import { Buffer } from 'buffer';
/**
* SNI (Server Name Indication) handler for TLS connections.
* Provides robust extraction of SNI values from TLS ClientHello messages
* with support for fragmented packets, TLS 1.3 resumption, Chrome-specific
* connection behaviors, and tab hibernation/reactivation scenarios.
*/
export class SniHandler {
// TLS record types and constants
private static readonly TLS_HANDSHAKE_RECORD_TYPE = 22;
private static readonly TLS_APPLICATION_DATA_TYPE = 23; // TLS Application Data record type
private static readonly TLS_CLIENT_HELLO_HANDSHAKE_TYPE = 1;
private static readonly TLS_SNI_EXTENSION_TYPE = 0x0000;
private static readonly TLS_SESSION_TICKET_EXTENSION_TYPE = 0x0023;
private static readonly TLS_SNI_HOST_NAME_TYPE = 0;
private static readonly TLS_PSK_EXTENSION_TYPE = 0x0029; // Pre-Shared Key extension type for TLS 1.3
private static readonly TLS_PSK_KE_MODES_EXTENSION_TYPE = 0x002d; // PSK Key Exchange Modes
private static readonly TLS_EARLY_DATA_EXTENSION_TYPE = 0x002a; // Early Data (0-RTT) extension
// Buffer for handling fragmented ClientHello messages
private static fragmentedBuffers: Map<string, Buffer> = new Map();
private static fragmentTimeout: number = 1000; // ms to wait for fragments before cleanup
/**
* Checks if a buffer contains a TLS handshake message (record type 22)
* @param buffer - The buffer to check
* @returns true if the buffer starts with a TLS handshake record type
*/
public static isTlsHandshake(buffer: Buffer): boolean {
return buffer.length > 0 && buffer[0] === this.TLS_HANDSHAKE_RECORD_TYPE;
}
/**
* Checks if a buffer contains TLS application data (record type 23)
* @param buffer - The buffer to check
* @returns true if the buffer starts with a TLS application data record type
*/
public static isTlsApplicationData(buffer: Buffer): boolean {
return buffer.length > 0 && buffer[0] === this.TLS_APPLICATION_DATA_TYPE;
}
/**
* Creates a connection ID based on source/destination information
* Used to track fragmented ClientHello messages across multiple packets
*
* @param connectionInfo - Object containing connection identifiers (IP/port)
* @returns A string ID for the connection
*/
public static createConnectionId(connectionInfo: {
sourceIp?: string;
sourcePort?: number;
destIp?: string;
destPort?: number;
}): string {
const { sourceIp, sourcePort, destIp, destPort } = connectionInfo;
return `${sourceIp}:${sourcePort}-${destIp}:${destPort}`;
}
/**
* Handles potential fragmented ClientHello messages by buffering and reassembling
* TLS record fragments that might span multiple TCP packets.
*
* @param buffer - The current buffer fragment
* @param connectionId - Unique identifier for the connection
* @param enableLogging - Whether to enable logging
* @returns A complete buffer if reassembly is successful, or undefined if more fragments are needed
*/
public static handleFragmentedClientHello(
buffer: Buffer,
connectionId: string,
enableLogging: boolean = false
): Buffer | undefined {
const log = (message: string) => {
if (enableLogging) {
console.log(`[SNI Fragment] ${message}`);
}
};
// Check if we've seen this connection before
if (!this.fragmentedBuffers.has(connectionId)) {
// New connection, start with this buffer
this.fragmentedBuffers.set(connectionId, buffer);
// Set timeout to clean up if we don't get a complete ClientHello
setTimeout(() => {
if (this.fragmentedBuffers.has(connectionId)) {
this.fragmentedBuffers.delete(connectionId);
log(`Connection ${connectionId} timed out waiting for complete ClientHello`);
}
}, this.fragmentTimeout);
// Evaluate if this buffer already contains a complete ClientHello
try {
if (buffer.length >= 5) {
// Get the record length from TLS header
const recordLength = (buffer[3] << 8) + buffer[4] + 5; // +5 for the TLS record header itself
log(`Initial buffer size: ${buffer.length}, expected record length: ${recordLength}`);
// Check if this buffer already contains a complete TLS record
if (buffer.length >= recordLength) {
log(`Initial buffer contains complete ClientHello, length: ${buffer.length}`);
return buffer;
}
} else {
log(
`Initial buffer too small (${buffer.length} bytes), needs at least 5 bytes for TLS header`
);
}
} catch (e) {
log(`Error checking initial buffer completeness: ${e}`);
}
log(`Started buffering connection ${connectionId}, initial size: ${buffer.length}`);
return undefined; // Need more fragments
} else {
// Existing connection, append this buffer
const existingBuffer = this.fragmentedBuffers.get(connectionId)!;
const newBuffer = Buffer.concat([existingBuffer, buffer]);
this.fragmentedBuffers.set(connectionId, newBuffer);
log(`Appended to buffer for ${connectionId}, new size: ${newBuffer.length}`);
