tttls1.3 0.3.3 → 0.3.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fa5d7f448e0c984d75be22a995278853b4d4b0c505aaaa92fc5e99f48371fc82
-  data.tar.gz: 4a0d95465cabfd048ea1d7190c1c617dcc26a5395e06f7acc0173fcbbfe0bd04
+  metadata.gz: '0913f70f0bdbfd6740f41ce7902f55660ea1bd99533a8f765f9d98a1bd56a58c'
+  data.tar.gz: 611a063ae74498d19636ebf3ee3741b76164856341bb38ec9966a999579bdfb1
 SHA512:
-  metadata.gz: 4035648fa81ae715315e1efbddd9b0b0506395180d0c7e994d6c8dd49d714e0754717b0cfa93bee702b4ef5a4d8e29bb765fae6045fdb7b24a3e25a1098eca38
-  data.tar.gz: 3c9d5286f1724b4998325ab811bf2e6ce44dbbbebb3ffb3c6c01ffe76f2d730797a599196b1ec6c3a894265b16ed0b12a78f2eeca53a36b52980de85db76f247
+  metadata.gz: 88f39003d30f4642c67a61169923fe248bc572b4a1c638eb36803dc4278aa91a499919784cd060fa35c522bcb935745d1b4542abb1963514aba1f86f1ea789fd
+  data.tar.gz: cd2ae8cd383cd9737a732d53c8ca27cbacdcd3c4a5b6bee62f5f43faba4fd8eb8067b0621df18d8b77db679823c3aa26947508fe5827939bf6741e6f417a1d80

data/Gemfile

@@ -9,11 +9,12 @@ gem 'openssl'
 gem 'rake'
 
 group :development do
+  gem 'base64'
   gem 'byebug'
   gem 'http_parser.rb'
+  gem 'resolv', '~> 0.4.0'
   gem 'rspec', '3.9.0'
   gem 'rubocop', '0.78.0'
-  gem 'svcb_rr_patch'
   gem 'webrick'
 end
 

data/example/helper.rb

@@ -2,6 +2,8 @@
 
 $LOAD_PATH << __dir__ + '/../lib'
 
+require 'base64'
+require 'resolv'
 require 'socket'
 require 'time'
 require 'uri'
@@ -9,7 +11,6 @@ require 'webrick'
 
 require 'ech_config'
 require 'http/parser'
-require 'svcb_rr_patch'
 
 require 'tttls1.3'
 
@@ -86,7 +87,8 @@ def transcript_htmlize(transcript)
 end
 
 def parse_echconfigs_pem(pem)
-  s = pem.gsub(/-----(BEGIN|END) ECH CONFIGS-----/, '')
+  # https://datatracker.ietf.org/doc/html/draft-farrell-tls-pemesni-08#section-3-4
+  s = pem.gsub(/-----(BEGIN|END) (ECH CONFIGS|ECHCONFIG)-----/, '')
          .gsub("\n", '')
   b = Base64.decode64(s)
   raise 'failed to parse ECHConfigs' \
@@ -100,8 +102,15 @@ def resolve_echconfig(hostname)
     hostname,
     Resolv::DNS::Resource::IN::HTTPS
   )
+
+  # https://datatracker.ietf.org/doc/html/draft-ietf-tls-svcb-ech-01#section-6
+  ech = 5
   raise "failed to resolve echconfig via #{hostname} HTTPS RR" \
-    if rr.first.nil? || !rr.first.svc_params.keys.include?('ech')
+    if rr.first.nil? || rr.first.params[ech].nil?
+
+  octet = rr.first.params[ech].value
+  raise 'failed to parse ECHConfigs' \
+    unless octet.length == octet.slice(0, 2).unpack1('n') + 2
 
-  rr.first.svc_params['ech'].echconfiglist.first
+  ECHConfig.decode_vectors(octet.slice(2..)).first
 end

data/lib/tttls1.3/client.rb

@@ -89,8 +89,8 @@ module TTTLS13
   class Client
     include Logging
 
-    HpkeSymmetricCipherSuit = \
-      ECHConfig::ECHConfigContents::HpkeKeyConfig::HpkeSymmetricCipherSuite
+    HpkeSymmetricCipherSuit \
+      = ECHConfig::ECHConfigContents::HpkeKeyConfig::HpkeSymmetricCipherSuite
 
     attr_reader :transcript
 
@@ -110,7 +110,6 @@ module TTTLS13
       raise Error::ConfigError unless valid_settings?
     end
 
