[ech] TLSProxy and ECH

Stephen Farrell stephen.farrell at cs.tcd.ie
Thu Apr 6 13:54:21 UTC 2023


Just to bottom out on the thread...

On 22/03/2023 13:13, Stephen Farrell wrote:
> Anyway, that's what I plan to investigate next. Will get
> back when that's reached something someone could take a
> useful look at.

So I've not yet had to play with the TLSProxy - what I've
done for now is copy from ``test/sslcorrupttest.c`` in a
new set of tests [1] that replace the ECH encapsulated
public value and ciphertext in the outer client hello with
various borked encoded inner client hellos (freshly HPKE

That seems to exercise most of the new server ECH code
related to e.g. the compression stuff, so seems like it
provides a path to ending up being good enough. (I'm not
yet checking code coverage but plan that for later.)

Next step is to extend that to similarly muck with the
fewer ECH things that differ in server hello and HRR.

If anyone has a chance to take a peek at [1], I'd be very
happy to get any comments or suggestions.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE4D8E9F997A833DD.asc
Type: application/pgp-keys
Size: 1197 bytes
Desc: OpenPGP public key
URL: <https://mta.openssl.org/pipermail/ech/attachments/20230406/f4f4d06c/attachment.asc>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://mta.openssl.org/pipermail/ech/attachments/20230406/f4f4d06c/attachment.sig>

More information about the ech mailing list