Update Cargo.toml

TLS Full Certificate

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "telemt"
-version = "3.0.10"
+version = "3.0.11"
 edition = "2024"
 
 [dependencies]

src/cli.rs

@@ -229,6 +229,7 @@ tls_domain = "{domain}"
 mask = true
 mask_port = 443
 fake_cert_len = 2048
+tls_full_cert_ttl_secs = 90
 
 [access]
 replay_check_len = 65536

src/config/defaults.rs

@@ -122,6 +122,10 @@ pub(crate) fn default_tls_new_session_tickets() -> u8 {
     0
 }
 
+pub(crate) fn default_tls_full_cert_ttl_secs() -> u64 {
+    90
+}
+
 pub(crate) fn default_server_hello_delay_min_ms() -> u64 {
     0
 }

src/config/types.rs

@@ -474,6 +474,12 @@ pub struct AntiCensorshipConfig {
     #[serde(default = "default_tls_new_session_tickets")]
     pub tls_new_session_tickets: u8,
 
+    /// TTL in seconds for sending full certificate payload per client IP.
+    /// First client connection per (SNI domain, client IP) gets full cert payload.
+    /// Subsequent handshakes within TTL use compact cert metadata payload.
+    #[serde(default = "default_tls_full_cert_ttl_secs")]
+    pub tls_full_cert_ttl_secs: u64,
+
     /// Enforce ALPN echo of client preference.
     #[serde(default = "default_alpn_enforce")]
     pub alpn_enforce: bool,
@@ -494,6 +500,7 @@ impl Default for AntiCensorshipConfig {
             server_hello_delay_min_ms: default_server_hello_delay_min_ms(),
             server_hello_delay_max_ms: default_server_hello_delay_max_ms(),
             tls_new_session_tickets: default_tls_new_session_tickets(),
+            tls_full_cert_ttl_secs: default_tls_full_cert_ttl_secs(),
             alpn_enforce: default_alpn_enforce(),
         }
     }

src/proxy/handshake.rs

@@ -2,6 +2,7 @@
 
 use std::net::SocketAddr;
 use std::sync::Arc;
+use std::time::Duration;
 use tokio::io::{AsyncRead, AsyncWrite, AsyncWriteExt};
 use tracing::{debug, warn, trace, info};
 use zeroize::Zeroize;
@@ -108,11 +109,23 @@ where
 
     let cached = if config.censorship.tls_emulation {
         if let Some(cache) = tls_cache.as_ref() {
-            if let Some(sni) = tls::extract_sni_from_client_hello(handshake) {
+            let selected_domain = if let Some(sni) = tls::extract_sni_from_client_hello(handshake) {
-                Some(cache.get(&sni).await)
+                if cache.contains_domain(&sni).await {
+                    sni
+                } else {
+                    config.censorship.tls_domain.clone()
+                }
             } else {
-                Some(cache.get(&config.censorship.tls_domain).await)
+                config.censorship.tls_domain.clone()
-            }
+            };
+            let cached_entry = cache.get(&selected_domain).await;
+            let use_full_cert_payload = cache
+                .take_full_cert_budget_for_ip(
+                    peer.ip(),
+                    Duration::from_secs(config.censorship.tls_full_cert_ttl_secs),
+                )
+                .await;
+            Some((cached_entry, use_full_cert_payload))
         } else {
             None
         }
@@ -137,12 +150,13 @@ where
         None
     };
 
-    let response = if let Some(cached_entry) = cached {
+    let response = if let Some((cached_entry, use_full_cert_payload)) = cached {
         emulator::build_emulated_server_hello(
             secret,
             &validation.digest,
             &validation.session_id,
             &cached_entry,
+            use_full_cert_payload,
             rng,
             selected_alpn.clone(),
             config.censorship.tls_new_session_tickets,

src/tls_front/cache.rs

@@ -1,7 +1,8 @@
 use std::collections::HashMap;
+use std::net::IpAddr;
 use std::path::{Path, PathBuf};
 use std::sync::Arc;
-use std::time::{SystemTime, Duration};
+use std::time::{Duration, Instant, SystemTime};
 
 use tokio::sync::RwLock;
 use tokio::time::sleep;
@@ -14,6 +15,7 @@ use crate::tls_front::types::{CachedTlsData, ParsedServerHello, TlsFetchResult};
 pub struct TlsFrontCache {
     memory: RwLock<HashMap<String, Arc<CachedTlsData>>>,
     default: Arc<CachedTlsData>,
+    full_cert_sent: RwLock<HashMap<IpAddr, Instant>>,
     disk_path: PathBuf,
 }
 
@@ -31,6 +33,7 @@ impl TlsFrontCache {
         let default = Arc::new(CachedTlsData {
             server_hello_template: default_template,
             cert_info: None,
+            cert_payload: None,
             app_data_records_sizes: vec![default_len],
             total_app_data_len: default_len,
             fetched_at: SystemTime::now(),
@@ -45,6 +48,7 @@ impl TlsFrontCache {
         Self {
             memory: RwLock::new(map),
             default,
+            full_cert_sent: RwLock::new(HashMap::new()),
             disk_path: disk_path.as_ref().to_path_buf(),
         }
     }
@@ -54,6 +58,45 @@ impl TlsFrontCache {
         guard.get(sni).cloned().unwrap_or_else(|| self.default.clone())
     }
 
