[Security] an "XTLS" approach

Justin Karneges justin at affinix.com
Thu Mar 22 13:48:37 CDT 2007


On Thursday 22 March 2007 10:36 am, Jakob Schroeter wrote:
> [*] GnuTLS twice spits out 3 pieces of handshake data in a row. These can
> be combined and sent in one stanza.

Yes.

> The stanzas I was sending look like this:
>
> <message ...>
>   <xtls xmlns='xtls:test'>
>     base64( raw_tls_data )
>   </xtls>
> </message>
>
> I do not start an additional XML stream here, so I believe this format is
> similar to what is used in ESessions, where all stanza child elements which
> don't contain routing information are encrypted and put in a <c/> element.

TLS is meant to be used as a stream.  Even your GnuTLS wrapper, with its 
spontaneous callbacks, reflects this.  So I still think this packetized usage 
of TLS is very strange.

Granted, it is probably safe to assume that the TLS library will report all 
outgoing data immediately, both for handshake or encrypted user data.  If it 
doesn't do it in one call, then it would occur in several calls over 
one "pass" (like you noticed with the gnutls handshake).  I make this 
assumption as well in my own code, as it is the only way I know of to track 
when plaintext data has been fully processed by a TLS library that otherwise 
doesn't report it (e.g. OpenSSL).

However, shaping TLS packets in such a way that we effectively packetize the 
decoded plaintext, even if we can pull it off, just seems weird.  TLS is a 
stream, let's use it like a stream.

-Justin


More information about the Security mailing list