Added DTLS message information class containing seq/epoch numbers. The receiver helper also returns those in output

paulfiterau · paulfiterau · commit 15e6b513fa2e · 2019-10-26T18:17:34.000+02:00
diff --git a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/config/Config.java b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/config/Config.java
@@ -1116,10 +1116,10 @@ public static Config createEmptyConfig() {
             .hexStringToByteArray("963c77cdc13a2a8d75cdddd1e0449929843711c21d47ce6e6383cdda37e47da3");
 
     private ECPointFormat defaultSelectedPointFormat = ECPointFormat.UNCOMPRESSED;
-    
+
     /**
-     * TLS-Attacker will parse encrypted messages with invalid MAC or padding
-     * as unknown if this option is set.
+     * TLS-Attacker will parse encrypted messages with invalid MAC or padding as
+     * unknown if this option is set.
      */
     private Boolean doNotParseInvalidMacOrPadMessages = false;
 
@@ -3359,12 +3359,12 @@ public Boolean isAddPWDProtectExtension() {
     public void setAddPWDProtectExtension(Boolean addPWDProtectExtension) {
         this.addPWDProtectExtension = addPWDProtectExtension;
     }
-    
+
     public Boolean isDoNotParseInvalidMacOrPadMessages() {
-    	return doNotParseInvalidMacOrPadMessages;
+        return doNotParseInvalidMacOrPadMessages;
     }
-    
+
     public void setDoNotParseInvalidMacOrPadMessages(Boolean doNotParseInvalidMacOrPadMessages) {
-    	this.doNotParseInvalidMacOrPadMessages = doNotParseInvalidMacOrPadMessages;
+        this.doNotParseInvalidMacOrPadMessages = doNotParseInvalidMacOrPadMessages;
     }
 }
diff --git a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/record/cipher/RecordAEADCipher.java b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/record/cipher/RecordAEADCipher.java
@@ -176,7 +176,8 @@ private byte[] decryptTLS12(DecryptionRequest decryptionRequest) throws CryptoEx
         byte[] nonce;
         byte[] data;
         if (cipherSuite.usesStrictExplicitIv()) {
-        	// TODO In the case of DTLS, we should get the sequence number from the record
+            // TODO In the case of DTLS, we should get the sequence number from
+            // the record
             nonce = ArrayConverter.longToBytes(context.getReadSequenceNumber(), SEQUENCE_NUMBER_LENGTH);
             data = decryptionRequest.getCipherText();
         } else {
diff --git a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/ReceiveAction.java b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/ReceiveAction.java
@@ -152,6 +152,7 @@ public void execute(State state) throws WorkflowExecutionException {
         String expected = getReadableString(expectedMessages);
         LOGGER.debug("Receive Expected:" + expected);
         String received = getReadableString(messages);
+        System.out.println(result.getMessageInformationList());
         if (hasDefaultAlias()) {
             LOGGER.info("Received Messages: " + received);
         } else {
diff --git a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/executor/DtlsMessageInformation.java b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/executor/DtlsMessageInformation.java
@@ -0,0 +1,42 @@
+package de.rub.nds.tlsattacker.core.workflow.action.executor;
+
+/**
+ * DTLS message information contains DTLS-relevant information associated with
+ * each message. For non-handshake messages, messageSequence should be null.
+ */
+public class DtlsMessageInformation {
+    private Integer epoch;
+    private Integer messageSequence;
+
+    public DtlsMessageInformation(Integer epoch) {
+        this.epoch = epoch;
+    }
+
+    public DtlsMessageInformation(Integer epoch, Integer messageSequence) {
+        this.epoch = epoch;
+        this.messageSequence = messageSequence;
+    }
+
+    public Integer getEpoch() {
+        return epoch;
+    }
+
+    public void setEpoch(Integer epoch) {
+        this.epoch = epoch;
+    }
+
+    public Integer getMessageSequence() {
+        return messageSequence;
+    }
+
+    public void setMessageSequence(Integer messageSequence) {
+        this.messageSequence = messageSequence;
+    }
+
+    public String toString() {
+        StringBuilder builder = new StringBuilder();
+        builder.append("{epoch=").append(epoch);
+        builder.append(", message_seq=").append(messageSequence);
+        return builder.append("}").toString();
+    }
+}
diff --git a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/executor/FakeReceiveMessageHelper.java b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/executor/FakeReceiveMessageHelper.java
@@ -41,7 +41,7 @@ public MessageActionResult receiveMessages(TlsContext context) {
 
