astelm/telemt
1
0
Fork 0
mirror of https://github.com/telemt/telemt.git synced 2026-06-18 17:08:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Hardened TLS-F ServerHello selection

Browse Source 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
This commit is contained in:
Alexey
2026-06-11 13:07:40 +03:00
parent db7ff8737c
commit c4b58ad374
6 changed files with 126 additions and 128 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
src/tls_front/emulator.rs
View File

@@ -6,8 +6,7 @@ use crate::protocol::constants::{
TLS_RECORD_HANDSHAKE, TLS_VERSION,
};
use crate::protocol::tls::{
ClientHelloTlsVersion, TLS_DIGEST_LEN, TLS_DIGEST_POS, TLS_NAMED_GROUP_X25519,
TLS_NAMED_GROUP_X25519MLKEM768, gen_fake_x25519_key,
ClientHelloTlsVersion, TLS_DIGEST_LEN, TLS_DIGEST_POS, TLS_NAMED_GROUP_X25519MLKEM768,
gen_fake_x25519mlkem768_server_key_share,
};
use crate::tls_front::types::{
@@ -216,25 +215,15 @@ fn push_key_share_entry(extensions: &mut Vec<u8>, group: u16, key_exchange: &[u8
extensions.extend_from_slice(key_exchange);
}
fn push_key_share_extension(
extensions: &mut Vec<u8>,
rng: &SecureRandom,
selected_key_share_group: u16,
) {
if selected_key_share_group == TLS_NAMED_GROUP_X25519MLKEM768 {
let key = gen_fake_x25519mlkem768_server_key_share(rng);
push_key_share_entry(extensions, TLS_NAMED_GROUP_X25519MLKEM768, &key);
} else {
let key = gen_fake_x25519_key(rng);
push_key_share_entry(extensions, TLS_NAMED_GROUP_X25519, &key);
}
fn push_key_share_extension(extensions: &mut Vec<u8>, rng: &SecureRandom) {
let key = gen_fake_x25519mlkem768_server_key_share(rng);
push_key_share_entry(extensions, TLS_NAMED_GROUP_X25519MLKEM768, &key);
}
fn replay_profiled_server_hello_extension(
ext: &TlsExtension,
extensions: &mut Vec<u8>,
rng: &SecureRandom,
selected_key_share_group: u16,
saw_supported_versions: &mut bool,
saw_key_share: &mut bool,
) {
@@ -244,7 +233,7 @@ fn replay_profiled_server_hello_extension(
*saw_supported_versions = true;
}
EXT_KEY_SHARE if !*saw_key_share => {
push_key_share_extension(extensions, rng, selected_key_share_group);
push_key_share_extension(extensions, rng);
*saw_key_share = true;
}
EXT_ALPN => {}
@@ -252,11 +241,7 @@ fn replay_profiled_server_hello_extension(
}
}
fn build_profiled_server_hello_extensions(
cached: &CachedTlsData,
rng: &SecureRandom,
selected_key_share_group: u16,
) -> Vec<u8> {
fn build_profiled_server_hello_extensions(cached: &CachedTlsData, rng: &SecureRandom) -> Vec<u8> {
let capacity = cached
.server_hello_template
.extensions
@@ -273,14 +258,13 @@ fn build_profiled_server_hello_extensions(
ext,
&mut extensions,
rng,
selected_key_share_group,
&mut saw_supported_versions,
&mut saw_key_share,
);
}
if !saw_key_share {
push_key_share_extension(&mut extensions, rng, selected_key_share_group);
push_key_share_extension(&mut extensions, rng);
}
if !saw_supported_versions {
push_supported_versions_extension(&mut extensions);
@@ -299,13 +283,12 @@ pub fn build_emulated_server_hello(
serverhello_compact: bool,
client_tls_version: ClientHelloTlsVersion,
selected_cipher_suite: [u8; 2],
selected_key_share_group: u16,
rng: &SecureRandom,
alpn: Option<Vec<u8>>,
new_session_tickets: u8,
) -> Vec<u8> {
// --- ServerHello ---
let extensions = build_profiled_server_hello_extensions(cached, rng, selected_key_share_group);
let extensions = build_profiled_server_hello_extensions(cached, rng);
let extensions_len = extensions.len() as u16;
let body_len = 2 + 32 + 1 + session_id.len() + 2 + 1 + 2 + extensions.len();
@@ -490,7 +473,7 @@ mod tests {
use crate::protocol::constants::{
TLS_RECORD_APPLICATION, TLS_RECORD_CHANGE_CIPHER, TLS_RECORD_HANDSHAKE,
};
use crate::protocol::tls::{ClientHelloTlsVersion, TLS_NAMED_GROUP_X25519MLKEM768};
use crate::protocol::tls::ClientHelloTlsVersion;
fn first_app_data_payload(response: &[u8]) -> &[u8] {
let hello_len = u16::from_be_bytes([response[3], response[4]]) as usize;
@@ -572,7 +555,6 @@ mod tests {
true,
ClientHelloTlsVersion::Tls12,
[0x13, 0x01],
TLS_NAMED_GROUP_X25519MLKEM768,
&rng,
None,
0,
@@ -602,7 +584,6 @@ mod tests {
true,
ClientHelloTlsVersion::Tls13,
[0x13, 0x03],
TLS_NAMED_GROUP_X25519MLKEM768,
&rng,
None,
0,
@@ -638,7 +619,6 @@ mod tests {
true,
ClientHelloTlsVersion::Tls13,
[0x13, 0x01],
TLS_NAMED_GROUP_X25519MLKEM768,
&rng,
Some(b"h2".to_vec()),
0,
@@ -663,7 +643,6 @@ mod tests {
true,
ClientHelloTlsVersion::Tls12,
[0x13, 0x01],
TLS_NAMED_GROUP_X25519MLKEM768,
&rng,
None,
0,
@@ -699,7 +678,6 @@ mod tests {
true,
ClientHelloTlsVersion::Tls12,
[0x13, 0x01],
TLS_NAMED_GROUP_X25519MLKEM768,
&rng,
None,
0,
@@ -741,7 +719,6 @@ mod tests {
true,
ClientHelloTlsVersion::Tls13,
[0x13, 0x01],
TLS_NAMED_GROUP_X25519MLKEM768,
&rng,
None,
0,
@@ -775,7 +752,6 @@ mod tests {
false,
ClientHelloTlsVersion::Tls12,
[0x13, 0x01],
TLS_NAMED_GROUP_X25519MLKEM768,
&rng,
Some(b"h2".to_vec()),
0,
@@ -808,7 +784,6 @@ mod tests {
true,
ClientHelloTlsVersion::Tls13,
[0x13, 0x01],
TLS_NAMED_GROUP_X25519MLKEM768,
&rng,
None,
0,

