fixed tls13 version references and streamlined record layer

Author: ic0ns

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/impl/InvalidCurveAttacker.java

@@ -257,7 +257,7 @@ private WorkflowTrace prepareRegularTrace(ModifiableByteArray serializedPublicKe
         }
         WorkflowTrace trace = new WorkflowConfigurationFactory(individualConfig).createWorkflowTrace(
                 WorkflowTraceType.HELLO, RunningModeType.CLIENT);
-        if (individualConfig.getHighestProtocolVersion() == ProtocolVersion.TLS13) {
+        if (individualConfig.getHighestProtocolVersion().isTLS13()) {
 
             // replace specific receive action with generic
             trace.removeTlsAction(trace.getTlsActions().size() - 1);
@@ -299,7 +299,7 @@ private WorkflowTrace prepareRegularTrace(ModifiableByteArray serializedPublicKe
     private WorkflowTrace prepareRenegotiationTrace(ModifiableByteArray serializedPublicKey, ModifiableByteArray pms,
             byte[] explicitPMS, Config individualConfig) {
         WorkflowTrace trace;
-        if (individualConfig.getHighestProtocolVersion() == ProtocolVersion.TLS13) {
+        if (individualConfig.getHighestProtocolVersion().isTLS13()) {
             trace = new WorkflowConfigurationFactory(individualConfig).createWorkflowTrace(WorkflowTraceType.HANDSHAKE,
                     RunningModeType.CLIENT);
             trace.addTlsAction(new ReceiveAction(ReceiveOption.CHECK_ONLY_EXPECTED, new NewSessionTicketMessage(false)));

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/constants/SignatureAndHashAlgorithm.java

@@ -258,7 +258,7 @@ public static SignatureAndHashAlgorithm forCertificateKeyPair(CertificateKeyPair
         clientPreferredHash.removeIf(i -> i.getHashAlgorithm() != chooser.getConfig().getPreferredHashAlgorithm());
         algorithms.addAll(0, clientPreferredHash);
 
-        if (chooser.getSelectedProtocolVersion() == ProtocolVersion.TLS13) {
+        if (chooser.getSelectedProtocolVersion().isTLS13()) {
             algorithms.removeIf(i -> i.toString().contains("RSA_SHA"));
         }
 

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/handler/CertificateRequestHandler.java

@@ -50,7 +50,7 @@ public CertificateRequestSerializer getSerializer(CertificateRequestMessage mess
 
     @Override
     public void adjustTLSContext(CertificateRequestMessage message) {
-        if (tlsContext.getChooser().getSelectedProtocolVersion() == ProtocolVersion.TLS13) {
+        if (tlsContext.getChooser().getSelectedProtocolVersion().isTLS13()) {
             adjustCertifiateRequestContext(message);
             adjustServerSupportedSignatureAndHashAlgorithms(message);
         } else {

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/parser/CertificateRequestParser.java

@@ -42,7 +42,7 @@ public CertificateRequestParser(int pointer, byte[] array, ProtocolVersion versi
     @Override
     protected void parseHandshakeMessageContent(CertificateRequestMessage msg) {
         LOGGER.debug("Parsing CertificateRequestMessage");
-        if (getVersion() == ProtocolVersion.TLS13) {
+        if (getVersion().isTLS13()) {
             parseCertificateRequestContextLength(msg);
             parseCertificateRequestContext(msg);
             parseExtensionLength(msg);

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/preparator/CertificateRequestPreparator.java

@@ -39,7 +39,7 @@ public CertificateRequestPreparator(Chooser chooser, CertificateRequestMessage m
     @Override
     public void prepareHandshakeMessageContents() {
         LOGGER.debug("Preparing CertificateRequestMessage");
-        if (chooser.getSelectedProtocolVersion() == ProtocolVersion.TLS13) {
+        if (chooser.getSelectedProtocolVersion().isTLS13()) {
             prepareCertificateReqeustContext(msg);
             prepareCertificateRequstContextLength(msg);
             sigHashAlgos = convertSigAndHashAlgos(chooser.getServerSupportedSignatureAndHashAlgorithms());

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/preparator/ServerHelloPreparator.java

@@ -87,7 +87,7 @@ private void prepareCompressionMethod() {
     }
 
     private void prepareSessionID() {
-        if (chooser.getSelectedProtocolVersion().isTLS13()) {
+        if (chooser.getConfig().getHighestProtocolVersion().isTLS13()) {
             msg.setSessionId(chooser.getClientSessionId());
         } else {
             msg.setSessionId(chooser.getServerSessionId());
@@ -97,7 +97,7 @@ private void prepareSessionID() {
 
     private void prepareProtocolVersion() {
         ProtocolVersion ourVersion = chooser.getConfig().getHighestProtocolVersion();
-        if (chooser.getConfig().getHighestProtocolVersion() == ProtocolVersion.TLS13) {
+        if (chooser.getConfig().getHighestProtocolVersion().isTLS13()) {
             ourVersion = ProtocolVersion.TLS12;
         }
 

