draft-ietf-quic-tls 23 - Sample initial packet protection
gag83 E <gagliardieva@gmail.com> Mon, 23 September 2019 12:34 UTC
Return-Path: <gagliardieva@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 67CEE1200B3 for <quic@ietfa.amsl.com>; Mon, 23 Sep 2019 05:34:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2uNfsZJjayTX for <quic@ietfa.amsl.com>; Mon, 23 Sep 2019 05:34:52 -0700 (PDT)
Received: from mail-ed1-x52d.google.com (mail-ed1-x52d.google.com [IPv6:2a00:1450:4864:20::52d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD9791200B2 for <quic@ietf.org>; Mon, 23 Sep 2019 05:34:51 -0700 (PDT)
Received: by mail-ed1-x52d.google.com with SMTP id r4so12696910edy.4 for <quic@ietf.org>; Mon, 23 Sep 2019 05:34:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=MDl/AECgy1Fg4brR9ftTHUIESXVudMYS1HDufnbRUAg=; b=R5sgdkgb++2gzuDFLO5qyPqi2tkTow5oiLOtnrFaPCZUSHLSfVY/FrUeNJKgHcHbb2 ciNMkuLU/547Lv467tcbBBHubFZJzSYHyTsJOf2Ip16QcvRmGgHaIF3zlMspQmsx/5j9 LyZBtrfx0D/3ZgBdVe0k/bzkToOFsD1wjx1Oo6FQg0dAQiS0YSXBYsyqLUCEIDe/NKl2 mxl6kNNvnOttKRhbzGb+UouElsq0EQWCHIj8IJn9PMppKoJ9XZP1bkv92iPW92UUK/3n W1vfWOlIL+HmR/ZMXuO+3xoLNMyuYqfRcMpryfLSReOLyHyzgnWV8Lr83kiNszsWNfiO AjuQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=MDl/AECgy1Fg4brR9ftTHUIESXVudMYS1HDufnbRUAg=; b=QPTARiXjAftArQ5tI0EZnwDAimu7bsRABos4ylUncH3SO3K8TrwOrJ1MvXGSkHwWU8 u6Ut/HzMGztzha6nbM/Bx7O41NUSKbVrI4udfT4asKy/VKIogW/swBYzXkGzrM22EpSo o0eNPuIEq0WFwJZtc5jFMyuvoCQvNYmkjG+BW3LJGr8XRSNDy4voQxHY1zaAkqC9ahWp 3iTd4p9FQ+l1bxO3X7Ojscg5A7KSDWmcXy9jXXqmd9XkTsrfutO091YfJqHloF+hdM/L imCsBsG65fAFGs8e2dbi5cULka5S90lHCWGAAx+qAvgE7CTWhYVzmy7Qr+d+w+4WKfYJ X1rQ==
X-Gm-Message-State: APjAAAUJJFRS0iIWB3X1K5FqzrbkrrX8UPb7+K7m/LXQDxCfwAVXJzpT G5w7Kn6zw2IP79XdgYAOQu3gMGYtWPu+A7n10pORqxxD
X-Google-Smtp-Source: APXvYqwXzrYs0vzAwnCmI/i7Ikyp/ZpInXqDb6/QNxItbQzrOmGzaHlzW6HrbUXx8zXyJKwimbJp2T3QObO7eRWwSv0=
X-Received: by 2002:a50:d51b:: with SMTP id u27mr36443125edi.249.1569242089981; Mon, 23 Sep 2019 05:34:49 -0700 (PDT)
MIME-Version: 1.0
From: gag83 E <gagliardieva@gmail.com>
Date: Mon, 23 Sep 2019 14:34:38 +0200
Message-ID: <CAHgmBy7i1_LS+J1Yig4m_K2TtHnbzN4zzWLMhgpvmRk22c3B=A@mail.gmail.com>
Subject: draft-ietf-quic-tls 23 - Sample initial packet protection
To: quic@ietf.org
Content-Type: multipart/alternative; boundary="000000000000570b66059337a58a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/-iMohwc3m-STQ9yyM794BpYyyhQ>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Sep 2019 12:34:54 -0000
Hello, Still working on a QUIC implementation in Scapy, I tried to use the packet given in the appendix A of the draft-ietf-quic-tls-23 for my test with the existing implementations of QUIC. I realized that the packet didn't meet some requirements : In §8.2 : "The quic_transport_parameters extension is carried in the ClientHello and the EncryptedExtensions messages during the handshake. Endpoints MUST send the quic_transport_parameters extension; endpoints that receive ClientHello or EncryptedExtensions messages without the quic_transport_parameters extension MUST close the connection with an error of type 0x16d (equivalent to a fatal TLS missing_extension alert, see [ https://tools.ietf.org/html/draft-ietf-quic-tls-23#section-4.8 | Section 4.8 ] )." or the packet doesn't carry this extension. Moreover, there is no ALPN extension, which