-    # NOTE:
     #                           START <----+
     #            Send ClientHello |        | Recv HelloRetryRequest
     #       [K_send = early data] |        |
@@ -327,7 +326,7 @@ module TTTLS13
           )
 
           # rejected ECH
-          # NOTE: It can compute (hrr_)accept_ech until client selects the
+          # It can compute (hrr_)accept_ech until client selects the
           # cipher_suite.
           if !sh.hrr? && use_ech?
             if !@transcript.include?(HRR) && !key_schedule.accept_ech?
@@ -1008,7 +1007,6 @@ module TTTLS13
       [new_exs, priv_keys]
     end
 
-    # NOTE:
     # https://datatracker.ietf.org/doc/html/rfc8446#section-4.1.2
     #
     # @param ch1 [TTTLS13::Message::ClientHello]

data/lib/tttls1.3/cryptograph/aead.rb

@@ -23,8 +23,6 @@ module TTTLS13
         when CipherSuite::TLS_CHACHA20_POLY1305_SHA256
           @cipher = OpenSSL::Cipher.new('chacha20-poly1305')
         else
-          # Note:
-          # not supported
           # CipherSuite::TLS_AES_128_CCM_SHA256
           # CipherSuite::TLS_AES_128_CCM_8_SHA256
           raise Error::ErrorAlerts, :internal_error
@@ -36,7 +34,6 @@ module TTTLS13
         @auth_tag_len = CipherSuite.auth_tag_len(@cipher_suite)
       end
 
-      # NOTE:
       #     AEAD-Encrypt(write_key, nonce, additional_data, plaintext)
       #
       # @param content [String]
@@ -53,7 +50,6 @@ module TTTLS13
         encrypted_data + cipher.auth_tag
       end
 
-      # NOTE:
       #     AEAD-Decrypt(peer_write_key, nonce,
       #                  additional_data, AEADEncrypted)
       #
@@ -78,7 +74,6 @@ module TTTLS13
         [clear[0...-postfix_len], clear[-postfix_len]]
       end
 
-      # NOTE:
       #     struct {
       #         opaque content[TLSPlaintext.length];
       #         ContentType type;

data/lib/tttls1.3/ech.rb

@@ -19,7 +19,7 @@ module TTTLS13
     # @param hpke_cipher_suite_selector [Method]
     #
     # @return [TTTLS13::Message::ClientHello]
-    # @return [TTTLS13::Message::ClientHello]
+    # @return [TTTLS13::Message::ClientHello] ClientHelloInner
     # @return [TTTLS13::EchState]
     # rubocop: disable Metrics/AbcSize
     def self.offer_ech(inner, ech_config, hpke_cipher_suite_selector)
@@ -110,7 +110,7 @@ module TTTLS13
     # @param ech_state [TTTLS13::EchState]
     #
     # @return [TTTLS13::Message::ClientHello]
-    # @return [TTTLS13::Message::ClientHello]
+    # @return [TTTLS13::Message::ClientHello] ClientHelloInner
     def self.offer_new_ech(inner, ech_state)
       # for ech_outer_extensions
       replaced = \

data/lib/tttls1.3/key_schedule.rb

@@ -250,7 +250,7 @@ module TTTLS13
     #
     # @raise [TTTLS13::Error::ErrorAlerts]
     #
-    # @param [String]
+    # @return [String]
     def self.hkdf_expand(secret, info, length, digest)
       hash_len = OpenSSL::Digest.new(digest).digest_length
       raise Error::ErrorAlerts, :internal_error if length > 255 * hash_len

data/lib/tttls1.3/message/application_data.rb

@@ -6,7 +6,7 @@ module TTTLS13
     class ApplicationData
       attr_reader :fragment
 
-      # @param [String]
+      # @param fragment [String]
       def initialize(fragment)
         @fragment = fragment
       end

data/lib/tttls1.3/message/client_hello.rb

@@ -160,6 +160,14 @@ module TTTLS13
           sg_groups.filter { |g| ks_groups.include?(g) } == ks_groups &&
           ks_groups.uniq == ks_groups
       end
+
+      # @return [Boolean]
+      def ch_inner?
+        ech = @extensions[Message::ExtensionType::ENCRYPTED_CLIENT_HELLO]
+        return false if ech.nil?
+
+        ech.type == Message::Extension::ECHClientHelloType::INNER
+      end
     end
   end
 end

data/lib/tttls1.3/message/extension/alpn.rb

@@ -9,7 +9,7 @@ module TTTLS13
         attr_reader :extension_type
         attr_reader :protocol_name_list
 
