Merge pull request #749 from tls-attacker/fuzzer

Fuzzer changes

Author: ic0ns

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/impl/BleichenbacherAttacker.java

@@ -63,13 +63,16 @@ public class BleichenbacherAttacker extends Attacker<BleichenbacherCommandConfig
 
     private List<VectorResponse> fingerprintPairList;
 
+    private boolean selfShutdown = false;
+
     /**
      * @param bleichenbacherConfig
      * @param baseConfig
      */
     public BleichenbacherAttacker(BleichenbacherCommandConfig bleichenbacherConfig, Config baseConfig) {
         super(bleichenbacherConfig, baseConfig);
         executor = new ParallelExecutor(1, 3);
+        selfShutdown = true;
     }
 
     /**
@@ -81,6 +84,7 @@ public BleichenbacherAttacker(BleichenbacherCommandConfig bleichenbacherConfig,
         ParallelExecutor executor) {
         super(bleichenbacherConfig, baseConfig);
         this.executor = executor;
+        selfShutdown = false;
     }
 
     /**
@@ -151,6 +155,9 @@ public EqualityError isVulnerable(List<Pkcs1Vector> pkcs1Vectors, RSAPublicKey p
         if (error != EqualityError.NONE) {
             CONSOLE.info("Found a vulnerability with " + config.getWorkflowType().getDescription());
         }
+        if (selfShutdown && !config.isExecuteAttack()) {
+            executor.shutdown();
+        }
         return error;
     }
 
@@ -298,6 +305,9 @@ public void executeAttack() {
         attacker.attack();
         BigInteger solution = attacker.getSolution();
         CONSOLE.info(solution.toString(16));
+        if (selfShutdown) {
+            executor.shutdown();
+        }
     }
 
     private ResponseFingerprint extractValidFingerprint(RSAPublicKey publicKey, ProtocolVersion version) {

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/pkcs1/Bleichenbacher.java

@@ -74,7 +74,7 @@ public void attack() throws OracleException {
         if (this.msgIsPKCS) {
             LOGGER.info("Step skipped --> " + "Message is considered as PKCS compliant.");
             LOGGER.info("Testing the validity of the original message");
-            oracle.checkPKCSConformity(encryptedMsg);
+            saveCheckPKCSConformity(encryptedMsg);
             s0 = BigInteger.ONE;
             c0 = new BigInteger(1, encryptedMsg);
             interval = new Interval[] { new Interval(BigInteger.valueOf(2).multiply(bigB),
@@ -116,7 +116,7 @@ protected void stepOne() throws OracleException {
             send = prepareMsg(ciphered, si);
 
             // check PKCS#1 conformity
-            pkcsConform = oracle.checkPKCSConformity(send);
+            pkcsConform = saveCheckPKCSConformity(send);
         } while (!pkcsConform);
 
         c0 = new BigInteger(1, send);
@@ -153,7 +153,7 @@ protected void stepTwo(final int i) throws OracleException {
      */
     protected void stepTwoA() throws OracleException {
         byte[] send;
-        boolean pkcsConform;
+        boolean pkcsConform = false;
         BigInteger n = publicKey.getModulus();
 
         LOGGER.debug("Step 2a: Starting the search");
@@ -173,21 +173,22 @@ protected void stepTwoA() throws OracleException {
             send = prepareMsg(c0, si);
 
             // check PKCS#1 conformity
-            pkcsConform = oracle.checkPKCSConformity(send);
+            pkcsConform = saveCheckPKCSConformity(send);
+
         } while (!pkcsConform);
     }
 
     private void stepTwoB() throws OracleException {
         byte[] send;
-        boolean pkcsConform;
+        boolean pkcsConform = false;
         LOGGER.debug("Step 2b: Searching with more than" + " one interval left");
 
         do {
             si = si.add(BigInteger.ONE);
             send = prepareMsg(c0, si);
 
             // check PKCS#1 conformity
-            pkcsConform = oracle.checkPKCSConformity(send);
+            pkcsConform = saveCheckPKCSConformity(send);
         } while (!pkcsConform);
     }
 
@@ -228,10 +229,26 @@ protected void stepTwoC() throws OracleException {
             send = prepareMsg(c0, si);
 
             // check PKCS#1 conformity
-            pkcsConform = oracle.checkPKCSConformity(send);
+            pkcsConform = saveCheckPKCSConformity(send);
+
         } while (!pkcsConform);
     }
 
