tttls1.3 0.2.18 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1a07aded25aecad8bd61ff9fd49a70df15c8abf356d4747891486dd81386b68d
-  data.tar.gz: 4637b3288dab22caae951cc43c283057fd3ed215fc5fa86e318becc3369ac7b2
+  metadata.gz: fd89bebc90f5379d37e4fd3d1397168b6df9fcbfe5d1ad05f3ae852ba7d071d1
+  data.tar.gz: 45372c096b46a5c37c9e05d22dfad8d53e24278d5d195b1b7305aa86b49bdfe9
 SHA512:
-  metadata.gz: 621a8f82c99e21e964cfb6defe14e2f8864f1c42cc94c9af725de2ff73929226d99a694c893ada3fc44c5224be70ec87bfcb291eceab271b33e4759c6c900cd8
-  data.tar.gz: 9088db06f998013577eb647d064e97035047a2cef7799010bc91f18384787bdf158357fd33c296b92ec1bc07a2ad1b307c98d0217735dfef5c6acf565f3c9433
+  metadata.gz: 6b79f03e7eff3d7f2e47e0ca715ee9559c8c2a04f3f6c4869b4c8b915905f8934bb6cf4dd776ae74bdc3e7d9c97dd3a8ee77e46298073bdffd70fc936a954421
+  data.tar.gz: c43d3629de31d6ebd8f86d0c7a700d85a9f6e53be351eb13062c7ad0af9d1b8acc1c685f95a48e7d320b22ad1cd83979c4de3b57f07245060d6cc0dacdcca482

data/.github/workflows/ci.yml

@@ -27,8 +27,11 @@ jobs:
           gem install bundler
           bundle --version
           bundle install
-      - name: Run test
-        run: |
-          bundle exec rake
-          bundle exec rake interop:client
-          bundle exec rake interop:server
+      - name: Run rubocop
+        run: bundle exec rake rubocop
+      - name: Run rspec
+        run: bundle exec rake spec
+      - name: Run interop client
+        run: bundle exec rake interop:client
+      - name: Run interop server
+        run: bundle exec rake interop:server

data/Gemfile

@@ -2,6 +2,7 @@
 
 source 'https://rubygems.org'
 
+gem 'ech_config', '~> 0.0.3'
 gem 'logger'
 gem 'openssl'
 gem 'rake'
@@ -11,6 +12,7 @@ group :development do
   gem 'http_parser.rb'
   gem 'rspec', '3.9.0'
   gem 'rubocop', '0.78.0'
+  gem 'svcb_rr_patch'
   gem 'webrick'
 end
 

data/README.md

@@ -4,7 +4,7 @@
 [![Actions Status](https://github.com/thekuwayama/tttls1.3/workflows/CI/badge.svg)](https://github.com/thekuwayama/tttls1.3/actions?workflow=CI)
 [![Maintainability](https://api.codeclimate.com/v1/badges/b5ae1b3a43828142d2fa/maintainability)](https://codeclimate.com/github/thekuwayama/tttls1.3/maintainability)
 
-tttls1.3 is Ruby implementation of [TLS 1.3](https://tools.ietf.org/html/rfc8446) protocol.
+tttls1.3 is Ruby implementation of [TLS 1.3](https://datatracker.ietf.org/doc/rfc8446/) protocol.
 
 tttls1.3 uses [openssl](https://github.com/ruby/openssl) for crypto and X.509 operations.
 
@@ -22,6 +22,7 @@ tttls1.3 provides client API with the following features:
 * Simple 1-RTT Handshake
 * HelloRetryRequest
 * Resumed 0-RTT Handshake (with PSK from NST)
+* [ECH](https://datatracker.ietf.org/doc/draft-ietf-tls-esni/)
 
 **NOT supports** certificate with OID RSASSA-PSS, X25519, X448, FFDHE, AES-CCM, Client Authentication, Post-Handshake Authentication, KeyUpdate and external PSKs.
 