+    pub async fn contains_domain(&self, domain: &str) -> bool {
+        self.memory.read().await.contains_key(domain)
+    }
+
+    /// Returns true when full cert payload should be sent for client_ip
+    /// according to TTL policy.
+    pub async fn take_full_cert_budget_for_ip(
+        &self,
+        client_ip: IpAddr,
+        ttl: Duration,
+    ) -> bool {
+        if ttl.is_zero() {
+            self.full_cert_sent
+                .write()
+                .await
+                .insert(client_ip, Instant::now());
+            return true;
+        }
+
+        let now = Instant::now();
+        let mut guard = self.full_cert_sent.write().await;
+        guard.retain(|_, seen_at| now.duration_since(*seen_at) < ttl);
+
+        match guard.get_mut(&client_ip) {
+            Some(seen_at) => {
+                if now.duration_since(*seen_at) >= ttl {
+                    *seen_at = now;
+                    true
+                } else {
+                    false
+                }
+            }
+            None => {
+                guard.insert(client_ip, now);
+                true
+            }
+        }
+    }
+
     pub async fn set(&self, domain: &str, data: CachedTlsData) {
         let mut guard = self.memory.write().await;
         guard.insert(domain.to_string(), Arc::new(data));
@@ -142,6 +185,7 @@ impl TlsFrontCache {
         let data = CachedTlsData {
             server_hello_template: fetched.server_hello_parsed,
             cert_info: fetched.cert_info,
+            cert_payload: fetched.cert_payload,
             app_data_records_sizes: fetched.app_data_records_sizes.clone(),
             total_app_data_len: fetched.total_app_data_len,
             fetched_at: SystemTime::now(),
@@ -161,3 +205,50 @@ impl TlsFrontCache {
         &self.disk_path
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[tokio::test]
+    async fn test_take_full_cert_budget_for_ip_uses_ttl() {
+        let cache = TlsFrontCache::new(
+            &["example.com".to_string()],
+            1024,
+            "tlsfront-test-cache",
+        );
+        let ip: IpAddr = "127.0.0.1".parse().expect("ip");
+        let ttl = Duration::from_millis(80);
+
+        assert!(cache
+            .take_full_cert_budget_for_ip(ip, ttl)
+            .await);
+        assert!(!cache
+            .take_full_cert_budget_for_ip(ip, ttl)
+            .await);
+
+        tokio::time::sleep(Duration::from_millis(90)).await;
+
+        assert!(cache
+            .take_full_cert_budget_for_ip(ip, ttl)
+            .await);
+    }
+
+    #[tokio::test]
+    async fn test_take_full_cert_budget_for_ip_zero_ttl_always_allows_full_payload() {
+        let cache = TlsFrontCache::new(
+            &["example.com".to_string()],
+            1024,
+            "tlsfront-test-cache",
+        );
+        let ip: IpAddr = "127.0.0.1".parse().expect("ip");
+        let ttl = Duration::ZERO;
+
+        assert!(cache
+            .take_full_cert_budget_for_ip(ip, ttl)
+            .await);
+        assert!(cache
+            .take_full_cert_budget_for_ip(ip, ttl)
+            .await);
+    }
+}

src/tls_front/emulator.rs

@@ -3,7 +3,7 @@ use crate::protocol::constants::{
     TLS_RECORD_APPLICATION, TLS_RECORD_CHANGE_CIPHER, TLS_RECORD_HANDSHAKE, TLS_VERSION,
 };
 use crate::protocol::tls::{TLS_DIGEST_LEN, TLS_DIGEST_POS, gen_fake_x25519_key};
-use crate::tls_front::types::CachedTlsData;
+use crate::tls_front::types::{CachedTlsData, ParsedCertificateInfo};
 
 const MIN_APP_DATA: usize = 64;
 const MAX_APP_DATA: usize = 16640; // RFC 8446 §5.2 allows up to 2^14 + 256
@@ -27,12 +27,81 @@ fn jitter_and_clamp_sizes(sizes: &[usize], rng: &SecureRandom) -> Vec<usize> {
         .collect()
 }
 
