Skip to content

[WIP] Define all extension data types #109

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 48 commits into
base: main
Choose a base branch
from
Draft

[WIP] Define all extension data types #109

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
48 commits
Select commit Hold shift + click to select a range
accb0d4
Move ClientExtensions to its own module
bugadani Apr 21, 2023
880872f
Paste spec to why server name is empty
bugadani Apr 21, 2023
301d7e4
Move KeyShare to its own module
bugadani Apr 21, 2023
13a9eca
Don't clone KeyShareEntry
bugadani Apr 21, 2023
ac9807d
Reuse KeyShare in client exts
bugadani Apr 21, 2023
3749ab1
Extract and clean up ServerName
bugadani Apr 21, 2023
be2134b
Log the encoded extension's type
bugadani Apr 21, 2023
936a628
Update MaxFragmentLength
bugadani Apr 21, 2023
e65a75b
Add unimplemented StatusRequest extension
bugadani Apr 21, 2023
f565716
Update SupportedGroups
bugadani Apr 21, 2023
20e1145
Simplify NamedGroup
bugadani Apr 21, 2023
ed559e5
Extract SignatureAlgorithms
bugadani Apr 21, 2023
6ff7804
Extract rest of the used extension types
bugadani Apr 21, 2023
cee7ffc
Clean up reading lists
bugadani Apr 21, 2023
3b88569
Split up CertificateEntryRef parsing
bugadani Apr 21, 2023
edf44a3
Clean up
bugadani Apr 21, 2023
5d87b83
Add ALPN
bugadani Apr 21, 2023
758dcb1
Add certificate_authorities extension
bugadani Apr 21, 2023
ee74454
Add oid_filter extension
bugadani Apr 21, 2023
0dab14d
Add post_handshake_auth
bugadani Apr 21, 2023
a3462d7
Add padding
bugadani Apr 21, 2023
c096ea7
Add use_srtp
bugadani Apr 21, 2023
3279961
Add (server|client)_certificate_type
bugadani Apr 21, 2023
0135a08
Add cookie
bugadani Apr 21, 2023
c0defed
Add early_data
bugadani Apr 21, 2023
4faddb0
Add heartbeat
bugadani Apr 21, 2023
017c93e
Add signed_certificate_timestamp
bugadani Apr 21, 2023
75f59da
Fix inconsistencies
bugadani Apr 21, 2023
4f7e2ef
Group extension data types by messages
bugadani Apr 21, 2023
321c325
Clean up
bugadani Apr 21, 2023
33f8768
Fix pre-shared key types
bugadani Apr 21, 2023
bce95a6
Fix SupportedVersions
bugadani Apr 21, 2023
9e9b9b0
Mark ServerHelloExtension checked
bugadani Apr 21, 2023
c8d104b
Rename module to extension_data
bugadani Apr 21, 2023
23c3dcd
Unify derives
bugadani Apr 21, 2023
1367d64
Deduplicate implementations using a macro
bugadani Apr 21, 2023
a33bd84
Clarify EncryptedExtensions
bugadani Apr 21, 2023
8d38b39
Flatten hierarchy a bit
bugadani Apr 21, 2023
02f327b
Return TlsError from extgroup parse
bugadani Apr 21, 2023
56b3a49
Use new ext group when processing server hello
bugadani Apr 21, 2023
e796ccb
Use new ext group when processing encrypted extensions
bugadani Apr 21, 2023
6c749f9
Use new ext group when processing cert request
bugadani Apr 21, 2023
af52f35
Parse extension data length and only pass data buffer to parser
bugadani Apr 21, 2023
a9338fa
Fix server name type in EncryptedExtensions
bugadani Apr 21, 2023
2faebc6
Allow reading more supported groups
bugadani Apr 21, 2023
52c0711
Update remaining messages
bugadani Apr 21, 2023
dacfb5d
Unify import style
bugadani Apr 21, 2023
0839c1f
Hide the extension_group macro
bugadani Apr 21, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions rustfmt.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1,4 @@
edition = "2021"
imports_granularity = "crate"
imports_layout = "vertical"
reorder_imports = true
8 changes: 5 additions & 3 deletions src/alert.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
use crate::buffer::CryptoBuffer;
use crate::parse_buffer::ParseBuffer;
use crate::TlsError;
use crate::{
buffer::CryptoBuffer,
parse_buffer::ParseBuffer,
TlsError,
};