// Check if we now have a complete ClientHello
try {
if (newBuffer.length >= 5) {
// Get the record length from TLS header
const recordLength = (newBuffer[3] << 8) + newBuffer[4] + 5; // +5 for the TLS record header itself
log(
`Reassembled buffer size: ${newBuffer.length}, expected record length: ${recordLength}`
);
// Check if we have a complete TLS record now
if (newBuffer.length >= recordLength) {
log(
`Assembled complete ClientHello, length: ${newBuffer.length}, needed: ${recordLength}`
);
// Extract the complete TLS record (might be followed by more data)
const completeRecord = newBuffer.slice(0, recordLength);
// Check if this record is indeed a ClientHello (type 1) at position 5
if (
completeRecord.length > 5 &&
completeRecord[5] === this.TLS_CLIENT_HELLO_HANDSHAKE_TYPE
) {
log(`Verified record is a ClientHello handshake message`);
// Complete message received, remove from tracking
this.fragmentedBuffers.delete(connectionId);
return completeRecord;
} else {
log(`Record is complete but not a ClientHello handshake, continuing to buffer`);
// This might be another TLS record type preceding the ClientHello
// Try checking for a ClientHello starting at the end of this record
if (newBuffer.length > recordLength + 5) {
const nextRecordType = newBuffer[recordLength];
log(
`Next record type: ${nextRecordType} (looking for ${this.TLS_HANDSHAKE_RECORD_TYPE})`
);
if (nextRecordType === this.TLS_HANDSHAKE_RECORD_TYPE) {
const handshakeType = newBuffer[recordLength + 5];
log(
`Next handshake type: ${handshakeType} (looking for ${this.TLS_CLIENT_HELLO_HANDSHAKE_TYPE})`
);
if (handshakeType === this.TLS_CLIENT_HELLO_HANDSHAKE_TYPE) {
// Found a ClientHello in the next record, return the entire buffer
log(`Found ClientHello in subsequent record, returning full buffer`);
this.fragmentedBuffers.delete(connectionId);
return newBuffer;
}
}
}
}
}
}
} catch (e) {
log(`Error checking reassembled buffer completeness: ${e}`);
}
return undefined; // Still need more fragments
}
}
/**
* Checks if a buffer contains a TLS ClientHello message
* @param buffer - The buffer to check
* @returns true if the buffer appears to be a ClientHello message
*/
public static isClientHello(buffer: Buffer): boolean {
// Minimum ClientHello size (TLS record header + handshake header)
if (buffer.length < 9) {
return false;
}
// Check record type (must be TLS_HANDSHAKE_RECORD_TYPE)
if (buffer[0] !== this.TLS_HANDSHAKE_RECORD_TYPE) {
return false;
}
// Skip version and length in TLS record header (5 bytes total)
// Check handshake type at byte 5 (must be CLIENT_HELLO)
return buffer[5] === this.TLS_CLIENT_HELLO_HANDSHAKE_TYPE;
}
/**
* Checks if a ClientHello message contains session resumption indicators
* such as session tickets or PSK (Pre-Shared Key) extensions.
*
* @param buffer - The buffer containing a ClientHello message
* @param enableLogging - Whether to enable logging
* @returns Object containing details about session resumption and SNI presence
*/
public static hasSessionResumption(
buffer: Buffer,
enableLogging: boolean = false
): { isResumption: boolean; hasSNI: boolean } {
const log = (message: string) => {
if (enableLogging) {
console.log(`[Session Resumption] ${message}`);
}
};
if (!this.isClientHello(buffer)) {
return { isResumption: false, hasSNI: false };
}
try {
// Check for session ID presence first
let pos = 5 + 1 + 3 + 2; // Position after handshake type, length and client version
pos += 32; // Skip client random
if (pos + 1 > buffer.length) return { isResumption: false, hasSNI: false };
const sessionIdLength = buffer[pos];
let hasNonEmptySessionId = sessionIdLength > 0;
if (hasNonEmptySessionId) {
log(`Detected non-empty session ID (length: ${sessionIdLength})`);
}
// Continue to check for extensions
pos += 1 + sessionIdLength;
// Skip cipher suites
if (pos + 2 > buffer.length) return { isResumption: false, hasSNI: false };
const cipherSuitesLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2 + cipherSuitesLength;
// Skip compression methods
if (pos + 1 > buffer.length) return { isResumption: false, hasSNI: false };
const compressionMethodsLength = buffer[pos];
pos += 1 + compressionMethodsLength;
// Check for extensions
if (pos + 2 > buffer.length) return { isResumption: false, hasSNI: false };
// Look for session resumption extensions
const extensionsLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
// Extensions end position
const extensionsEnd = pos + extensionsLength;
if (extensionsEnd > buffer.length) return { isResumption: false, hasSNI: false };
// Track resumption indicators
let hasSessionTicket = false;
let hasPSK = false;
let hasEarlyData = false;
// Iterate through extensions
while (pos + 4 <= extensionsEnd) {
