Hello @jderuiter, I would like to use the statelearner on some of the newer TLS libraries/implementations out there to compare their state machines to some of the ones tested in your paper (Protocol state fuzzing of TLS implementations), one of them being rustls. One problem is that there doesn't seem to be any overlap in the ciphersuites either of them use, namely:
Ciphersuites used by statelearner:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
Ciphersuites used by rustls:
// TLS1.3 suites
TLS13_CHACHA20_POLY1305_SHA256
TLS13_AES_256_GCM_SHA384
TLS13_AES_128_GCM_SHA256
// TLS1.2 suites
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
I would like to add the TLS1.2 suite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 to statelearner, but is not clear to me what steps are necessary for doing this. So far I found the byte values that should go in the ClientHello for indicating usage of this suite, namely {0xC0, 0x2F}. I know the Java 8 security package has support for this ciphersuite as well, but from the code it is not clear to me how I can make use of this to extend statelearner.
Any ideas?
Hello @jderuiter, I would like to use the statelearner on some of the newer TLS libraries/implementations out there to compare their state machines to some of the ones tested in your paper (Protocol state fuzzing of TLS implementations), one of them being rustls. One problem is that there doesn't seem to be any overlap in the ciphersuites either of them use, namely:
Ciphersuites used by
statelearner:Ciphersuites used by
rustls:I would like to add the TLS1.2 suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256to statelearner, but is not clear to me what steps are necessary for doing this. So far I found the byte values that should go in the ClientHello for indicating usage of this suite, namely{0xC0, 0x2F}. I know the Java 8 security package has support for this ciphersuite as well, but from the code it is not clear to me how I can make use of this to extend statelearner.Any ideas?