Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Specify end of stream behaviour #24

Merged
merged 5 commits into from
Feb 8, 2024
Merged

Specify end of stream behaviour #24

Changes from 4 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
68c6111
include section on end of stream markers
mycognosist Feb 5, 2024
f02fff9
bump version and publication date
mycognosist Feb 5, 2024
8499df0
remove WriteBytes(0) from Message encoding section
mycognosist Feb 8, 2024
78140a7
correct the end of stream behaviour description
mycognosist Feb 8, 2024
e748e83
Attempt to clarify wording re: end-of-stream marker.
hackergrrl Feb 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 17 additions & 3 deletions handshake.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
# Cable Handshake

Version: 1.0-draft6
Version: 1.0-draft7

Published: January 2024
Published: February 2024

Author: Kira Oakley

Expand All @@ -26,6 +26,7 @@ Author: Kira Oakley
+ [5.2 Fragmentation](#52-fragmentation)
+ [5.3 Message encoding](#53-message-encoding)
+ [5.4 Message decoding](#54-message-decoding)
+ [5.5 End of stream](#55-end-of-stream)
* [6. Security considerations](#6-security-considerations)
+ [6.1 Out-of-scope attacks](#61-out-of-scope-attacks)
+ [6.2 In-scope attacks](#62-in-scope-attacks)
Expand Down Expand Up @@ -371,7 +372,7 @@ Noise for encryption, and then prefixed with an encrypted length indicator.
Incoming Cable Wire Protocol messages will also be length-prefixed, and the
message bodies will be encrypted as *ciphertext*s, and must be run through
Noise for decryption. There are additional steps to handle message
fragmentation, described in the next subsection.
fragmentation and end of stream markers, described in the next subsection.
hackergrrl marked this conversation as resolved.
Show resolved Hide resolved

The Noise function `Split()`, run at the end of the Noise Handshake, returns a
pair of `CipherState` objects `(c1, c2)` to be used as follows:
Expand Down Expand Up @@ -496,6 +497,19 @@ Reading a Cable Wire Protocol message MUST follow these steps:
3. The resulting bytes `plaintext` may then be parsed as a Cable Wire Protocol
message.

### 5.5 End of stream
When a host has decided to terminate the exchange of messages, they MUST send
a message of length zero to indicate this intention, and MUST NOT send any
further messages. The zero-length message is known as an end-of-stream marker.

The host receiving an end-of-stream marker SHOULD respond with an
end-of-stream marker of its own to indicate it has also finished writing. An
implementation SHOULD have a time-out of some kind in case the other side does
not transmit an end-of-stream marker or the marker is truncated by an attacker.

When a host has both sent and received a zero-length message, it is then safe
for the underlying transport to execute its own disconnect logic, if any.

## 6. Security considerations
### 6.1 Out-of-scope attacks
Attacks on the inner Cable Wire Protocol are not considered here. See the
Expand Down