implied a connection error with some servers. I built the same packet with these extensions, which gave me for the unprotected packet : 06004103010000ff030300000000a0f7347c18f937001c8ea4f59c0b7aa3e1017dd24a35c6210b1448fd000006130113031302010000d00000000b0009000006736572766572ff01000100000a00140012001d0017001800190100010101020103010400230000003300260024001d00204cfdfcd178b784bf328cae793b136f2aedce005ff183d7bb14952072366470370010000800060568332d3232002b0003020304000d0020001e040305030603020308040805080604010501060102010402050206020202002d00020101001c00024001ffa5002f002d00050004800040000007000480004000000400048000800000080001010009000103000100026710000e000104 and for the protected packet : c4ff000017088394c8f03e5157080000449e725753ce53506563268a0da27b1cfb452cfc0ca6d8ae6d86b8fbd4ffeb62f858c3ab3686bd0ab958498e8128266b4daac473e68d7405fbba4e9ea716c87038bdbe908c06d9605d9ac49030359eecb1d05a14e117db8cede2bb09d0dbbfee271cb374d8f10abec82d0f59a1dee29fe95638ed8dd41da07487468791b719c55c46968eb3b54680037102a28e53dc1d12903db0af5821797041cfab36569267e37bfdf9d9befc639be87a6f6c63e9cd1dc1bbf518f13be9c1061f7b2171d05010d0e7176a4075f56d5f1a0f42334b7d1c8dd523bd879ada5d65c485daa6ca2825d74d2f942001cae0a8205412e470080cdc559a24c546e4fa3766092a7d393e53cd0163baab3f432b05bc2ac385681fcf37485dff6595e01e739c8ac9efba31b985d5f656cc092432d781db9522172487641c4d3ab8ece01e39bc85b15436614775a98ba8fa12d46f9b35e2a55eb72d7f85181a366663387ddc20551807e007673bd7e26bf9b29b5ab10a1ca87cbb7ad97e99eb66959c2a9bc3cbde4707ff7720b110fa95354674e395812e47a0ae53b464dcb2d1f345df360dc227270c750676f6724eb479f0d2fbb6124429990457ac6c9167f40aab739998f38b9eccb24fd47c8410131bf65a52af841275d5b3d1880b197df2b5dea3e6de56ebce3ffb6e9277a82082f8d9677a6767089b671ebd244c214f0bde95c2beb02cd1172d58bdf39dce56ff68eb35ab39b49b4eac7c815ea60451d6e6ab82119118df02a586844a9ffe162ba006d0669ef57668cab38b62f71a2523a084852cd1d079b3658dc2f3e87949b550bab3e177cfc49ed190dff0630e43077c30de8f6ae081537f1e83da537da980afa668e7b7fb25301cf741524be3c49884b42821f17552fbd1931a813017b6b6590a41ea18b6ba49cd48a440bd9a3346a7623fb4ba34a3ee571e3c731f35a7a3cf25b551a680fa68763507b7fde3aaf023c50b9d22da6876ba337eb5e9dd9ec3daf970242b6c5aab3aa4b296ad8b9f6832f686ef70fa938b31b4e5ddd7364442d3ea72e73d668fb0937796f462923a81a47e1cee7426ff6d9221269b5a62ec03d6ec94d12606cb485560bab574816009e96504249385bb61a819be04f62c2066214d8360a2022beb316240b6c7d78bbe56c13082e0ca272661210abf020bf3b5783f1426436cf9ff41840593a5d0638d32fc51c5c65ff291a3a7a52fd6775e623a4439cc08dd25582febc944ef92d8dbd329c91de3e9c9582e41f17f3d186f104ad3f90995116c682a2a14a3b4b1f547c335f0be710fc9fc03e0e587b8cda31ce65b969878a4ad4283e6d5b0373f43da86e9e0ffe1ae0fddd3516255bd74566f36a38703d5f34249ded1f66b3d9b45b9af2ccfefe984e13376b1b2c6404aa48c8026132343da3f3a33659ec1b3e95080540b28b7f3fcd35fa5d843b579a84c089121a60d8c1754915c344eeaf45a9bf27dc0c1e78416169122091313eb0e87555abd706626e557fc36a04fcd191a58829104d6075c5594f627ca506bf181daec940f4a4f3af0074eee89daacde6758312622d4fa675b39f728e062d2bee680d8f41a597c262648bb18bcfc13c8b3d97b1a77b2ac3af745d61a34cc4709865bac824a94bb19058015e4e42d5ebcfc51b52c32252c009a798d5b370f I built this packet in order to respect the 1200 bytes minimal size. I am considering injecting this in a pull request, unless this was made on purpose (in which case, what is it?). What would you think about it? Regardly, Eva Gagliardi