     @Override
     public MessageActionResult receiveMessages(List<ProtocolMessage> expectedMessages, TlsContext context) {
-        return new MessageActionResult(recordsToReturn, messagesToReturn, null);
+        return new MessageActionResult(recordsToReturn, messagesToReturn, null, null);
     }
 
     public List<ProtocolMessage> getMessagesToReturn() {
diff --git a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/executor/MessageActionResult.java b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/executor/MessageActionResult.java
@@ -23,11 +23,14 @@ public class MessageActionResult {
 
     private final List<DtlsHandshakeMessageFragment> messageFragmentList;
 
+    private final List<DtlsMessageInformation> messageInformationList;
+
     public MessageActionResult(List<AbstractRecord> recordList, List<ProtocolMessage> messageList,
-            List<DtlsHandshakeMessageFragment> messageFragmentList) {
+            List<DtlsHandshakeMessageFragment> messageFragmentList, List<DtlsMessageInformation> messageInformationList) {
         this.recordList = recordList;
         this.messageList = messageList;
         this.messageFragmentList = messageFragmentList;
+        this.messageInformationList = messageInformationList;
     }
 
     /**
@@ -36,7 +39,7 @@ public MessageActionResult(List<AbstractRecord> recordList, List<ProtocolMessage
      */
     public MessageActionResult() {
         this(new LinkedList<AbstractRecord>(), new LinkedList<ProtocolMessage>(),
-                new LinkedList<DtlsHandshakeMessageFragment>());
+                new LinkedList<DtlsHandshakeMessageFragment>(), new LinkedList<DtlsMessageInformation>());
     }
 
     public List<AbstractRecord> getRecordList() {
@@ -51,6 +54,13 @@ public List<DtlsHandshakeMessageFragment> getMessageFragmentList() {
         return messageFragmentList;
     }
 
+    /**
+     * Returns message information corresponding to DTLS messages.
+     */
+    public List<DtlsMessageInformation> getMessageInformationList() {
+        return messageInformationList;
+    }
+
     /**
      * Merger this with other results, forming a new result.
      */
@@ -59,14 +69,16 @@ public MessageActionResult merge(MessageActionResult... other) {
         results.add(0, this);
         List<AbstractRecord> recordList = new LinkedList<>();
         List<DtlsHandshakeMessageFragment> messageFragmentList = new LinkedList<>();
+        List<DtlsMessageInformation> messageInfoList = new LinkedList<>();
         List<ProtocolMessage> messageList = new LinkedList<>();
 
         for (MessageActionResult result : results) {
             recordList.addAll(result.getRecordList());
             messageFragmentList.addAll(result.getMessageFragmentList());
+            messageInfoList.addAll(result.getMessageInformationList());
             messageList.addAll(result.getMessageList());
         }
 
-        return new MessageActionResult(recordList, messageList, messageFragmentList);
+        return new MessageActionResult(recordList, messageList, messageFragmentList, messageInfoList);
     }
 }
diff --git a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/executor/MessageParsingResult.java b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/executor/MessageParsingResult.java
@@ -15,11 +15,14 @@
 public class MessageParsingResult {
     private List<ProtocolMessage> messages;
     private List<DtlsHandshakeMessageFragment> messageFragments;
+    private List<DtlsMessageInformation> messageInfos;
 
-    public MessageParsingResult(List<ProtocolMessage> messages, List<DtlsHandshakeMessageFragment> messageFragments) {
+    public MessageParsingResult(List<ProtocolMessage> messages, List<DtlsHandshakeMessageFragment> messageFragments,
+            List<DtlsMessageInformation> messageInfos) {
         super();
         this.messages = messages;
         this.messageFragments = messageFragments;
+        this.messageInfos = messageInfos;
     }
 
     public List<ProtocolMessage> getMessages() {
@@ -30,4 +33,8 @@ public List<DtlsHandshakeMessageFragment> getMessageFragments() {
         return messageFragments;
     }
 
