Merge origin/master into maven-deploy

Author: ic0ns

.gitignore

@@ -4,10 +4,6 @@ pom.xml.releaseBackup
 pom.xml.versionsBackup
 pom.xml.next
 release.properties
-/TLS-Core/nbproject/
-/Attacks/nbproject/
 /apps/
-nbactions.xml
-TLS-Client/nbactions.xml
-TLS-Server/nbactions.xml
-Attacks/nbactions.xml
+nbproject/
+nbactions.xml

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/impl/EarlyCCSAttacker.java

@@ -9,14 +9,11 @@
 package de.rub.nds.tlsattacker.attacks.impl;
 
 import de.rub.nds.tlsattacker.attacks.config.EarlyCCSCommandConfig;
-import de.rub.nds.modifiablevariable.bytearray.ByteArrayModificationFactory;
-import de.rub.nds.modifiablevariable.bytearray.ModifiableByteArray;
-import de.rub.nds.tlsattacker.core.constants.HandshakeMessageType;
+import de.rub.nds.tlsattacker.core.constants.ProtocolMessageType;
 import de.rub.nds.tlsattacker.core.protocol.message.CertificateMessage;
 import de.rub.nds.tlsattacker.core.protocol.message.ChangeCipherSpecMessage;
-import de.rub.nds.tlsattacker.core.protocol.message.FinishedMessage;
+import de.rub.nds.tlsattacker.core.protocol.message.ClientHelloMessage;
 import de.rub.nds.tlsattacker.core.protocol.message.ProtocolMessage;
-import de.rub.nds.tlsattacker.core.protocol.message.RSAClientKeyExchangeMessage;
 import de.rub.nds.tlsattacker.core.protocol.message.ServerHelloDoneMessage;
 import de.rub.nds.tlsattacker.core.protocol.message.ServerHelloMessage;
 import de.rub.nds.tlsattacker.core.util.LogLevel;
@@ -25,10 +22,8 @@
 import de.rub.nds.tlsattacker.core.workflow.WorkflowExecutor;
 import de.rub.nds.tlsattacker.core.workflow.WorkflowExecutorFactory;
 import de.rub.nds.tlsattacker.core.workflow.WorkflowTrace;
-import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowTraceType;
 import de.rub.nds.tlsattacker.core.workflow.action.ReceiveAction;
 import de.rub.nds.tlsattacker.core.workflow.action.SendAction;
-import de.rub.nds.tlsattacker.transport.TransportHandler;
 import java.util.LinkedList;
 import java.util.List;
 import org.apache.logging.log4j.LogManager;
@@ -50,71 +45,42 @@ public EarlyCCSAttacker(EarlyCCSCommandConfig config) {
 
     @Override
     public void executeAttack() {
+        // byte[] ms = new byte[48];
+        // byte[] pms = new byte[48];
+        // pms[0] = 3;
+        // pms[1] = 3;
+        // workflowTrace.add(new ChangePreMasterSecretAction(pms));
+        // workflowTrace.add(new ChangeMasterSecretAction(ms));
         throw new UnsupportedOperationException("Not implemented yet");
     }
 
