syncsynchalt / Tincan Tls
Programming Languages
Projects that are alternatives of or similar to Tincan Tls
tincan-tls
This is a soup-to-nuts implementation of TLS 1.3 created by staring at documents for hours until code came out. The single goal was to establish a valid TLS session by any means possible and trick servers into talking to me.
This code is crude and lumpy and ugly. This is intentional and should serve as a warning to others: this code is not usable for real work. In particular the crypto code is slow and full of timing side-channels. Any attempts to clean things up will be viewed as an attempt to trick someone else into using this code and will be rejected.
To win a bet I implemented this with as few dependencies as possible.
The crypto library has only one dependency, crypto/rand
. This
caused some code to be particularly un-golangly as I couldn't create
error
objects.
Note: The above paragraphs are examples of bad software practices.
Usage
Build and run with the following:
go get github.com/syncsynchalt/tincan-tls/cmd/tincan-client
export PATH=$PATH:~/go/bin
tincan-client host port
Algorithms
The following algorithms were built for this implementation:
-
SHA-256
message digest - RFC 6234 -
HMAC
message authentication codes - RFC 2104 -
AES-128
symmetric cipher - FIPS 197 -
curve25519
(a particular elliptic curve) - RFC 7748 -
ECDHE
(Elliptic Curve Diffie-Hellman with Ephemeral keys) - RFC 4492 -
GCM
(Galois/Counter Mode) - NIST SP 800-38D -
HKDF
(HMAC Key Derivation Function) - RFC 5869