#[derive(Debug, Clone, Copy)]
#[cfg_attr(feature = "defmt", derive(defmt::Format))]
Expand Down
11 changes: 8 additions & 3 deletions src/application_data.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
use crate::buffer::*;
use crate::record::RecordHeader;
use core::fmt::{Debug, Formatter};
use crate::{
buffer::*,
record::RecordHeader,
};
use core::fmt::{
Debug,
Formatter,
};

pub struct ApplicationData<'a> {
pub(crate) header: RecordHeader,
Expand Down
56 changes: 39 additions & 17 deletions src/asynch.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,26 +1,48 @@
use crate::common::decrypted_buffer_info::DecryptedBufferInfo;
use crate::common::decrypted_read_handler::DecryptedReadHandler;
use crate::connection::*;
use crate::key_schedule::KeySchedule;
use crate::key_schedule::{ReadKeySchedule, SharedState, WriteKeySchedule};
use crate::read_buffer::ReadBuffer;
use crate::record::{ClientRecord, ClientRecordHeader};
use crate::record_reader::RecordReader;
use crate::split::{SplitState, SplitStateContainer};
use crate::write_buffer::WriteBuffer;
use crate::TlsError;
use embedded_io::asynch::BufRead;
use embedded_io::Error as _;
use crate::{
common::{
decrypted_buffer_info::DecryptedBufferInfo,
decrypted_read_handler::DecryptedReadHandler,
},
connection::*,
key_schedule::{
KeySchedule,
ReadKeySchedule,
SharedState,
WriteKeySchedule,
},
read_buffer::ReadBuffer,
record::{
ClientRecord,
ClientRecordHeader,
},
record_reader::RecordReader,
split::{
SplitState,
SplitStateContainer,
},
write_buffer::WriteBuffer,
TlsError,
};
use embedded_io::{
asynch::{Read as AsyncRead, Write as AsyncWrite},
asynch::{
BufRead,
Read as AsyncRead,
Write as AsyncWrite,
},
Error as _,
Io,
};
use rand_core::{CryptoRng, RngCore};
use rand_core::{
CryptoRng,
RngCore,
};

pub use crate::config::*;
#[cfg(feature = "std")]
pub use crate::split::ManagedSplitState;
pub use crate::split::SplitConnectionState;
pub use crate::{
config::*,
split::SplitConnectionState,
};

/// Type representing an async TLS connection. An instance of this type can
/// be used to establish a TLS connection, write and read encrypted data over this connection,
Expand Down
56 changes: 39 additions & 17 deletions src/blocking.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,26 +1,48 @@
use crate::common::decrypted_buffer_info::DecryptedBufferInfo;
use crate::common::decrypted_read_handler::DecryptedReadHandler;
use crate::connection::*;
use crate::key_schedule::KeySchedule;
use crate::key_schedule::{ReadKeySchedule, SharedState, WriteKeySchedule};
use crate::read_buffer::ReadBuffer;
use crate::record::{ClientRecord, ClientRecordHeader};
use crate::record_reader::RecordReader;
use crate::split::{SplitState, SplitStateContainer};
use crate::write_buffer::WriteBuffer;
use embedded_io::blocking::BufRead;
use embedded_io::Error as _;
use crate::{
common::{
decrypted_buffer_info::DecryptedBufferInfo,
decrypted_read_handler::DecryptedReadHandler,
},
connection::*,
key_schedule::{
KeySchedule,
ReadKeySchedule,
SharedState,
WriteKeySchedule,
},
read_buffer::ReadBuffer,
record::{
ClientRecord,
ClientRecordHeader,
},
record_reader::RecordReader,
split::{
SplitState,
SplitStateContainer,
},
write_buffer::WriteBuffer,
};
use embedded_io::{
blocking::{Read, Write},
blocking::{
BufRead,
Read,
Write,
},
Error as _,
Io,
};
use rand_core::{CryptoRng, RngCore};
use rand_core::{
CryptoRng,
RngCore,
};

pub use crate::config::*;
#[cfg(feature = "std")]
pub use crate::split::ManagedSplitState;
pub use crate::split::SplitConnectionState;
pub use crate::TlsError;
pub use crate::{
config::*,
split::SplitConnectionState,
TlsError,
};

/// Type representing a TLS connection. An instance of this type can
/// be used to establish a TLS connection, write and read encrypted data over this connection,
Expand Down
6 changes: 4 additions & 2 deletions src/buffer.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
use crate::TlsError;
use aes_gcm::aead::Buffer;
use aes_gcm::Error;
use aes_gcm::{
aead::Buffer,
Error,
};

pub struct CryptoBuffer<'b> {
buf: &'b mut [u8],
Expand Down
16 changes: 0 additions & 16 deletions src/certificate_types.rs
View file
Open in desktop

This file was deleted.