@@ -92,9 +93,9 @@ tttls1.3 client is configurable using keyword arguments.
 | `:supported_groups` | Array of TTTLS13::NamedGroup constant | `SECP256R1`, `SECP384R1`, `SECP521R1` | List of named groups offered in ClientHello extensions. |
 | `:key_share_groups` | Array of TTTLS13::NamedGroup constant | nil | List of named groups offered in KeyShareClientHello. In default, KeyShareClientHello has only a KeyShareEntry of most preferred named group in `:supported_groups`. You can set this to send KeyShareClientHello that has multiple KeyShareEntry. |
 | `:alpn` | Array of String | nil | List of application protocols offered in ClientHello extensions. If not needed to be present, set nil. |
-| `:process_new_session_ticket` | Proc | nil | Proc that processes received NewSessionTicket. Its 3 arguments are TTTLS13::Message::NewSessionTicket, resumption master secret and cipher suite. If not needed to process NewSessionTicket, set nil. |
+| `:process_new_session_ticket` | Proc | nil | Proc that processes received NewSessionTicket. Its 3 arguments are TTTLS13::Message::NewSessionTicket, resumption main secret and cipher suite. If not needed to process NewSessionTicket, set nil. |
 | `:ticket` | String | nil | The ticket for PSK. |
-| `:resumption_master_secret` | String | nil | The resumption master secret. |
+| `:resumption_secret` | String | nil | The resumption main secret. |
 | `:psk_cipher_suite` | TTTLS13::CipherSuite constant | nil | The cipher suite for PSK. |
 | `:ticket_nonce` | String | nil | The ticket\_nonce for PSK. |
 | `:ticket_age_add` | String | nil | The ticket\_age\_add for PSK. |
@@ -103,6 +104,8 @@ tttls1.3 client is configurable using keyword arguments.
 | `:check_certificate_status` | Boolean | false | If needed to check certificate status, set true. |
 | `:process_certificate_status` | Proc | `TTTLS13::Client.method(:softfail_check_certificate_status)` | Proc(or Method) that checks received OCSPResponse. Its 3 arguments are OpenSSL::OCSP::Response, end-entity certificate(OpenSSL::X509::Certificate) and certificates chain(Array of Certificate) used for verification and it returns Boolean. |
 | `:compress_certificate_algorithms` | Array of TTTLS13::Message::Extension::CertificateCompressionAlgorithm constant | `ZLIB` | The compression algorithms are supported for compressing the Certificate message. |
+| `:ech_config` | ECHConfig | nil | ECHConfig to use ECH. If needed to use ECH, set TTTLS13::STANDARD\_CLIENT\_ECH_HPKE\_SYMMETRIC\_CIPHER\_SUITES, for example. See [ech_config](https://github.com/thekuwayama/ech_config). |
+| `:ech_hpke_cipher_suites` | Array of ECHConfig::ECHConfigContents::HpkeKeyConfig::HpkeSymmetricCipherSuite | nil | If needed to use ECH, set client preference HPKE cipher suites. |
 | `:compatibility_mode` | Boolean | true | If needed to send ChangeCipherSpec, set true. |
 | `:sslkeylogfile` | String | nil | If needed to log SSLKEYLOGFILE, set the file path. |
 | `:loglevel` | Logger constant | Logger::WARN | If needed to print verbose, set Logger::DEBUG. |

data/example/helper.rb

@@ -3,10 +3,13 @@
 $LOAD_PATH << __dir__ + '/../lib'
 
 require 'socket'
-require 'tttls1.3'
+require 'time'
 require 'webrick'
+
 require 'http/parser'
-require 'time'
+require 'svcb_rr_patch'
+
+require 'tttls1.3'
 
 def simple_http_request(hostname, path = '/')
   s = <<~REQUEST

data/example/https_client_using_0rtt.rb

@@ -15,7 +15,7 @@ process_new_session_ticket = lambda do |nst, rms, cs|
   return if Time.now.to_i - nst.timestamp > nst.ticket_lifetime
 
   settings_2nd[:ticket] = nst.ticket
-  settings_2nd[:resumption_master_secret] = rms
+  settings_2nd[:resumption_main_secret] = rms
   settings_2nd[:psk_cipher_suite] = cs
   settings_2nd[:ticket_nonce] = nst.ticket_nonce
   settings_2nd[:ticket_age_add] = nst.ticket_age_add

data/example/https_client_using_ech.rb

@@ -0,0 +1,32 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+require_relative 'helper'
+HpkeSymmetricCipherSuite = \
+  ECHConfig::ECHConfigContents::HpkeKeyConfig::HpkeSymmetricCipherSuite
+
+hostname = 'crypto.cloudflare.com'
+port = 443
+ca_file = __dir__ + '/../tmp/ca.crt'
+req = simple_http_request(hostname, '/cdn-cgi/trace')
+
+rr = Resolv::DNS.new.getresources(
+  hostname,
+  Resolv::DNS::Resource::IN::HTTPS
+)
+socket = TCPSocket.new(hostname, port)
+settings = {
+  ca_file: File.exist?(ca_file) ? ca_file : nil,
+  alpn: ['http/1.1'],
+  ech_config: rr.first.svc_params['ech'].echconfiglist.first,
+  ech_hpke_cipher_suites:
+    TTTLS13::STANDARD_CLIENT_ECH_HPKE_SYMMETRIC_CIPHER_SUITES,
+  sslkeylogfile: '/tmp/sslkeylogfile.log'
+}
+client = TTTLS13::Client.new(socket, hostname, **settings)
+client.connect
+client.write(req)
+
+print recv_http_response(client)
+client.close unless client.eof?
+socket.close

