[ech] TLSProxy and ECH

Stephen Farrell stephen.farrell at cs.tcd.ie
Tue Mar 21 21:45:41 UTC 2023


Hiya,

On 21/03/2023 20:51, Dmitry Belyavsky wrote:
> I have added some basic test scenarios using TLSfuzzer in openssl project,
> but I don't have capacity to improve this work yet.

Ah right, I see that now. Must give it a try. (I guess I
just need to clone tlsfuzzer in the right place and it'll
try run as part of ``make test``?)

> 
> I don't think it would be sufficient for including ECH upstream because it
> is an external test, and usually the internal one is requred, but it could
> be used as a starting point.

Fair point.

Also: to give an example in case it helps - one test that
needs to exist is where a bad set of outer extensions is
present after decrypting the ECH. Sadly that can't be done
by just modifying the outer ClientHello as all of the outer
ClientHello (except the ECH ciphertext) is used as the
AAD for encryption. So we need some code to generate an
encoded inner ClientHello that has bad values for the
outer extensions extension. Generating such a setup in
a reproducible manner will be a bit complicated no matter
what framework is used, so it mightn't be feasible (for
me) to do it more than once in the medium term.

Cheers,
S.


> 
>>
>> Cheers,
>> S.
>>
>>>
>>> On Tue, 21 Mar 2023, 20:19 Stephen Farrell, <stephen.farrell at cs.tcd.ie>
>>> wrote:
>>>
>>>>
>>>> Hiya,
>>>>
>>>> My possibly incorrect understanding is that the TLSProxy
>>>> is a bunch of perl code used for tests, that re-implements
>>>> variants of the TLS handshake so they can contain e.g. badly
>>>> encoded messages.
>>>>
>>>> Something like that is definitely needed to properly test
>>>> ECH, but I don't currently speak perl:-) So I wanted to
>>>> check if that perl TLSProxy code is the long term plan or
>>>> if it's something felt to be approaching end of life? (I'm
>>>> willing to try dive in to it, but don't wanna do that if
>>>> some other plan would be better longer term.)
>>>>
>>>> Thoughts?
>>>>
>>>> Thanks,
>>>> S.
>>>> --
>>>> ech mailing list
>>>> ech at openssl.org
>>>> https://mta.openssl.org/mailman/listinfo/ech
>>>>
>>>
>>
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE4D8E9F997A833DD.asc
Type: application/pgp-keys
Size: 1197 bytes
Desc: OpenPGP public key
URL: <https://mta.openssl.org/pipermail/ech/attachments/20230321/8f64583e/attachment.asc>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://mta.openssl.org/pipermail/ech/attachments/20230321/8f64583e/attachment.sig>


More information about the ech mailing list