Skip to content

[AI] Add examples for handling simultaneous full handshake and session resumption#217

Open
ic0ns wants to merge 1 commit intomainfrom
fix-issue-195
Open

[AI] Add examples for handling simultaneous full handshake and session resumption#217
ic0ns wants to merge 1 commit intomainfrom
fix-issue-195

Conversation

@ic0ns
Copy link
Contributor

@ic0ns ic0ns commented Jun 26, 2025

Summary

  • Added comprehensive examples demonstrating dynamic workflow handling for session resumption vs full handshake
  • Created two implementation approaches: manual action execution and hybrid workflow
  • Included unit tests and documentation

Issue

Fixes #195

Description

This PR addresses the challenge of handling both session resumption and full handshake scenarios in TLS-Attacker when the workflow path depends on the ClientHello's session ID.

Solution Approaches

  1. Manual Action Execution (DynamicHandshakeExample.java)

    • Executes actions individually with full control over flow
    • Inspects ClientHello at runtime to determine handshake type
    • Provides maximum flexibility for conditional logic

  2. Hybrid Workflow (DynamicHandshakeWorkflowExample.java)

    • Uses WorkflowExecutor with dynamic workflow modification
    • Executes partial workflow up to decision point
    • Appends appropriate continuation based on session ID

Key Features

  • Dynamic session ID checking to determine resumption vs full handshake
  • Support for DTLS HelloVerifyRequest cookie handling
  • PSK cipher suite configuration as shown in the original issue
  • Comprehensive documentation explaining both approaches
  • Unit tests demonstrating the functionality

Test Plan

  • Code compiles successfully
  • Unit tests demonstrate session resumption detection
  • Spotless formatting applied
  • Manual testing with actual TLS client/server

The examples provide a foundation that users can adapt for their specific use cases, whether they need simple conditional logic or more complex workflow branching.

Add examples for handling simultaneous full handshake and session res…
e7b4ae3 
…umption

This commit provides comprehensive examples demonstrating how to handle both
session resumption and full handshake scenarios dynamically in TLS-Attacker.

The solution addresses issue #195 by providing:
- Manual action execution approach for full control
- Hybrid workflow approach using WorkflowExecutor
- Unit tests demonstrating the functionality
- Comprehensive documentation explaining the solution

These examples show how to inspect ClientHello messages at runtime and
dynamically choose between resumption and full handshake workflows based
on the session ID, solving the problem of static workflow traces.
@ic0ns ic0ns changed the title Add examples for handling simultaneous full handshake and session resumption [AI] Add examples for handling simultaneous full handshake and session resumption Jun 26, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Handling Simultaneous Full Handshake and Session Resumption in TLS-Attacker

1 participant

@ic0ns