Pure-Rust DTLS

Overview

dustls, a pure-rust DTLS implementation

A DTLSv1.2 implementation in Rust, reusing rustls for cryptographic primitives and most message payload formats.

Note: This library is a work in progress, and (possibly) not yet tuned to the ecosystem.

Note: This library directly works with TLS records, logic, and Cipher Suites, and hasn't had a security audit (yet), use at your own risk.

Comments
  • Published name

    Published name

    I'm still undecided as how to publish the crate on crates.io, I have already tried to get into contact with the crate owner of dtls, and if that comes through, I'll use that.

    However, if it doesn't come through, I'd like an alternative name that can be instantly used. I've thought of rustls-dtls, but that would pledge and use the rustls namespace, which I am not 100% sure on yet.

    Funny or clever names are appreciated though :D

    help wanted 
    opened by ShadowJonathan 5
  • License

    License

    I currently chose the EUPL-1.2 license because I believe it could gain some recognition and interest as a government-created and legalised document, which would give projects using it more assured standing.

    However, in the wider context of usability, compatibility, and other licensing, I don't know if this is the right choice, I'd like to see what some opinions are on licensing, and if I should change it to something like MIT or Apache-2.

    (Of course, before doing that, I'll get consensus from all authors up until that point, so it's easier to change earlier than to do it later.

    Also, I'm only interested if the current license is too restrictive for use, I am not going to change to a viral copyleft license like AGPLv3, as it would hinder library use, which is the primary motivation for this library for me.)

    help wanted 
    opened by ShadowJonathan 3
  • Buffer application data when expecting flight 5 or 6

    Buffer application data when expecting flight 5 or 6

    DTLS implementations are likely to send application data alongside flight 5 or 6, without waiting for confirmation, we should buffer this application data and give it to the connection object to then be immediately decrypted.

    opened by ShadowJonathan 0
  • Replay Protection

    Replay Protection

    Brainstormed some ideas for anti-replay, and they're as follows;

    • Have a VecDeque with epoch and sequence information on the packets, plus their arrival time.
    • Have a "max age" parameter by which all older packets are discarded.

    The first would be done with a 24-byte structure as;

    pub struct PacketToken {
      epoch_seq: u64, // epoch and sequence in one
      at: Instant, // u128 on linux, u64 on macos and windows
    }
    

    This would discard anything older than 2 minutes, or FIFO at a max amount (configurable).

    The oldest packet will update the "max age" sequence counter when it is popped from the stack, but only if it is younger than the age parameter.

    Searching the VecDeque for a match when a packet comes in would introduce a little overhead, but at the cost of replay protection.

    It would also cause a little memory overhead. (On linux, approximately 2.4MB for 100k packets indexed (150MB at max MTU, so 2 minutes of +10MBps download speeds))

    opened by ShadowJonathan 0
  • Server `Handshaker` will not transition to `Connection` until client sends data

    Server `Handshaker` will not transition to `Connection` until client sends data

    The DTLS 1.2 handshake looks like thus; image

    All of this is able to be encapsulated in Handshaker objects, which handle all of this (+ retransmission) for the clients.

    Because of this, handshakes have a special API which makes them able to alert the program to wait until a certain moment to retransmit the packets they'd want to send.

    However, the 6th flight could get lost, either the CCS or the Finished packet, which means the client can get in a deadlock, see the following passage from [RFC6347];

       In addition, for at least twice the default MSL defined for [TCP],
       when in the FINISHED state, the node that transmits the last flight
       (the server in an ordinary handshake or the client in a resumed
       handshake) MUST respond to a retransmit of the peer's last flight
       with a retransmit of the last flight.  This avoids deadlock
       conditions if the last flight gets lost.
    

    However, this would block the server handshaker from transitioning into a connection object until the client has sent any application data.

    It would be more "correct" to wait until a client sends data, but depending on the application, the server might want to immediately start to send data.

    This could be especially problematic with resuming sessions, or #9, which might require this kind of "last state" to be certain before either side starts sending buffered data again.

