Expand description
This module contains Traces consisting of several Steps, of which each has either an
OutputAction or InputAction. This is a declarative way of modeling communication between
Agents. The TraceContext holds data, also known as VariableData, which is created by
Agents during the concrete execution of the Trace. It also holds the Agents with
the references to concrete PUT.
Serializability of Traces
Each trace is serializable to JSON or even binary data. This helps at reproducing discovered security vulnerabilities during fuzzing. If a trace triggers a security vulnerability we can store it on disk and replay it when investigating the case. As traces depend on concrete implementations as discussed in the next section we need to link serialized data like strings or numerical IDs to functions implemented in Rust.
Structs
InputAction evaluates the recipe term and injects the newly produced message
into the inbound channel of the Agent referenced through the corresponding Steps
by calling add_to_inbound(...) and then drives the state machine forward.crate::protocol::ExtractKnowledge::extract_knowledge function
Knowledge is made of the data, the source of the output, the
TLS message type and the internal type.OutputAction first forwards the state machine and then extracts knowledge from the
TLS messages produced by the underlying stream by calling take_message_from_outbound(...).
An output action is automatically called after each input step.TraceContext contains a list of VariableData, which is known as the knowledge
of the attacker. VariableData can contain data of various types like for example
client and server extensions, cipher suits or session ID It also holds the concrete
references to the Agents and the underlying streams, which contain the messages
which have need exchanged and are not yet processed by an output step.Enums
OutputAction and InputAction differ.
Both actions drive the internal state machine of an Agent forward by calling next_state().
The OutputAction first forwards the state machine and then extracts knowledge from the
TLS messages produced by the underlying stream by calling take_message_from_outbound(...).
The InputAction evaluates the recipe term and injects the newly produced message
into the inbound channel of the Agent referenced through the corresponding Steps
by calling add_to_inbound(...) and then drives the state machine forward.
Therefore, the difference is that one step increases the knowledge of the attacker,
whereas the other action uses the available knowledge.