+    private boolean saveCheckPKCSConformity(byte[] send) {
+        boolean pkcsConform = false;
+        boolean needToRedo = true;
+        while (needToRedo) {
+
+            try {
+                pkcsConform = oracle.checkPKCSConformity(send);
+                needToRedo = false;
+            } catch (Exception e) {
+                LOGGER.warn(e.toString());
+            }
+        }
+        return pkcsConform;
+    }
+
     private void stepThree(final int i) {
         BigInteger n = publicKey.getModulus();
         BigInteger r;

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/task/FingerPrintTask.java

@@ -9,7 +9,6 @@
 
 package de.rub.nds.tlsattacker.attacks.task;
 
-import de.rub.nds.tlsattacker.attacks.exception.FingerprintExtractionException;
 import de.rub.nds.tlsattacker.attacks.util.response.ResponseExtractor;
 import de.rub.nds.tlsattacker.attacks.util.response.ResponseFingerprint;
 import de.rub.nds.tlsattacker.core.state.State;

Attacks/src/main/resources/log4j2.xml

@@ -34,7 +34,7 @@
         <Logger name="de.rub.nds.tlsattacker.core.state" level="WARN"/>
         <Logger name="de.rub.nds.tlsattacker.core.constants" level="WARN"/>
         <Logger name="de.rub.nds.modifiablevariable" level="WARN"/>
-        
+        <Logger name="de.rub.nds.tlsattacker.transport.tcp.ClientTcpTransportHandler" level="WARN"/>
         <Root level="INFO">
             <AppenderRef ref="Console"/>
         </Root>

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/config/Config.java

@@ -10,6 +10,7 @@
 package de.rub.nds.tlsattacker.core.config;
 
 import de.rub.nds.modifiablevariable.util.ArrayConverter;
+import de.rub.nds.modifiablevariable.util.IllegalStringAdapter;
 import de.rub.nds.modifiablevariable.util.UnformattedByteArrayAdapter;
 import de.rub.nds.tlsattacker.core.certificate.CertificateKeyPair;
 import de.rub.nds.tlsattacker.core.connection.InboundConnection;
@@ -78,15 +79,11 @@
 import java.util.Arrays;
 import java.util.LinkedList;
 import java.util.List;
-import java.util.Objects;
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlElementDecl;
 import javax.xml.bind.annotation.XmlElementWrapper;
-import javax.xml.bind.annotation.XmlList;
 import javax.xml.bind.annotation.XmlRootElement;
-import javax.xml.bind.annotation.XmlSchema;
 import javax.xml.bind.annotation.XmlType;
 import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
 import org.apache.logging.log4j.LogManager;
@@ -376,8 +373,10 @@ public static Config createEmptyConfig() {
      */
     @XmlElement(name = "defaultProposedAlpnProtocol")
     @XmlElementWrapper
+    @XmlJavaTypeAdapter(IllegalStringAdapter.class)
     private List<String> defaultProposedAlpnProtocols;
 
+    @XmlJavaTypeAdapter(IllegalStringAdapter.class)
     private String defaultSelectedAlpnProtocol = AlpnProtocol.HTTP_2.getConstant();
 
     /**
@@ -622,11 +621,13 @@ public static Config createEmptyConfig() {
     /**
      * Default cookie value to use if addHttpsCookie is true.
      */
+    @XmlJavaTypeAdapter(IllegalStringAdapter.class)
     private String defaultHttpsCookieName = "tls-attacker";
 
     /**
      * Default cookie value to use if addHttpsCookie is true.
      */
+    @XmlJavaTypeAdapter(IllegalStringAdapter.class)
     private String defaultHttpsCookieValue = "42130912812";
 
     /**
@@ -861,6 +862,7 @@ public static Config createEmptyConfig() {
 
     private GOSTCurve defaultSelectedGostCurve = GOSTCurve.GostR3410_2001_CryptoPro_XchB;
 
+    @XmlJavaTypeAdapter(IllegalStringAdapter.class)
     private String defaultApplicationMessageData = "Test";
 
     @XmlElement(name = "clientCertificateType")
@@ -1145,6 +1147,7 @@ public static Config createEmptyConfig() {
      * requestPath to use in LocationHeader if none is saved during the connection, e.g. no received HttpsRequestMessage
      * or httpsParsing is disabled
      */
+    @XmlJavaTypeAdapter(IllegalStringAdapter.class)
     private String defaultHttpsRequestPath = "/";
 
     private StarttlsType starttlsType = StarttlsType.NONE;
@@ -1191,6 +1194,7 @@ public static Config createEmptyConfig() {
     /**
      * Use username from the example of RFC8492
      */
+    @XmlJavaTypeAdapter(IllegalStringAdapter.class)
     private String defaultClientPWDUsername = "fred";
 