const extensionType = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
const extensionLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
if (extensionType === this.TLS_SESSION_TICKET_EXTENSION_TYPE) {
log('Found session ticket extension');
hasSessionTicket = true;
// Check if session ticket has non-zero length (active ticket)
if (extensionLength > 0) {
log(`Session ticket has length ${extensionLength} - active ticket present`);
}
} else if (extensionType === this.TLS_PSK_EXTENSION_TYPE) {
log('Found PSK extension (TLS 1.3 resumption mechanism)');
hasPSK = true;
} else if (extensionType === this.TLS_EARLY_DATA_EXTENSION_TYPE) {
log('Found Early Data extension (TLS 1.3 0-RTT)');
hasEarlyData = true;
}
// Skip extension data
pos += extensionLength;
}
// Check if SNI is included
let hasSNI = false;
// Reset position and scan again for SNI extension
pos = 5 + 1 + 3 + 2; // Reset to after handshake type, length and client version
pos += 32; // Skip client random
if (pos + 1 <= buffer.length) {
const sessionIdLength = buffer[pos];
pos += 1 + sessionIdLength;
// Skip cipher suites
if (pos + 2 <= buffer.length) {
const cipherSuitesLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2 + cipherSuitesLength;
// Skip compression methods
if (pos + 1 <= buffer.length) {
const compressionMethodsLength = buffer[pos];
pos += 1 + compressionMethodsLength;
// Check for extensions
if (pos + 2 <= buffer.length) {
const extensionsLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
// Extensions end position
const extensionsEnd = pos + extensionsLength;
if (extensionsEnd <= buffer.length) {
// Scan for SNI extension
while (pos + 4 <= extensionsEnd) {
const extensionType = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
const extensionLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
if (extensionType === this.TLS_SNI_EXTENSION_TYPE) {
// Check that the SNI extension actually has content
if (extensionLength > 0) {
hasSNI = true;
// Try to extract the actual SNI value for logging
try {
// Skip to server_name_list_length (2 bytes)
const tempPos = pos;
if (tempPos + 2 <= extensionsEnd) {
const nameListLength = (buffer[tempPos] << 8) + buffer[tempPos + 1];
// Skip server_name_list_length (2 bytes)
if (tempPos + 2 + 1 <= extensionsEnd) {
// Check name_type (should be 0 for hostname)
if (buffer[tempPos + 2] === 0) {
// Skip name_type (1 byte)
if (tempPos + 3 + 2 <= extensionsEnd) {
// Get name_length (2 bytes)
const nameLength = (buffer[tempPos + 3] << 8) + buffer[tempPos + 4];
// Extract the hostname
if (tempPos + 5 + nameLength <= extensionsEnd) {
const hostname = buffer
.slice(tempPos + 5, tempPos + 5 + nameLength)
.toString('utf8');
log(`Found SNI extension with server_name: ${hostname}`);
}
}
}
}
}
} catch (e) {
log(`Error extracting SNI value: ${e}`);
log('Found SNI extension with length: ' + extensionLength);
}
} else {
log('Found empty SNI extension, treating as no SNI');
}
break;
}
// Skip extension data
pos += extensionLength;
}
}
}
}
}
}
// Consider it a resumption if any resumption mechanism is present
const isResumption =
hasSessionTicket || hasPSK || hasEarlyData || (hasNonEmptySessionId && !hasPSK); // Legacy resumption
if (isResumption) {
log(
'Session resumption detected: ' +
(hasSessionTicket ? 'session ticket, ' : '') +
(hasPSK ? 'PSK, ' : '') +
(hasEarlyData ? 'early data, ' : '') +
(hasNonEmptySessionId ? 'session ID' : '') +
(hasSNI ? ', with SNI' : ', without SNI')
);
}
// Return an object with both flags
// For clarity: connections should be blocked if they have session resumption without SNI
if (isResumption) {
log(
`Resumption summary - hasSNI: ${hasSNI ? 'yes' : 'no'}, resumption type: ${
hasSessionTicket ? 'session ticket, ' : ''
}${hasPSK ? 'PSK, ' : ''}${hasEarlyData ? 'early data, ' : ''}${
hasNonEmptySessionId ? 'session ID' : ''
}`
);
}
return {
isResumption,
hasSNI,
};
} catch (error) {
log(`Error checking for session resumption: ${error}`);
return { isResumption: false, hasSNI: false };
}
}
/**
* Detects characteristics of a tab reactivation TLS handshake
* These often have specific patterns in Chrome and other browsers
*
* @param buffer - The buffer containing a ClientHello message
* @param enableLogging - Whether to enable logging
* @returns true if this appears to be a tab reactivation handshake
*/
public static isTabReactivationHandshake(
buffer: Buffer,
enableLogging: boolean = false
): boolean {
const log = (message: string) => {
if (enableLogging) {
console.log(`[Tab Reactivation] ${message}`);
}
};
if (!this.isClientHello(buffer)) {
return false;
}
try {
// Check for session ID presence (tab reactivation often has a session ID)
let pos = 5 + 1 + 3 + 2; // Position after handshake type, length and client version
