diff --git a/Cargo.lock b/Cargo.lock index f116fc2..8ccd0ce 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -302,6 +302,7 @@ dependencies = [ "anyhow", "rustls 0.20.2", "trust-dns-resolver", + "uuid", "webpki-roots 0.22.2", ] @@ -740,6 +741,15 @@ dependencies = [ "percent-encoding", ] +[[package]] +name = "uuid" +version = "0.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bc5cf98d8186244414c848017f0e2676b3fcb46807f6668a97dfe67359a3c4b7" +dependencies = [ + "getrandom", +] + [[package]] name = "wasi" version = "0.10.2+wasi-snapshot-preview1" diff --git a/Cargo.toml b/Cargo.toml index 80b6e81..1a4b245 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -9,6 +9,7 @@ edition = "2021" anyhow = "1.0.52" rustls = "0.20.2" trust-dns-resolver = { version = "0.20.3", features = ["dns-over-rustls"] } +uuid = { version = "0.8.2", features = ["v4"] } webpki-roots = "0.22.2" [features] diff --git a/cert.der b/cert.der new file mode 100644 index 0000000..79479fd Binary files /dev/null and b/cert.der differ diff --git a/cert.pem b/cert.pem new file mode 100644 index 0000000..7a3f733 --- /dev/null +++ b/cert.pem @@ -0,0 +1,34 @@ +-----BEGIN CERTIFICATE----- +MIIF2zCCA8OgAwIBAgIURpfIXSwLAPxhV6n+0+UjlOPY6O4wDQYJKoZIhvcNAQEL +BQAwfTELMAkGA1UEBhMCVVMxDTALBgNVBAgMBEZha2UxDTALBgNVBAcMBEZha2Ux +DTALBgNVBAoMBEZha2UxDTALBgNVBAsMBEZha2UxETAPBgNVBAMMCHRlc3Rjb3Nt +MR8wHQYJKoZIhvcNAQkBFhBmYWtlQGV4YW1wbGUuY29tMB4XDTIyMDExMDE5NTY1 +NloXDTMyMDEwODE5NTY1NlowfTELMAkGA1UEBhMCVVMxDTALBgNVBAgMBEZha2Ux +DTALBgNVBAcMBEZha2UxDTALBgNVBAoMBEZha2UxDTALBgNVBAsMBEZha2UxETAP +BgNVBAMMCHRlc3Rjb3NtMR8wHQYJKoZIhvcNAQkBFhBmYWtlQGV4YW1wbGUuY29t +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApOvSNXKfiebuQeXd/pKz +JHAr1+kEtaZJ3v1pQnn90+vShjsYUNy9in0wag/WOfPIMBwOVH60r4s3+U4jZ+s5 +EZdlRvhIYPTM4FXVaPtXybOMRWJyS4/ZZjznGtxkYrlhFiI1zEdBXcgdj8Gb3/L9 +oognfavDHlex8DkouQnFf0tg1EOZja6ZKho384U/Go3Ic9Y7MZ4Nz9KCFIOT8BWw +gPREUgpG3fTHWRIh3q6aLJKBuoxzmJNGXgim1HosDqzcRZwPMqTRoynyy3/AVcAV +AKX2Cu8F+yIIzarnFPBehKT+yQJ9iG/bjvn6VSVN3i2JBYhBE0hPN9XfCFS6CLVN +jN+UHNwQIkO80lEA9l9tgybQKux1l3VuhswYkyUgpo2kpFOQfd25JWQinPiY7hcT +uQE4E+dxKQk16UqHn4VWsFxtqfdSFPKGbVLP+HKWXyY1OyUu1T7HatWuOU7E4j57 +GzMW1L3fPaMp2ffZHtrDkGFaj2Cvy+BC0XOmAHd/grSbDHM1AwR7Q4+xLu+vyOMz +sGahITWTqfXtxlzRRcVqmga3QjWDbvnouiqKZsq6eqB0LchL7IfAYqBVjvTRnZkn +q8gNOh45TLYeiFjIF+qV4fwvyH69bwN8JnF7t+6bRGag5ouY7UsqAZ1zYpD8Fe6g +gDoo9T4ZHcJTqv8rRbpAEOsCAwEAAaNTMFEwHQYDVR0OBBYEFOG1DQYCTZrz6Zlg +jALTpMV//FVvMB8GA1UdIwQYMBaAFOG1DQYCTZrz6ZlgjALTpMV//FVvMA8GA1Ud +EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBACe7jM2GxzYRh7YPxFRoldyY +pAHPLRTGf7Ye+poiC8wdu94WJN60bFfvoCPIR+ZN2/KnCTDHr7C2ZdoVhLFe9/wS +qmlDISIOTfEU9yeMcPAeC+GzanHVuwckNrUNZAQzWp0m5Kvgm/NL+5xIBkh1Y8R1 +BaL9XW2Kb4pvfYgjBCz57vrfOe4M8Bpxv2kIZ6e+yNGxWr7scHK2N3rEEfehDfMu +ntGGSeDJ7keF6EwhsyuHYi1xrq0b3gRrUPewspxHsRCvXRlA9bSsEBeS6HyLPwq+ +bPVNRWCIfUp38GrL9GkOQNc8rKmjBV6mTrYdSRNLOCHgP0AFoCGWRBZan1KXPlqG +8FJIVthjkShjiyXy7eoaQ3fb9+T1wzBQuUchziU2IEOL//vyA30aNvMn8C4XBOyD +NwYQS7zxRWFhgqYxr4umoQMVkeWhyO11em3ugMMN6sI43S9S2+Pnh8oSPTpGsfqD +lLikJHxjI9zueZdX68dHx/mfuIUo85gP1x6q4U/8GkI4NnxZSvETycsFBVLAgY79 +IBWTqQyA9CiT3vIcCTNE6PXvOg5+t/6ooe+XfpdQKvZGhDuduLrGiK9MN7HMjEi1 +ZTtrIiXu0coY4AXFT/6SQbb4ZaQ+97Oc49EYi+GYI9m5jNZU+loMT+0O9eyXOo/v +yPTFWAiof8wFX9XiL1Yb +-----END CERTIFICATE----- diff --git a/cert.pfx b/cert.pfx new file mode 100644 index 0000000..dc6202e Binary files /dev/null and b/cert.pfx differ diff --git a/key.pem b/key.pem new file mode 100644 index 0000000..d588eed --- /dev/null +++ b/key.pem @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQCk69I1cp+J5u5B +5d3+krMkcCvX6QS1pkne/WlCef3T69KGOxhQ3L2KfTBqD9Y588gwHA5UfrSvizf5 +TiNn6zkRl2VG+Ehg9MzgVdVo+1fJs4xFYnJLj9lmPOca3GRiuWEWIjXMR0FdyB2P +wZvf8v2iiCd9q8MeV7HwOSi5CcV/S2DUQ5mNrpkqGjfzhT8ajchz1jsxng3P0oIU +g5PwFbCA9ERSCkbd9MdZEiHerposkoG6jHOYk0ZeCKbUeiwOrNxFnA8ypNGjKfLL +f8BVwBUApfYK7wX7IgjNqucU8F6EpP7JAn2Ib9uO+fpVJU3eLYkFiEETSE831d8I +VLoItU2M35Qc3BAiQ7zSUQD2X22DJtAq7HWXdW6GzBiTJSCmjaSkU5B93bklZCKc ++JjuFxO5ATgT53EpCTXpSoefhVawXG2p91IU8oZtUs/4cpZfJjU7JS7VPsdq1a45 +TsTiPnsbMxbUvd89oynZ99ke2sOQYVqPYK/L4ELRc6YAd3+CtJsMczUDBHtDj7Eu +76/I4zOwZqEhNZOp9e3GXNFFxWqaBrdCNYNu+ei6Kopmyrp6oHQtyEvsh8BioFWO +9NGdmSeryA06HjlMth6IWMgX6pXh/C/Ifr1vA3wmcXu37ptEZqDmi5jtSyoBnXNi +kPwV7qCAOij1PhkdwlOq/ytFukAQ6wIDAQABAoICAF6HPImeFYu5bb8fvkp4U24D +TV4IFcb4dUb3ASo1OiQJ+zUtEhbnL0z9zI4+XZACBzBsJFqR9YbYyVCAVRLvZFqM +6GPxU6sfJX9AM35k8kCORUxPzSs6XGWZau2efXuIvfktyqA4B2N1nFwVoP6QDIjo +eZoypTfzE+6ZFJpa23THA80mohDvjqLvPDq8mRrjQY4DsRITgd8ozZ5sfJMUG4MO +f0p20X/PGaQYHInCkmQR5YHDl05Qu/iSBO2sySvwMKFFfgCNMAvRs3So2NlNq7wf +ZBOIRWlYbKtV1fXOgJ6O4+rbHpDhbHtbFP1Q0H0UpIEjRAmFXMKoN5pS1f6/zJ6S +xPIDDgCn+xiyDQs6ZLazquGS8p3B8gb5En6jGrJGStU5XXXTFUOfeh6FOi4wuWIl +eD2Tx1ezgrXnVJERwgRHCtktNr/vm8PLPUmHq3tzT+6nKUN1cyjuE+MowGHlrpt1 +KkQpW/ur33tFXEN45kVZPCMFlTfzPYxVUKUoFZbWSy2AzLa1XVsxMncqrOkSshjO +rHSEX2WIbRMkQ57usIHnFPuHVriy8vFbpCbVkplSAxZBGK0ns4b+PCGrmdgsdhfu +Eqh5Hmxt4V9baVgjMzQwB826bBveQRZh0/dHaVCPEtGt5OF/QPbd+zDQSjvkqV0E +Np2sW09A7lXkXvugd2xBAoIBAQDQkyMgWUHzVR4oBaC7RNsrBtkrhKXtnEF69laH +SmSygKVYvnlZggaS/Fmr7OURk9GnFTNhPURcZIPI+JXQ0OPEDQFetlOzeDvGX87a +fuDtTzd/9Z4SPM/SR8e0vhgdiO1UWJ4TgxblqVM2SLUDj4sqx6hOjkPA6+qDrFeb +fn6CcjL5ERuf1RFTQLPD5vHtHNoBvOuxBRUXui5inxpj6FL2HwVfeTu3BKL4zkC9 +CykBQtP5U629+yEdQPoxvDtm9XH5BCxCVCnsSJgni/PeR0yZ4oRl6sq9M44k/b3E +cO3YYms6OYLgkNfxmUyCLO8pEBxtie17EMoYlmISc8LdLZIDAoIBAQDKa6qY2TnZ +omPl/eNl16+kG2QkTZiMs9CfVUUOaYjOs9LmFZne/2/NREM/2t9EM2theu8NwtlX +uP0x40TfAAwMs9rkAq5rtagcF3rgmMs9iXPhr+Npjx1O7rVyo4RwDS+rukB0VFIV +uL4dn/IwHSk6KXxj4exh0RXANXOWjb2XzIVTQI7Bmxj5zeYvw5SH78burs/b7SJL +eDzWaW5l2NoN500woyEfNbuOKe+Fe8AMa+Bj+x6XY551BScKswDVmvTk2mUJ1f73 +bfylFfPSOFfq5wdKq0op5jVvA8MvbCvrCrWmUzwLxU9MJ59J+F4XEDOCxqdZh3GJ +3IhzGncsNwT5AoIBAQCtNQM+oeD6yfy5D7Ni0NOQ76b5VLbWk6RtEJTa1RS6h8rH +36W2hxwehCGTfK7d4fuA3UJFxjM25uHpy0XemxoKfSJeHNt1dqttGbMWD7eKWvaj +9LzIOGf9IE7f8dzk6gjsuorLeVlSb0MDGW34/wN7C0LhuZLaaw/dOQmnv2wft+ZM +n8BpAu/YSyr9zJOrbQI93z17S9UwVxSeIbIwtYXvjeNQXcURP3B3XhC07MeonG6b +5rmpwxrEyGj9VGugHMQBH04B5xLJfZ+dd8OVG3CpekqouEqUxHOOlIk60O0zfMe/ +GnNtOduabsvybo5Nc2uoK5pjUJYDxR68ZBW2x1kxAoIBAQCExx0viAZPgRsAaYr5 +agLXpfQJcDDp0qW9bmSO8KEB3akwreiyA2JmBioKv9qGVShR2B7pKvAAf+LuD4NE +uDYvOucRe8TH+G/ehXRf0To4EmrGFucYff0eoqy5FxOvoKatgc33wLvbbcSfkCSA +dRBvC3mB11eETm9zFlzM3AsKgOjP1GAQFVnLuskMecF7bchTFq5YN/OwB534k04M +VrOqPRhAGDGI1GlD9rQcHjG6tCSL0NSfP4RYhFm4xfR9KVkMqUlvq0TFLwtzirPW +KIlbF9KLo1JRq6VPPeuRtuYUFoFTKfQQUIwUi0UMc3Pcsw7m8MIjkxnh8Zw7zJdx +lGGZAoIBABL4uQTpSEEybo7A2DufWxBTII6howGNBrE8iBYvr/dRv2vzJTNraTHB +cqJiAtTkKhL/2/46x4SizOGi5fCtvrSKCGhA8PFjiFYxKkot23SvWkZzaBRft25J +cVbt/44jDcIKbeLLmUJZ+eZEyU00PjTP1/1WxRLU1h4xmyjObW1Xp9W5vzlVEb7x +mp8tBI7pnFwC4OZd1rB1C3Y/OafwW4m1bp6t1wYQd6iS4DU6YCYfTWjySrDNLzMN +nZJkxHmcjfcFSajgG/rgPffxDIGMLEqLIgrRZvckmxXI52kkFIka3MIuXmb97Pfd +i+VOI1c9EUtr4NnRNVqcz8dqjoCdjSY= +-----END PRIVATE KEY----- diff --git a/src/main.rs b/src/main.rs index 5909cad..32d343d 100644 --- a/src/main.rs +++ b/src/main.rs @@ -5,37 +5,33 @@ use std::{ sync::Arc, }; -use anyhow::{bail, Result}; +use anyhow::{bail, Context, Result}; use rustls::{ClientConfig, ClientConnection, OwnedTrustAnchor, RootCertStore, StreamOwned}; use trust_dns_resolver::{ config::{ResolverConfig, ResolverOpts}, Resolver, }; +use uuid::Uuid; fn main() -> Result<()> { let (port, host) = resolve_dns("daeken.dev")?; - dbg!(port); - dbg!(host); - - let (port, host) = (443, "example.com".to_owned()); + dbg!(&port); + dbg!(&host); let tls_conf = Arc::new(make_tls_config()); - let mut tls_conn = make_tls_connection(tls_conf, &host, port)?; + let mut tls_conn = make_tls_connection(tls_conf, &host, port) + .with_context(|| format!("Can't connect to {}:{}", host, port))?; - tls_conn.write_all( - concat!( - "GET / HTTP/1.1\r\n", - "Host: example.com\r\n", - "Connection: close\r\n", - "\r\n" - ) - .as_bytes(), - )?; + // let uuid =// Uuid::new_v4(); - let mut pt = Vec::new(); - tls_conn.read_to_end(&mut pt)?; - println!("{}", String::from_utf8(pt)?); + let uuid = [b'a'; 16]; + dbg!(&uuid); + tls_conn.write_all(&uuid).context("Can't write UUID")?; + + let mut serv_uuid = [0; 16]; + tls_conn.read_exact(&mut serv_uuid)?; + dbg!(serv_uuid); Ok(()) } @@ -76,6 +72,14 @@ fn make_tls_config() -> ClientConfig { ta.name_constraints, ) })); + + let cert_dir = include_bytes!("../cert.der"); + + assert_eq!( + root_store.add_parsable_certificates(&[cert_dir.to_vec()]), + (1, 0) + ); + let config = rustls::ClientConfig::builder() .with_safe_defaults() .with_root_certificates(root_store)