     @Override
     public Boolean isVulnerable() {
         TlsConfig tlsConfig = config.createConfig();
-        tlsConfig.setWorkflowTraceType(WorkflowTraceType.HELLO);
+        tlsConfig.setTlsTimeout(1000);
+        tlsConfig.setTimeout(1000);
         TlsContext tlsContext = new TlsContext(tlsConfig);
-        WorkflowExecutor workflowExecutor = WorkflowExecutorFactory.createWorkflowExecutor(tlsConfig.getExecutorType(),
-                tlsContext);
-
-        byte[] ms = new byte[48];
-        byte[] pms = new byte[48];
-        pms[0] = 3;
-        pms[1] = 3;
-
-        WorkflowTrace workflowTrace = tlsContext.getWorkflowTrace();
+        WorkflowTrace workflowTrace = new WorkflowTrace();
+        workflowTrace.add(new SendAction(new ClientHelloMessage(tlsConfig)));
         List<ProtocolMessage> messageList = new LinkedList<>();
         messageList.add(new ServerHelloMessage(tlsConfig));
         messageList.add(new CertificateMessage(tlsConfig));
         messageList.add(new ServerHelloDoneMessage(tlsConfig));
-        ReceiveAction receiveAction = new ReceiveAction(messageList);
-        workflowTrace.add(receiveAction);
+        workflowTrace.add(new ReceiveAction(messageList));
         messageList = new LinkedList<>();
-        RSAClientKeyExchangeMessage clientKeyExchange1 = new RSAClientKeyExchangeMessage(tlsConfig);
-        messageList.add(clientKeyExchange1);
-        ModifiableByteArray modpms = new ModifiableByteArray();
-        modpms.setModification(ByteArrayModificationFactory.explicitValue(pms));
-        clientKeyExchange1.getComputations().setPlainPaddedPremasterSecret(modpms);
-        ModifiableByteArray modms = new ModifiableByteArray();
-        modms.setModification(ByteArrayModificationFactory.explicitValue(ms));
-        clientKeyExchange1.getComputations().setMasterSecret(modms);
-        clientKeyExchange1.setGoingToBeSent(false);
-        ChangeCipherSpecMessage changeCipherSpec1 = new ChangeCipherSpecMessage(tlsConfig);
-        messageList.add(changeCipherSpec1);
-        changeCipherSpec1.setGoingToBeSent(false);
-        FinishedMessage fin1 = new FinishedMessage(tlsConfig);
-        fin1.setGoingToBeSent(false);
-
-        messageList.add(new ChangeCipherSpecMessage(tlsConfig));
-
-        RSAClientKeyExchangeMessage clientKeyExchange2 = new RSAClientKeyExchangeMessage(tlsConfig);
-        messageList.add(clientKeyExchange2);
-        modpms = new ModifiableByteArray();
-        modpms.setModification(ByteArrayModificationFactory.explicitValue(pms));
-        clientKeyExchange2.getComputations().setPlainPaddedPremasterSecret(modpms);
-        modms = new ModifiableByteArray();
-        modms.setModification(ByteArrayModificationFactory.explicitValue(ms));
-        clientKeyExchange2.getComputations().setMasterSecret(modms);
-        messageList.add(new FinishedMessage(tlsConfig));
-        SendAction sendAction = new SendAction(messageList);
-        workflowTrace.add(sendAction);
+        messageList.add(new ChangeCipherSpecMessage());
+        workflowTrace.add(new SendAction(messageList));
         messageList = new LinkedList<>();
-
-        messageList.add(new ChangeCipherSpecMessage(tlsConfig));
-        messageList.add(new FinishedMessage(tlsConfig));
-        receiveAction = new ReceiveAction(messageList);
-        workflowTrace.add(receiveAction);
+        workflowTrace.add(new ReceiveAction(messageList));
+        tlsConfig.setWorkflowTrace(workflowTrace);
+        WorkflowExecutor workflowExecutor = WorkflowExecutorFactory.createWorkflowExecutor(tlsConfig.getExecutorType(),
+                tlsContext);
         workflowExecutor.executeWorkflow();
-
-        if (workflowTrace.getActuallyRecievedHandshakeMessagesOfType(HandshakeMessageType.FINISHED).isEmpty()) {
-            LOGGER.log(LogLevel.CONSOLE_OUTPUT, "Not vulnerable (probably), no Server Finished message found");
+        if (!workflowTrace.getActualReceivedProtocolMessagesOfType(ProtocolMessageType.ALERT).isEmpty()) {
+            LOGGER.log(LogLevel.CONSOLE_OUTPUT, "Not vulnerable (probably), no Alert message found");
             return false;
         } else {
-            LOGGER.log(LogLevel.CONSOLE_OUTPUT, "Vulnerable (probably), Server Finished message found");
+            LOGGER.log(LogLevel.CONSOLE_OUTPUT, "Vulnerable (probably), Alert message found");
             return true;
         }
     }

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/impl/Lucky13Attacker.java

@@ -8,6 +8,16 @@
  */
 package de.rub.nds.tlsattacker.attacks.impl;
 
+import java.io.FileWriter;
+import java.io.IOException;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
 import de.rub.nds.tlsattacker.attacks.config.Lucky13CommandConfig;
 import de.rub.nds.modifiablevariable.VariableModification;
 import de.rub.nds.modifiablevariable.bytearray.ByteArrayModificationFactory;
@@ -17,27 +27,14 @@
 import de.rub.nds.tlsattacker.core.protocol.message.AlertMessage;
 import de.rub.nds.tlsattacker.core.protocol.message.ApplicationMessage;
 import de.rub.nds.tlsattacker.core.record.Record;
-import de.rub.nds.tlsattacker.core.util.LogLevel;
 import de.rub.nds.tlsattacker.core.workflow.TlsConfig;
 import de.rub.nds.tlsattacker.core.workflow.TlsContext;
 import de.rub.nds.tlsattacker.core.workflow.WorkflowExecutor;
 import de.rub.nds.tlsattacker.core.workflow.WorkflowExecutorFactory;
 import de.rub.nds.tlsattacker.core.workflow.WorkflowTrace;
-import de.rub.nds.tlsattacker.core.workflow.action.MessageActionFactory;
 import de.rub.nds.tlsattacker.core.workflow.action.ReceiveAction;
 import de.rub.nds.tlsattacker.core.workflow.action.SendAction;
-import de.rub.nds.tlsattacker.transport.ConnectionEnd;
-import de.rub.nds.tlsattacker.transport.TransportHandler;
 import de.rub.nds.modifiablevariable.util.ArrayConverter;
-import java.io.FileWriter;
-import java.io.IOException;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
 