+fn app_data_body_capacity(sizes: &[usize]) -> usize {
+    sizes.iter().map(|&size| size.saturating_sub(17)).sum()
+}
+
+fn ensure_payload_capacity(mut sizes: Vec<usize>, payload_len: usize) -> Vec<usize> {
+    if payload_len == 0 {
+        return sizes;
+    }
+
+    let mut body_total = app_data_body_capacity(&sizes);
+    if body_total >= payload_len {
+        return sizes;
+    }
+
+    if let Some(last) = sizes.last_mut() {
+        let free = MAX_APP_DATA.saturating_sub(*last);
+        let grow = free.min(payload_len - body_total);
+        *last += grow;
+        body_total += grow;
+    }
+
+    while body_total < payload_len {
+        let remaining = payload_len - body_total;
+        let chunk = (remaining + 17).min(MAX_APP_DATA).max(MIN_APP_DATA);
+        sizes.push(chunk);
+        body_total += chunk.saturating_sub(17);
+    }
+
+    sizes
+}
+
+fn build_compact_cert_info_payload(cert_info: &ParsedCertificateInfo) -> Option<Vec<u8>> {
+    let mut fields = Vec::new();
+
+    if let Some(subject) = cert_info.subject_cn.as_deref() {
+        fields.push(format!("CN={subject}"));
+    }
+    if let Some(issuer) = cert_info.issuer_cn.as_deref() {
+        fields.push(format!("ISSUER={issuer}"));
+    }
+    if let Some(not_before) = cert_info.not_before_unix {
+        fields.push(format!("NB={not_before}"));
+    }
+    if let Some(not_after) = cert_info.not_after_unix {
+        fields.push(format!("NA={not_after}"));
+    }
+    if !cert_info.san_names.is_empty() {
+        let san = cert_info
+            .san_names
+            .iter()
+            .take(8)
+            .map(String::as_str)
+            .collect::<Vec<_>>()
+            .join(",");
+        fields.push(format!("SAN={san}"));
+    }
+
+    if fields.is_empty() {
+        return None;
+    }
+
+    let mut payload = fields.join(";").into_bytes();
+    if payload.len() > 512 {
+        payload.truncate(512);
+    }
+    Some(payload)
+}
+
 /// Build a ServerHello + CCS + ApplicationData sequence using cached TLS metadata.
 pub fn build_emulated_server_hello(
     secret: &[u8],
     client_digest: &[u8; TLS_DIGEST_LEN],
     session_id: &[u8],
     cached: &CachedTlsData,
+    use_full_cert_payload: bool,
     rng: &SecureRandom,
     alpn: Option<Vec<u8>>,
     new_session_tickets: u8,
@@ -109,21 +178,60 @@ pub fn build_emulated_server_hello(
     if sizes.is_empty() {
         sizes.push(cached.total_app_data_len.max(1024));
     }
-    let sizes = jitter_and_clamp_sizes(&sizes, rng);
+    let mut sizes = jitter_and_clamp_sizes(&sizes, rng);
+    let compact_payload = cached
+        .cert_info
+        .as_ref()
+        .and_then(build_compact_cert_info_payload);
+    let selected_payload: Option<&[u8]> = if use_full_cert_payload {
+        cached
+            .cert_payload
+            .as_ref()
+            .map(|payload| payload.certificate_message.as_slice())
+            .filter(|payload| !payload.is_empty())
+            .or_else(|| compact_payload.as_deref())
+    } else {
+        compact_payload.as_deref()
+    };
+
+    if let Some(payload) = selected_payload {
+        sizes = ensure_payload_capacity(sizes, payload.len());
+    }
 
     let mut app_data = Vec::new();
+    let mut payload_offset = 0usize;
     for size in sizes {
         let mut rec = Vec::with_capacity(5 + size);
         rec.push(TLS_RECORD_APPLICATION);
         rec.extend_from_slice(&TLS_VERSION);
         rec.extend_from_slice(&(size as u16).to_be_bytes());
-        if size > 17 {
+
-            let body_len = size - 17;
+        if let Some(payload) = selected_payload {
-            rec.extend_from_slice(&rng.bytes(body_len));
+            if size > 17 {
-            rec.push(0x16); // inner content type marker (handshake)
+                let body_len = size - 17;
-            rec.extend_from_slice(&rng.bytes(16)); // AEAD-like tag
+                let remaining = payload.len().saturating_sub(payload_offset);
+                let copy_len = remaining.min(body_len);
+                if copy_len > 0 {
+                    rec.extend_from_slice(&payload[payload_offset..payload_offset + copy_len]);
+                    payload_offset += copy_len;
+                }
+                if body_len > copy_len {
+                    rec.extend_from_slice(&rng.bytes(body_len - copy_len));
+                }
+                rec.push(0x16); // inner content type marker (handshake)
+                rec.extend_from_slice(&rng.bytes(16)); // AEAD-like tag
+            } else {
+                rec.extend_from_slice(&rng.bytes(size));
+            }
         } else {
-            rec.extend_from_slice(&rng.bytes(size));
+            if size > 17 {
+                let body_len = size - 17;
+                rec.extend_from_slice(&rng.bytes(body_len));
+                rec.push(0x16); // inner content type marker (handshake)
+                rec.extend_from_slice(&rng.bytes(16)); // AEAD-like tag
+            } else {
+                rec.extend_from_slice(&rng.bytes(size));
+            }
         }
         app_data.extend_from_slice(&rec);
     }
@@ -158,3 +266,125 @@ pub fn build_emulated_server_hello(
 