pos += 32; // Skip client random
if (pos + 1 > buffer.length) return false;
const sessionIdLength = buffer[pos];
// Non-empty session ID is a good indicator
if (sessionIdLength > 0) {
log(`Detected non-empty session ID (length: ${sessionIdLength})`);
// Skip to extensions
pos += 1 + sessionIdLength;
// Skip cipher suites
if (pos + 2 > buffer.length) return false;
const cipherSuitesLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2 + cipherSuitesLength;
// Skip compression methods
if (pos + 1 > buffer.length) return false;
const compressionMethodsLength = buffer[pos];
pos += 1 + compressionMethodsLength;
// Check for extensions
if (pos + 2 > buffer.length) return false;
// Look for specific extensions that indicate tab reactivation
const extensionsLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
// Extensions end position
const extensionsEnd = pos + extensionsLength;
if (extensionsEnd > buffer.length) return false;
// Tab reactivation often has session tickets but no SNI
let hasSessionTicket = false;
let hasSNI = false;
let hasPSK = false;
// Iterate through extensions
while (pos + 4 <= extensionsEnd) {
const extensionType = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
const extensionLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
if (extensionType === this.TLS_SESSION_TICKET_EXTENSION_TYPE) {
hasSessionTicket = true;
} else if (extensionType === this.TLS_SNI_EXTENSION_TYPE) {
hasSNI = true;
} else if (extensionType === this.TLS_PSK_EXTENSION_TYPE) {
hasPSK = true;
}
// Skip extension data
pos += extensionLength;
}
// Pattern for tab reactivation: session identifier + (ticket or PSK) but no SNI
if ((hasSessionTicket || hasPSK) && !hasSNI) {
log('Detected tab reactivation pattern: session resumption without SNI');
return true;
}
}
} catch (error) {
log(`Error checking for tab reactivation: ${error}`);
}
return false;
}
/**
* Extracts the SNI (Server Name Indication) from a TLS ClientHello message.
* Implements robust parsing with support for session resumption edge cases.
*
* @param buffer - The buffer containing the TLS ClientHello message
* @param enableLogging - Whether to enable detailed debug logging
* @returns The extracted server name or undefined if not found
*/
public static extractSNI(buffer: Buffer, enableLogging: boolean = false): string | undefined {
// Logging helper
const log = (message: string) => {
if (enableLogging) {
console.log(`[SNI Extraction] ${message}`);
}
};
try {
// Buffer must be at least 5 bytes (TLS record header)
if (buffer.length < 5) {
log('Buffer too small for TLS record header');
return undefined;
}
// Check record type (must be TLS_HANDSHAKE_RECORD_TYPE = 22)
if (buffer[0] !== this.TLS_HANDSHAKE_RECORD_TYPE) {
log(`Not a TLS handshake record: ${buffer[0]}`);
return undefined;
}
// Check TLS version
const majorVersion = buffer[1];
const minorVersion = buffer[2];
log(`TLS version: ${majorVersion}.${minorVersion}`);
// Parse record length (bytes 3-4, big-endian)
const recordLength = (buffer[3] << 8) + buffer[4];
log(`Record length: ${recordLength}`);
// Validate record length against buffer size
if (buffer.length < recordLength + 5) {
log('Buffer smaller than expected record length');
return undefined;
}
// Start of handshake message in the buffer
let pos = 5;
// Check handshake type (must be CLIENT_HELLO = 1)
if (buffer[pos] !== this.TLS_CLIENT_HELLO_HANDSHAKE_TYPE) {
log(`Not a ClientHello message: ${buffer[pos]}`);
return undefined;
}
// Skip handshake type (1 byte)
pos += 1;
// Parse handshake length (3 bytes, big-endian)
const handshakeLength = (buffer[pos] << 16) + (buffer[pos + 1] << 8) + buffer[pos + 2];
log(`Handshake length: ${handshakeLength}`);
// Skip handshake length (3 bytes)
pos += 3;
// Check client version (2 bytes)
const clientMajorVersion = buffer[pos];
const clientMinorVersion = buffer[pos + 1];
log(`Client version: ${clientMajorVersion}.${clientMinorVersion}`);
// Skip client version (2 bytes)
pos += 2;
// Skip client random (32 bytes)
pos += 32;
// Parse session ID
if (pos + 1 > buffer.length) {
log('Buffer too small for session ID length');
return undefined;
}
const sessionIdLength = buffer[pos];
log(`Session ID length: ${sessionIdLength}`);
// Skip session ID length (1 byte) and session ID
pos += 1 + sessionIdLength;
// Check if we have enough bytes left
if (pos + 2 > buffer.length) {
log('Buffer too small for cipher suites length');
return undefined;
}
// Parse cipher suites length (2 bytes, big-endian)
const cipherSuitesLength = (buffer[pos] << 8) + buffer[pos + 1];
log(`Cipher suites length: ${cipherSuitesLength}`);
// Skip cipher suites length (2 bytes) and cipher suites
pos += 2 + cipherSuitesLength;