-        # @param named_group_list [Array of String]
+        # @param protocol_name_list [Array] Array of String
         #
         # @raise [TTTLS13::Error::ErrorAlerts]
         #

data/lib/tttls1.3/message/extension/ech.rb

@@ -12,7 +12,6 @@ module TTTLS13
         INNER = "\x01"
       end
 
-      # NOTE:
       #     struct {
       #         ECHClientHelloType type;
       #         select (ECHClientHello.type) {
@@ -165,7 +164,6 @@ module TTTLS13
         end
       end
 
-      # NOTE:
       #     struct {
       #         ECHConfigList retry_configs;
       #     } ECHEncryptedExtensions;
@@ -202,7 +200,6 @@ module TTTLS13
         end
       end
 
-      # NOTE:
       #     struct {
       #         opaque confirmation[8];
       #     } ECHHelloRetryRequest;

data/lib/tttls1.3/message/extension/ech_outer_extensions.rb

@@ -5,7 +5,6 @@ module TTTLS13
   using Refinements
   module Message
     module Extension
-      # NOTE:
       #     ExtensionType OuterExtensions<2..254>;
       class ECHOuterExtensions
         attr_reader :extension_type

data/lib/tttls1.3/message/extension/key_share.rb

@@ -11,7 +11,7 @@ module TTTLS13
         attr_reader :msg_type
         attr_reader :key_share_entry
 
-        # @param msg_type [TTTLS13::Message::ContentType]
+        # @param msg_type [TTTLS13::Message::HandshakeType]
         # @param key_share_entry [Array of KeyShareEntry]
         #
         # @raise [TTTLS13::Error::ErrorAlerts]
@@ -108,7 +108,7 @@ module TTTLS13
           [key_share, priv_keys]
         end
 
-        # @param groups [TTTLS13::NamedGroup]
+        # @param group [TTTLS13::NamedGroup]
         #
         # @return [TTTLS13::Message::Extensions::KeyShare]
         # @return [OpenSSL::PKey::EC.$Object]
@@ -129,7 +129,7 @@ module TTTLS13
           [key_share, ec]
         end
 
-        # @param groups [TTTLS13::NamedGroup]
+        # @param group [TTTLS13::NamedGroup]
         #
         # @return [TTTLS13::Message::Extensions::KeyShare]
         def self.gen_hrr_key_share(group)
@@ -143,7 +143,6 @@ module TTTLS13
         class << self
           private
 
-          # NOTE:
           #     struct {
           #         KeyShareEntry client_shares<0..2^16-1>;
           #     } KeyShareClientHello;
@@ -178,7 +177,6 @@ module TTTLS13
             key_share_entry
           end
 
-          # NOTE:
           #     struct {
           #         KeyShareEntry server_share;
           #     } KeyShareServerHello;
@@ -201,7 +199,6 @@ module TTTLS13
             [KeyShareEntry.new(group: group, key_exchange: key_exchange)]
           end
 
-          # NOTE:
           #     struct {
           #         NamedGroup selected_group;
           #     } KeyShareHelloRetryRequest;

data/lib/tttls1.3/message/extension/pre_shared_key.rb

@@ -5,7 +5,6 @@ module TTTLS13
   using Refinements
   module Message
     module Extension
-      # NOTE:
       #     struct {
       #         select (Handshake.msg_type) {
       #             case client_hello: OfferedPsks;
@@ -83,7 +82,6 @@ module TTTLS13
         end
       end
 
-      # NOTE:
       #     opaque PskBinderEntry<32..255>;
       #
       #     struct {
@@ -172,7 +170,6 @@ module TTTLS13
         # rubocop: enable Metrics/PerceivedComplexity
       end
 
-      # NOTE:
       #     struct {
       #         opaque identity<1..2^16-1>;
       #         uint32 obfuscated_ticket_age;

data/lib/tttls1.3/message/extension/server_name.rb

@@ -9,7 +9,6 @@ module TTTLS13
         HOST_NAME = "\x00"
       end
 
-      # NOTE:
       # The extension_data field SHALL be empty when @server_name is empty.
       # Then, serialized extension_data is
       #

data/lib/tttls1.3/message/extension/signature_algorithms_cert.rb

@@ -5,7 +5,7 @@ module TTTLS13
   module Message
     module Extension
       class SignatureAlgorithmsCert < SignatureAlgorithms
-        # @param versions [Array of SignatureScheme]
+        # @param supported_signature_algorithms [Array] Array of SignatureScheme
         def initialize(supported_signature_algorithms)
           super(supported_signature_algorithms)
           @extension_type = ExtensionType::SIGNATURE_ALGORITHMS_CERT

