mirror of https://github.com/telemt/telemt.git
Drafting TLS Certificates in TLS ServerHello
This commit is contained in:
Alexey
parent
06b9693cf0
commit
ae8124d6c6
|
|
@ -31,6 +31,7 @@ impl TlsFrontCache {
|
|||
let default = Arc::new(CachedTlsData {
|
||||
server_hello_template: default_template,
|
||||
cert_info: None,
|
||||
cert_payload: None,
|
||||
app_data_records_sizes: vec![default_len],
|
||||
total_app_data_len: default_len,
|
||||
fetched_at: SystemTime::now(),
|
||||
|
|
@ -142,6 +143,7 @@ impl TlsFrontCache {
|
|||
let data = CachedTlsData {
|
||||
server_hello_template: fetched.server_hello_parsed,
|
||||
cert_info: fetched.cert_info,
|
||||
cert_payload: fetched.cert_payload,
|
||||
app_data_records_sizes: fetched.app_data_records_sizes.clone(),
|
||||
total_app_data_len: fetched.total_app_data_len,
|
||||
fetched_at: SystemTime::now(),
|
||||
|
|
|
|||
|
|
@ -27,6 +27,33 @@ fn jitter_and_clamp_sizes(sizes: &[usize], rng: &SecureRandom) -> Vec<usize> {
|
|||
.collect()
|
||||
}
|
||||
|
||||
fn ensure_payload_capacity(mut sizes: Vec<usize>, payload_len: usize) -> Vec<usize> {
|
||||
if payload_len == 0 {
|
||||
return sizes;
|
||||
}
|
||||
|
||||
let mut total = sizes.iter().sum::<usize>();
|
||||
if total >= payload_len {
|
||||
return sizes;
|
||||
}
|
||||
|
||||
if let Some(last) = sizes.last_mut() {
|
||||
let free = MAX_APP_DATA.saturating_sub(*last);
|
||||
let grow = free.min(payload_len - total);
|
||||
*last += grow;
|
||||
total += grow;
|
||||
}
|
||||
|
||||
while total < payload_len {
|
||||
let remaining = payload_len - total;
|
||||
let chunk = remaining.min(MAX_APP_DATA).max(MIN_APP_DATA);
|
||||
sizes.push(chunk);
|
||||
total += chunk;
|
||||
}
|
||||
|
||||
sizes
|
||||
}
|
||||
|
||||
/// Build a ServerHello + CCS + ApplicationData sequence using cached TLS metadata.
|
||||
pub fn build_emulated_server_hello(
|
||||
secret: &[u8],
|
||||
|
|
@ -109,21 +136,44 @@ pub fn build_emulated_server_hello(
|
|||
if sizes.is_empty() {
|
||||
sizes.push(cached.total_app_data_len.max(1024));
|
||||
}
|
||||
let sizes = jitter_and_clamp_sizes(&sizes, rng);
|
||||
let mut sizes = jitter_and_clamp_sizes(&sizes, rng);
|
||||
let cert_payload = cached
|
||||
.cert_payload
|
||||
.as_ref()
|
||||
.map(|payload| payload.certificate_message.as_slice())
|
||||
.filter(|payload| !payload.is_empty());
|
||||
|
||||
if let Some(payload) = cert_payload {
|
||||
sizes = ensure_payload_capacity(sizes, payload.len());
|
||||
}
|
||||
|
||||
let mut app_data = Vec::new();
|
||||
let mut payload_offset = 0usize;
|
||||
for size in sizes {
|
||||
let mut rec = Vec::with_capacity(5 + size);
|
||||
rec.push(TLS_RECORD_APPLICATION);
|
||||
rec.extend_from_slice(&TLS_VERSION);
|
||||
rec.extend_from_slice(&(size as u16).to_be_bytes());
|
||||
if size > 17 {
|
||||
let body_len = size - 17;
|
||||
rec.extend_from_slice(&rng.bytes(body_len));
|
||||
rec.push(0x16); // inner content type marker (handshake)
|
||||
rec.extend_from_slice(&rng.bytes(16)); // AEAD-like tag
|
||||
|
||||
if let Some(payload) = cert_payload {
|
||||
let remaining = payload.len().saturating_sub(payload_offset);
|
||||
let copy_len = remaining.min(size);
|
||||
if copy_len > 0 {
|
||||
rec.extend_from_slice(&payload[payload_offset..payload_offset + copy_len]);
|
||||
payload_offset += copy_len;
|
||||
}
|
||||
if size > copy_len {
|
||||
rec.extend_from_slice(&rng.bytes(size - copy_len));
|
||||
}
|
||||
} else {
|
||||
rec.extend_from_slice(&rng.bytes(size));
|
||||
if size > 17 {
|
||||
let body_len = size - 17;
|
||||
rec.extend_from_slice(&rng.bytes(body_len));
|
||||
rec.push(0x16); // inner content type marker (handshake)
|
||||
rec.extend_from_slice(&rng.bytes(16)); // AEAD-like tag
|
||||
} else {
|
||||
rec.extend_from_slice(&rng.bytes(size));