// Check if we have enough bytes left
if (pos + 1 > buffer.length) {
log('Buffer too small for compression methods length');
return undefined;
}
// Parse compression methods length (1 byte)
const compressionMethodsLength = buffer[pos];
log(`Compression methods length: ${compressionMethodsLength}`);
// Skip compression methods length (1 byte) and compression methods
pos += 1 + compressionMethodsLength;
// Check if we have enough bytes for extensions length
if (pos + 2 > buffer.length) {
log('No extensions present or buffer too small');
return undefined;
}
// Parse extensions length (2 bytes, big-endian)
const extensionsLength = (buffer[pos] << 8) + buffer[pos + 1];
log(`Extensions length: ${extensionsLength}`);
// Skip extensions length (2 bytes)
pos += 2;
// Extensions end position
const extensionsEnd = pos + extensionsLength;
// Check if extensions length is valid
if (extensionsEnd > buffer.length) {
log('Extensions length exceeds buffer size');
return undefined;
}
// Track if we found session tickets (for improved resumption handling)
let hasSessionTicket = false;
let hasPskExtension = false;
// Iterate through extensions
while (pos + 4 <= extensionsEnd) {
// Parse extension type (2 bytes, big-endian)
const extensionType = (buffer[pos] << 8) + buffer[pos + 1];
log(`Extension type: 0x${extensionType.toString(16).padStart(4, '0')}`);
// Skip extension type (2 bytes)
pos += 2;
// Parse extension length (2 bytes, big-endian)
const extensionLength = (buffer[pos] << 8) + buffer[pos + 1];
log(`Extension length: ${extensionLength}`);
// Skip extension length (2 bytes)
pos += 2;
// Check if this is the SNI extension
if (extensionType === this.TLS_SNI_EXTENSION_TYPE) {
log('Found SNI extension');
// Ensure we have enough bytes for the server name list
if (pos + 2 > extensionsEnd) {
log('Extension too small for server name list length');
pos += extensionLength; // Skip this extension
continue;
}
// Parse server name list length (2 bytes, big-endian)
const serverNameListLength = (buffer[pos] << 8) + buffer[pos + 1];
log(`Server name list length: ${serverNameListLength}`);
// Skip server name list length (2 bytes)
pos += 2;
// Ensure server name list length is valid
if (pos + serverNameListLength > extensionsEnd) {
log('Server name list length exceeds extension size');
break; // Exit the loop, extension parsing is broken
}
// End position of server name list
const serverNameListEnd = pos + serverNameListLength;
// Iterate through server names
while (pos + 3 <= serverNameListEnd) {
// Check name type (must be HOST_NAME_TYPE = 0 for hostname)
const nameType = buffer[pos];
log(`Name type: ${nameType}`);
if (nameType !== this.TLS_SNI_HOST_NAME_TYPE) {
log(`Unsupported name type: ${nameType}`);
pos += 1; // Skip name type (1 byte)
// Skip name length (2 bytes) and name data
if (pos + 2 <= serverNameListEnd) {
const nameLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2 + nameLength;
} else {
log('Invalid server name entry');
break;
}
continue;
}
// Skip name type (1 byte)
pos += 1;
// Ensure we have enough bytes for name length
if (pos + 2 > serverNameListEnd) {
log('Server name entry too small for name length');
break;
}
// Parse name length (2 bytes, big-endian)
const nameLength = (buffer[pos] << 8) + buffer[pos + 1];
log(`Name length: ${nameLength}`);
// Skip name length (2 bytes)
pos += 2;
// Ensure we have enough bytes for the name
if (pos + nameLength > serverNameListEnd) {
log('Name length exceeds server name list size');
break;
}
// Extract server name (hostname)
const serverName = buffer.slice(pos, pos + nameLength).toString('utf8');
log(`Extracted server name: ${serverName}`);
return serverName;
}
} else if (extensionType === this.TLS_SESSION_TICKET_EXTENSION_TYPE) {
// If we encounter a session ticket extension, mark it for later
log('Found session ticket extension');
hasSessionTicket = true;
pos += extensionLength; // Skip this extension
} else if (extensionType === this.TLS_PSK_EXTENSION_TYPE) {
// TLS 1.3 PSK extension - mark for resumption support
log('Found PSK extension (TLS 1.3 resumption indicator)');
hasPskExtension = true;
// We'll skip the extension here and process it separately if needed
pos += extensionLength;
} else {
// Skip this extension
pos += extensionLength;
}
}
// Log if we found session resumption indicators but no SNI
if (hasSessionTicket || hasPskExtension) {
log('Session resumption indicators present but no SNI found');
}
log('No SNI extension found in ClientHello');
return undefined;
} catch (error) {
log(`Error parsing SNI: ${error instanceof Error ? error.message : String(error)}`);
return undefined;
}
}
/**
* Attempts to extract SNI from the PSK extension in a TLS 1.3 ClientHello.