     response
 }
+
+#[cfg(test)]
+mod tests {
+    use std::time::SystemTime;
+
+    use crate::tls_front::types::{CachedTlsData, ParsedServerHello, TlsCertPayload};
+
+    use super::build_emulated_server_hello;
+    use crate::crypto::SecureRandom;
+    use crate::protocol::constants::{
+        TLS_RECORD_APPLICATION, TLS_RECORD_CHANGE_CIPHER, TLS_RECORD_HANDSHAKE,
+    };
+
+    fn first_app_data_payload(response: &[u8]) -> &[u8] {
+        let hello_len = u16::from_be_bytes([response[3], response[4]]) as usize;
+        let ccs_start = 5 + hello_len;
+        let ccs_len = u16::from_be_bytes([response[ccs_start + 3], response[ccs_start + 4]]) as usize;
+        let app_start = ccs_start + 5 + ccs_len;
+        let app_len = u16::from_be_bytes([response[app_start + 3], response[app_start + 4]]) as usize;
+        &response[app_start + 5..app_start + 5 + app_len]
+    }
+
+    fn make_cached(cert_payload: Option<TlsCertPayload>) -> CachedTlsData {
+        CachedTlsData {
+            server_hello_template: ParsedServerHello {
+                version: [0x03, 0x03],
+                random: [0u8; 32],
+                session_id: Vec::new(),
+                cipher_suite: [0x13, 0x01],
+                compression: 0,
+                extensions: Vec::new(),
+            },
+            cert_info: None,
+            cert_payload,
+            app_data_records_sizes: vec![64],
+            total_app_data_len: 64,
+            fetched_at: SystemTime::now(),
+            domain: "example.com".to_string(),
+        }
+    }
+
+    #[test]
+    fn test_build_emulated_server_hello_uses_cached_cert_payload() {
+        let cert_msg = vec![0x0b, 0x00, 0x00, 0x05, 0x00, 0xaa, 0xbb, 0xcc, 0xdd];
+        let cached = make_cached(Some(TlsCertPayload {
+            cert_chain_der: vec![vec![0x30, 0x01, 0x00]],
+            certificate_message: cert_msg.clone(),
+        }));
+        let rng = SecureRandom::new();
+        let response = build_emulated_server_hello(
+            b"secret",
+            &[0x11; 32],
+            &[0x22; 16],
+            &cached,
+            true,
+            &rng,
+            None,
+            0,
+        );
+
+        assert_eq!(response[0], TLS_RECORD_HANDSHAKE);
+        let hello_len = u16::from_be_bytes([response[3], response[4]]) as usize;
+        let ccs_start = 5 + hello_len;
+        assert_eq!(response[ccs_start], TLS_RECORD_CHANGE_CIPHER);
+        let app_start = ccs_start + 6;
+        assert_eq!(response[app_start], TLS_RECORD_APPLICATION);
+
+        let payload = first_app_data_payload(&response);
+        assert!(payload.starts_with(&cert_msg));
+    }
+
+    #[test]
+    fn test_build_emulated_server_hello_random_fallback_when_no_cert_payload() {
+        let cached = make_cached(None);
+        let rng = SecureRandom::new();
+        let response = build_emulated_server_hello(
+            b"secret",
+            &[0x22; 32],
+            &[0x33; 16],
+            &cached,
+            true,
+            &rng,
+            None,
+            0,
+        );
+
+        let payload = first_app_data_payload(&response);
+        assert!(payload.len() >= 64);
+        assert_eq!(payload[payload.len() - 17], 0x16);
+    }
+
+    #[test]
+    fn test_build_emulated_server_hello_uses_compact_payload_after_first() {
+        let cert_msg = vec![0x0b, 0x00, 0x00, 0x05, 0x00, 0xaa, 0xbb, 0xcc, 0xdd];
+        let mut cached = make_cached(Some(TlsCertPayload {
+            cert_chain_der: vec![vec![0x30, 0x01, 0x00]],
+            certificate_message: cert_msg,
+        }));
+        cached.cert_info = Some(crate::tls_front::types::ParsedCertificateInfo {
+            not_after_unix: Some(1_900_000_000),
+            not_before_unix: Some(1_700_000_000),
+            issuer_cn: Some("Issuer".to_string()),
+            subject_cn: Some("example.com".to_string()),
+            san_names: vec!["example.com".to_string(), "www.example.com".to_string()],
+        });
+
+        let rng = SecureRandom::new();
+        let response = build_emulated_server_hello(
+            b"secret",
+            &[0x44; 32],
+            &[0x55; 16],
+            &cached,
+            false,
+            &rng,
+            None,
+            0,
+        );
+
+        let payload = first_app_data_payload(&response);
+        assert!(payload.starts_with(b"CN=example.com"));
+    }
+}

src/tls_front/fetcher.rs

@@ -1,7 +1,7 @@
 use std::sync::Arc;
 use std::time::Duration;
 
-use anyhow::{Context, Result, anyhow};
+use anyhow::{Result, anyhow};
 use tokio::io::{AsyncReadExt, AsyncWriteExt};
 use tokio::net::TcpStream;
 use tokio::time::timeout;
@@ -19,7 +19,13 @@ use x509_parser::certificate::X509Certificate;
 
 use crate::crypto::SecureRandom;
 use crate::protocol::constants::{TLS_RECORD_APPLICATION, TLS_RECORD_HANDSHAKE};
-use crate::tls_front::types::{ParsedServerHello, TlsExtension, TlsFetchResult, ParsedCertificateInfo};
+use crate::tls_front::types::{
+    ParsedCertificateInfo,
+    ParsedServerHello,
+    TlsCertPayload,
+    TlsExtension,
+    TlsFetchResult,
+};
 
 /// No-op verifier: accept any certificate (we only need lengths and metadata).
 #[derive(Debug)]
@@ -315,6 +321,46 @@ fn parse_cert_info(certs: &[CertificateDer<'static>]) -> Option<ParsedCertificat
     })
 }
 
+fn u24_bytes(value: usize) -> Option<[u8; 3]> {
+    if value > 0x00ff_ffff {
+        return None;
+    }
+    Some([
+        ((value >> 16) & 0xff) as u8,
+        ((value >> 8) & 0xff) as u8,
+        (value & 0xff) as u8,
+    ])
+}
+
+fn encode_tls13_certificate_message(cert_chain_der: &[Vec<u8>]) -> Option<Vec<u8>> {
+    if cert_chain_der.is_empty() {
+        return None;
+    }
+
+    let mut certificate_list = Vec::new();
+    for cert in cert_chain_der {
+        if cert.is_empty() {
+            return None;
+        }
+        certificate_list.extend_from_slice(&u24_bytes(cert.len())?);
+        certificate_list.extend_from_slice(cert);
+        certificate_list.extend_from_slice(&0u16.to_be_bytes()); // cert_entry extensions
+    }
+
+    // Certificate = context_len(1) + certificate_list_len(3) + entries
+    let body_len = 1usize
+        .checked_add(3)?
+        .checked_add(certificate_list.len())?;
+
+    let mut message = Vec::with_capacity(4 + body_len);
+    message.push(0x0b); // HandshakeType::certificate
+    message.extend_from_slice(&u24_bytes(body_len)?);
+    message.push(0x00); // certificate_request_context length
+    message.extend_from_slice(&u24_bytes(certificate_list.len())?);
+    message.extend_from_slice(&certificate_list);
+    Some(message)
+}
+
 async fn fetch_via_raw_tls(
     host: &str,
     port: u16,
@@ -368,26 +414,18 @@ async fn fetch_via_raw_tls(
         },
         total_app_data_len,
         cert_info: None,
+        cert_payload: None,
     })
 }
 
