Merge branch 'master' into add-unittest

Author: ic0ns

Attacks/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>de.rub.nds.tlsattacker</groupId>
         <artifactId>TLS-Attacker</artifactId>
-        <version>3.1</version>
+        <version>3.2</version>
     </parent>
     <artifactId>Attacks</artifactId>
     <packaging>jar</packaging>

…tion/PaddingOracleUnstableException.java …s/exception/OracleUnstableException.javaAttacks/src/main/java/de/rub/nds/tlsattacker/attacks/exception/PaddingOracleUnstableException.java renamed to Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/exception/OracleUnstableException.java Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/exception/PaddingOracleUnstableException.java renamed to Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/exception/OracleUnstableException.java

@@ -11,13 +11,13 @@
 /**
  *
  */
-public class PaddingOracleUnstableException extends RuntimeException {
+public class OracleUnstableException extends RuntimeException {
 
     /**
      *
      * @param string
      */
-    public PaddingOracleUnstableException(String string) {
+    public OracleUnstableException(String string) {
         super(string);
     }
 

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/impl/BleichenbacherAttacker.java

@@ -10,6 +10,7 @@
 
 import de.rub.nds.modifiablevariable.util.ArrayConverter;
 import de.rub.nds.tlsattacker.attacks.config.BleichenbacherCommandConfig;
+import de.rub.nds.tlsattacker.attacks.exception.OracleUnstableException;
 import de.rub.nds.tlsattacker.attacks.pkcs1.Bleichenbacher;
 import de.rub.nds.tlsattacker.attacks.pkcs1.BleichenbacherVulnerabilityMap;
 import de.rub.nds.tlsattacker.attacks.pkcs1.BleichenbacherWorkflowGenerator;
@@ -128,12 +129,12 @@ public EqualityError getEqualityError() {
         CONSOLE.info("A server is considered vulnerable to this attack if it responds differently to the test vectors.");
         CONSOLE.info("A server is considered secure if it always responds the same way.");
         LOGGER.debug("Testing: " + config.getWorkflowType());
-        errorType = isVulnerable(pkcs1Vectors);
+        errorType = isVulnerable(pkcs1Vectors, publicKey);
         return errorType;
     }
 
-    public EqualityError isVulnerable(List<Pkcs1Vector> pkcs1Vectors) {
-        fingerprintPairList = getBleichenbacherMap(config.getWorkflowType(), pkcs1Vectors);
+    public EqualityError isVulnerable(List<Pkcs1Vector> pkcs1Vectors, RSAPublicKey publicKey) {
+        fingerprintPairList = getBleichenbacherMap(config.getWorkflowType(), pkcs1Vectors, publicKey);
         if (fingerprintPairList.isEmpty()) {
             LOGGER.warn("Could not extract Fingerprints");
             return null;
@@ -146,14 +147,14 @@ public EqualityError isVulnerable(List<Pkcs1Vector> pkcs1Vectors) {
             // network. In this case we do a rescan
             // and check if we find the exact same answer behaviour (twice)
             List<VectorFingerprintPair> secondBleichenbacherVectorMap = getBleichenbacherMap(config.getWorkflowType(),
-                    pkcs1Vectors);
+                    pkcs1Vectors, publicKey);
             EqualityError error2 = getEqualityError(secondBleichenbacherVectorMap);
             BleichenbacherVulnerabilityMap mapOne = new BleichenbacherVulnerabilityMap(fingerprintPairList, error);
             BleichenbacherVulnerabilityMap mapTwo = new BleichenbacherVulnerabilityMap(secondBleichenbacherVectorMap,
                     error2);
             if (mapOne.looksIdentical(mapTwo)) {
                 List<VectorFingerprintPair> thirdBleichenbacherVectorMap = getBleichenbacherMap(
-                        config.getWorkflowType(), pkcs1Vectors);
+                        config.getWorkflowType(), pkcs1Vectors, publicKey);
                 EqualityError error3 = getEqualityError(secondBleichenbacherVectorMap);
                 BleichenbacherVulnerabilityMap mapThree = new BleichenbacherVulnerabilityMap(
                         thirdBleichenbacherVectorMap, error3);
@@ -202,7 +203,7 @@ private void printBleichenbacherVectormap(List<VectorFingerprintPair> bleichenba
     }
 
