rustcat icon indicating copy to clipboard operation
rustcat copied to clipboard
verified publisher icon robiot

Add TLS/TCP and DTLS/UDP support for both server and client

Open ordinary-hacker opened this issue 4 months ago • 4 comments

Still just a draft, right now the code compiles and it already has some stuff tied up for it to support these two encryption methods. This draft PR is mostly to keep a little bit on progress and also if anyone has any suggestions and stuff like that.

I'll keep adding more commits to this as I test stuff, change stuff, and so on.

Fixes #59

ordinary-hacker avatar Aug 05 '25 02:08 ordinary-hacker

Rn I mostly just need to actually test this and do some code refinements

ordinary-hacker avatar Aug 05 '25 02:08 ordinary-hacker

Now this is ready to merge! In case needed for vetting here's a little guide to test:

first TLS works with DER format, meanwhile DTLS with PKCS#12 format, you can generate some quick test files with:

openssl genrsa -out server-key.pem 2048 && \
openssl req -new -x509 -key server-key.pem -out server-cert.pem -days 365 -subj "/CN=localhost" && \
openssl x509 -in server-cert.pem -outform DER -out server-cert-new.der && \
openssl rsa -in server-key.pem -outform DER -out server-key-new.der && \
openssl pkcs12 -export -in server-cert.pem -inkey server-key.pem -out server-new.p12 -name "rustcat-server" -passout pass:

then for example if using rcat listener and client for TLS

# Terminal 1 (TLS Listener)
./target/debug/rcat listen -i --protocol tls --cert server-cert-new.der --key server-key-new.der 8443

# Terminal 2 (rcat TLS Client)
./target/debug/rcat connect -s bash --protocol tls localhost 8443

rcat TLS listener but with openssl client

# Terminal 1 (TLS Listener)
./target/debug/rcat listen -i --protocol tls --cert server-cert-new.der --key server-key-new.der 8443

# Terminal 2 (OpenSSL Client)
openssl s_client -connect localhost:8443 -verify_return_error

rcat for DTLS listener and client

# Terminal 1 (DTLS Listener)
./target/debug/rcat listen -i --protocol dtls --cert server-new.p12 8444

# Terminal 2 (rcat DTLS Client)
./target/debug/rcat connect -s bash --protocol dtls --cert server-new.p12 localhost 8444

if just doing some echo tests for TLS:

# Terminal 1
./target/debug/rcat listen -i --protocol tls --cert server-cert-new.der --key server-key-new.der 8443

# Terminal 2
echo "Hello TLS" | openssl s_client -connect localhost:8443 -quiet

for dtls:

# Terminal 1
./target/debug/rcat listen -i --protocol dtls --cert server-new.p12 8444

# Terminal 2
./target/debug/rcat connect -s cat --protocol dtls --cert server-new.p12 localhost 8444

ordinary-hacker avatar Aug 14 '25 16:08 ordinary-hacker

looks cool

robiot avatar Aug 14 '25 17:08 robiot

@robiot thanks :D

could you do the merge???

ordinary-hacker avatar Aug 14 '25 22:08 ordinary-hacker