-/// Fetch real TLS metadata for the given SNI: negotiated cipher and cert lengths.
+async fn fetch_via_rustls(
-pub async fn fetch_real_tls(
     host: &str,
     port: u16,
     sni: &str,
     connect_timeout: Duration,
     upstream: Option<std::sync::Arc<crate::transport::UpstreamManager>>,
 ) -> Result<TlsFetchResult> {
-    // Preferred path: raw TLS probe for accurate record sizing
+    // rustls handshake path for certificate and basic negotiated metadata.
-    match fetch_via_raw_tls(host, port, sni, connect_timeout).await {
-        Ok(res) => return Ok(res),
-        Err(e) => {
-            warn!(sni = %sni, error = %e, "Raw TLS fetch failed, falling back to rustls");
-        }
-    }
-
-    // Fallback: rustls handshake to at least get certificate sizes
     let stream = if let Some(manager) = upstream {
         // Resolve host to SocketAddr
         if let Ok(mut addrs) = tokio::net::lookup_host((host, port)).await {
@@ -429,8 +467,19 @@ pub async fn fetch_real_tls(
         .peer_certificates()
         .map(|slice| slice.to_vec())
         .unwrap_or_default();
+    let cert_chain_der: Vec<Vec<u8>> = certs.iter().map(|c| c.as_ref().to_vec()).collect();
+    let cert_payload = encode_tls13_certificate_message(&cert_chain_der).map(|certificate_message| {
+        TlsCertPayload {
+            cert_chain_der: cert_chain_der.clone(),
+            certificate_message,
+        }
+    });
 
-    let total_cert_len: usize = certs.iter().map(|c| c.len()).sum::<usize>().max(1024);
+    let total_cert_len = cert_payload
+        .as_ref()
+        .map(|payload| payload.certificate_message.len())
+        .unwrap_or_else(|| cert_chain_der.iter().map(Vec::len).sum::<usize>())
+        .max(1024);
     let cert_info = parse_cert_info(&certs);
 
     // Heuristic: split across two records if large to mimic real servers a bit.
@@ -453,6 +502,7 @@ pub async fn fetch_real_tls(
         sni = %sni,
         len = total_cert_len,
         cipher = format!("0x{:04x}", u16::from_be_bytes(cipher_suite)),
+        has_cert_payload = cert_payload.is_some(),
         "Fetched TLS metadata via rustls"
     );
 
@@ -461,5 +511,81 @@ pub async fn fetch_real_tls(
         app_data_records_sizes: app_data_records_sizes.clone(),
         total_app_data_len: app_data_records_sizes.iter().sum(),
         cert_info,
+        cert_payload,
     })
 }
+
+/// Fetch real TLS metadata for the given SNI.
+///
+/// Strategy:
+/// 1) Probe raw TLS for realistic ServerHello and ApplicationData record sizes.
+/// 2) Fetch certificate chain via rustls to build cert payload.
+/// 3) Merge both when possible; otherwise auto-fallback to whichever succeeded.
+pub async fn fetch_real_tls(
+    host: &str,
+    port: u16,
+    sni: &str,
+    connect_timeout: Duration,
+    upstream: Option<std::sync::Arc<crate::transport::UpstreamManager>>,
+) -> Result<TlsFetchResult> {
+    let raw_result = match fetch_via_raw_tls(host, port, sni, connect_timeout).await {
+        Ok(res) => Some(res),
+        Err(e) => {
+            warn!(sni = %sni, error = %e, "Raw TLS fetch failed");
+            None
+        }
+    };
+
+    match fetch_via_rustls(host, port, sni, connect_timeout, upstream).await {
+        Ok(rustls_result) => {
+            if let Some(mut raw) = raw_result {
+                raw.cert_info = rustls_result.cert_info;
+                raw.cert_payload = rustls_result.cert_payload;
+                debug!(sni = %sni, "Fetched TLS metadata via raw probe + rustls cert chain");
+                Ok(raw)
+            } else {
+                Ok(rustls_result)
+            }
+        }
+        Err(e) => {
+            if let Some(raw) = raw_result {
+                warn!(sni = %sni, error = %e, "Rustls cert fetch failed, using raw TLS metadata only");
+                Ok(raw)
+            } else {
+                Err(e)
+            }
+        }
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::encode_tls13_certificate_message;
+
+    fn read_u24(bytes: &[u8]) -> usize {
+        ((bytes[0] as usize) << 16) | ((bytes[1] as usize) << 8) | (bytes[2] as usize)
+    }
+
+    #[test]
+    fn test_encode_tls13_certificate_message_single_cert() {
+        let cert = vec![0x30, 0x03, 0x02, 0x01, 0x01];
+        let message = encode_tls13_certificate_message(&[cert.clone()]).expect("message");
+
+        assert_eq!(message[0], 0x0b);
+        assert_eq!(read_u24(&message[1..4]), message.len() - 4);
+        assert_eq!(message[4], 0x00);
+
+        let cert_list_len = read_u24(&message[5..8]);
+        assert_eq!(cert_list_len, cert.len() + 5);
+
+        let cert_len = read_u24(&message[8..11]);
+        assert_eq!(cert_len, cert.len());
+        assert_eq!(&message[11..11 + cert.len()], cert.as_slice());
+        assert_eq!(&message[11 + cert.len()..13 + cert.len()], &[0x00, 0x00]);
+    }
+
+    #[test]
+    fn test_encode_tls13_certificate_message_empty_chain() {
+        assert!(encode_tls13_certificate_message(&[]).is_none());
+    }
+}