5
src/tls_front/tests/emulator_profile_fidelity_security_tests.rs
View File

@@ -4,7 +4,7 @@ use crate::crypto::SecureRandom;
use crate::protocol::constants::{
TLS_RECORD_APPLICATION, TLS_RECORD_CHANGE_CIPHER, TLS_RECORD_HANDSHAKE,
};
use crate::protocol::tls::{ClientHelloTlsVersion, TLS_NAMED_GROUP_X25519MLKEM768};
use crate::protocol::tls::ClientHelloTlsVersion;
use crate::tls_front::emulator::build_emulated_server_hello;
use crate::tls_front::types::{
CachedTlsData, ParsedServerHello, TlsBehaviorProfile, TlsProfileSource,
@@ -66,7 +66,6 @@ fn emulated_server_hello_keeps_single_change_cipher_spec_for_client_compatibilit
true,
ClientHelloTlsVersion::Tls13,
[0x13, 0x01],
TLS_NAMED_GROUP_X25519MLKEM768,
&rng,
None,
0,
@@ -92,7 +91,6 @@ fn emulated_server_hello_does_not_emit_profile_ticket_tail_when_disabled() {
true,
ClientHelloTlsVersion::Tls13,
[0x13, 0x01],
TLS_NAMED_GROUP_X25519MLKEM768,
&rng,
None,
0,
@@ -116,7 +114,6 @@ fn emulated_server_hello_uses_profile_ticket_lengths_when_enabled() {
true,
ClientHelloTlsVersion::Tls13,
[0x13, 0x01],
TLS_NAMED_GROUP_X25519MLKEM768,
&rng,
None,
2,

5
src/tls_front/tests/emulator_security_tests.rs
View File

@@ -4,7 +4,7 @@ use crate::crypto::SecureRandom;
use crate::protocol::constants::{
TLS_RECORD_APPLICATION, TLS_RECORD_CHANGE_CIPHER, TLS_RECORD_HANDSHAKE,
};
use crate::protocol::tls::{ClientHelloTlsVersion, TLS_NAMED_GROUP_X25519MLKEM768};
use crate::protocol::tls::ClientHelloTlsVersion;
use crate::tls_front::emulator::build_emulated_server_hello;
use crate::tls_front::types::{
CachedTlsData, ParsedServerHello, TlsBehaviorProfile, TlsCertPayload, TlsProfileSource,
@@ -59,7 +59,6 @@ fn emulated_server_hello_ignores_oversized_alpn_when_marker_would_not_fit() {
true,
ClientHelloTlsVersion::Tls13,
[0x13, 0x01],
TLS_NAMED_GROUP_X25519MLKEM768,
&rng,
Some(oversized_alpn),
0,
@@ -99,7 +98,6 @@ fn emulated_server_hello_keeps_alpn_marker_out_of_appdata() {
true,
ClientHelloTlsVersion::Tls13,
[0x13, 0x01],
TLS_NAMED_GROUP_X25519MLKEM768,
&rng,
Some(b"h2".to_vec()),
0,
@@ -131,7 +129,6 @@ fn emulated_server_hello_prefers_cert_payload_over_alpn_marker() {
true,
ClientHelloTlsVersion::Tls12,
[0x13, 0x01],
TLS_NAMED_GROUP_X25519MLKEM768,
&rng,
Some(b"h2".to_vec()),
0,