+    public List<DtlsMessageInformation> getMessageInfos() {
+        return messageInfos;
+    }
+
 }
diff --git a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/executor/ReceiveMessageHelper.java b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/executor/ReceiveMessageHelper.java
@@ -8,6 +8,14 @@
  */
 package de.rub.nds.tlsattacker.core.workflow.action.executor;
 
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.util.LinkedList;
+import java.util.List;
+
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
 import de.rub.nds.modifiablevariable.util.ArrayConverter;
 import de.rub.nds.tlsattacker.core.constants.AlertLevel;
 import de.rub.nds.tlsattacker.core.constants.HandshakeByteLength;
@@ -30,18 +38,9 @@
 import de.rub.nds.tlsattacker.core.protocol.message.HandshakeMessage;
 import de.rub.nds.tlsattacker.core.protocol.message.ProtocolMessage;
 import de.rub.nds.tlsattacker.core.protocol.message.SSL2HandshakeMessage;
-import de.rub.nds.tlsattacker.core.protocol.message.UnknownMessage;
 import de.rub.nds.tlsattacker.core.record.AbstractRecord;
-import de.rub.nds.tlsattacker.core.record.cipher.RecordNullCipher;
-import de.rub.nds.tlsattacker.core.record.layer.RecordLayerType;
 import de.rub.nds.tlsattacker.core.state.TlsContext;
 import de.rub.nds.tlsattacker.transport.ConnectionEndType;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.util.LinkedList;
-import java.util.List;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
 
 public class ReceiveMessageHelper {
 
@@ -136,7 +135,7 @@ private MessageActionResult processRecordGroup(RecordGroup recordGroup, TlsConte
         MessageParsingResult messageParsingResult = parseMessages(recordGroup, context);
 
         return new MessageActionResult(recordGroup.getRecords(), messageParsingResult.getMessages(),
-                messageParsingResult.getMessageFragments());
+                messageParsingResult.getMessageFragments(), messageParsingResult.getMessageInfos());
     }
 
     public List<AbstractRecord> receiveRecords(TlsContext context) {
@@ -232,6 +231,7 @@ public MessageParsingResult parseMessages(RecordGroup recordGroup, TlsContext co
         // new groups here
         List<ProtocolMessage> messages = new LinkedList<>();
         List<DtlsHandshakeMessageFragment> messageFragments = new LinkedList<>();
+        List<DtlsMessageInformation> dtlsMessageInfos = new LinkedList<>();
         for (RecordGroup group : RecordGroup.generateRecordGroups(recordGroup.getRecords(), context)) {
             boolean parseAsUnknown = false;
             if (context.getConfig().isDoNotParseInvalidMacOrPadMessages()) {
@@ -252,13 +252,21 @@ public MessageParsingResult parseMessages(RecordGroup recordGroup, TlsContext co
                         if (parsedMessage.isDtlsHandshakeMessageFragment()) {
                             messageFragments.add((DtlsHandshakeMessageFragment) parsedMessage);
                         } else {
+                            dtlsMessageInfos.add(new DtlsMessageInformation(recordGroup.getDtlsEpoch()));
                             messages.add(parsedMessage);
                         }
                     }
                     List<ProtocolMessage> parsedFragmentedMessages = processDtlsFragments(messageFragments,
-                            recordGroup.getDtlsEpoch(), context);
+                            recordGroup.getDtlsEpoch(), dtlsMessageInfos, context);
                     messages.addAll(parsedFragmentedMessages);
                 } else {
+                    // TODO Normally, retransmission handling should only be
+                    // applied to CCS and HANDSHAKE messages,
+                    // and not to other message types. I am unsure if we should
+                    // adapt the code based on that.
+                    // (so that, reordering options apply only to CCS, and not
+                    // to other message types).
+
                     boolean isInOrder = recordGroup.getDtlsEpoch() == context.getDtlsNextReceiveEpoch();
                     // we only update the context for in order records (with
                     // epoch == current) unless the update on ooo was set, in
@@ -267,8 +275,12 @@ public MessageParsingResult parseMessages(RecordGroup recordGroup, TlsContext co
                             : true;
                     List<ProtocolMessage> parsedMessages = handleCleanBytes(cleanProtocolMessageBytes,
                             group.getProtocolMessageType(), context, onlyParse, false, parseAsUnknown);
+
                     if (isInOrder || !context.getConfig().isDtlsExcludeOutOfOrder()) {
                         messages.addAll(parsedMessages);
+                        for (int i = 0; i < parsedMessages.size(); i++) {
+                            dtlsMessageInfos.add(new DtlsMessageInformation(recordGroup.getDtlsEpoch()));
+                        }
                     }
                 }
             } else {
@@ -277,7 +289,8 @@ public MessageParsingResult parseMessages(RecordGroup recordGroup, TlsContext co
                 messages.addAll(parsedMessages);
             }
         }
-        return new MessageParsingResult(messages, messageFragments);
+
+        return new MessageParsingResult(messages, messageFragments, dtlsMessageInfos);
     }
 
