Psk test files (#406)

* changes for PskAttack Tool

* catch NoSuchAlgortihm Exception

* fixed Logger output

* Handler Test Files + little Change in one Handler

* Introduced PSK Tests

* Bug fix for TLS SRP

* Fixed compact string of ECDH ClientKeyExchange message

* Added missing ciphersuites to the list of implemented ciphersuites and added a test which checks for duplicates

* fixed debug output and changed vuln. detection of psk bruteforcer's

* Refactored PskClientBruteforcer
Increased Usability
Introduced GuessProvider to easily change the guessing Strategy

* Refactored PskServerBruteforcer Increased Usability

* Removed unnecessary config overwrites

* Removed unnecessary functions

Author: FloLins

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/bruteforce/GuessProvider.java

@@ -0,0 +1,24 @@
+/**
+ * TLS-Attacker - A Modular Penetration Testing Framework for TLS
+ *
+ * Copyright 2014-2017 Ruhr University Bochum / Hackmanit GmbH
+ *
+ * Licensed under Apache License 2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
+ */
+package de.rub.nds.tlsattacker.attacks.bruteforce;
+
+public abstract class GuessProvider {
+
+    private final GuessProviderType type;
+
+    public GuessProvider(GuessProviderType type) {
+        this.type = type;
+    }
+
+    public abstract byte[] getGuess();
+
+    public GuessProviderType getType() {
+        return type;
+    }
+}

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/bruteforce/GuessProviderFactory.java

@@ -0,0 +1,25 @@
+/**
+ * TLS-Attacker - A Modular Penetration Testing Framework for TLS
+ *
+ * Copyright 2014-2017 Ruhr University Bochum / Hackmanit GmbH
+ *
+ * Licensed under Apache License 2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
+ */
+package de.rub.nds.tlsattacker.attacks.bruteforce;
+
+import java.io.InputStream;
+
+public class GuessProviderFactory {
+
+    public static GuessProvider createGuessProvider(GuessProviderType type, InputStream guessSource) {
+        switch (type) {
+            case INCREMENTING:
+                return new IncrementingGuessProvider();
+            case WORDLIST:
+                return new WordListGuessProvider(guessSource);
+            default:
+                throw new UnsupportedOperationException("Guess provider \"" + type + "\" is not supported");
+        }
+    }
+}

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/bruteforce/GuessProviderType.java

@@ -0,0 +1,18 @@
+/**
+ * TLS-Attacker - A Modular Penetration Testing Framework for TLS
+ *
+ * Copyright 2014-2017 Ruhr University Bochum / Hackmanit GmbH
+ *
+ * Licensed under Apache License 2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
+ */
+package de.rub.nds.tlsattacker.attacks.bruteforce;
+
+/**
+ *
+ * @author Robert Merget <robert.merget@rub.de>
+ */
+public enum GuessProviderType {
+    INCREMENTING,
+    WORDLIST
+}

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/bruteforce/IncrementingGuessProvider.java

@@ -0,0 +1,51 @@
+/**
+ * TLS-Attacker - A Modular Penetration Testing Framework for TLS
+ *
+ * Copyright 2014-2017 Ruhr University Bochum / Hackmanit GmbH
+ *
+ * Licensed under Apache License 2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
+ */
+package de.rub.nds.tlsattacker.attacks.bruteforce;
+
+public class IncrementingGuessProvider extends GuessProvider {
+
+    private byte[] lastGuess = null;
+
+    private int size = 0;
+
+    public IncrementingGuessProvider() {
+        super(GuessProviderType.INCREMENTING);
+    }
+
+    @Override
+    public byte[] getGuess() {
+        byte[] guess = getIncrementedGuess();
+        return guess;
+    }
+
+    public byte[] getIncrementedGuess() {
+        if (lastGuess == null) {
+            lastGuess = new byte[size];
+        } else {
+            lastGuess = createdIncrementedAtPosition(lastGuess, 0);
+            if (lastGuess == null) {
+                size++;
+                lastGuess = new byte[size];
+            }
+        }
+        return lastGuess;
+    }
+
+    public byte[] createdIncrementedAtPosition(byte[] array, int position) {
+        if (array.length > position) {
+            array[position] = (byte) (array[position] + 1);
+            if (array[position] == 0) {
+                return createdIncrementedAtPosition(array, position + 1);
+            }
+            return array;
+        } else {
+            return null;
+        }
+    }
+}

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/bruteforce/WordListGuessProvider.java

@@ -0,0 +1,38 @@
+/**
+ * TLS-Attacker - A Modular Penetration Testing Framework for TLS
+ *
+ * Copyright 2014-2017 Ruhr University Bochum / Hackmanit GmbH
+ *
+ * Licensed under Apache License 2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
+ */
+package de.rub.nds.tlsattacker.attacks.bruteforce;
+
+import de.rub.nds.modifiablevariable.util.ArrayConverter;
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+
+public class WordListGuessProvider extends GuessProvider {
+
+    private final BufferedReader bufferedReader;
+
+    public WordListGuessProvider(InputStream stream) {
+        super(GuessProviderType.WORDLIST);
+        bufferedReader = new BufferedReader(new InputStreamReader(stream));
+    }
+
+    @Override
+    public byte[] getGuess() {
+        try {
+            String line = bufferedReader.readLine();
+            if (line == null) {
+                return null;
+            }
+            return ArrayConverter.hexStringToByteArray(line);
+        } catch (IOException ex) {
+            return null;
+        }
+    }
+}