*
* In TLS 1.3, when a client attempts to resume a session, it may include
* the server name in the PSK identity hint rather than in the SNI extension.
*
* @param buffer - The buffer containing the TLS ClientHello message
* @param enableLogging - Whether to enable detailed debug logging
* @returns The extracted server name or undefined if not found
*/
public static extractSNIFromPSKExtension(
buffer: Buffer,
enableLogging: boolean = false
): string | undefined {
const log = (message: string) => {
if (enableLogging) {
console.log(`[PSK-SNI Extraction] ${message}`);
}
};
try {
// Ensure this is a ClientHello
if (!this.isClientHello(buffer)) {
log('Not a ClientHello message');
return undefined;
}
// Find the start position of extensions
let pos = 5; // Start after record header
// Skip handshake type (1 byte)
pos += 1;
// Skip handshake length (3 bytes)
pos += 3;
// Skip client version (2 bytes)
pos += 2;
// Skip client random (32 bytes)
pos += 32;
// Skip session ID
if (pos + 1 > buffer.length) return undefined;
const sessionIdLength = buffer[pos];
pos += 1 + sessionIdLength;
// Skip cipher suites
if (pos + 2 > buffer.length) return undefined;
const cipherSuitesLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2 + cipherSuitesLength;
// Skip compression methods
if (pos + 1 > buffer.length) return undefined;
const compressionMethodsLength = buffer[pos];
pos += 1 + compressionMethodsLength;
// Check if we have extensions
if (pos + 2 > buffer.length) {
log('No extensions present');
return undefined;
}
// Get extensions length
const extensionsLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
// Extensions end position
const extensionsEnd = pos + extensionsLength;
if (extensionsEnd > buffer.length) return undefined;
// Look for PSK extension
while (pos + 4 <= extensionsEnd) {
const extensionType = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
const extensionLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
if (extensionType === this.TLS_PSK_EXTENSION_TYPE) {
log('Found PSK extension');
// PSK extension structure:
// 2 bytes: identities list length
if (pos + 2 > extensionsEnd) break;
const identitiesLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
// End of identities list
const identitiesEnd = pos + identitiesLength;
if (identitiesEnd > extensionsEnd) break;
// Process each PSK identity
while (pos + 2 <= identitiesEnd) {
// Identity length (2 bytes)
if (pos + 2 > identitiesEnd) break;
const identityLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
if (pos + identityLength > identitiesEnd) break;
// Try to extract hostname from identity
// Chrome often embeds the hostname in the PSK identity
// This is a heuristic as there's no standard format
if (identityLength > 0) {
const identity = buffer.slice(pos, pos + identityLength);
// Skip identity bytes
pos += identityLength;
// Skip obfuscated ticket age (4 bytes)
if (pos + 4 <= identitiesEnd) {
pos += 4;
} else {
break;
}
// Try to parse the identity as UTF-8
try {
const identityStr = identity.toString('utf8');
log(`PSK identity: ${identityStr}`);
// Check if the identity contains hostname hints
// Chrome often embeds the hostname in a known format
// Try to extract using common patterns
// Pattern 1: Look for domain name pattern
const domainPattern =
/([a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?/i;
const domainMatch = identityStr.match(domainPattern);
if (domainMatch && domainMatch[0]) {
log(`Found domain in PSK identity: ${domainMatch[0]}`);
return domainMatch[0];
}
// Pattern 2: Chrome sometimes uses a specific format with delimiters
// This is a heuristic approach since the format isn't standardized
const parts = identityStr.split('|');
if (parts.length > 1) {
for (const part of parts) {
if (part.includes('.') && !part.includes('/')) {
const possibleDomain = part.trim();
if (/^[a-z0-9.-]+$/i.test(possibleDomain)) {
log(`Found possible domain in PSK delimiter format: ${possibleDomain}`);
return possibleDomain;
}
}
}
}
} catch (e) {
log('Failed to parse PSK identity as UTF-8');
}
}
}
} else {
// Skip this extension
pos += extensionLength;
}
}
log('No hostname found in PSK extension');
return undefined;
} catch (error) {
log(`Error parsing PSK: ${error instanceof Error ? error.message : String(error)}`);
return undefined;
}
}
/**
* Checks if the buffer contains TLS 1.3 early data (0-RTT)
* @param buffer - The buffer to check
* @param enableLogging - Whether to enable logging
* @returns true if early data is detected
*/
public static hasEarlyData(buffer: Buffer, enableLogging: boolean = false): boolean {
const log = (message: string) => {
if (enableLogging) {
console.log(`[Early Data] ${message}`);
}
};
try {
// Check if this is a valid ClientHello first
if (!this.isClientHello(buffer)) {
return false;
}
// Find the extensions section
let pos = 5; // Start after record header
// Skip handshake type (1 byte)
