Skip to content

Instantly share code, notes, and snippets.

@slanterns

slanterns/0-rtt

Created July 31, 2022 07:42
Show Gist options
  • Save slanterns/6c36dc92727e271c26d011c1224df153 to your computer and use it in GitHub Desktop.
Save slanterns/6c36dc92727e271c26d011c1224df153 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
0-rtt
slanterns@LAPTOP-EGD4SAUE:~$ openssl s_client -connect slanterns.net:443 -tls1_3 -keylogfile=sslkeylog.log -sess_out=tls13.sess CONNECTED(00000006)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = slanterns.net
verify return:1
---
Certificate chain
0 s:CN = slanterns.net
i:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
1 s:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
i:O = Digital Signature Trust Co., CN = DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIEmTCCA4GgAwIBAgISA4Y+ta1gKncgGuoslevzH/ZVMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEwMjgwMTE5MzlaFw0y
MDAxMjYwMTE5MzlaMBgxFjAUBgNVBAMTDXNsYW50ZXJucy5uZXQwWTATBgcqhkjO
PQIBBggqhkjOPQMBBwNCAATacQKwkzgpaG5aCknInudPKSHj/HJYHhkF/zpF7qLj
Td+UiLcjAT4SvHZzmbqLdY/bowsBkD5jTFyT0VksMkc4o4ICdDCCAnAwDgYDVR0P
AQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBTKj9NC5scfVKVTi4a8t5AB/ZDNOTAfBgNVHSMEGDAW
gBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUH
MAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUH
MAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMCkGA1UdEQQi
MCCCDyouc2xhbnRlcm5zLm5ldIINc2xhbnRlcm5zLm5ldDBMBgNVHSAERTBDMAgG
BmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3Bz
LmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2AF6nc/nf
VsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABbhApZrUAAAQDAEcwRQIhAMp/
0rGMvXuey4YyWH7vhjpqNsNbh8w7B7SYvJfPBzrsAiAEs2ch0yoTRtBWCNUspKrw
NX2vGisPSbiMTi/qjXyjOwB3ALIeBcyLos2KIE6HZvkruYolIGdr2vpw57JJUy3v
i5BeAAABbhApZqAAAAQDAEgwRgIhAIuLqRewZ2HcZilBmJCU23qGtkiTNQBPSnEw
UZbQJTcnAiEAg0o+9Au7S7BZBH3bxpPyGbs4q6raVRfSEQ0lWRO9ubQwDQYJKoZI
hvcNAQELBQADggEBAEdHKPkuQW03AULdQYH8duVw/6brMYFVk7Xle8Z+84UC3dHB
tol5vGth48Z4bFsLU7GUB47NVq3Jsk4Yzd/v2iZe1XG7HPZQaHyga1zs6brGKw2e
ljzL3mhIBWImMBUcZxdTJeqTjKdTdUhfZDkJH4QHskn+zlI0bAtUqt05xyCNNs0c
iaT8i8ZMxBP8FC1CLISxmuukAbguR4kpZuiuLQTnb6UMv1imcTYUAa9EBqgCTe7L
lN0B/ALwzMkGR/YmLlRtes3/ip44REc0W+9XmayRGR9Uv5Fhqv+iL5mRJgY3Zd8E
y/d3JNcXm84d5r8wanWDpOzYDJuX6pf3aGW3sQs=
-----END CERTIFICATE-----
subject=CN = slanterns.net
issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: ECDSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 2736 bytes and written 317 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 256 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Session-ID: CBE23F912AD959995156C97B673455E283D46E076E1C03C83EBA6266B1FB29B3
Session-ID-ctx:
Resumption PSK: 68917712053F1F6D32008157EDECF69342C36BA74A4E5DAB9A3162D70F47E6D43E827097F42F0066E9336AE3E5DE5452 PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 172800 (seconds)
TLS session ticket:
0000 - a8 0a fe 20 c7 f0 02 3f-6b e7 89 19 b8 7b a4 e5 ... ...?k....{..
0010 - 58 15 61 a2 25 66 1e fd-3c 4b 32 7b c1 eb 0d ae X.a.%f..<K2{....
0020 - 89 88 4a 9a ed 4f b9 da-65 f0 76 0a d7 cf 77 c7 ..J..O..e.v...w.
0030 - 02 29 a0 fc 89 69 c6 13-1f 00 82 05 b1 49 04 3a .)...i.......I.:
0040 - 23 af 2c 9f 1b 98 bc 1a-a2 d4 cf 5f 28 d1 e9 d7 #.,........_(...
0050 - 3f 25 fa a0 e6 90 91 2e-33 04 46 b7 c8 fe d6 0c ?%......3.F.....
0060 - 56 f1 93 e2 b9 f7 6f f7-ce 68 88 72 c7 94 15 91 V.....o..h.r....