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/config/PskBruteForcerAttackClientCommandConfig.java

@@ -10,69 +10,92 @@
 
 import com.beust.jcommander.ParametersDelegate;
 import com.beust.jcommander.Parameter;
+import de.rub.nds.tlsattacker.attacks.bruteforce.GuessProviderType;
 import de.rub.nds.tlsattacker.attacks.config.delegate.AttackDelegate;
+import de.rub.nds.tlsattacker.attacks.exception.WordlistNotFoundException;
 import de.rub.nds.tlsattacker.core.config.Config;
 import de.rub.nds.tlsattacker.core.config.delegate.CiphersuiteDelegate;
-import de.rub.nds.tlsattacker.core.config.delegate.ClientDelegate;
 import de.rub.nds.tlsattacker.core.config.delegate.GeneralDelegate;
-import de.rub.nds.tlsattacker.core.config.delegate.HostnameExtensionDelegate;
-import de.rub.nds.tlsattacker.core.config.delegate.ProtocolVersionDelegate;
 import de.rub.nds.tlsattacker.core.config.delegate.ServerDelegate;
 import de.rub.nds.tlsattacker.core.constants.CipherSuite;
-import java.util.LinkedList;
-import java.util.List;
+import de.rub.nds.tlsattacker.core.constants.ProtocolVersion;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.InputStream;
 import org.apache.logging.log4j.Level;
 import org.apache.logging.log4j.core.config.Configurator;
 
 public class PskBruteForcerAttackClientCommandConfig extends AttackConfig {
+
     public static final String ATTACK_COMMAND = "pskbruteforcerclient";
 
     @ParametersDelegate
     private ServerDelegate serverDelegate;
     @ParametersDelegate
-    private HostnameExtensionDelegate hostnameExtensionDelegate;
+    private AttackDelegate attackDelegate;
     @ParametersDelegate
     private CiphersuiteDelegate ciphersuiteDelegate;
-    @ParametersDelegate
-    private ProtocolVersionDelegate protocolVersionDelegate;
-    @ParametersDelegate
-    private AttackDelegate attackDelegate;
-    @Parameter(names = "-usePskTable", description = "Enables the use of the PskTable")
-    private boolean usePskTable = false;
+    @Parameter(names = "-guessProviderType", description = "Chooses how the BruteForcer will choose the keys to guess")
+    private GuessProviderType guessProviderType = GuessProviderType.INCREMENTING;
+    @Parameter(names = "-guessProviderInputFile", description = "Set the path to an input file which can be used in the guess provider eg. a path to a wordlist")
+    private String guessProviderInputFile = null;
 
     @Override
     public Config createConfig() {
         Config config = super.createConfig();
-        if (ciphersuiteDelegate.getCipherSuites() == null) {
-            List<CipherSuite> cipherSuites = new LinkedList<>();
-            cipherSuites.add(CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA);
-            config.setDefaultClientSupportedCiphersuites(cipherSuites);
-        }
         config.setQuickReceive(true);
         config.setEarlyStop(true);
+
         return config;
     }
 
     public PskBruteForcerAttackClientCommandConfig(GeneralDelegate delegate) {
         super(delegate);
         serverDelegate = new ServerDelegate();
-        hostnameExtensionDelegate = new HostnameExtensionDelegate();
-        ciphersuiteDelegate = new CiphersuiteDelegate();
-        protocolVersionDelegate = new ProtocolVersionDelegate();
         attackDelegate = new AttackDelegate();
+        ciphersuiteDelegate = new CiphersuiteDelegate();
         addDelegate(serverDelegate);
-        addDelegate(hostnameExtensionDelegate);
-        addDelegate(ciphersuiteDelegate);
-        addDelegate(protocolVersionDelegate);
         addDelegate(attackDelegate);
+        addDelegate(ciphersuiteDelegate);
+
+        if (delegate.getLogLevel() != Level.ALL && delegate.getLogLevel() != Level.TRACE) {
+            Configurator.setAllLevels("de.rub.nds.tlsattacker.core", Level.ERROR);
+        }
     }
 
     @Override
     public boolean isExecuteAttack() {
         return attackDelegate.isExecuteAttack();
     }
 
-    public boolean getUsePskTable() {
-        return usePskTable;
+    public String getGuessProviderInputFile() {
+        return guessProviderInputFile;
+    }
+
+    public InputStream getGuessProviderInputStream() {
+        if (this.guessProviderInputFile == null) {
+            if (guessProviderType == GuessProviderType.WORDLIST) {
+                return (PskBruteForcerAttackClientCommandConfig.class.getClassLoader()
+                        .getResourceAsStream("psk_common_passwords.txt"));
+            } else {
+                return System.in;
+            }
+        } else {
+            File file = new File(getGuessProviderInputFile());
+            try {
+                return new FileInputStream(file);
+            } catch (FileNotFoundException ex) {
+                throw new WordlistNotFoundException("Wordlist not found: " + file.getAbsolutePath(), ex);
+            }
+        }
+    }
+
+    public GuessProviderType getGuessProviderType() {
+        return guessProviderType;
+    }
+
+    public void setGuessProviderType(GuessProviderType guessProviderType) {
+        this.guessProviderType = guessProviderType;
     }
 }