|
||||
}
|
||||
}
|
||||
app_data.extend_from_slice(&rec);
|
||||
}
|
||||
|
|
@ -158,3 +208,92 @@ pub fn build_emulated_server_hello(
|
|||
|
||||
response
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use std::time::SystemTime;
|
||||
|
||||
use crate::tls_front::types::{CachedTlsData, ParsedServerHello, TlsCertPayload};
|
||||
|
||||
use super::build_emulated_server_hello;
|
||||
use crate::crypto::SecureRandom;
|
||||
use crate::protocol::constants::{
|
||||
TLS_RECORD_APPLICATION, TLS_RECORD_CHANGE_CIPHER, TLS_RECORD_HANDSHAKE,
|
||||
};
|
||||
|
||||
fn first_app_data_payload(response: &[u8]) -> &[u8] {
|
||||
let hello_len = u16::from_be_bytes([response[3], response[4]]) as usize;
|
||||
let ccs_start = 5 + hello_len;
|
||||
let ccs_len = u16::from_be_bytes([response[ccs_start + 3], response[ccs_start + 4]]) as usize;
|
||||
let app_start = ccs_start + 5 + ccs_len;
|
||||
let app_len = u16::from_be_bytes([response[app_start + 3], response[app_start + 4]]) as usize;
|
||||
&response[app_start + 5..app_start + 5 + app_len]
|
||||
}
|
||||
|
||||
fn make_cached(cert_payload: Option<TlsCertPayload>) -> CachedTlsData {
|
||||
CachedTlsData {
|
||||
server_hello_template: ParsedServerHello {
|
||||
version: [0x03, 0x03],
|
||||
random: [0u8; 32],
|
||||
session_id: Vec::new(),
|
||||
cipher_suite: [0x13, 0x01],
|
||||
compression: 0,
|
||||
extensions: Vec::new(),
|
||||
},
|
||||
cert_info: None,
|
||||
cert_payload,
|
||||
app_data_records_sizes: vec![64],
|
||||
total_app_data_len: 64,
|
||||
fetched_at: SystemTime::now(),
|
||||
domain: "example.com".to_string(),
|
||||
}
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_build_emulated_server_hello_uses_cached_cert_payload() {
|
||||
let cert_msg = vec![0x0b, 0x00, 0x00, 0x05, 0x00, 0xaa, 0xbb, 0xcc, 0xdd];
|
||||
let cached = make_cached(Some(TlsCertPayload {
|
||||
cert_chain_der: vec![vec![0x30, 0x01, 0x00]],
|
||||
certificate_message: cert_msg.clone(),
|
||||
}));
|
||||
let rng = SecureRandom::new();
|
||||
let response = build_emulated_server_hello(
|
||||
b"secret",
|
||||
&[0x11; 32],
|
||||
&[0x22; 16],
|
||||
&cached,
|
||||
&rng,
|
||||
None,
|
||||
0,
|
||||
);
|
||||
|
||||
assert_eq!(response[0], TLS_RECORD_HANDSHAKE);
|
||||
let hello_len = u16::from_be_bytes([response[3], response[4]]) as usize;
|
||||
let ccs_start = 5 + hello_len;
|
||||
assert_eq!(response[ccs_start], TLS_RECORD_CHANGE_CIPHER);
|
||||
let app_start = ccs_start + 6;
|
||||
assert_eq!(response[app_start], TLS_RECORD_APPLICATION);
|
||||
|
||||
let payload = first_app_data_payload(&response);
|
||||
assert!(payload.starts_with(&cert_msg));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_build_emulated_server_hello_random_fallback_when_no_cert_payload() {
|
||||
let cached = make_cached(None);
|
||||
let rng = SecureRandom::new();
|
||||
let response = build_emulated_server_hello(
|
||||
b"secret",
|
||||
&[0x22; 32],
|
||||
&[0x33; 16],
|
||||
&cached,
|
||||
&rng,
|
||||
None,
|
||||
0,
|
||||
);
|
||||
|
||||
let payload = first_app_data_payload(&response);
|
||||
assert_eq!(payload.len(), 64);
|
||||
assert_eq!(payload[payload.len() - 17], 0x16);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,7 +19,13 @@ use x509_parser::certificate::X509Certificate;
|
|||
|
||||
use crate::crypto::SecureRandom;
|
||||
use crate::protocol::constants::{TLS_RECORD_APPLICATION, TLS_RECORD_HANDSHAKE};
|
||||
use crate::tls_front::types::{ParsedServerHello, TlsExtension, TlsFetchResult, ParsedCertificateInfo};
|
||||
use crate::tls_front::types::{
|
||||
ParsedCertificateInfo,
|
||||
ParsedServerHello,
|
||||
TlsCertPayload,
|
||||
TlsExtension,
|
||||
TlsFetchResult,
|
||||
};
|
||||
|
||||
/// No-op verifier: accept any certificate (we only need lengths and metadata).
