-
Notifications
You must be signed in to change notification settings - Fork 589
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WIP: ECH Draft-10 serialization code #539
Conversation
Codecov Report
@@ Coverage Diff @@
## main #539 +/- ##
==========================================
- Coverage 96.78% 96.39% -0.40%
==========================================
Files 51 53 +2
Lines 8962 9121 +159
==========================================
+ Hits 8674 8792 +118
- Misses 288 329 +41
Continue to review full report at Codecov.
|
I'm happy to add some tests to keep the handshake.rs coverage up, but the CI coverage job seems to be failing in bogo/ |
Looks like the min-version checks are failing due to code that rust-hpke is pulling in, so I'll ignore that for now. Going to refactor HPKEKeyPair a bit to carry its algorithm with it. |
Looks like there will be a renamed TLS struct and DNS field, based on discussion and patches in and |
I don't really like Cloudflare's ECHKey serialization, but I'll keep the code around for now to facilitate testing. |
When it came time to write the HPKE tests, I found myself wondering what data would be available. So I had to hack in a demonstration of the API @ctz suggested here: #318 (comment) I think it will be a little nicer once HelloData (or whatever we call it) is threaded through the handshake code. extra_exts isn't easy to use with ClientSession::new right now, and ECH adds a few more variations of that problem. |
Oops, that broke quic. I will use |
Probably useful to extract that part into a separate PR? |
I agree. I just needed to figure it out before I did the rest of the HPKE stuff. I think your other PRs on the handshake code will change it too. |
I've gotten this to the point that I'm digging through the various Expect* structs after any HRR. At that point, only the dns_name is needed, so I'm looking for the boundary where I can stop using "HelloData" and just pass the dns_name on. I think that same boundary will be where ECH ends too. I'll do a PR for just the handshake changes, which can simply combine dns_name + extra_exts into a struct initially, after #547 lands. Then, a new EncryptedHost struct can be added later. It will be useful through HRR as well. |
Closing in favor of #663. |
In the interest of sharing early and often, here's code that serializes and deserializes ECH draft-09 ECHConfig records. The test record is from a live server at crypto.cloudflare.com. Part of addressing #508.
The next step is to add a little demo Trust-DNS client that pulls this record and parses it. I'll add the SVCB/HTTPS-RR code to Trust-DNS if need be. The Trust-DNS issue is hickory-dns/hickory-dns#1323. I used a Python library to pull the ECHConfig for this test, as described in #508.
After that, I think I'll start prototyping with the rust-hpke crate, since it has the older HPKE code needed for draft-09. I don't really think ring should bother with it, and instead just focus on the newest HPKE draft.
cc @djc @briansmith @ctz