data/example/https_client_using_grease_ech.rb

@@ -0,0 +1,26 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+require_relative 'helper'
+HpkeSymmetricCipherSuite = \
+  ECHConfig::ECHConfigContents::HpkeKeyConfig::HpkeSymmetricCipherSuite
+
+hostname = 'crypto.cloudflare.com'
+port = 443
+ca_file = __dir__ + '/../tmp/ca.crt'
+
+socket = TCPSocket.new(hostname, port)
+settings = {
+  ca_file: File.exist?(ca_file) ? ca_file : nil,
+  alpn: ['http/1.1'],
+  ech_hpke_cipher_suites:
+    TTTLS13::STANDARD_CLIENT_ECH_HPKE_SYMMETRIC_CIPHER_SUITES,
+  sslkeylogfile: '/tmp/sslkeylogfile.log'
+}
+client = TTTLS13::Client.new(socket, hostname, **settings)
+client.connect
+
+print client.retry_configs if client.rejected_ech?
+
+client.close unless client.eof?
+socket.close

data/example/https_client_using_grease_psk.rb

@@ -0,0 +1,66 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+require_relative 'helper'
+HpkeSymmetricCipherSuite = \
+  ECHConfig::ECHConfigContents::HpkeKeyConfig::HpkeSymmetricCipherSuite
+
+hostname = 'crypto.cloudflare.com'
+port = 443
+ca_file = __dir__ + '/../tmp/ca.crt'
+req = simple_http_request(hostname, '/cdn-cgi/trace')
+
+rr = Resolv::DNS.new.getresources(
+  hostname,
+  Resolv::DNS::Resource::IN::HTTPS
+)
+settings_2nd = {
+  ca_file: File.exist?(ca_file) ? ca_file : nil,
+  alpn: ['http/1.1'],
+  ech_config: rr.first.svc_params['ech'].echconfiglist.first,
+  ech_hpke_cipher_suites:
+    TTTLS13::STANDARD_CLIENT_ECH_HPKE_SYMMETRIC_CIPHER_SUITES,
+  sslkeylogfile: '/tmp/sslkeylogfile.log'
+}
+process_new_session_ticket = lambda do |nst, rms, cs|
+  return if Time.now.to_i - nst.timestamp > nst.ticket_lifetime
+
+  settings_2nd[:ticket] = nst.ticket
+  settings_2nd[:resumption_main_secret] = rms
+  settings_2nd[:psk_cipher_suite] = cs
+  settings_2nd[:ticket_nonce] = nst.ticket_nonce
+  settings_2nd[:ticket_age_add] = nst.ticket_age_add
+  settings_2nd[:ticket_timestamp] = nst.timestamp
+end
+settings_1st = {
+  ca_file: File.exist?(ca_file) ? ca_file : nil,
+  alpn: ['http/1.1'],
+  process_new_session_ticket: process_new_session_ticket,
+  ech_config: rr.first.svc_params['ech'].echconfiglist.first,
+  ech_hpke_cipher_suites: [
+    HpkeSymmetricCipherSuite.new(
+      HpkeSymmetricCipherSuite::HpkeKdfId.new(
+        TTTLS13::Hpke::KdfId::HKDF_SHA256
+      ),
+      HpkeSymmetricCipherSuite::HpkeAeadId.new(
+        TTTLS13::Hpke::AeadId::AES_128_GCM
+      )
+    )
+  ],
+  sslkeylogfile: '/tmp/sslkeylogfile.log'
+}
+
+[
+  # Initial Handshake:
+  settings_1st,
+  # Subsequent Handshake:
+  settings_2nd
+].each do |settings|
+  socket = TCPSocket.new(hostname, port)
+  client = TTTLS13::Client.new(socket, hostname, **settings)
+  client.connect
+  client.write(req)
+  print recv_http_response(client)
+  client.close unless client.eof?
+  socket.close
+end