|
||||
#[derive(Debug)]
|
||||
|
|
@ -315,6 +321,46 @@ fn parse_cert_info(certs: &[CertificateDer<'static>]) -> Option<ParsedCertificat
|
|||
})
|
||||
}
|
||||
|
||||
fn u24_bytes(value: usize) -> Option<[u8; 3]> {
|
||||
if value > 0x00ff_ffff {
|
||||
return None;
|
||||
}
|
||||
Some([
|
||||
((value >> 16) & 0xff) as u8,
|
||||
((value >> 8) & 0xff) as u8,
|
||||
(value & 0xff) as u8,
|
||||
])
|
||||
}
|
||||
|
||||
fn encode_tls13_certificate_message(cert_chain_der: &[Vec<u8>]) -> Option<Vec<u8>> {
|
||||
if cert_chain_der.is_empty() {
|
||||
return None;
|
||||
}
|
||||
|
||||
let mut certificate_list = Vec::new();
|
||||
for cert in cert_chain_der {
|
||||
if cert.is_empty() {
|
||||
return None;
|
||||
}
|
||||
certificate_list.extend_from_slice(&u24_bytes(cert.len())?);
|
||||
certificate_list.extend_from_slice(cert);
|
||||
certificate_list.extend_from_slice(&0u16.to_be_bytes()); // cert_entry extensions
|
||||
}
|
||||
|
||||
// Certificate = context_len(1) + certificate_list_len(3) + entries
|
||||
let body_len = 1usize
|
||||
.checked_add(3)?
|
||||
.checked_add(certificate_list.len())?;
|
||||
|
||||
let mut message = Vec::with_capacity(4 + body_len);
|
||||
message.push(0x0b); // HandshakeType::certificate
|
||||
message.extend_from_slice(&u24_bytes(body_len)?);
|
||||
message.push(0x00); // certificate_request_context length
|
||||
message.extend_from_slice(&u24_bytes(certificate_list.len())?);
|
||||
message.extend_from_slice(&certificate_list);
|
||||
Some(message)
|
||||
}
|
||||
|
||||
async fn fetch_via_raw_tls(
|
||||
host: &str,
|
||||
port: u16,
|
||||
|
|
@ -368,6 +414,7 @@ async fn fetch_via_raw_tls(
|
|||
},
|
||||
total_app_data_len,
|
||||
cert_info: None,
|
||||
cert_payload: None,
|
||||
})
|
||||
}
|
||||
|
||||
|
|
@ -429,8 +476,19 @@ pub async fn fetch_real_tls(
|
|||
.peer_certificates()
|
||||
.map(|slice| slice.to_vec())
|
||||
.unwrap_or_default();
|
||||
let cert_chain_der: Vec<Vec<u8>> = certs.iter().map(|c| c.as_ref().to_vec()).collect();
|
||||
let cert_payload = encode_tls13_certificate_message(&cert_chain_der).map(|certificate_message| {
|
||||
TlsCertPayload {
|
||||
cert_chain_der: cert_chain_der.clone(),
|
||||
certificate_message,
|
||||
}
|
||||
});
|
||||
|
||||
let total_cert_len: usize = certs.iter().map(|c| c.len()).sum::<usize>().max(1024);
|
||||
let total_cert_len = cert_payload
|
||||
.as_ref()
|
||||
.map(|payload| payload.certificate_message.len())
|
||||
.unwrap_or_else(|| cert_chain_der.iter().map(Vec::len).sum::<usize>())
|
||||
.max(1024);
|
||||
let cert_info = parse_cert_info(&certs);
|
||||
|
||||
// Heuristic: split across two records if large to mimic real servers a bit.