 /**
  * Executes the Lucky13 attack test

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/impl/SniAttacker.java

@@ -51,17 +51,6 @@ public void executeAttack() {
 
     @Override
     public Boolean isVulnerable() {
-        TlsConfig tlsConfig = config.createConfig();
-        TlsContext tlsContext = new TlsContext(tlsConfig);
-        WorkflowExecutor workflowExecutor = WorkflowExecutorFactory.createWorkflowExecutor(tlsConfig.getExecutorType(),
-                tlsContext);
-        WorkflowTrace trace = tlsContext.getWorkflowTrace();
-        List<TLSAction> actions = trace.getTLSActions();
-        ServerNameIndicationExtensionMessage sni = new ServerNameIndicationExtensionMessage();
-        ServerNamePair pair = new ServerNamePair();
-        pair.setServerNameConfig(config.getServerName2().getBytes());
-        pair.setServerNameTypeConfig(NameType.HOST_NAME.getValue());
-        sni.getServerNameList().add(pair);
         throw new UnsupportedOperationException("Work in progress");
     }
 

…s/tlsattacker/client/main/TLSClient.java …s/tlsattacker/client/main/TlsClient.javaTLS-Client/src/main/java/de/rub/nds/tlsattacker/client/main/TLSClient.java renamed to TLS-Client/src/main/java/de/rub/nds/tlsattacker/client/main/TlsClient.java TLS-Client/src/main/java/de/rub/nds/tlsattacker/client/main/TLSClient.java renamed to TLS-Client/src/main/java/de/rub/nds/tlsattacker/client/main/TlsClient.java

@@ -26,7 +26,7 @@
  * 
  * @author Robert Merget - robert.merget@rub.de
  */
-public class TLSClient {
+public class TlsClient {
 
     private static final Logger LOGGER = LogManager.getLogger("Client");
 
@@ -44,7 +44,7 @@ public static void main(String args[]) {
             TlsConfig tlsConfig = null;
             try {
                 tlsConfig = config.createConfig();
-                TLSClient client = new TLSClient();
+                TlsClient client = new TlsClient();
                 client.startTlsClient(tlsConfig);
             } catch (ConfigurationException E) {
                 LOGGER.info("Encountered a ConfigurationException aborting.");

…ds/tlsattacker/client/TlsClientTest.java …sattacker/client/main/TlsClientTest.javaTLS-Client/src/test/java/de/rub/nds/tlsattacker/client/TlsClientTest.java renamed to TLS-Client/src/test/java/de/rub/nds/tlsattacker/client/main/TlsClientTest.java TLS-Client/src/test/java/de/rub/nds/tlsattacker/client/TlsClientTest.java renamed to TLS-Client/src/test/java/de/rub/nds/tlsattacker/client/main/TlsClientTest.java

@@ -6,35 +6,8 @@
  * Licensed under Apache License 2.0
  * http://www.apache.org/licenses/LICENSE-2.0
  */
-package de.rub.nds.tlsattacker.client;
+package de.rub.nds.tlsattacker.client.main;
 