    For now, I think it's more clean to wait for application data, but in the future I could add a "server handshaker mode" which immediately transitions to a connection object after finishing the last flight, but keeps it sealed and keeps it ready to be sent if the client were to send flight 5 again, this would be a ton of extra logic to keep, though.

    opened by ShadowJonathan 3
  • `DIO` and `SelectiveDIO` traits, and `DeMux`

    `DIO` and `SelectiveDIO` traits, and `DeMux`

    #13 gave requirement for something like Connection objects to become fall-through, however, i don't think this works well with the black-box approach.

    Furthermore, together with #10, I'd like to make something reusable and generic, so i'll settle with a set of traits, and an object/trait;

    • DIO, "Datagram In Out", would also immediately standardise a Datagram IO. This'll only be on connection objects for now, but i could possibly look if i can implement this for things like UdpSocket. This is only currently meant to signal "upwards" IO, inputs to this will go up an abstraction layer, outputs will go down towards more physical layers.
    • SelectiveDIO, basically DIO, but can reject a packet.
    • DeMux, i'm not entirely sure if this'll be an object or a trait, but effectively this'll store many SelectiveDIO objects, and try each one in sequence until one of them accepts. This way, a connection object (wrapped in a dynamic selector), or a SRTP sink/buffer, can be multiplexed over the same "path" that a router would select such an object for.

    I don't know how well this would work/clash with #9, as partially this is also supposed to solve that bit, where multiple connections can exist over the same peering, but this could be a generic enough solution for now.

    For #13, this could be implemented by providing a selector which only checks on the following; 127 < B < 192: forward to RTP Checking the first byte, and moving on if it doesn't match.

    Possibly, in the future, this could allow for a QUIC+DTLS dual endpoint and router.

    batteries 
    opened by ShadowJonathan 0
  • Requirements for use with WebRTC

    Requirements for use with WebRTC

    The WebRTC spec defines some requirements for the used DTLS implementation:

    At least the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher suite needs to be supported with support for the P-256. Both of these requirements are met in rustls (TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 & P-256).

    Firefox additionally has support for P-384 and x25519 as well as TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, and TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256. Chrome adds TLS_RSA_WITH_AES_128_GCM_SHA256 on top. Except the added one of chrome all are supported by rustls, so this is fine. Both Chrome and Firefox also have support for CBC ones, but I guess we can ignore them (at least for now).

    Furthermore, "Implementations MUST NOT implement DTLS renegotiation and MUST reject it with a "no_renegotiation" alert if offered." So I guess It would be nice if dtls-rs could allow to configure in which cases an alert should be created in addition to allow configuring stuff like renegotiation.

    The spec has some more API requirements I will not copy here. Could you have a look at them too?

    request 
    opened by valkum 1
Owner
Jonathan de Jong
amateur sysadmin, programs only sometime, likes coffee with sugar and milk
Jonathan de Jong
Highly experimental, pure-Rust big integer library

grou-num (Pronounced "groo", from the Chiac meaning "big") This package is a highly experimental, unstable big integer library. I would not recommend

Patrick Poitras 1 Dec 18, 2021
An implementation of Olm and Megolm in pure Rust.

A Rust implementation of Olm and Megolm vodozemac is a Rust implementation of libolm, a cryptographic library used for end-to-end encryption in Matrix

matrix.org 66 Dec 26, 2022
Pure Rust Implementation of secp256k1.

SECP256K1 implementation in pure Rust Cargo Documentation SECP256K1 implementation with no_std support. Currently we have implementation for: Convert

Parity Technologies 141 Dec 21, 2022
An mdBook single PDF generator using pure Rust and some Node.js

mdbook-compress An mdBook backend renderer to generate a single PDF file for a full book. There are other similar projects, but most rely on chrome in

nxe 44 Jan 20, 2023
Generic inventory system built in pure rust.

game_inventory A framework for generalizing inventory logic and abstracting it away from item data in your specific game. See more examples and specif

null 7 Jul 30, 2022
A pure-rust(with zero dependencies) fenwick tree, for the efficient computation of dynamic prefix sums.