data/example/https_client_using_hrr_and_ech.rb

@@ -0,0 +1,32 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+require_relative 'helper'
+HpkeSymmetricCipherSuite = \
+  ECHConfig::ECHConfigContents::HpkeKeyConfig::HpkeSymmetricCipherSuite
+
+hostname = 'crypto.cloudflare.com'
+port = 443
+ca_file = __dir__ + '/../tmp/ca.crt'
+req = simple_http_request(hostname, '/cdn-cgi/trace')
+
+rr = Resolv::DNS.new.getresources(
+  hostname,
+  Resolv::DNS::Resource::IN::HTTPS
+)
+socket = TCPSocket.new(hostname, port)
+settings = {
+  ca_file: File.exist?(ca_file) ? ca_file : nil,
+  key_share_groups: [], # empty KeyShareClientHello.client_shares
+  alpn: ['http/1.1'],
+  ech_config: rr.first.svc_params['ech'].echconfiglist.first,
+  ech_hpke_cipher_suites:
+    TTTLS13::STANDARD_CLIENT_ECH_HPKE_SYMMETRIC_CIPHER_SUITES,
+  sslkeylogfile: '/tmp/sslkeylogfile.log'
+}
+client = TTTLS13::Client.new(socket, hostname, **settings)
+client.connect
+client.write(req)
+print recv_http_response(client)
+client.close unless client.eof?
+socket.close

data/example/https_client_using_hrr_and_ticket.rb

@@ -16,7 +16,7 @@ process_new_session_ticket = lambda do |nst, rms, cs|
 
   settings_2nd[:key_share_groups] = [] # empty KeyShareClientHello.client_shares
   settings_2nd[:ticket] = nst.ticket
-  settings_2nd[:resumption_master_secret] = rms
+  settings_2nd[:resumption_main_secret] = rms
   settings_2nd[:psk_cipher_suite] = cs
   settings_2nd[:ticket_nonce] = nst.ticket_nonce
   settings_2nd[:ticket_age_add] = nst.ticket_age_add

data/example/https_client_using_ticket.rb

@@ -15,7 +15,7 @@ process_new_session_ticket = lambda do |nst, rms, cs|
   return if Time.now.to_i - nst.timestamp > nst.ticket_lifetime
 
   settings_2nd[:ticket] = nst.ticket
-  settings_2nd[:resumption_master_secret] = rms
+  settings_2nd[:resumption_main_secret] = rms
   settings_2nd[:psk_cipher_suite] = cs
   settings_2nd[:ticket_nonce] = nst.ticket_nonce
   settings_2nd[:ticket_age_add] = nst.ticket_age_add

data/interop/client_spec.rb

@@ -1,10 +1,10 @@
 # encoding: ascii-8bit
 # frozen_string_literal: true
 
-require_relative 'helper'
+require_relative 'spec_helper'
 
 FIXTURES_DIR = __dir__ + '/../spec/fixtures'
-PORT = 4433
+PORT = 14433
 
 RSpec.describe Client do
   # normal [Boolean] Is this nominal scenarios?
@@ -173,6 +173,7 @@ RSpec.describe Client do
               + '-tls1_3 ' \
               + '-www ' \
               + '-quiet ' \
+              + "-accept #{PORT} " \
               + opt
         pid = spawn('docker run ' \
                     + "--volume #{FIXTURES_DIR}:/tmp " \

data/interop/server_spec.rb

@@ -1,7 +1,7 @@
 # encoding: ascii-8bit
 # frozen_string_literal: true
 
-require_relative 'helper'
+require_relative 'spec_helper'
 
 FIXTURES_DIR = __dir__ + '/../spec/fixtures'
 PORT = 4433
@@ -187,8 +187,6 @@ RSpec.describe Server do
 
       let(:client) do
         ip = Socket.ip_address_list.find(&:ipv4_private?).ip_address
-        wait_to_listen(ip, PORT)
-
         cmd = 'echo -n ping | openssl s_client ' \
               + "-connect local:#{PORT} " \
               + '-tls1_3 ' \

data/interop/{helper.rb → spec_helper.rb}

@@ -13,13 +13,20 @@ include TTTLS13::Error
 # rubocop: enable Style/MixinUsage
 
 def wait_to_listen(host, port)
-  loop do
-    s = TCPSocket.open(host, port) # check by TCP handshake
-  rescue # rubocop: disable Style/RescueStandardError
-    sleep(0.2)
+  10.times do
+    soc = TCPSocket.open(host, port)
+    ctx = OpenSSL::SSL::SSLContext.new
+    ctx.max_version = OpenSSL::SSL::TLS1_3_VERSION
+    ssl = OpenSSL::SSL::SSLSocket.new(soc, ctx)
+    ssl.sync_close = true
+    ssl.connect
+  rescue => e # rubocop: disable Style/RescueStandardError
+    p e
+    soc&.close
+    sleep(0.5)
     next
   else
-    s.close
+    ssl.close
     break
   end
 end