pos += 1;
// Skip handshake length (3 bytes)
pos += 3;
// Skip client version (2 bytes)
pos += 2;
// Skip client random (32 bytes)
pos += 32;
// Skip session ID
if (pos + 1 > buffer.length) return false;
const sessionIdLength = buffer[pos];
pos += 1 + sessionIdLength;
// Skip cipher suites
if (pos + 2 > buffer.length) return false;
const cipherSuitesLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2 + cipherSuitesLength;
// Skip compression methods
if (pos + 1 > buffer.length) return false;
const compressionMethodsLength = buffer[pos];
pos += 1 + compressionMethodsLength;
// Check if we have extensions
if (pos + 2 > buffer.length) return false;
// Get extensions length
const extensionsLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
// Extensions end position
const extensionsEnd = pos + extensionsLength;
if (extensionsEnd > buffer.length) return false;
// Look for early data extension
while (pos + 4 <= extensionsEnd) {
const extensionType = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
const extensionLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2;
if (extensionType === this.TLS_EARLY_DATA_EXTENSION_TYPE) {
log('Early Data (0-RTT) extension detected');
return true;
}
// Skip to next extension
pos += extensionLength;
}
return false;
} catch (error) {
log(`Error checking for early data: ${error}`);
return false;
}
}
/**
* Attempts to extract SNI from an initial ClientHello packet and handles
* session resumption edge cases more robustly than the standard extraction.
*
* This method handles:
* 1. Standard SNI extraction
* 2. TLS 1.3 PSK-based resumption (Chrome, Firefox, etc.)
* 3. Session ticket-based resumption
* 4. Fragmented ClientHello messages
* 5. TLS 1.3 Early Data (0-RTT)
* 6. Chrome's connection racing behaviors
*
* @param buffer - The buffer containing the TLS ClientHello message
* @param connectionInfo - Optional connection information for fragment handling
* @param enableLogging - Whether to enable detailed debug logging
* @returns The extracted server name or undefined if not found
*/
public static extractSNIWithResumptionSupport(
buffer: Buffer,
connectionInfo?: {
sourceIp?: string;
sourcePort?: number;
destIp?: string;
destPort?: number;
},
enableLogging: boolean = false
): string | undefined {
const log = (message: string) => {
if (enableLogging) {
console.log(`[SNI Extraction] ${message}`);
}
};
// Log buffer details for debugging
if (enableLogging) {
log(`Buffer size: ${buffer.length} bytes`);
log(`Buffer starts with: ${buffer.slice(0, Math.min(10, buffer.length)).toString('hex')}`);
if (buffer.length >= 5) {
const recordType = buffer[0];
const majorVersion = buffer[1];
const minorVersion = buffer[2];
const recordLength = (buffer[3] << 8) + buffer[4];
log(
`TLS Record: type=${recordType}, version=${majorVersion}.${minorVersion}, length=${recordLength}`
);
}
}
// Check if we need to handle fragmented packets
let processBuffer = buffer;
if (connectionInfo) {
const connectionId = this.createConnectionId(connectionInfo);
const reassembledBuffer = this.handleFragmentedClientHello(
buffer,
connectionId,
enableLogging
);
if (!reassembledBuffer) {
log(`Waiting for more fragments on connection ${connectionId}`);
return undefined; // Need more fragments to complete ClientHello
}
processBuffer = reassembledBuffer;
log(`Using reassembled buffer of length ${processBuffer.length}`);
}
// First try the standard SNI extraction
const standardSni = this.extractSNI(processBuffer, enableLogging);
if (standardSni) {
log(`Found standard SNI: ${standardSni}`);
return standardSni;
}
// Check for session resumption when standard SNI extraction fails
if (this.isClientHello(processBuffer)) {
const resumptionInfo = this.hasSessionResumption(processBuffer, enableLogging);
if (resumptionInfo.isResumption) {
log(`Detected session resumption in ClientHello without standard SNI`);
// Try to extract SNI from PSK extension
const pskSni = this.extractSNIFromPSKExtension(processBuffer, enableLogging);
if (pskSni) {
log(`Extracted SNI from PSK extension: ${pskSni}`);
return pskSni;
}
}
}
// Log detailed info about the ClientHello when SNI extraction fails
if (this.isClientHello(processBuffer) && enableLogging) {
log(`SNI extraction failed for ClientHello. Buffer details:`);
if (processBuffer.length >= 43) {
// ClientHello with at least client random
const clientRandom = processBuffer.slice(11, 11 + 32).toString('hex');
log(`Client Random: ${clientRandom}`);
// Log session ID length and presence
const sessionIdLength = processBuffer[43];
log(`Session ID length: ${sessionIdLength}`);
if (sessionIdLength > 0 && processBuffer.length >= 44 + sessionIdLength) {
const sessionId = processBuffer.slice(44, 44 + sessionIdLength).toString('hex');
log(`Session ID: ${sessionId}`);
}
}
}
return undefined;
}
/**
* Main entry point for SNI extraction that handles all edge cases.