     /**
@@ -1209,6 +1213,7 @@ public static Config createEmptyConfig() {
     /**
      * Use password from the example of RFC8492
      */
+    @XmlJavaTypeAdapter(IllegalStringAdapter.class)
     private String defaultPWDPassword = "barney";
 
     /**
@@ -3560,7 +3565,7 @@ public void setDefaultClientPWDUsername(String username) {
     }
 
     public byte[] getDefaultServerPWDSalt() {
-        return defaultServerPWDSalt;
+        return Arrays.copyOf(defaultServerPWDSalt, defaultServerPWDSalt.length);
     }
 
     public void setDefaultServerPWDSalt(byte[] salt) {
@@ -3584,31 +3589,31 @@ public void setDefaultPWDIterations(Integer defaultPWDIterations) {
     }
 
     public byte[] getDefaultServerPWDPrivate() {
-        return defaultServerPWDPrivate;
+        return Arrays.copyOf(defaultServerPWDPrivate, defaultServerPWDPrivate.length);
     }
 
     public void setDefaultServerPWDPrivate(byte[] defaultServerPWDPrivate) {
         this.defaultServerPWDPrivate = defaultServerPWDPrivate;
     }
 
     public byte[] getDefaultServerPWDMask() {
-        return defaultServerPWDMask;
+        return Arrays.copyOf(defaultServerPWDMask, defaultServerPWDMask.length);
     }
 
     public void setDefaultServerPWDMask(byte[] defaultServerPWDMask) {
         this.defaultServerPWDMask = defaultServerPWDMask;
     }
 
     public byte[] getDefaultClientPWDPrivate() {
-        return defaultClientPWDPrivate;
+        return Arrays.copyOf(defaultClientPWDPrivate, defaultClientPWDPrivate.length);
     }
 
     public void setDefaultClientPWDPrivate(byte[] defaultClientPWDPrivate) {
         this.defaultClientPWDPrivate = defaultClientPWDPrivate;
     }
 
     public byte[] getDefaultClientPWDMask() {
-        return defaultClientPWDMask;
+        return Arrays.copyOf(defaultClientPWDMask, defaultClientPWDMask.length);
     }
 
     public void setDefaultClientPWDMask(byte[] defaultClientPWDMask) {
@@ -3700,23 +3705,23 @@ public final void setEsniServerKeyPairs(KeyShareEntry... esniServerKeyPairs) {
     }
 
     public byte[] getDefaultEsniClientNonce() {
-        return defaultEsniClientNonce;
+        return Arrays.copyOf(defaultEsniClientNonce, defaultEsniClientNonce.length);
     }
 
     public void setDefaultEsniClientNonce(byte[] defaultEsniClientNonce) {
         this.defaultEsniClientNonce = defaultEsniClientNonce;
     }
 
     public byte[] getDefaultEsniServerNonce() {
-        return defaultEsniServerNonce;
+        return Arrays.copyOf(defaultEsniServerNonce, defaultEsniServerNonce.length);
     }
 
     public void setDefaultEsniServerNonce(byte[] defaultEsniServerNonce) {
         this.defaultEsniServerNonce = defaultEsniServerNonce;
     }
 
     public byte[] getDefaultEsniRecordBytes() {
-        return defaultEsniRecordBytes;
+        return Arrays.copyOf(defaultEsniRecordBytes, defaultEsniRecordBytes.length);
     }
 
     public void setDefaultEsniRecordBytes(byte[] defaultEsniRecordBytes) {
@@ -3732,7 +3737,7 @@ public void setDefaultEsniRecordVersion(EsniDnsKeyRecordVersion defaultEsniRecor
     }
 
     public byte[] getDefaultEsniRecordChecksum() {
-        return defaultEsniRecordChecksum;
+        return Arrays.copyOf(defaultEsniRecordChecksum, defaultEsniRecordChecksum.length);
     }
 
     public void setDefaultEsniRecordChecksum(byte[] defaultEsniRecordChecksum) {
@@ -3872,7 +3877,7 @@ public void setDefaultMaxEarlyDataSize(Integer defaultMaxEarlyDataSize) {
     }
 
     public byte[] getDefaultLastClientHello() {
-        return defaultLastClientHello;
+        return Arrays.copyOf(defaultLastClientHello, defaultLastClientHello.length);
     }
 
     public void setDefaultLastClientHello(byte[] defaultLastClientHello) {

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/config/ConfigIO.java

@@ -23,6 +23,7 @@
 import java.io.OutputStream;
 import javax.xml.XMLConstants;
 import javax.xml.bind.DataBindingException;
+import java.nio.charset.StandardCharsets;
 import javax.xml.bind.JAXB;
 import javax.xml.bind.JAXBContext;
 import javax.xml.bind.JAXBException;
@@ -65,10 +66,9 @@ public static void write(Config config, File f) {
 
     public static void write(Config config, OutputStream os) {
         ByteArrayOutputStream tempStream = new ByteArrayOutputStream();
-
         JAXB.marshal(config, tempStream);
         try {
-            os.write(new String(tempStream.toByteArray()).getBytes());
+            os.write(new String(tempStream.toByteArray()).getBytes(StandardCharsets.ISO_8859_1));
         } catch (IOException ex) {
             throw new RuntimeException("Could not format XML");
         }

