Skip to content

[AI] Add examples for handling simultaneous full handshake and session resumption #217

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[AI] Add examples for handling simultaneous full handshake and session resumption #217

wants to merge 1 commit into from
+795 −0

Conversation

ic0ns
Copy link
Contributor

@ic0ns ic0ns commented Jun 26, 2025

Summary

  • Added comprehensive examples demonstrating dynamic workflow handling for session resumption vs full handshake
  • Created two implementation approaches: manual action execution and hybrid workflow
  • Included unit tests and documentation

Issue

Fixes #195

Description

This PR addresses the challenge of handling both session resumption and full handshake scenarios in TLS-Attacker when the workflow path depends on the ClientHello's session ID.

Solution Approaches

  1. Manual Action Execution (DynamicHandshakeExample.java)

    • Executes actions individually with full control over flow
    • Inspects ClientHello at runtime to determine handshake type
    • Provides maximum flexibility for conditional logic

  2. Hybrid Workflow (DynamicHandshakeWorkflowExample.java)

    • Uses WorkflowExecutor with dynamic workflow modification
    • Executes partial workflow up to decision point
    • Appends appropriate continuation based on session ID

Key Features

  • Dynamic session ID checking to determine resumption vs full handshake
  • Support for DTLS HelloVerifyRequest cookie handling
  • PSK cipher suite configuration as shown in the original issue
  • Comprehensive documentation explaining both approaches
  • Unit tests demonstrating the functionality

Test Plan

  • Code compiles successfully
  • Unit tests demonstrate session resumption detection
  • Spotless formatting applied
  • Manual testing with actual TLS client/server

The examples provide a foundation that users can adapt for their specific use cases, whether they need simple conditional logic or more complex workflow branching.

Add examples for handling simultaneous full handshake and session res…
e7b4ae3 
…umption

This commit provides comprehensive examples demonstrating how to handle both
session resumption and full handshake scenarios dynamically in TLS-Attacker.

The solution addresses issue #195 by providing:
- Manual action execution approach for full control
- Hybrid workflow approach using WorkflowExecutor
- Unit tests demonstrating the functionality
- Comprehensive documentation explaining the solution

These examples show how to inspect ClientHello messages at runtime and
dynamically choose between resumption and full handshake workflows based
on the session ID, solving the problem of static workflow traces.
@ic0ns ic0ns changed the title Add examples for handling simultaneous full handshake and session resumption [AI] Add examples for handling simultaneous full handshake and session resumption Jun 26, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Handling Simultaneous Full Handshake and Session Resumption in TLS-Attacker
1 participant
@ic0ns