8 changes: 5 additions & 3 deletions src/change_cipher_spec.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
use crate::buffer::CryptoBuffer;
use crate::parse_buffer::ParseBuffer;
use crate::TlsError;
use crate::{
buffer::CryptoBuffer,
parse_buffer::ParseBuffer,
TlsError,
};
use generic_array::ArrayLength;

#[derive(Debug, Copy, Clone)]
Expand Down
7 changes: 5 additions & 2 deletions src/common/decrypted_read_handler.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,11 @@ use core::ops::Range;
use generic_array::ArrayLength;

use crate::{
alert::AlertDescription, common::decrypted_buffer_info::DecryptedBufferInfo,
handshake::ServerHandshake, record::ServerRecord, TlsError,
alert::AlertDescription,
common::decrypted_buffer_info::DecryptedBufferInfo,
handshake::ServerHandshake,
record::ServerRecord,
TlsError,
};

pub struct DecryptedReadHandler<'a> {
Expand Down
56 changes: 42 additions & 14 deletions src/config.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,20 +1,48 @@
use crate::cipher_suites::CipherSuite;
use crate::handshake::certificate::CertificateRef;
use crate::handshake::certificate_verify::CertificateVerify;
pub use crate::max_fragment_length::MaxFragmentLength;
use crate::named_groups::NamedGroup;
use crate::signature_schemes::SignatureScheme;
use crate::TlsError;
use aes_gcm::{AeadInPlace, Aes128Gcm, Aes256Gcm, KeyInit};
use crate::{
cipher_suites::CipherSuite,
extensions::extension_data::{
signature_algorithms::SignatureScheme,
supported_groups::NamedGroup,
},
handshake::{
certificate::CertificateRef,
certificate_verify::CertificateVerify,
},
TlsError,
};
use aes_gcm::{
AeadInPlace,
Aes128Gcm,
Aes256Gcm,
KeyInit,
};
use core::marker::PhantomData;
use digest::core_api::BlockSizeUser;
use digest::{Digest, FixedOutput, OutputSizeUser, Reset};
use digest::{
core_api::BlockSizeUser,
Digest,
FixedOutput,
OutputSizeUser,
Reset,
};
use generic_array::ArrayLength;
use heapless::Vec;
use rand_core::{CryptoRng, RngCore};
pub use sha2::Sha256;
pub use sha2::Sha384;
use typenum::{Sum, U10, U12, U16, U32};
use rand_core::{
CryptoRng,
RngCore,
};
pub use sha2::{
Sha256,
Sha384,
};
use typenum::{
Sum,
U10,
U12,
U16,
U32,
};

pub use crate::extensions::extension_data::max_fragment_length::MaxFragmentLength;

const TLS_RECORD_MAX: usize = 16384;
pub const TLS_RECORD_OVERHEAD: usize = 128;
Expand Down
52 changes: 40 additions & 12 deletions src/connection.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,22 +1,46 @@
use crate::config::{TlsCipherSuite, TlsConfig, TlsVerifier};
use crate::handshake::{ClientHandshake, ServerHandshake};
use crate::key_schedule::{HashOutputSize, KeySchedule, ReadKeySchedule, WriteKeySchedule};
use crate::record::{ClientRecord, ServerRecord};
use crate::record_reader::RecordReader;
use crate::write_buffer::WriteBuffer;
use crate::TlsError;
use crate::{
alert::*,
handshake::{certificate::CertificateRef, certificate_request::CertificateRequest},
config::{
TlsCipherSuite,
TlsConfig,
TlsVerifier,
},
handshake::{
certificate::CertificateRef,
certificate_request::CertificateRequest,
ClientHandshake,
ServerHandshake,
},
key_schedule::{
HashOutputSize,
KeySchedule,
ReadKeySchedule,
WriteKeySchedule,
},
record::{
ClientRecord,
ServerRecord,
},
record_reader::RecordReader,
write_buffer::WriteBuffer,
TlsError,
};
use core::fmt::Debug;
use embedded_io::Error as _;
use rand_core::{CryptoRng, RngCore};
use rand_core::{
CryptoRng,
RngCore,
};

use embedded_io::blocking::{Read as BlockingRead, Write as BlockingWrite};
use embedded_io::blocking::{
Read as BlockingRead,
Write as BlockingWrite,
};

#[cfg(feature = "async")]
use embedded_io::asynch::{Read as AsyncRead, Write as AsyncWrite};
use embedded_io::asynch::Read as AsyncRead;
#[cfg(feature = "async")]
use embedded_io::asynch::Write as AsyncWrite;

use crate::application_data::ApplicationData;
// use crate::handshake::certificate_request::CertificateRequest;
Expand All @@ -38,7 +62,11 @@ use crate::content_types::ContentType;
// use crate::handshake::new_session_ticket::NewSessionTicket;
// use crate::handshake::server_hello::ServerHello;
use crate::parse_buffer::ParseBuffer;
use aes_gcm::aead::{AeadCore, AeadInPlace, KeyInit};
use aes_gcm::aead::{
AeadCore,
AeadInPlace,
KeyInit,
};

pub(crate) fn decrypt_record<CipherSuite>(
key_schedule: &mut ReadKeySchedule<CipherSuite>,
Expand Down
6 changes: 4 additions & 2 deletions src/crypto_engine.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
use crate::application_data::ApplicationData;
use crate::named_groups::NamedGroup;
use crate::{
application_data::ApplicationData,
extensions::extension_data::supported_groups::NamedGroup,
};
use p256::ecdh::SharedSecret;

pub struct CryptoEngine {
Expand Down
Loading