-import de.rub.nds.tlsattacker.client.config.ClientCommandConfig;
-import de.rub.nds.tlsattacker.core.config.delegate.GeneralDelegate;
-import de.rub.nds.tlsattacker.core.constants.AlgorithmResolver;
-import de.rub.nds.tlsattacker.core.constants.CipherSuite;
-import de.rub.nds.tlsattacker.core.constants.ProtocolVersion;
-import de.rub.nds.tlsattacker.core.constants.PublicKeyAlgorithm;
-import de.rub.nds.tlsattacker.core.exceptions.WorkflowExecutionException;
-import de.rub.nds.tlsattacker.core.protocol.message.CertificateMessage;
-import de.rub.nds.tlsattacker.core.protocol.message.ChangeCipherSpecMessage;
-import de.rub.nds.tlsattacker.core.protocol.message.ClientHelloMessage;
-import de.rub.nds.tlsattacker.core.protocol.message.FinishedMessage;
-import de.rub.nds.tlsattacker.core.protocol.message.RSAClientKeyExchangeMessage;
-import de.rub.nds.tlsattacker.core.protocol.message.ServerHelloDoneMessage;
-import de.rub.nds.tlsattacker.core.protocol.message.ServerHelloMessage;
-import de.rub.nds.tlsattacker.core.util.KeyStoreGenerator;
-import de.rub.nds.tlsattacker.core.workflow.TlsConfig;
-import de.rub.nds.tlsattacker.core.workflow.TlsContext;
-import de.rub.nds.tlsattacker.core.workflow.WorkflowExecutor;
-import de.rub.nds.tlsattacker.core.workflow.WorkflowExecutorFactory;
-import de.rub.nds.tlsattacker.core.workflow.WorkflowTrace;
-import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowTraceType;
-import de.rub.nds.tlsattacker.core.workflow.action.MessageActionFactory;
-import de.rub.nds.tlsattacker.transport.ConnectionEnd;
-import de.rub.nds.tlsattacker.util.FixedTimeProvider;
-import de.rub.nds.tlsattacker.util.TimeHelper;
-import de.rub.nds.tlsattacker.util.TimeProvider;
-import de.rub.nds.tlsattacker.util.tests.IntegrationTests;
 import java.io.IOException;
 import java.security.InvalidKeyException;
 import java.security.KeyManagementException;
@@ -63,6 +36,34 @@
 import org.junit.experimental.categories.Category;
 import org.junit.rules.ErrorCollector;
 
+import de.rub.nds.tlsattacker.client.config.ClientCommandConfig;
+import de.rub.nds.tlsattacker.core.config.delegate.GeneralDelegate;
+import de.rub.nds.tlsattacker.core.constants.AlgorithmResolver;
+import de.rub.nds.tlsattacker.core.constants.CipherSuite;
+import de.rub.nds.tlsattacker.core.constants.ProtocolVersion;
+import de.rub.nds.tlsattacker.core.constants.PublicKeyAlgorithm;
+import de.rub.nds.tlsattacker.core.exceptions.WorkflowExecutionException;
+import de.rub.nds.tlsattacker.core.protocol.message.CertificateMessage;
+import de.rub.nds.tlsattacker.core.protocol.message.ChangeCipherSpecMessage;
+import de.rub.nds.tlsattacker.core.protocol.message.ClientHelloMessage;
+import de.rub.nds.tlsattacker.core.protocol.message.FinishedMessage;
+import de.rub.nds.tlsattacker.core.protocol.message.RSAClientKeyExchangeMessage;
+import de.rub.nds.tlsattacker.core.protocol.message.ServerHelloDoneMessage;
+import de.rub.nds.tlsattacker.core.protocol.message.ServerHelloMessage;
+import de.rub.nds.tlsattacker.core.util.BasicTlsServer;
+import de.rub.nds.tlsattacker.core.util.KeyStoreGenerator;
+import de.rub.nds.tlsattacker.core.workflow.TlsConfig;
+import de.rub.nds.tlsattacker.core.workflow.TlsContext;
+import de.rub.nds.tlsattacker.core.workflow.WorkflowExecutor;
+import de.rub.nds.tlsattacker.core.workflow.WorkflowExecutorFactory;
+import de.rub.nds.tlsattacker.core.workflow.WorkflowTrace;
+import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowTraceType;
+import de.rub.nds.tlsattacker.core.workflow.action.MessageActionFactory;
+import de.rub.nds.tlsattacker.transport.ConnectionEndType;
+import de.rub.nds.tlsattacker.util.FixedTimeProvider;
+import de.rub.nds.tlsattacker.util.TimeHelper;
+import de.rub.nds.tlsattacker.util.tests.IntegrationTests;
+
 /**
  *
  * @author Juraj Somorovsky - juraj.somorovsky@rub.de
@@ -78,7 +79,7 @@ public class TlsClientTest {
     @Rule
     public ErrorCollector collector = new ErrorCollector();
 
