Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Version statement for TLS1.3 assigns 0x0301 (TLS1) and 0x0303 (TLS1.2) #18

Open
argyrisp opened this issue Mar 15, 2024 · 1 comment
Open

Version statement for TLS1.3 assigns 0x0301 (TLS1) and 0x0303 (TLS1.2) #18

argyrisp opened this issue Mar 15, 2024 · 1 comment

Comments

@argyrisp
Copy link

In jarm.py, function packet_building(), while appending the first bytes together, this statement does not make sense to me:

if jarm_details[2] == "TLS_1.3":
    payload += b"\x03\x01"
    client_hello = b"\x03\x03"

If JARM is specified to use TLS1.3, the versions used are 0x0301 (TLS1) and 0x0303 (TLS1.2)? Shouldn't it be 0x0304? I've just started playing around with TLS so I might be missing some key information here.
@fragileeye
Copy link

As far as I understand, during the ClientHello phase, the record version does not need to match the ClientHello version. Since JARM does not really support TLS 1.3, setting the record version to 0x0301 is an optional configuration at this point. However, when the ClientHello is used for a TLS 1.3 request, it should be set to 0x0303, as per RFC 8446, section 4.1.2.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fragileeye @argyrisp