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/constants/AlgorithmResolver.java

@@ -305,7 +305,7 @@ public static CipherAlgorithm getCipher(CipherSuite cipherSuite) {
         if (cipherSuite == CipherSuite.TLS_FALLBACK_SCSV
             || cipherSuite == CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV) {
             throw new UnsupportedOperationException(
-                "The CipherSuite:" + cipherSuite.name() + " does not specify a Cipher");
+                "The CipherSuite:" + cipherSuite.name() + " does not specify a CipherAlgorithm");
         }
 
         LOGGER.warn("The cipher algorithm in " + cipherSuite + " is not supported yet. Falling back to NULL.");

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/crypto/SignatureCalculator.java

@@ -12,6 +12,7 @@
 import de.rub.nds.modifiablevariable.util.ArrayConverter;
 import de.rub.nds.modifiablevariable.util.BadRandom;
 import de.rub.nds.tlsattacker.core.constants.AlgorithmResolver;
+import de.rub.nds.tlsattacker.core.constants.KeyExchangeAlgorithm;
 import de.rub.nds.tlsattacker.core.constants.ProtocolVersion;
 import de.rub.nds.tlsattacker.core.constants.SignatureAndHashAlgorithm;
 import de.rub.nds.tlsattacker.core.exceptions.CryptoException;
@@ -66,17 +67,21 @@ public static byte[] generateSignature(PrivateKey key, byte[] toBeSigned, Signat
             || chooser.getSelectedProtocolVersion() == ProtocolVersion.TLS10
             || chooser.getSelectedProtocolVersion() == ProtocolVersion.TLS11
             || chooser.getSelectedProtocolVersion() == ProtocolVersion.DTLS10) {
-            if (AlgorithmResolver.getKeyExchangeAlgorithm(chooser.getSelectedCipherSuite()).name().contains("RSA")) {
-                algoName = "NONEwithRSA";
-                toBeSigned = ArrayConverter.concatenate(MD5Utils.md5(toBeSigned), SHA1Utils.sha1(toBeSigned));
-            } else if (AlgorithmResolver.getKeyExchangeAlgorithm(chooser.getSelectedCipherSuite()).name()
-                .contains("ECDSA")) {
-                algoName = "SHA1withECDSA";
-            } else if (AlgorithmResolver.getKeyExchangeAlgorithm(chooser.getSelectedCipherSuite()).name()
-                .contains("DSS")) {
-                algoName = "SHA1withDSA";
+            KeyExchangeAlgorithm keyExchangeAlgorithm =
+                AlgorithmResolver.getKeyExchangeAlgorithm(chooser.getSelectedCipherSuite());
+            if (keyExchangeAlgorithm != null) {
+                if (keyExchangeAlgorithm.name().contains("RSA")) {
+                    algoName = "NONEwithRSA";
+                    toBeSigned = ArrayConverter.concatenate(MD5Utils.md5(toBeSigned), SHA1Utils.sha1(toBeSigned));
+                } else if (keyExchangeAlgorithm.name().contains("ECDSA")) {
+                    algoName = "SHA1withECDSA";
+                } else if (keyExchangeAlgorithm.name().contains("DSS")) {
+                    algoName = "SHA1withDSA";
+                } else {
+                    throw new UnsupportedOperationException("Cipher suite not supported - Check Debug Log");
+                }
             } else {
-                throw new UnsupportedOperationException("Cipher suite not supported - Check Debug Log");
+                algoName = algorithm.getJavaName();
             }
         } else {
             algoName = algorithm.getJavaName();
@@ -90,7 +95,7 @@ public static byte[] generateSignature(PrivateKey key, byte[] toBeSigned, Signat
             instance.update(toBeSigned);
             return instance.sign();
         } catch (SignatureException | InvalidKeyException | NoSuchAlgorithmException
-            | InvalidAlgorithmParameterException ex) {
+            | InvalidAlgorithmParameterException | IllegalArgumentException ex) {
             throw new CryptoException("Could not sign Data", ex);
         }
     }