-        EE => EncryptedExtensions.deserialize(TESTBINARY_ENCRYPTED_EXTENSIONS),
-        CT => ct,
-        CV => cv,
-        SF => sf
+        CH => [ch, TESTBINARY_CLIENT_HELLO],
+        SH => [sh, TESTBINARY_SERVER_HELLO],
+        EE => [ee, TESTBINARY_ENCRYPTED_EXTENSIONS],
+        CT => [ct, TESTBINARY_CERTIFICATE],
+        CV => [cv, TESTBINARY_CERTIFICATE_VERIFY],
+        SF => [sf, TESTBINARY_SERVER_FINISHED]
       )
     end
 

data/spec/compress_certificate_spec.rb

@@ -0,0 +1,54 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+require_relative 'spec_helper'
+using Refinements
+
+RSpec.describe Alpn do
+  context 'valid compress_certificate' do
+    let(:algorithms) do
+      [CertificateCompressionAlgorithm::ZLIB]
+    end
+
+    let(:extension) do
+      CompressCertificate.new(algorithms)
+    end
+
+    it 'should be generated' do
+      expect(extension.extension_type)
+        .to eq ExtensionType::COMPRESS_CERTIFICATE
+      expect(extension.algorithms).to eq algorithms
+    end
+
+    it 'should be serialized' do
+      expect(extension.serialize)
+        .to eq ExtensionType::COMPRESS_CERTIFICATE \
+               + 3.to_uint16 \
+               + 2.to_uint8 \
+               + "\x00\x01"
+    end
+  end
+
+  context 'invalid compress_certificate, empty,' do
+    let(:extension) do
+      CompressCertificate.new([])
+    end
+
+    it 'should not be generated' do
+      expect { extension }.to raise_error(ErrorAlerts)
+    end
+  end
+
+  context 'valid compress_certificate binary' do
+    let(:extension) do
+      CompressCertificate.deserialize(TESTBINARY_COMPRESS_CERTIFICATE)
+    end
+
+    it 'should generate valid object' do
+      expect(extension.extension_type)
+        .to eq ExtensionType::COMPRESS_CERTIFICATE
+      expect(extension.algorithms)
+        .to eq [CertificateCompressionAlgorithm::ZLIB]
+    end
+  end
+end

data/spec/connection_spec.rb

@@ -32,15 +32,18 @@ RSpec.describe Connection do
     end
 
     let(:transcript) do
+      ch = ClientHello.deserialize(TESTBINARY_CLIENT_HELLO)
+      sh = ServerHello.deserialize(TESTBINARY_SERVER_HELLO)
+      ee = EncryptedExtensions.deserialize(TESTBINARY_ENCRYPTED_EXTENSIONS)
       transcript = Transcript.new
       transcript.merge!(
-        CH => ClientHello.deserialize(TESTBINARY_CLIENT_HELLO),
-        SH => ServerHello.deserialize(TESTBINARY_SERVER_HELLO),
-        EE => EncryptedExtensions.deserialize(TESTBINARY_ENCRYPTED_EXTENSIONS),
-        CT => ct,
-        CV => cv,
-        CF => cf,
-        SF => sf
+        CH => [ch, TESTBINARY_CLIENT_HELLO],
+        SH => [sh, TESTBINARY_SERVER_HELLO],
+        EE => [ee, TESTBINARY_ENCRYPTED_EXTENSIONS],
+        CT => [ct, TESTBINARY_CERTIFICATE],
+        CV => [cv, TESTBINARY_CERTIFICATE_VERIFY],
+        CF => [cf, TESTBINARY_CLIENT_FINISHED],
+        SF => [sf, TESTBINARY_SERVER_FINISHED]
       )
     end
 
@@ -115,16 +118,20 @@ RSpec.describe Connection do
     end
 
     let(:transcript) do
+      ch1 = ClientHello.deserialize(TESTBINARY_HRR_CLIENT_HELLO1)
+      hrr = ServerHello.deserialize(TESTBINARY_HRR_HELLO_RETRY_REQUEST)
+      ch = ClientHello.deserialize(TESTBINARY_HRR_CLIENT_HELLO)
+      sh = ServerHello.deserialize(TESTBINARY_HRR_SERVER_HELLO)
+      ee = EncryptedExtensions.deserialize(TESTBINARY_HRR_ENCRYPTED_EXTENSIONS)
       transcript = Transcript.new
       transcript.merge!(
-        CH1 => ClientHello.deserialize(TESTBINARY_HRR_CLIENT_HELLO1),
-        HRR => ServerHello.deserialize(TESTBINARY_HRR_HELLO_RETRY_REQUEST),
-        CH => ClientHello.deserialize(TESTBINARY_HRR_CLIENT_HELLO),
-        SH => ServerHello.deserialize(TESTBINARY_HRR_SERVER_HELLO),
-        EE =>
-        EncryptedExtensions.deserialize(TESTBINARY_HRR_ENCRYPTED_EXTENSIONS),
-        CT => ct,
-        CV => cv
+        CH1 => [ch1, TESTBINARY_HRR_CLIENT_HELLO1],
+        HRR => [hrr, TESTBINARY_HRR_HELLO_RETRY_REQUEST],
+        CH => [ch, TESTBINARY_HRR_CLIENT_HELLO],
+        SH => [sh, TESTBINARY_HRR_SERVER_HELLO],
+        EE => [ee, TESTBINARY_HRR_ENCRYPTED_EXTENSIONS],
+        CT => [ct, TESTBINARY_HRR_CERTIFICATE],
+        CV => [cv, TESTBINARY_HRR_CERTIFICATE_VERIFY]
       )
     end
 

data/spec/end_of_early_data_spec.rb

@@ -0,0 +1,28 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+require_relative 'spec_helper'
+using Refinements
+
+RSpec.describe EndOfEarlyData do
+  context 'end_of_early_data' do
+    let(:message) do
+      EndOfEarlyData.new
+    end
+
+    it 'should be serialized' do
+      expect(message.serialize).to eq HandshakeType::END_OF_EARLY_DATA \
+                                      + ''.prefix_uint24_length
+    end
+  end
+
+  context 'valid end_of_early_data binary' do
+    let(:message) do
+      EndOfEarlyData.deserialize(TESTBINARY_0_RTT_END_OF_EARLY_DATA)
+    end
+
+    it 'should generate valid serializable object' do
+      expect(message.serialize).to eq TESTBINARY_0_RTT_END_OF_EARLY_DATA
+    end
+  end
+end