* This should be called for each TLS packet received from a client.
*
* The method uses connection tracking to handle fragmented ClientHello
* messages and various TLS 1.3 behaviors, including Chrome's connection
* racing patterns and tab reactivation behaviors.
*
* @param buffer - The buffer containing TLS data
* @param connectionInfo - Connection metadata (IPs and ports)
* @param enableLogging - Whether to enable detailed debug logging
* @param cachedSni - Optional cached SNI from previous connections (for racing detection)
* @returns The extracted server name or undefined if not found or more data needed
*/
public static processTlsPacket(
buffer: Buffer,
connectionInfo: {
sourceIp: string;
sourcePort: number;
destIp: string;
destPort: number;
timestamp?: number;
},
enableLogging: boolean = false,
cachedSni?: string
): string | undefined {
const log = (message: string) => {
if (enableLogging) {
console.log(`[TLS Packet] ${message}`);
}
};
// Add timestamp if not provided
if (!connectionInfo.timestamp) {
connectionInfo.timestamp = Date.now();
}
// Check if this is a TLS handshake or application data
if (!this.isTlsHandshake(buffer) && !this.isTlsApplicationData(buffer)) {
log('Not a TLS handshake or application data packet');
return undefined;
}
// Create connection ID for tracking
const connectionId = this.createConnectionId(connectionInfo);
log(`Processing TLS packet for connection ${connectionId}, buffer length: ${buffer.length}`);
// Handle application data with cached SNI (for connection racing)
if (this.isTlsApplicationData(buffer)) {
// If explicit cachedSni was provided, use it
if (cachedSni) {
log(`Using provided cached SNI for application data: ${cachedSni}`);
return cachedSni;
}
log('Application data packet without cached SNI, cannot determine hostname');
return undefined;
}
// Enhanced session resumption detection
if (this.isClientHello(buffer)) {
const resumptionInfo = this.hasSessionResumption(buffer, enableLogging);
if (resumptionInfo.isResumption) {
log(`Session resumption detected in TLS packet`);
// Always try standard SNI extraction first
const standardSni = this.extractSNI(buffer, enableLogging);
if (standardSni) {
log(`Found standard SNI in session resumption: ${standardSni}`);
return standardSni;
}
// Enhanced session resumption SNI extraction
// Try extracting from PSK identity
const pskSni = this.extractSNIFromPSKExtension(buffer, enableLogging);
if (pskSni) {
log(`Extracted SNI from PSK extension: ${pskSni}`);
return pskSni;
}
// Additional check for SNI in session tickets
if (enableLogging) {
log(`Checking for session ticket information to extract server name...`);
// Log more details for debugging
try {
// Look at the raw buffer for patterns
log(`Buffer hexdump (first 100 bytes): ${buffer.slice(0, 100).toString('hex')}`);
// Try to find hostname-like patterns in the buffer
const bufferStr = buffer.toString('utf8', 0, buffer.length);
const hostnamePattern =
/([a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?/gi;
const hostMatches = bufferStr.match(hostnamePattern);
if (hostMatches && hostMatches.length > 0) {
log(`Possible hostnames found in buffer: ${hostMatches.join(', ')}`);
// Check if any match looks like a valid domain
for (const match of hostMatches) {
if (match.includes('.') && match.length > 3) {
log(`Potential SNI found in session data: ${match}`);
// Don't automatically use this - just log for debugging
}
}
}
} catch (e) {
log(`Error scanning for patterns: ${e}`);
}
}
log(`Session resumption without extractable SNI`);
// If allowSessionTicket=false, should be rejected by caller
}
}
// For handshake messages, try the full extraction process
const sni = this.extractSNIWithResumptionSupport(buffer, connectionInfo, enableLogging);
if (sni) {
log(`Successfully extracted SNI: ${sni}`);
return sni;
}
// If we couldn't extract an SNI, check if this is a valid ClientHello
if (this.isClientHello(buffer)) {
log('Valid ClientHello detected, but no SNI extracted - might need more data');
}
return undefined;
}
}