-    private TLSServer tlsServer;
+    private BasicTlsServer tlsServer;
 
     public TlsClientTest() {
         Security.addProvider(new BouncyCastleProvider());
@@ -91,7 +92,7 @@ public void testRSAWorkflows() throws OperatorCreationException {
             TimeHelper.setProvider(new FixedTimeProvider(0));
             KeyPair k = KeyStoreGenerator.createRSAKeyPair(1024);
             KeyStore ks = KeyStoreGenerator.createKeyStore(k);
-            tlsServer = new TLSServer(ks, KeyStoreGenerator.PASSWORD, "TLS", PORT);
+            tlsServer = new BasicTlsServer(ks, KeyStoreGenerator.PASSWORD, "TLS", PORT);
             new Thread(tlsServer).start();
             while (!tlsServer.isInitialized())
                 ;
@@ -112,7 +113,7 @@ public void testECWorkflows() throws OperatorCreationException {
         try {
             KeyPair k = KeyStoreGenerator.createECKeyPair(256);
             KeyStore ks = KeyStoreGenerator.createKeyStore(k);
-            tlsServer = new TLSServer(ks, KeyStoreGenerator.PASSWORD, "TLS", PORT + 1);
+            tlsServer = new BasicTlsServer(ks, KeyStoreGenerator.PASSWORD, "TLS", PORT + 1);
             new Thread(tlsServer).start();
             while (!tlsServer.isInitialized())
                 ;
@@ -137,7 +138,8 @@ public void testExecuteWorkflows(PublicKeyAlgorithm algorithm, int port) {
         ClientCommandConfig clientCommandConfig = new ClientCommandConfig(new GeneralDelegate());
         clientCommandConfig.getGeneralDelegate().setLogLevel(Level.INFO);
         TlsConfig config = clientCommandConfig.createConfig();
-        config.setHost("localhost:" + port);
+        config.setHost("localhost");
+        config.setPort(port);
         config.setTlsTimeout(TIMEOUT);
         List<String> serverList = Arrays.asList(tlsServer.getCipherSuites());
         config.setHighestProtocolVersion(ProtocolVersion.TLS10);
@@ -198,23 +200,24 @@ private boolean testCustomWorkflow(int port) {
         ClientCommandConfig clientCommandConfig = new ClientCommandConfig(new GeneralDelegate());
         clientCommandConfig.getGeneralDelegate().setLogLevel(Level.INFO);
         TlsConfig config = clientCommandConfig.createConfig();
-        config.setHost("localhost:" + port);
+        config.setHost("localhost");
+        config.setPort(port);
         config.setTlsTimeout(TIMEOUT);
         config.setWorkflowTraceType(WorkflowTraceType.HELLO);
 
         TlsContext tlsContext = new TlsContext(config);
         config.setWorkflowTrace(new WorkflowTrace());
 
         WorkflowTrace trace = config.getWorkflowTrace();
-        trace.add(MessageActionFactory.createAction(ConnectionEnd.CLIENT, ConnectionEnd.CLIENT, new ClientHelloMessage(
-                config)));
-        trace.add(MessageActionFactory.createAction(ConnectionEnd.CLIENT, ConnectionEnd.SERVER, new ServerHelloMessage(
-                config), new CertificateMessage(config), new ServerHelloDoneMessage(config)));
+        trace.add(MessageActionFactory.createAction(ConnectionEndType.CLIENT, ConnectionEndType.CLIENT,
+                new ClientHelloMessage(config)));
+        trace.add(MessageActionFactory.createAction(ConnectionEndType.CLIENT, ConnectionEndType.SERVER,
+                new ServerHelloMessage(config), new CertificateMessage(config), new ServerHelloDoneMessage(config)));
 
-        trace.add(MessageActionFactory.createAction(ConnectionEnd.CLIENT, ConnectionEnd.CLIENT,
+        trace.add(MessageActionFactory.createAction(ConnectionEndType.CLIENT, ConnectionEndType.CLIENT,
                 new RSAClientKeyExchangeMessage(config), new ChangeCipherSpecMessage(config), new FinishedMessage(
                         config)));
-        trace.add(MessageActionFactory.createAction(ConnectionEnd.CLIENT, ConnectionEnd.SERVER,
+        trace.add(MessageActionFactory.createAction(ConnectionEndType.CLIENT, ConnectionEndType.SERVER,
                 new ChangeCipherSpecMessage(config), new FinishedMessage(config)));
         WorkflowExecutor workflowExecutor = WorkflowExecutorFactory.createWorkflowExecutor(config.getExecutorType(),
                 tlsContext);

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/config/TLSDelegateConfig.java

@@ -18,14 +18,15 @@
 import java.util.List;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
+import org.bouncycastle.math.ec.ECCurve;
 
 /**
  *
  * @author Robert Merget - robert.merget@rub.de
  */
 public abstract class TLSDelegateConfig {
 
-    protected static final Logger LOGGER = LogManager.getLogger("Config");
+    protected static final Logger LOGGER = LogManager.getLogger(TLSDelegateConfig.class.getName());
 
     private final List<Delegate> delegateList;
     private final GeneralDelegate generalDelegate;