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/serializer/CertificateRequestSerializer.java

@@ -38,7 +38,7 @@ public CertificateRequestSerializer(CertificateRequestMessage message, ProtocolV
     @Override
     public byte[] serializeHandshakeMessageContent() {
         LOGGER.debug("Serializing CertificateRequestMessage");
-        if (version == ProtocolVersion.TLS13) {
+        if (version.isTLS13()) {
             writeCertificateRquestContextLength(msg);
             writeCertificateRquestContext(msg);
             writeExtensionLength();

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/record/cipher/RecordAEADCipher.java

@@ -143,15 +143,8 @@ public void encrypt(Record record) throws CryptoException {
                 ArrayConverter.bytesToHexString(additionalAuthenticatedData));
 
         byte[] plainBytes = record.getComputations().getPlainRecordBytes().getValue();
-        byte[] wholeCipherText;
-        if (version == ProtocolVersion.TLS12 || version == ProtocolVersion.TLS13
-                || version == ProtocolVersion.TLS13_DRAFT25 || version == ProtocolVersion.TLS13_DRAFT26
-                || version == ProtocolVersion.TLS13_DRAFT27 || version == ProtocolVersion.TLS13_DRAFT28) {
-            wholeCipherText = encryptCipher.encrypt(gcmNonce, aeadTagLength * Bits.IN_A_BYTE,
-                    additionalAuthenticatedData, plainBytes);
-        } else {
-            wholeCipherText = encryptCipher.encrypt(gcmNonce, aeadTagLength * Bits.IN_A_BYTE, plainBytes);
-        }
+        byte[] wholeCipherText = encryptCipher.encrypt(gcmNonce, aeadTagLength * Bits.IN_A_BYTE,
+                additionalAuthenticatedData, plainBytes);
 
         byte[] onlyCiphertext = Arrays.copyOfRange(wholeCipherText, 0, wholeCipherText.length - aeadTagLength);
 
@@ -218,16 +211,9 @@ public void decrypt(Record record) throws CryptoException {
         // the decryption
 
         try {
-            byte[] plainRecordBytes;
-            if (version == ProtocolVersion.TLS12 || version == ProtocolVersion.TLS13
-                    || version == ProtocolVersion.TLS13_DRAFT25 || version == ProtocolVersion.TLS13_DRAFT26
-                    || version == ProtocolVersion.TLS13_DRAFT27 || version == ProtocolVersion.TLS13_DRAFT28) {
-                plainRecordBytes = decryptCipher.decrypt(gcmNonce, aeadTagLength * Bits.IN_A_BYTE,
-                        additionalAuthenticatedData, ArrayConverter.concatenate(cipherTextOnly, authenticationTag));
-            } else {
-                plainRecordBytes = decryptCipher.decrypt(gcmNonce, aeadTagLength * Bits.IN_A_BYTE,
-                        ArrayConverter.concatenate(cipherTextOnly, authenticationTag));
-            }
+            byte[] plainRecordBytes = decryptCipher.decrypt(gcmNonce, aeadTagLength * Bits.IN_A_BYTE,
+                    additionalAuthenticatedData, ArrayConverter.concatenate(cipherTextOnly, authenticationTag));
+
             record.getComputations().setAuthenticationTagValid(true);
             record.getComputations().setPlainRecordBytes(plainRecordBytes);
             plainRecordBytes = record.getComputations().getPlainRecordBytes().getValue();

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/record/layer/TlsRecordLayer.java

@@ -30,6 +30,7 @@
 import de.rub.nds.tlsattacker.core.state.TlsContext;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
+import java.math.BigInteger;
 import java.util.LinkedList;
 import java.util.List;
 import org.apache.logging.log4j.LogManager;
@@ -178,6 +179,13 @@ public void decryptAndDecompressRecord(AbstractRecord record) {
                             .getContentMessageType() == ProtocolMessageType.APPLICATION_DATA)) {
                 decryptor.decrypt(record);
                 decompressor.decompress(record);
+            } else {
+                // Do not decrypt the record
+                record.prepareComputations();
+                ((Record) record).setSequenceNumber(BigInteger.valueOf(tlsContext.getReadSequenceNumber()));
+                byte[] protocolMessageBytes = record.getProtocolMessageBytes().getValue();
+                record.setCleanProtocolMessageBytes(protocolMessageBytes);
+                // tlsContext.increaseReadSequenceNumber();
             }
         } else {
             LOGGER.warn("Decrypting received non Record:" + record.toString());

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/executor/ReceiveMessageHelper.java

@@ -251,6 +251,7 @@ public MessageParsingResult parseMessages(RecordGroup recordGroup, TlsContext co
         List<ProtocolMessage> messages = new LinkedList<>();
         List<DtlsHandshakeMessageFragment> messageFragments = null;
         for (RecordGroup group : RecordGroup.generateRecordGroups(recordGroup.getRecords())) {
+
             List<RecordGroup> subGroups = group.splitIntoProcessableSubgroups();
             for (RecordGroup subGroup : subGroups) {