|
||||
|
|
@ -453,6 +511,7 @@ pub async fn fetch_real_tls(
|
|||
sni = %sni,
|
||||
len = total_cert_len,
|
||||
cipher = format!("0x{:04x}", u16::from_be_bytes(cipher_suite)),
|
||||
has_cert_payload = cert_payload.is_some(),
|
||||
"Fetched TLS metadata via rustls"
|
||||
);
|
||||
|
||||
|
|
@ -461,5 +520,38 @@ pub async fn fetch_real_tls(
|
|||
app_data_records_sizes: app_data_records_sizes.clone(),
|
||||
total_app_data_len: app_data_records_sizes.iter().sum(),
|
||||
cert_info,
|
||||
cert_payload,
|
||||
})
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use super::encode_tls13_certificate_message;
|
||||
|
||||
fn read_u24(bytes: &[u8]) -> usize {
|
||||
((bytes[0] as usize) << 16) | ((bytes[1] as usize) << 8) | (bytes[2] as usize)
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_encode_tls13_certificate_message_single_cert() {
|
||||
let cert = vec![0x30, 0x03, 0x02, 0x01, 0x01];
|
||||
let message = encode_tls13_certificate_message(&[cert.clone()]).expect("message");
|
||||
|
||||
assert_eq!(message[0], 0x0b);
|
||||
assert_eq!(read_u24(&message[1..4]), message.len() - 4);
|
||||
assert_eq!(message[4], 0x00);
|
||||
|
||||
let cert_list_len = read_u24(&message[5..8]);
|
||||
assert_eq!(cert_list_len, cert.len() + 5);
|
||||
|
||||
let cert_len = read_u24(&message[8..11]);
|
||||
assert_eq!(cert_len, cert.len());
|
||||
assert_eq!(&message[11..11 + cert.len()], cert.as_slice());
|
||||
assert_eq!(&message[11 + cert.len()..13 + cert.len()], &[0x00, 0x00]);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_encode_tls13_certificate_message_empty_chain() {
|
||||
assert!(encode_tls13_certificate_message(&[]).is_none());
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -29,11 +29,23 @@ pub struct ParsedCertificateInfo {
|
|||
pub san_names: Vec<String>,
|
||||
}
|
||||
|
||||
/// TLS certificate payload captured from profiled upstream.
|
||||
///
|
||||
/// `certificate_message` stores an encoded TLS 1.3 Certificate handshake
|
||||
/// message body that can be replayed as opaque ApplicationData bytes in FakeTLS.
|
||||
#[derive(Debug, Clone, Serialize, Deserialize)]
|
||||
pub struct TlsCertPayload {
|
||||
pub cert_chain_der: Vec<Vec<u8>>,
|
||||
pub certificate_message: Vec<u8>,
|
||||
}
|
||||
|
||||
/// Cached data per SNI used by the emulator.
|
||||
#[derive(Debug, Clone, Serialize, Deserialize)]
|
||||
pub struct CachedTlsData {
|
||||
pub server_hello_template: ParsedServerHello,
|
||||
pub cert_info: Option<ParsedCertificateInfo>,
|
||||
#[serde(default)]
|
||||
pub cert_payload: Option<TlsCertPayload>,
|
||||
pub app_data_records_sizes: Vec<usize>,
|
||||
pub total_app_data_len: usize,
|
||||
#[serde(default = "now_system_time", skip_serializing, skip_deserializing)]
|
||||
|
|
@ -52,4 +64,5 @@ pub struct TlsFetchResult {
|
|||
pub app_data_records_sizes: Vec<usize>,
|
||||
pub total_app_data_len: usize,
|
||||
pub cert_info: Option<ParsedCertificateInfo>,
|
||||
pub cert_payload: Option<TlsCertPayload>,
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue