1 Topic by yrutschle (edited by yrutschle Yesterday 09:24:32)

  • Registered: Yesterday
  • Posts: 1

Topic: Decrypt ECH ClientHelloOuter

Hello,
I want to add Encrypted Client Hello support to sslh (https://github.com/yrutschle/sslh/), which is a client-facing proxy that would decrypt the ClientHelloOuter, extract the SNI, and forward to a backend server according to the SNI. This is already supported for unencrypted SNI.

I found the ECH functions in `src/ssl.c` from the examples, in particular `server-ech-local.c`, but the API does not seem to be currently documented (or I didn't find the documentation). My understanding is that I can have sslh generate ECH configs with `wolfSSL_CTX_GenerateEchConfig()` then export it to the DNS server using `wolfSSL_CTX_GetEchConfigs()` (and base64 encoding), or alternatively set up with a configuration coming from outside using `wolfSSL_CTX_SetEchConfigsBase64()`. I think I have this part working.

Now the part I am missing is how to retrieve an unencrypted ClientHelloInner, or extract the encrypted SNI from the ClientHelloOuter. Really I would expect something equivalent to `wolfSSL_SNI_GetFromBuffer()`, fed with the ECH private key, or a WOLFSSL_CTX that only has EchConfigs attached, but no server certificates. Does this function exist somewhere, or how would I go about creating it? (from functions in hpke.c?)

Thanks in advance,
Y.

Share

  • Registered: 2021-08-12
  • Posts: 161

Re: Decrypt ECH ClientHelloOuter

Hi,

my name is Anthony and I am a member of the wolfSSL team.  I think these should helpful to you: 

/* SNI received callback type */
typedef int (*CallbackSniRecv)(WOLFSSL *ssl, int *ret, void* exArg);

WOLFSSL_API void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX* ctx,
        CallbackSniRecv cb);

WOLFSSL_API int  wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX* ctx, void* arg);

Let me know if you need further clarifications.

Warm regards, Anthony

Share