src/tls_front/types.rs

@@ -29,11 +29,23 @@ pub struct ParsedCertificateInfo {
     pub san_names: Vec<String>,
 }
 
+/// TLS certificate payload captured from profiled upstream.
+///
+/// `certificate_message` stores an encoded TLS 1.3 Certificate handshake
+/// message body that can be replayed as opaque ApplicationData bytes in FakeTLS.
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct TlsCertPayload {
+    pub cert_chain_der: Vec<Vec<u8>>,
+    pub certificate_message: Vec<u8>,
+}
+
 /// Cached data per SNI used by the emulator.
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct CachedTlsData {
     pub server_hello_template: ParsedServerHello,
     pub cert_info: Option<ParsedCertificateInfo>,
+    #[serde(default)]
+    pub cert_payload: Option<TlsCertPayload>,
     pub app_data_records_sizes: Vec<usize>,
     pub total_app_data_len: usize,
     #[serde(default = "now_system_time", skip_serializing, skip_deserializing)]
@@ -52,4 +64,5 @@ pub struct TlsFetchResult {
     pub app_data_records_sizes: Vec<usize>,
     pub total_app_data_len: usize,
     pub cert_info: Option<ParsedCertificateInfo>,
+    pub cert_payload: Option<TlsCertPayload>,
 }