0070 - 73 3e 15 e6 22 94 6c 92-3b 23 de dd 7b 59 05 d6 s>..".l.;#..{Y..
0080 - b5 79 0d 0b f9 dc 93 20-d3 69 13 dc e7 e9 e7 ec .y..... .i......
0090 - 11 fd 5b 61 4d d7 97 b6-8a 9f 01 ac a9 51 fb f0 ..[aM........Q..
00a0 - 62 e3 ac 1c fd 27 91 8a-ed 08 e0 fb 03 c6 c9 cd b....'..........
00b0 - f4 f0 01 5e a5 b9 39 f0-74 70 72 d3 e9 36 02 94 ...^..9.tpr..6..
00c0 - 80 10 df 8d 7b d5 60 12-0c d6 f3 02 8b 9a d5 a3 ....{.`.........
00d0 - 8a d4 fb 6d 65 14 be 1e-35 f1 7d e6 2c 33 38 10 ...me...5.}.,38.
00e0 - ff b8 d5 4a 84 a6 0c aa-ec b6 92 c2 39 23 17 ec ...J........9#..
Start Time: 1572273085
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 16384
---
read R BLOCK
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Session-ID: BE7996BAE2C0E1D3B28125DD6FE3ACF0A5CA8ABB4779A2ACBA881329AFA93CAC
Session-ID-ctx:
Resumption PSK: 6CC22F73979EFE655DA9D67F76401F478FD7129BD6D2C87F70259905240546F093900F704129057803FA92BAA48B4101 PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 172800 (seconds)
TLS session ticket:
0000 - a8 0a fe 20 c7 f0 02 3f-6b e7 89 19 b8 7b a4 e5 ... ...?k....{..
0010 - 64 8c 1d 46 73 4d 2a 73-5f bb 77 18 42 21 c9 07 d..FsM*s_.w.B!..
0020 - 49 c7 5d 7e 50 07 4c f7-bb f5 3d d6 9f 8e bb e9 I.]~P.L...=.....
0030 - 36 37 0f 85 fb 88 0b 07-b6 98 38 df 81 8b 6d 08 67........8...m.
0040 - 72 1f ed a3 cc 89 12 a6-cc 99 9c 12 a9 ad 4b 2d r.............K-
0050 - 81 57 af 53 65 46 50 8a-6b 00 78 fc 2c ff 37 33 .W.SeFP.k.x.,.73
0060 - c0 96 5e a1 fb 16 9c 89-91 1c 87 f5 cf 09 6c 69 ..^...........li
0070 - 85 08 8c 92 fe f0 2f ab-16 0a 2a 69 94 10 de 40 ....../...*i...@
0080 - 26 d1 69 1e 4d 43 33 a5-c2 8e 62 28 53 89 6d 9b &.i.MC3...b(S.m.
0090 - c8 c6 ce bf 86 86 e7 80-1a 73 0e 00 3a 5b 73 5a .........s..:[sZ
00a0 - 25 9a 82 fe a5 e1 c7 10-4e 54 51 53 a2 19 1b e9 %.......NTQS....
00b0 - be f0 1d e7 56 c3 36 5f-7f c0 da 03 0a 7d 7c 4e ....V.6_.....}|N
00c0 - 90 19 f4 1a c5 5b 61 75-d8 ea 61 0f 6c 7e b0 fd .....[au..a.l~..
00d0 - 27 f6 0b 2b 45 cf cb 47-78 0c 91 ba 29 93 0e 6b '..+E..Gx...)..k
00e0 - e3 af 08 6a 91 21 06 47-4d 2b ce 40 43 b7 31 84 ...j.!.GM+.@C.1.
