pierrelf.com / we
we (web engine): Experimental web browser project to understand the limits of Claude
fork atom

TLS 1.3 record layer (RFC 8446) #59

open opened by pierrelf.com

Phase 6: TLS 1.3 Record Layer#

Implement the TLS 1.3 record layer protocol in the net crate for framing and encrypting/decrypting TLS records.

Requirements#

  • Record types (RFC 8446 §5.1):
    • ContentType: ChangeCipherSpec (20), Alert (21), Handshake (22), ApplicationData (23)
    • Record header: content type (1 byte), legacy version (2 bytes), length (2 bytes)
  • Plaintext records: read/write TLS records over TCP
    • TlsRecord { content_type, data }
    • read_record(stream) -> Result<TlsRecord>
    • write_record(stream, record) -> Result<()>
  • Encrypted records (RFC 8446 §5.2):
    • AEAD encryption using AES-128-GCM, AES-256-GCM, or ChaCha20-Poly1305
    • Per-record nonce construction: XOR base IV with sequence number
    • Inner content type (appended to plaintext before encryption)
    • Padding support (optional)
  • Record size limits: max 2^14 bytes plaintext, max 2^14+256 bytes ciphertext
  • Alert protocol: parse and generate alert messages (close_notify, fatal errors)

Dependencies#

  • TCP socket wrapper (from prior issue)
  • we-crypto crate: AES-GCM, ChaCha20-Poly1305

Acceptance Criteria#

  • Read and write plaintext TLS records
  • Encrypt records with AES-128-GCM and ChaCha20-Poly1305
  • Decrypt records with proper nonce sequencing
  • Content type hiding (inner content type in encrypted records)
  • Record size enforcement
  • Alert message handling (at least close_notify)
  • Tests for record framing, encryption round-trips, nonce generation (20+ tests)
  • cargo clippy and cargo fmt clean
sign up or login to add to the discussion
Labels

None yet.

assignee

None yet.

Participants 1
AT URI
at://did:plc:meotu43t6usg4qdwzenk4s2t/sh.tangled.repo.issue/3mguyksag672c