From 5d48d24c9515f3a0e760fe2837d174fa2a8ffcda Mon Sep 17 00:00:00 2001
From: Andrew Barba <barba@hey.com>
Date: Tue, 19 Mar 2024 20:49:56 -0400
Subject: [PATCH] feat: ja4 digests (#25)

---
 Sources/Compute/Fastly/FastlyRequest.swift      |  6 ++++++
 Sources/Compute/Fastly/FastlyStubs.swift        |  6 ++++++
 Sources/Compute/IncomingRequest.swift           | 13 +++++++++++--
 Sources/ComputeRuntime/include/ComputeRuntime.h |  3 +++
 4 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/Sources/Compute/Fastly/FastlyRequest.swift b/Sources/Compute/Fastly/FastlyRequest.swift
index e8c13be2..04167edc 100644
--- a/Sources/Compute/Fastly/FastlyRequest.swift
+++ b/Sources/Compute/Fastly/FastlyRequest.swift
@@ -301,4 +301,10 @@ extension Fastly.Request {
             try wasi(fastly_http_req__downstream_tls_ja3_md5(buffer.baseAddress, &length))
         }
     }
+
+    public static func downstreamTLSJA4() throws -> String? {
+        return try wasiString(maxBufferLength: 1024) {
+            fastly_http_req__downstream_tls_ja4($0, $1, &$2)
+        }
+    }
 }
diff --git a/Sources/Compute/Fastly/FastlyStubs.swift b/Sources/Compute/Fastly/FastlyStubs.swift
index f961b581..7082fe26 100644
--- a/Sources/Compute/Fastly/FastlyStubs.swift
+++ b/Sources/Compute/Fastly/FastlyStubs.swift
@@ -127,6 +127,12 @@ func fastly_http_req__register_dynamic_backend(_ name: UnsafePointer<CChar>!, _
 
 func fastly_http_req__downstream_tls_ja3_md5(_ value: UnsafeMutablePointer<UInt8>!, _ nwritten: UnsafeMutablePointer<Int>!) -> Int32 { fatalError() }
 
+func fastly_http_req__downstream_tls_ja4(
+    _ value: UnsafeMutablePointer<UInt8>!,
+    _ max_len: Int,
+    _ nwritten_out: UnsafeMutablePointer<Int>!
+) -> Int32 { fatalError() }
+
 /* FASTLY_HTTP_RESP */
 
 func fastly_http_resp__new(_ handle: UnsafeMutablePointer<WasiHandle>!) -> Int32 { fatalError() }
diff --git a/Sources/Compute/IncomingRequest.swift b/Sources/Compute/IncomingRequest.swift
index ef80e6ca..3f160ff0 100644
--- a/Sources/Compute/IncomingRequest.swift
+++ b/Sources/Compute/IncomingRequest.swift
@@ -65,8 +65,17 @@ public struct IncomingRequest: Sendable {
 }
 
 extension IncomingRequest {
+    public enum TLSFingerprintMethod: Sendable {
+        case ja3
+        case ja4
+    }
 
-    public func clientFingerprint() -> String? {
-        return try? Fastly.Request.downstreamTLSJA3MD5().hex
+    public func TLSFingerprint(_ method: TLSFingerprintMethod) -> String? {
+        switch method {
+        case .ja3:
+            return try? Fastly.Request.downstreamTLSJA3MD5().hex
+        case .ja4:
+            return try? Fastly.Request.downstreamTLSJA4()
+        }
     }
 }
diff --git a/Sources/ComputeRuntime/include/ComputeRuntime.h b/Sources/ComputeRuntime/include/ComputeRuntime.h
index 446d6df5..b2cddab7 100644
--- a/Sources/ComputeRuntime/include/ComputeRuntime.h
+++ b/Sources/ComputeRuntime/include/ComputeRuntime.h
@@ -196,6 +196,9 @@ int fastly_http_req__redirect_to_grip_proxy(const char *backend, size_t backend_
 WASM_IMPORT("fastly_http_req", "downstream_tls_ja3_md5")
 int fastly_http_req__downstream_tls_ja3_md5(uint8_t *value, size_t *nwritten);
 
+WASM_IMPORT("fastly_http_req", "downstream_tls_ja4")
+int fastly_http_req__downstream_tls_ja4(uint8_t *value, size_t max_len, size_t* nwritten_out);
+
 typedef struct DynamicBackendConfig {
     const char* host_override;
     size_t host_override_len;