indexset A pure-rust(with zero dependencies, no-std) fenwick tree, for the efficient computation of dynamic prefix sums. Background Did you ever have

Bruno Rucy Carneiro Alves de Lima 2 Jul 13, 2023
High-order Virtual Machine (HVM) is a pure functional compile target that is lazy, non-garbage-collected and massively parallel

High-order Virtual Machine (HVM) High-order Virtual Machine (HVM) is a pure functional compile target that is lazy, non-garbage-collected and massivel

null 5.5k Jan 2, 2023
Leetcode Solutions in Rust, Advent of Code Solutions in Rust and more

RUST GYM Rust Solutions Leetcode Solutions in Rust AdventOfCode Solutions in Rust This project demostrates how to create Data Structures and to implem

Larry Fantasy 635 Jan 3, 2023
Simple autoclicker written in Rust, to learn the Rust language.

RClicker is an autoclicker written in Rust, written to learn more about the Rust programming language. RClicker was was written by me to learn more ab

null 7 Nov 15, 2022
Rust programs written entirely in Rust

mustang Programs written entirely in Rust Mustang is a system for building programs built entirely in Rust, meaning they do not depend on any part of

Dan Gohman 561 Dec 26, 2022
Rust 核心库和标准库的源码级中文翻译,可作为 IDE 工具的智能提示 (Rust core library and standard library translation. can be used as IntelliSense for IDE tools)

Rust 标准库中文版 这是翻译 Rust 库 的地方, 相关源代码来自于 https://github.com/rust-lang/rust。 如果您不会说英语,那么拥有使用中文的文档至关重要,即使您会说英语,使用母语也仍然能让您感到愉快。Rust 标准库是高质量的,不管是新手还是老手,都可以从中

wtklbm 493 Jan 4, 2023
A library for extracting #[no_mangle] pub extern "C" functions (https://docs.rust-embedded.org/book/interoperability/rust-with-c.html#no_mangle)

A library for extracting #[no_mangle] pub extern "C" functions In order to expose a function with C binary interface for interoperability with other p

Dmitrii - Demenev 0 Feb 17, 2022
clone of grep cli written in Rust. From Chapter 12 of the Rust Programming Language book

minigrep is a clone of the grep cli in rust Minigrep will find a query string in a file. To test it out, clone the project and run cargo run body poem

Raunak Singh 1 Dec 14, 2021
Rust-blog - Educational blog posts for Rust beginners

pretzelhammer's Rust blog ?? I write educational content for Rust beginners and Rust advanced beginners. My posts are listed below in reverse chronolo

kirill 5.2k Jan 1, 2023
The ray tracer challenge in rust - Repository to follow my development of "The Raytracer Challenge" book by Jamis Buck in the language Rust

The Ray Tracer Challenge This repository contains all the code written, while step by implementing Ray Tracer, based on the book "The Ray Tracer Chall

Jakob Westhoff 54 Dec 25, 2022
Learn-rust-the-hard-way - "Learn C The Hard Way" by Zed Shaw Converted to Rust

Learn Rust The Hard Way This is an implementation of Zed Shaw's Learn X The Hard Way for the Rust Programming Language. Installing Rust TODO: Instruct

Ryan Levick 309 Dec 8, 2022
Learn to write Rust procedural macros [Rust Latam conference, Montevideo Uruguay, March 2019]

Rust Latam: procedural macros workshop This repo contains a selection of projects designed to learn to write Rust procedural macros — Rust code that g

David Tolnay 2.5k Dec 29, 2022
The Rust Compiler Collection is a collection of compilers for various languages, written with The Rust Programming Language.

rcc The Rust Compiler Collection is a collection of compilers for various languages, written with The Rust Programming Language. Compilers Language Co

null 2 Jan 17, 2022
Integra8 rust integration test framework Rust with a focus on productivity, extensibility, and speed.

integra8 Integra8 rust integration test framework Rust with a focus on productivity, extensibility, and speed. | This repo is in a "work in progress"

exceptional 3 Sep 26, 2022