Start Time: 1572273085
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 16384
---
read R BLOCK
closed
slanterns@LAPTOP-EGD4SAUE:~$ nano req.txt
slanterns@LAPTOP-EGD4SAUE:~$ openssl s_client -connect slanterns.net:443 -tls1_3 -keylogfile=sslkeylog.log -sess_in=tls13.sess -early_data=req.txt
CONNECTED(00000006)
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIEmTCCA4GgAwIBAgISA4Y+ta1gKncgGuoslevzH/ZVMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEwMjgwMTE5MzlaFw0y
MDAxMjYwMTE5MzlaMBgxFjAUBgNVBAMTDXNsYW50ZXJucy5uZXQwWTATBgcqhkjO
PQIBBggqhkjOPQMBBwNCAATacQKwkzgpaG5aCknInudPKSHj/HJYHhkF/zpF7qLj
Td+UiLcjAT4SvHZzmbqLdY/bowsBkD5jTFyT0VksMkc4o4ICdDCCAnAwDgYDVR0P
AQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBTKj9NC5scfVKVTi4a8t5AB/ZDNOTAfBgNVHSMEGDAW
gBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUH
MAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUH
MAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMCkGA1UdEQQi
MCCCDyouc2xhbnRlcm5zLm5ldIINc2xhbnRlcm5zLm5ldDBMBgNVHSAERTBDMAgG
BmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3Bz
LmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2AF6nc/nf
VsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABbhApZrUAAAQDAEcwRQIhAMp/
0rGMvXuey4YyWH7vhjpqNsNbh8w7B7SYvJfPBzrsAiAEs2ch0yoTRtBWCNUspKrw
NX2vGisPSbiMTi/qjXyjOwB3ALIeBcyLos2KIE6HZvkruYolIGdr2vpw57JJUy3v
i5BeAAABbhApZqAAAAQDAEgwRgIhAIuLqRewZ2HcZilBmJCU23qGtkiTNQBPSnEw
UZbQJTcnAiEAg0o+9Au7S7BZBH3bxpPyGbs4q6raVRfSEQ0lWRO9ubQwDQYJKoZI
hvcNAQELBQADggEBAEdHKPkuQW03AULdQYH8duVw/6brMYFVk7Xle8Z+84UC3dHB
tol5vGth48Z4bFsLU7GUB47NVq3Jsk4Yzd/v2iZe1XG7HPZQaHyga1zs6brGKw2e
ljzL3mhIBWImMBUcZxdTJeqTjKdTdUhfZDkJH4QHskn+zlI0bAtUqt05xyCNNs0c
iaT8i8ZMxBP8FC1CLISxmuukAbguR4kpZuiuLQTnb6UMv1imcTYUAa9EBqgCTe7L
lN0B/ALwzMkGR/YmLlRtes3/ip44REc0W+9XmayRGR9Uv5Fhqv+iL5mRJgY3Zd8E
y/d3JNcXm84d5r8wanWDpOzYDJuX6pf3aGW3sQs=
-----END CERTIFICATE-----
subject=CN = slanterns.net
issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
---
No client certificate CA names sent
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 245 bytes and written 729 bytes
Verification: OK
---
Reused, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 256 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was accepted
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Session-ID: EDF49D3BEB6594CE15A3E8B29A616E786B48161D48AB4F81E6C22362B8DA5B53
Session-ID-ctx:
Resumption PSK: EAD9EE787D324750F655D53F3177A38DAF6EC746EF4FC81A75E42F5063B0BB45A6998403AC5FD16607248E6411B40E8C PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 172800 (seconds)
TLS session ticket:
0000 - a8 0a fe 20 c7 f0 02 3f-6b e7 89 19 b8 7b a4 e5 ... ...?k....{..
0010 - 63 46 8c d0 d3 2c 16 cf-67 4a a1 96 d1 cf 0f e4 cF...,..gJ......
0020 - 6e c4 86 04 a5 91 55 e8-a3 82 32 ad a9 86 a8 3a n.....U...2....:
0030 - d0 b3 14 48 ce c1 59 62-59 a3 2e af a8 d5 c4 3c ...H..YbY......<
0040 - 56 11 9e 71 1f e9 4f 95-6b 11 dc fb c3 9f 0e 1f V..q..O.k.......
0050 - 74 92 53 fc b0 56 e8 31-5e 25 67 af 78 81 20 43 t.S..V.1^%g.x. C
0060 - 0b 68 fe bd b4 6e a8 f6-0e b2 59 96 10 3a bd 37 .h...n....Y..:.7
0070 - 12 a8 47 77 cd d9 36 dc-15 b6 59 25 08 74 b1 79 ..Gw..6...Y%.t.y
0080 - 1a 4f 68 56 1d d8 e3 71-c8 9c fd fe bb b4 73 e2 .OhV...q......s.
0090 - 59 0a 00 54 f7 a8 a7 22-42 f6 d0 b5 f9 1d f8 a9 Y..T..."B.......
00a0 - 8b 03 55 42 4b 1a 8f 9e-03 8c 19 7d 5d 39 e8 3f ..UBK......}]9.?
00b0 - 0e 9b 7d 57 17 40 d1 df-d1 bd d2 07 b0 9c 53 d9 ..}W.@........S.
00c0 - 49 c5 14 e8 de aa 75 44-28 d8 7b 18 b6 ba 51 46 I.....uD(.{...QF
00d0 - c7 b9 29 fb b6 b1 86 8d-e3 9f ad 43 60 a4 a2 49 ..)........C`..I
00e0 - 47 7e 4d 2c 54 a5 53 e2-0f 11 29 05 af 8f b0 5e G~M,T.S...)....^
Start Time: 1572273261
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 16384
---
read R BLOCK
read:errno=0
slanterns@LAPTOP-EGD4SAUE:~$
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment