fix: refactor rust bindings fingerprint methods

bindings/rust/s2n-tls/Cargo.toml

@@ -10,7 +10,6 @@ license = "Apache-2.0"
 
 [features]
 default = []
-unstable-fingerprint = ["s2n-tls-sys/unstable-fingerprint"]
 quic = ["s2n-tls-sys/quic"]
 pq = ["s2n-tls-sys/pq"]
 testing = ["bytes"]
@@ -19,7 +18,7 @@ testing = ["bytes"]
 bytes = { version = "1", optional = true }
 errno = { version = "0.3" }
 libc = "0.2"
-s2n-tls-sys = { version = "=0.2.0", path = "../s2n-tls-sys", features = ["internal"] }
+s2n-tls-sys = { version = "=0.2.0", path = "../s2n-tls-sys", features = ["internal", "unstable-fingerprint"] }
 pin-project-lite = "0.2"
 hex = "0.4"
 

bindings/rust/s2n-tls/src/client_hello.rs

@@ -147,7 +147,7 @@ impl ClientHello {
         Ok(())
     }
 
-    fn session_id(&self) -> Result<Vec<u8>, Error> {
+    pub fn session_id(&self) -> Result<Vec<u8>, Error> {
         let mut session_id_length = 0;
         unsafe {
             s2n_client_hello_get_session_id_length(self.deref_mut_ptr(), &mut session_id_length)
@@ -168,7 +168,7 @@ impl ClientHello {
         Ok(session_id)
     }
 
-    fn server_name(&self) -> Result<Vec<u8>, Error> {
+    pub fn server_name(&self) -> Result<Vec<u8>, Error> {
         let mut server_name_length = 0;
         unsafe {
             s2n_client_hello_get_server_name_length(self.deref_mut_ptr(), &mut server_name_length)
@@ -278,6 +278,29 @@ mod tests {
         ClientHello::parse_client_hello(raw_client_hello.as_slice()).unwrap()
     }
 