data/lib/tttls1.3/message/extension/unknown_extension.rb

@@ -5,7 +5,6 @@ module TTTLS13
   using Refinements
   module Message
     module Extension
-      # NOTE:
       # Client/Server MUST ignore unrecognized extensions,
       # but transcript MUST include unrecognized extensions.
       class UnknownExtension

data/lib/tttls1.3/message/extensions.rb

@@ -21,7 +21,6 @@ module TTTLS13
 
       alias super_fetch fetch
 
-      # NOTE:
       # "pre_shared_key" MUST be the last extension in the ClientHello
       #
       # @return [String]
@@ -136,7 +135,6 @@ module TTTLS13
       class << self
         private
 
-        # NOTE:
         # deserialize_extension ignores unparsable extension.
         # Received unparsable binary, returns nil, doesn't raise
         # ErrorAlerts :decode_error.

data/lib/tttls1.3/message/record.rb

@@ -27,7 +27,6 @@ module TTTLS13
         @cipher = cipher
       end
 
-      # NOTE:
       # serialize joins messages.
       # If serialize is received Server Parameters(EE, CT, CV),
       # it returns one binary.
@@ -50,7 +49,6 @@ module TTTLS13
         end.join
       end
 
-      # NOTE:
       # If previous Record has surplus_binary,
       # surplus_binary should is given to Record.deserialize as buffered.
       #

data/lib/tttls1.3/named_group.rb

@@ -17,7 +17,6 @@ module TTTLS13
     # ecdhe_private_use "\xfe\x00" ~ "\xfe\xff"
 
     class << self
-      # NOTE:
       # For secp256r1, secp384r1, and secp521r1
       #
       #     struct {
@@ -57,7 +56,6 @@ module TTTLS13
         end
       end
 
-      # NOTE:
       # SECG        |  ANSI X9.62   |  NIST
       # ------------+---------------+-------------
       # secp256r1   |  prime256v1   |   NIST P-256
@@ -66,7 +64,7 @@ module TTTLS13
       #
       # https://datatracker.ietf.org/doc/html/rfc4492#appendix-A
       #
-      # @param groups [Array of TTTLS13::Message::Extension::NamedGroup]
+      # @param group [TTTLS13::Message::Extension::NamedGroup]
       #
       # @raise [TTTLS13::Error::ErrorAlerts]
       #

data/lib/tttls1.3/server.rb

@@ -96,7 +96,6 @@ module TTTLS13
       end
     end
 
-    # NOTE:
     #                              START <-----+
     #               Recv ClientHello |         | Send HelloRetryRequest
     #                                v         |

data/lib/tttls1.3/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module TTTLS13
-  VERSION = '0.3.3'
+  VERSION = '0.3.4'
 end

data/spec/client_hello_spec.rb

@@ -37,6 +37,7 @@ RSpec.describe ClientHello do
       expect(message.legacy_compression_methods).to eq ["\x00"]
       expect(message.extensions).to be_empty
       expect(message.negotiated_tls_1_3?).to be false
+      expect(message.ch_inner?).to be false
     end
 
     it 'should be serialized' do
@@ -83,4 +84,22 @@ RSpec.describe ClientHello do
       expect(message.serialize).to eq TESTBINARY_0_RTT_CLIENT_HELLO
     end
   end
+
+  context 'valid inner client_hello' do
+    let(:message) do
+      cipher_suites = CipherSuites.new([TLS_AES_256_GCM_SHA384,
+                                        TLS_CHACHA20_POLY1305_SHA256,
+                                        TLS_AES_128_GCM_SHA256])
+      ch = ClientHello.new(random: OpenSSL::Random.random_bytes(32),
+                           legacy_session_id: Array.new(32, 0).map(&:chr).join,
+                           cipher_suites: cipher_suites)
+      ch.extensions[Message::ExtensionType::ENCRYPTED_CLIENT_HELLO] \
+        = Message::Extension::ECHClientHello.new_inner
+      ch
+    end
+
+    it 'should generate ClientHelloInner' do
+      expect(message.ch_inner?).to be true
+    end
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tttls1.3
 version: !ruby/object:Gem::Version
-  version: 0.3.3
+  version: 0.3.4
 platform: ruby
 authors:
 - thekuwayama
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-04-19 00:00:00.000000000 Z
+date: 2024-12-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler