GithubHelp home page GithubHelp logo

Comments (5)

tomato42 avatar tomato42 commented on August 22, 2024

Since adding an extension will change the length of the extensions field and the length of the ClientHelllo, you need to recreate the changed ClientHello and then feed it into the HandshakeHashes object.
But at this point, why you just don't modify the the Client Hello from tlsfuzzer to include the extension in the first place?

Honestly, I'm not sure what you want to do: if you have a middle box that wants to change the CH message, then it needs to be a TLS endpoint, as that's the only way to calculate correct Finished message...

from tlslite-ng.

guilef avatar guilef commented on August 22, 2024

Since adding an extension will change the length of the extensions field and the length of the ClientHelllo, you need to recreate the changed ClientHello and then feed it into the HandshakeHashes object. But at this point, why you just don't modify the the Client Hello from tlsfuzzer to include the extension in the first place?

Honestly, I'm not sure what you want to do: if you have a middle box that wants to change the CH message, then it needs to be a TLS endpoint, as that's the only way to calculate correct Finished message...

Yes you are right, I have a middle box that append the custom CH field, adding an information that I want to extract on tlsliste-ng. The problem is that it raises a SSL_ERROR_BAD_MAC_ALERT during handshake.

Is there a way to disable MAC verification on tlslite-ng ?

from tlslite-ng.

tomato42 avatar tomato42 commented on August 22, 2024

No, there isn't an API to do that.

from tlslite-ng.

guilef avatar guilef commented on August 22, 2024

Thanks @tomato42 for your help.

One more question, is it possible to plug an flask/uwsgi app on tlslite-ng? I'm trying to change tls.py to do it, with no success so far.

from tlslite-ng.

tomato42 avatar tomato42 commented on August 22, 2024

no idea, never used flask or uwsgi, see into tlslite/integration for some examples of integrating tlslite-ng with other projects

from tlslite-ng.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.