tools/tlsearch.py

@@ -0,0 +1,396 @@
+#!/usr/bin/env python3
+"""
+TLS Profile Inspector
+
+Usage:
+  python3 tools/tlsearch.py
+  python3 tools/tlsearch.py tlsfront
+  python3 tools/tlsearch.py tlsfront/petrovich.ru.json
+  python3 tools/tlsearch.py tlsfront --only-current
+"""
+
+from __future__ import annotations
+
+import argparse
+import datetime as dt
+import json
+from dataclasses import dataclass
+from pathlib import Path
+from typing import Any, Iterable
+
+
+TLS_VERSIONS = {
+    0x0301: "TLS 1.0",
+    0x0302: "TLS 1.1",
+    0x0303: "TLS 1.2",
+    0x0304: "TLS 1.3",
+}
+
+EXT_NAMES = {
+    0: "server_name",
+    5: "status_request",
+    10: "supported_groups",
+    11: "ec_point_formats",
+    13: "signature_algorithms",
+    16: "alpn",
+    18: "signed_certificate_timestamp",
+    21: "padding",
+    23: "extended_master_secret",
+    35: "session_ticket",
+    43: "supported_versions",
+    45: "psk_key_exchange_modes",
+    51: "key_share",
+}
+
+CIPHER_NAMES = {
+    0x1301: "TLS_AES_128_GCM_SHA256",
+    0x1302: "TLS_AES_256_GCM_SHA384",
+    0x1303: "TLS_CHACHA20_POLY1305_SHA256",
+    0x1304: "TLS_AES_128_CCM_SHA256",
+    0x1305: "TLS_AES_128_CCM_8_SHA256",
+    0x009C: "TLS_RSA_WITH_AES_128_GCM_SHA256",
+    0x009D: "TLS_RSA_WITH_AES_256_GCM_SHA384",
+    0xC02F: "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+    0xC030: "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+    0xCCA8: "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
+    0xCCA9: "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
+}
+
+NAMED_GROUPS = {
+    0x001D: "x25519",
+    0x0017: "secp256r1",
+    0x0018: "secp384r1",
+    0x0019: "secp521r1",
+    0x0100: "ffdhe2048",
+    0x0101: "ffdhe3072",
+    0x0102: "ffdhe4096",
+}
+
+
+@dataclass
+class ProfileRecognition:
+    schema: str
+    mode: str
+    has_cert_info: bool
+    has_full_cert_payload: bool
+    cert_message_len: int
+    cert_chain_count: int
+    cert_chain_total_len: int
+    issues: list[str]
+
+
+def to_hex(data: Iterable[int]) -> str:
+    return "".join(f"{b:02x}" for b in data)
+
+
+def read_u16be(data: list[int], off: int = 0) -> int:
+    return (data[off] << 8) | data[off + 1]
+
+
+def normalize_u8_list(value: Any) -> list[int]:
+    if not isinstance(value, list):
+        return []
+    out: list[int] = []
+    for item in value:
+        if isinstance(item, int) and 0 <= item <= 0xFF:
+            out.append(item)
+        else:
+            return []
+    return out
+
+
+def as_dict(value: Any) -> dict[str, Any]:
+    return value if isinstance(value, dict) else {}
+
+
+def as_int(value: Any, default: int = 0) -> int:
+    return value if isinstance(value, int) else default
+
+
+def decode_version_pair(v: list[int]) -> str:
+    if len(v) != 2:
+        return f"invalid({v})"
+    ver = read_u16be(v)
+    return f"0x{ver:04x} ({TLS_VERSIONS.get(ver, 'unknown')})"
+
+
+def decode_cipher_suite(v: list[int]) -> str:
+    if len(v) != 2:
+        return f"invalid({v})"
+    cs = read_u16be(v)
+    name = CIPHER_NAMES.get(cs, "unknown")
+    return f"0x{cs:04x} ({name})"
+
+
+def decode_supported_versions(data: list[int]) -> str:
+    if len(data) == 2:
+        ver = read_u16be(data)
+        return f"selected=0x{ver:04x} ({TLS_VERSIONS.get(ver, 'unknown')})"
+    if not data:
+        return "empty"
+    if len(data) < 3:
+        return f"raw={to_hex(data)}"
+    vec_len = data[0]
+    versions: list[str] = []
+    for i in range(1, min(1 + vec_len, len(data)), 2):
+        if i + 1 >= len(data):
+            break
+        ver = read_u16be(data, i)
+        versions.append(f"0x{ver:04x}({TLS_VERSIONS.get(ver, 'unknown')})")
+    return "offered=[" + ", ".join(versions) + "]"
+
+
+def decode_key_share(data: list[int]) -> str:
+    if len(data) < 4:
+        return f"raw={to_hex(data)}"
+    group = read_u16be(data, 0)
+    key_len = read_u16be(data, 2)
+    key_hex = to_hex(data[4 : 4 + min(key_len, len(data) - 4)])
+    gname = NAMED_GROUPS.get(group, "unknown_group")
+    return f"group=0x{group:04x}({gname}), key_len={key_len}, key={key_hex}"
+
+
+def decode_alpn(data: list[int]) -> str:
+    if len(data) < 3:
+        return f"raw={to_hex(data)}"
+    total = read_u16be(data, 0)
+    pos = 2
+    vals: list[str] = []
+    limit = min(len(data), 2 + total)
+    while pos < limit:
+        ln = data[pos]
+        pos += 1
+        if pos + ln > limit:
+            break
+        raw = bytes(data[pos : pos + ln])
+        pos += ln
+        try:
+            vals.append(raw.decode("ascii"))
+        except UnicodeDecodeError:
+            vals.append(raw.hex())
+    return "protocols=[" + ", ".join(vals) + "]"
+
+
+def decode_extension(ext_type: int, data: list[int]) -> str:
+    if ext_type == 43:
+        return decode_supported_versions(data)
+    if ext_type == 51:
+        return decode_key_share(data)
+    if ext_type == 16:
+        return decode_alpn(data)
+    return f"raw={to_hex(data)}"
+
+
+def ts_to_iso(ts: Any) -> str:
+    if not isinstance(ts, int):
+        return "-"
+    return dt.datetime.fromtimestamp(ts, tz=dt.timezone.utc).isoformat()
+
+
+def recognize_profile(obj: dict[str, Any]) -> ProfileRecognition:
+    issues: list[str] = []
+
+    sh = as_dict(obj.get("server_hello_template"))
+    if not sh:
+        issues.append("missing server_hello_template")
+
+    version = normalize_u8_list(sh.get("version"))
+    if version and len(version) != 2:
+        issues.append("server_hello_template.version must have 2 bytes")
+
+    app_sizes = obj.get("app_data_records_sizes")
+    if not isinstance(app_sizes, list) or not app_sizes:
+        issues.append("missing app_data_records_sizes")
+    elif any((not isinstance(v, int) or v <= 0) for v in app_sizes):
+        issues.append("app_data_records_sizes contains invalid values")
+
+    if not isinstance(obj.get("total_app_data_len"), int):
+        issues.append("missing total_app_data_len")
+
+    cert_info = as_dict(obj.get("cert_info"))
+    has_cert_info = bool(
+        cert_info.get("subject_cn")
+        or cert_info.get("issuer_cn")
+        or cert_info.get("san_names")
+        or isinstance(cert_info.get("not_before_unix"), int)
+        or isinstance(cert_info.get("not_after_unix"), int)
+    )
+
+    cert_payload = as_dict(obj.get("cert_payload"))
+    cert_message_len = 0
+    cert_chain_count = 0
+    cert_chain_total_len = 0
+    has_full_cert_payload = False
+
+    if cert_payload:
+        cert_msg = normalize_u8_list(cert_payload.get("certificate_message"))
+        if not cert_msg:
+            issues.append("cert_payload.certificate_message is missing or invalid")
+        else:
+            cert_message_len = len(cert_msg)
+
+        chain_raw = cert_payload.get("cert_chain_der")
+        if not isinstance(chain_raw, list):
+            issues.append("cert_payload.cert_chain_der is missing or invalid")
+        else:
+            for entry in chain_raw:
+                cert = normalize_u8_list(entry)
+                if cert:
+                    cert_chain_count += 1
+                    cert_chain_total_len += len(cert)
+                else:
+                    issues.append("cert_payload.cert_chain_der has invalid certificate entry")
+                    break
+
+        has_full_cert_payload = cert_message_len > 0 and cert_chain_count > 0
+    elif obj.get("cert_payload") is not None:
+        issues.append("cert_payload is not an object")
+
+    if has_full_cert_payload:
+        schema = "current"
+        mode = "full-cert-payload"
+    elif has_cert_info:
+        schema = "current-compact"
+        mode = "compact-cert-info"
+    else:
+        schema = "legacy"
+        mode = "random-fallback"
+
+    if issues:
+        schema = f"{schema}+issues"
+
+    return ProfileRecognition(
+        schema=schema,
+        mode=mode,
+        has_cert_info=has_cert_info,
+        has_full_cert_payload=has_full_cert_payload,
+        cert_message_len=cert_message_len,
+        cert_chain_count=cert_chain_count,
+        cert_chain_total_len=cert_chain_total_len,
+        issues=issues,
+    )
+
+
+def decode_profile(path: Path) -> tuple[str, ProfileRecognition]:
+    obj: dict[str, Any] = json.loads(path.read_text(encoding="utf-8"))
+    recognition = recognize_profile(obj)
+
+    sh = as_dict(obj.get("server_hello_template"))
+    version = normalize_u8_list(sh.get("version"))
+    cipher = normalize_u8_list(sh.get("cipher_suite"))
+    random_bytes = normalize_u8_list(sh.get("random"))
+    session_id = normalize_u8_list(sh.get("session_id"))
+
+    lines: list[str] = []
+    lines.append(f"[{path.name}]")
+    lines.append(f"  domain: {obj.get('domain', '-')}")
+    lines.append(f"  profile.schema: {recognition.schema}")
+    lines.append(f"  profile.mode: {recognition.mode}")
+    lines.append(f"  profile.has_full_cert_payload: {recognition.has_full_cert_payload}")
+    lines.append(f"  profile.has_cert_info: {recognition.has_cert_info}")
+    if recognition.has_full_cert_payload:
+        lines.append(f"  profile.cert_message_len: {recognition.cert_message_len}")
+        lines.append(f"  profile.cert_chain_count: {recognition.cert_chain_count}")
+        lines.append(f"  profile.cert_chain_total_len: {recognition.cert_chain_total_len}")
+    if recognition.issues:
+        lines.append("  profile.issues:")
+        for issue in recognition.issues:
+            lines.append(f"    - {issue}")
+
+    lines.append(f"  tls.version: {decode_version_pair(version)}")
+    lines.append(f"  tls.cipher: {decode_cipher_suite(cipher)}")
+    lines.append(f"  tls.compression: {sh.get('compression', '-')}")
+    lines.append(f"  tls.random: {to_hex(random_bytes)}")
+    lines.append(f"  tls.session_id_len: {len(session_id)}")
+    if session_id:
+        lines.append(f"  tls.session_id: {to_hex(session_id)}")
+
+    app_sizes = obj.get("app_data_records_sizes", [])
+    if isinstance(app_sizes, list):
+        lines.append("  app_data_records_sizes: " + ", ".join(str(v) for v in app_sizes))
+    else:
+        lines.append("  app_data_records_sizes: -")
+    lines.append(f"  total_app_data_len: {obj.get('total_app_data_len', '-')}")
+
+    cert = as_dict(obj.get("cert_info"))
+    if cert:
+        lines.append("  cert_info:")
+        lines.append(f"    subject_cn: {cert.get('subject_cn') or '-'}")
+        lines.append(f"    issuer_cn: {cert.get('issuer_cn') or '-'}")
+        lines.append(f"    not_before: {ts_to_iso(cert.get('not_before_unix'))}")
+        lines.append(f"    not_after:  {ts_to_iso(cert.get('not_after_unix'))}")
+        sans = cert.get("san_names")
+        if isinstance(sans, list) and sans:
+            lines.append("    san_names: " + ", ".join(str(v) for v in sans))
+        else:
+            lines.append("    san_names: -")
+    else:
+        lines.append("  cert_info: -")
+
+    exts = sh.get("extensions", [])
+    if not isinstance(exts, list):
+        exts = []
+    lines.append(f"  extensions[{len(exts)}]:")
+    for ext in exts:
+        ext_obj = as_dict(ext)
+        ext_type = as_int(ext_obj.get("ext_type"), -1)
+        data = normalize_u8_list(ext_obj.get("data"))
+        name = EXT_NAMES.get(ext_type, "unknown")
+        decoded = decode_extension(ext_type, data)
+        lines.append(f"    - type={ext_type} ({name}), len={len(data)}: {decoded}")
+
+    lines.append("")
+    return ("\n".join(lines), recognition)
+
+
+def collect_files(input_path: Path) -> list[Path]:
+    if input_path.is_file():
+        return [input_path]
+    return sorted(p for p in input_path.glob("*.json") if p.is_file())
+
+
+def main() -> int:
+    parser = argparse.ArgumentParser(
+        description="Decode TLS profile JSON files and recognize current schema."
+    )
+    parser.add_argument(
+        "path",
+        nargs="?",
+        default="tlsfront",
+        help="Path to tlsfront directory or a single JSON file.",
+    )
+    parser.add_argument(
+        "--only-current",
+        action="store_true",
+        help="Show only profiles recognized as current/full-cert-payload.",
+    )
+    args = parser.parse_args()
+
+    base = Path(args.path)
+    if not base.exists():
+        print(f"Path not found: {base}")
+        return 1
+
+    files = collect_files(base)
+    if not files:
+        print(f"No JSON files found in: {base}")
+        return 1
+
+    printed = 0
+    for path in files:
+        try:
+            rendered, recognition = decode_profile(path)
+            if args.only_current and recognition.schema != "current":
+                continue
+            print(rendered, end="")
+            printed += 1
+        except Exception as e:  # noqa: BLE001
+            print(f"[{path.name}] decode error: {e}\n")
+
+    if args.only_current and printed == 0:
+        print("No current profiles found.")
+    return 0
+
+
+if __name__ == "__main__":
+    raise SystemExit(main())