     private List<ProtocolMessage> handleCleanBytes(byte[] cleanProtocolMessageBytes,
@@ -427,7 +440,7 @@ private ParserResult tryHandleAsUnknownMessage(byte[] protocolMessageBytes, int
      * sequence is next for processing.
      */
     private List<ProtocolMessage> processDtlsFragments(List<DtlsHandshakeMessageFragment> fragments, Integer epoch,
-            TlsContext context) {
+            List<DtlsMessageInformation> dtlsInfos, TlsContext context) {
 
         // the fragment manager stores all the message fragments received
         FragmentManager manager = context.getDtlsFragmentManager();
@@ -458,6 +471,7 @@ private List<ProtocolMessage> processDtlsFragments(List<DtlsHandshakeMessageFrag
                     manager.clearFragmentedMessage(fragmentedMessage.getMessageSeq().getValue(), epoch);
                     HandshakeMessage message = processFragmentedMessage(fragmentedMessage, context, true);
                     messages.add(message);
+                    dtlsInfos.add(new DtlsMessageInformation(epoch, fragmentedMessage.getMessageSeq().getValue()));
                     if (message.getHandshakeMessageType() == HandshakeMessageType.FINISHED) {
                         context.setDtlsNextReceiveSequenceNumber(0);
                     } else {
@@ -476,6 +490,7 @@ private List<ProtocolMessage> processDtlsFragments(List<DtlsHandshakeMessageFrag
                     manager.clearFragmentedMessage(fragmentedMessage.getMessageSeq().getValue(), epoch);
                     if (!context.getConfig().isDtlsExcludeOutOfOrder()) {
                         messages.add(message);
+                        dtlsInfos.add(new DtlsMessageInformation(epoch, fragmentedMessage.getMessageSeq().getValue()));
                     }
                 }
             }
diff --git a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/executor/SendMessageHelper.java b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/executor/SendMessageHelper.java
@@ -117,7 +117,8 @@ public MessageActionResult sendMessages(List<ProtocolMessage> messages, List<Abs
         if (fragmentMessages.isEmpty()) {
             fragmentMessages = null;
         }
-        return new MessageActionResult(records, messages, fragmentMessages);
+        // TODO add message information
+        return new MessageActionResult(records, messages, fragmentMessages, null);
     }
 
     public void sendRecords(List<AbstractRecord> records, TlsContext context) throws IOException {

Original file line number	Diff line number	Diff line change
`@@ -41,7 +41,7 @@ public MessageActionResult receiveMessages(TlsContext context) {`
`41`	`41`
`42`	`42`	`@Override`
`43`	`43`	`public MessageActionResult receiveMessages(List<ProtocolMessage> expectedMessages, TlsContext context) {`
`44`		`- return new MessageActionResult(recordsToReturn, messagesToReturn, null);`
	`44`	`+ return new MessageActionResult(recordsToReturn, messagesToReturn, null, null);`
`45`	`45`	`}`
`46`	`46`
`47`	`47`	`public List<ProtocolMessage> getMessagesToReturn() {`
Original file line number	Diff line number	Diff line change
`@@ -117,7 +117,8 @@ public MessageActionResult sendMessages(List<ProtocolMessage> messages, List<Abs`
`117`	`117`	`if (fragmentMessages.isEmpty()) {`
`118`	`118`	`fragmentMessages = null;`
`119`	`119`	`}`
`120`		`- return new MessageActionResult(records, messages, fragmentMessages);`
	`120`	`+ // TODO add message information`
	`121`	`+ return new MessageActionResult(records, messages, fragmentMessages, null);`
`121`	`122`	`}`
`122`	`123`
`123`	`124`	`public void sendRecords(List<AbstractRecord> records, TlsContext context) throws IOException {`