Instantly share code, notes, and snippets.

@mimoo /whitelist.go
Last active Mar 14, 2017

Embed
What would you like to do?
Whitelist of state transitions for TLS 1.3
//
// Server Messages
//
// after server.server_hello
(server.server_hello, server.encrypted_extensions)
// after server.hello_retry_request)
(server.hello_retry_request, client.client_hello)
// after server.encrypted_extensions
(server.encrypted_extensions, server.certificate_request)
(server.encrypted_extensions, server.certificate)
(server.encrypted_extensions, server.finished) // PSK skip auth
// after server.certificate_request
(server.certificate_request, server.certificate)
(server.certificate_request, server.finished)
// after server.certificate
(server.certificate, server.certificate_verify)
// after server.certificate_verify
(server.certificate_verify, server.finished)
// after server.finished
(server.finished, server.application_data) // early server data
(server.finished, client.application_data) // early data
(server.finished, client.end_of_early_data)
(server.finished, client.certificate)
(server.finished, client.finished)
// after server.application_data
(server.application_data, client.finished)
(server.application_data, server.new_session_ticket)
(server.application_data, client.application_data)
(server.application_data, client.end_of_early_data) // early server app data
//
// Client
//
// after client.client_hello
(client.client_hello, server.server_hello)
(client.client_hello, server.hello_retry_request)
(client.client_hello, client.application_data) // early data
// after client.end_of_early_data
// NO -> (client.end_of_early_data, server.server_hello)
(client.end_of_early_data, server.application_data) // <- is this possible? (server can send app data after server.finished)
(client.end_of_early_data, client.certificate)
(client.end_of_early_data, client.finished)
// after client.certificate
(client.certificate, client.certificate_verify)
(client.certificate, client.finished) // empty certificate case
// after client.certificate_verify
(client.certificate_verify, client.finished)
// after client.finished
(client.finished, client.application_data)
(client.finished, server.new_session_ticket)
(client.finished, server.application_data) // in the case the client did not continue parsing messages after a server_finished
// after client.application_data
(client.application_data, server.application_data)
(client.application_data, server.new_session_ticket)
// NO -> (client.application_data, client.end_of_early_data)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment