Add new ClientHellos (#122)

* Add new ClientHellos Also add faked support for token binding, ALPS, and delegated credentials * Remove FakeALPSExtension in favor of existing ApplicationSettingsExtension
2025-04-03 20:17:36 +03:00 · 2022-10-11 17:33:46 -06:00 · 2022-10-11 17:33:46 -06:00 · 425e0192ad
commit 425e0192ad
parent f781b699a2
5 changed files with 899 additions and 12 deletions
--- a/u_tls_extensions.go
+++ b/u_tls_extensions.go
@ -356,6 +356,17 @@ func (e *ALPNExtension) Read(b []byte) (int, error) {
 	return e.Len(), io.EOF
 }

+// ApplicationSettingsExtension represents the TLS ALPS extension. At the time
+// of this writing, this extension is currently a draft:
+// https://datatracker.ietf.org/doc/html/draft-vvv-tls-alps-01
+//
+// This library does not offer actual support for ALPS. This extension is
+// "faked" - it is advertised by the client, but not respected if the server
+// responds with support.
+//
+// In the normal convention of this library, this type name would be prefixed
+// with 'Fake'. The existing name is retained for backwards compatibility
+// reasons.
 type ApplicationSettingsExtension struct {
 	SupportedProtocols []string
 }
@ -378,8 +389,8 @@ func (e *ApplicationSettingsExtension) Read(b []byte) (int, error) {
 	}

 	// Read Type.
-	b[0] = byte(extensionALPS >> 8)   // hex: 44 dec: 68
-	b[1] = byte(extensionALPS & 0xff) // hex: 69 dec: 105
+	b[0] = byte(fakeExtensionALPS >> 8)   // hex: 44 dec: 68
+	b[1] = byte(fakeExtensionALPS & 0xff) // hex: 69 dec: 105

 	lengths := b[2:] // get the remaining buffer without Type
 	b = b[6:]        // set the buffer to the buffer without Type, Length and ALPS Extension Length (so only the Supported ALPN list remains)
@ -834,6 +845,8 @@ FAKE EXTENSIONS
 */

 type FakeChannelIDExtension struct {
+	// The extension ID changed from 30031 to 30032. Set to true to use the old extension ID.
+	OldExtensionID bool
 }

 func (e *FakeChannelIDExtension) writeToUConn(uc *UConn) error {
@ -848,9 +861,13 @@ func (e *FakeChannelIDExtension) Read(b []byte) (int, error) {
 	if len(b) < e.Len() {
 		return 0, io.ErrShortBuffer
 	}
+	extensionID := fakeExtensionChannelID
+	if e.OldExtensionID {
+		extensionID = fakeExtensionChannelIDOld
+	}
 	// https://tools.ietf.org/html/draft-balfanz-tls-channelid-00
-	b[0] = byte(fakeExtensionChannelID >> 8)
-	b[1] = byte(fakeExtensionChannelID & 0xff)
+	b[0] = byte(extensionID >> 8)
+	b[1] = byte(extensionID & 0xff)
 	// The length is 0
 	return e.Len(), io.EOF
 }
@ -911,3 +928,69 @@ func (e *DelegatedCredentialsExtension) Read(b []byte) (int, error) {
 	}
 	return e.Len(), io.EOF
 }
+
+// https://tools.ietf.org/html/rfc8472#section-2
+
+type FakeTokenBindingExtension struct {
+	MajorVersion, MinorVersion uint8
+	KeyParameters              []uint8
+}
+
+func (e *FakeTokenBindingExtension) writeToUConn(uc *UConn) error {
+	return nil
+}
+
+func (e *FakeTokenBindingExtension) Len() int {
+	// extension ID + data length + versions + key parameters length + key parameters
+	return 2 + 2 + 2 + 1 + len(e.KeyParameters)
+}
+
+func (e *FakeTokenBindingExtension) Read(b []byte) (int, error) {
+	if len(b) < e.Len() {
+		return 0, io.ErrShortBuffer
+	}
+	dataLen := e.Len() - 4
+	b[0] = byte(fakeExtensionTokenBinding >> 8)
+	b[1] = byte(fakeExtensionTokenBinding & 0xff)
+	b[2] = byte(dataLen >> 8)
+	b[3] = byte(dataLen & 0xff)
+	b[4] = e.MajorVersion
+	b[5] = e.MinorVersion
+	b[6] = byte(len(e.KeyParameters))
+	if len(e.KeyParameters) > 0 {
+		copy(b[7:], e.KeyParameters)
+	}
+	return e.Len(), io.EOF
+}
+
+// https://datatracker.ietf.org/doc/html/draft-ietf-tls-subcerts-15#section-4.1.1
+
+type FakeDelegatedCredentialsExtension struct {
+	SupportedSignatureAlgorithms []SignatureScheme
+}
+
+func (e *FakeDelegatedCredentialsExtension) writeToUConn(uc *UConn) error {
+	return nil
+}
+
+func (e *FakeDelegatedCredentialsExtension) Len() int {
+	return 6 + 2*len(e.SupportedSignatureAlgorithms)
+}
+
+func (e *FakeDelegatedCredentialsExtension) Read(b []byte) (int, error) {
+	if len(b) < e.Len() {
+		return 0, io.ErrShortBuffer
+	}
+	// https://datatracker.ietf.org/doc/html/draft-ietf-tls-subcerts-15#section-4.1.1
+	b[0] = byte(fakeExtensionDelegatedCredentials >> 8)
+	b[1] = byte(fakeExtensionDelegatedCredentials)
+	b[2] = byte((2 + 2*len(e.SupportedSignatureAlgorithms)) >> 8)
+	b[3] = byte((2 + 2*len(e.SupportedSignatureAlgorithms)))
+	b[4] = byte((2 * len(e.SupportedSignatureAlgorithms)) >> 8)
+	b[5] = byte((2 * len(e.SupportedSignatureAlgorithms)))
+	for i, sigAndHash := range e.SupportedSignatureAlgorithms {
+		b[6+2*i] = byte(sigAndHash >> 8)
+		b[7+2*i] = byte(sigAndHash)
+	}
+	return e.Len(), io.EOF
+}