+    fn known_value_client_hello() -> Vec<u8>{
+        vec![
+            0x01, 0x00, 0x00, 0xEC, 0x03, 0x03, 0x90, 0xe8, 0xcc, 0xee, 0xe5, 0x70, 0xa2, 0xa1,
+            0x2f, 0x6b, 0x69, 0xd2, 0x66, 0x96, 0x0f, 0xcf, 0x20, 0xd5, 0x32, 0x6e, 0xc4, 0xb2,
+            0x8c, 0xc7, 0xbd, 0x0a, 0x06, 0xc2, 0xa5, 0x14, 0xfc, 0x34, 0x20, 0xaf, 0x72, 0xbf,
+            0x39, 0x99, 0xfb, 0x20, 0x70, 0xc3, 0x10, 0x83, 0x0c, 0xee, 0xfb, 0xfa, 0x72, 0xcc,
+            0x5d, 0xa8, 0x99, 0xb4, 0xc5, 0x53, 0xd6, 0x3d, 0xa0, 0x53, 0x7a, 0x5c, 0xbc, 0xf5,
+            0x0b, 0x00, 0x1e, 0xc0, 0x2b, 0xc0, 0x2f, 0xcc, 0xa9, 0xcc, 0xa8, 0xc0, 0x2c, 0xc0,
+            0x30, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x13, 0xc0, 0x14, 0x00, 0x33, 0x00, 0x39, 0x00,
+            0x2f, 0x00, 0x35, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x85, 0x00, 0x00, 0x00, 0x23, 0x00,
+            0x21, 0x00, 0x00, 0x1e, 0x69, 0x6e, 0x63, 0x6f, 0x6d, 0x69, 0x6e, 0x67, 0x2e, 0x74,
+            0x65, 0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e, 0x6d, 0x6f, 0x7a, 0x69, 0x6c,
+            0x6c, 0x61, 0x2e, 0x6f, 0x72, 0x67, 0x00, 0x17, 0x00, 0x00, 0xff, 0x01, 0x00, 0x01,
+            0x00, 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00,
+            0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x10, 0x00,
+            0x0e, 0x00, 0x0c, 0x02, 0x68, 0x32, 0x08, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e,
+            0x31, 0x00, 0x05, 0x00, 0x05, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x18,
+            0x00, 0x16, 0x04, 0x03, 0x05, 0x03, 0x06, 0x03, 0x08, 0x04, 0x08, 0x05, 0x08, 0x06,
+            0x04, 0x01, 0x05, 0x01, 0x06, 0x01, 0x02, 0x03, 0x02, 0x01, 0x00, 0x1c, 0x00, 0x02,
+            0x40, 0x00,
+        ]
+    }
+
     // test that a fingerprint can successfully be calculated from ClientHellos
     // returned from a connection
     #[checkers::test]
@@ -343,26 +366,7 @@ mod tests {
     // known value test case copied from s2n_fingerprint_ja3_test.c
     #[checkers::test]
     fn valid_client_bytes() {
-        let raw_client_hello = vec![
-            0x01, 0x00, 0x00, 0xEC, 0x03, 0x03, 0x90, 0xe8, 0xcc, 0xee, 0xe5, 0x70, 0xa2, 0xa1,
-            0x2f, 0x6b, 0x69, 0xd2, 0x66, 0x96, 0x0f, 0xcf, 0x20, 0xd5, 0x32, 0x6e, 0xc4, 0xb2,
-            0x8c, 0xc7, 0xbd, 0x0a, 0x06, 0xc2, 0xa5, 0x14, 0xfc, 0x34, 0x20, 0xaf, 0x72, 0xbf,
-            0x39, 0x99, 0xfb, 0x20, 0x70, 0xc3, 0x10, 0x83, 0x0c, 0xee, 0xfb, 0xfa, 0x72, 0xcc,
-            0x5d, 0xa8, 0x99, 0xb4, 0xc5, 0x53, 0xd6, 0x3d, 0xa0, 0x53, 0x7a, 0x5c, 0xbc, 0xf5,
-            0x0b, 0x00, 0x1e, 0xc0, 0x2b, 0xc0, 0x2f, 0xcc, 0xa9, 0xcc, 0xa8, 0xc0, 0x2c, 0xc0,
-            0x30, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x13, 0xc0, 0x14, 0x00, 0x33, 0x00, 0x39, 0x00,
-            0x2f, 0x00, 0x35, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x85, 0x00, 0x00, 0x00, 0x23, 0x00,
-            0x21, 0x00, 0x00, 0x1e, 0x69, 0x6e, 0x63, 0x6f, 0x6d, 0x69, 0x6e, 0x67, 0x2e, 0x74,
-            0x65, 0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e, 0x6d, 0x6f, 0x7a, 0x69, 0x6c,
-            0x6c, 0x61, 0x2e, 0x6f, 0x72, 0x67, 0x00, 0x17, 0x00, 0x00, 0xff, 0x01, 0x00, 0x01,
-            0x00, 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00,
-            0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x10, 0x00,
-            0x0e, 0x00, 0x0c, 0x02, 0x68, 0x32, 0x08, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e,
-            0x31, 0x00, 0x05, 0x00, 0x05, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x18,
-            0x00, 0x16, 0x04, 0x03, 0x05, 0x03, 0x06, 0x03, 0x08, 0x04, 0x08, 0x05, 0x08, 0x06,
-            0x04, 0x01, 0x05, 0x01, 0x06, 0x01, 0x02, 0x03, 0x02, 0x01, 0x00, 0x1c, 0x00, 0x02,
-            0x40, 0x00,
-        ];
+        let raw_client_hello= known_value_client_hello();
         let expected_fingerprint = "771,49195-49199-52393-52392-49196-49200-\
                                     49162-49161-49171-49172-51-57-47-53-10,0-\
                                     23-65281-10-11-35-16-5-13-28,29-23-24-25,0";
@@ -404,4 +408,12 @@ mod tests {
         let client_hello_debug = format!("{:?}", client_hello);
         assert!(client_hello_debug.contains(&hex::encode(hash)));
     }
+
+    #[test]
+    fn server_name() {
+        let raw_client_hello = known_value_client_hello();
+        let client_hello = ClientHello::parse_client_hello(raw_client_hello.as_slice()).unwrap();
+        let server_name = client_hello.server_name().unwrap();
+        assert_eq!("incoming.telemetry.mozilla.org".as_bytes(), server_name);
+    }
 }

bindings/rust/s2n-tls/src/connection.rs

@@ -752,7 +752,6 @@ impl Connection {
     /// client_hello.fingerprint_hash(FingerprintType::JA3, &mut hash);
     /// drop(conn);
     /// ```
-    #[cfg(feature = "unstable-fingerprint")]
     pub fn client_hello(&self) -> Result<&crate::client_hello::ClientHello, Error> {
         let mut handle =
             unsafe { s2n_connection_get_client_hello(self.connection.as_ptr()).into_result()? };

bindings/rust/s2n-tls/src/lib.rs

@@ -15,7 +15,6 @@ pub mod error;
 
 pub mod callbacks;
 pub mod cert_chain;
-#[cfg(feature = "unstable-fingerprint")]
 pub mod client_hello;
 pub mod config;
 pub mod connection;