     private List<VectorFingerprintPair> getBleichenbacherMap(BleichenbacherWorkflowType bbWorkflowType,
-            List<Pkcs1Vector> pkcs1Vectors) {
+            List<Pkcs1Vector> pkcs1Vectors, RSAPublicKey publicKey) {
         Config tlsConfig = getTlsConfig();
         tlsConfig.setWorkflowExecutorShouldClose(false);
         List<VectorFingerprintPair> bleichenbacherVectorMap = new LinkedList<>();
@@ -226,6 +227,17 @@ private List<VectorFingerprintPair> getBleichenbacherMap(BleichenbacherWorkflowT
                 processFinishedStateVectorPair(stateVectorPair, bleichenbacherVectorMap);
             }
         }
+        // Check that the public key send by the server is actually the public
+        // key used to generate
+        // the vectors. This is currently a limitation of our script as the
+        // attack vectors are
+        // generated statically and not dynamically. We will adjust this in
+        // future versions.
+        for (StateVectorPair pair : stateVectorPairList) {
+            if (!pair.getState().getTlsContext().getServerRsaModulus().equals(publicKey.getModulus())) {
+                throw new OracleUnstableException("Server sent us a different publickey during the scan. Aborting test");
+            }
+        }
 
         return bleichenbacherVectorMap;
     }
@@ -236,7 +248,7 @@ private void processFinishedStateVectorPair(StateVectorPair stateVectorPair,
             ResponseFingerprint fingerprint = ResponseExtractor.getFingerprint(stateVectorPair.getState());
             bleichenbacherVectorMap.add(new VectorFingerprintPair(fingerprint, stateVectorPair.getVector()));
         } else {
-            LOGGER.error("Could not execute Workflow. Something went wrong... Check the debug output for more information");
+            LOGGER.warn("Could not execute Workflow. Something went wrong... Check the debug output for more information");
         }
         clearConnections(stateVectorPair.getState());
 

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/impl/HeartbleedAttacker.java

@@ -19,6 +19,8 @@
 import de.rub.nds.tlsattacker.core.constants.ProtocolMessageType;
 import de.rub.nds.tlsattacker.core.constants.RunningModeType;
 import de.rub.nds.tlsattacker.core.exceptions.WorkflowExecutionException;
+import de.rub.nds.tlsattacker.core.protocol.message.ChangeCipherSpecMessage;
+import de.rub.nds.tlsattacker.core.protocol.message.FinishedMessage;
 import de.rub.nds.tlsattacker.core.protocol.message.HeartbeatMessage;
 import de.rub.nds.tlsattacker.core.state.State;
 import de.rub.nds.tlsattacker.core.workflow.WorkflowExecutor;
@@ -27,6 +29,7 @@
 import de.rub.nds.tlsattacker.core.workflow.WorkflowTraceUtil;
 import de.rub.nds.tlsattacker.core.workflow.action.ReceiveAction;
 import de.rub.nds.tlsattacker.core.workflow.action.SendAction;
+import de.rub.nds.tlsattacker.core.workflow.action.SendDynamicClientKeyExchangeAction;
 import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowConfigurationFactory;
 import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowTraceType;
 import org.apache.logging.log4j.LogManager;
@@ -61,8 +64,11 @@ public void executeAttack() {
     @Override
     public Boolean isVulnerable() {
         Config tlsConfig = getTlsConfig();
-        WorkflowTrace trace = new WorkflowConfigurationFactory(tlsConfig).createWorkflowTrace(
-                WorkflowTraceType.HANDSHAKE, RunningModeType.CLIENT);
+        WorkflowTrace trace = new WorkflowConfigurationFactory(tlsConfig).createWorkflowTrace(WorkflowTraceType.HELLO,
+                RunningModeType.CLIENT);
+        trace.addTlsAction(new SendDynamicClientKeyExchangeAction());
+        trace.addTlsAction(new SendAction(new ChangeCipherSpecMessage(), new FinishedMessage()));
+        trace.addTlsAction(new ReceiveAction(new ChangeCipherSpecMessage(), new FinishedMessage()));
         HeartbeatMessage message = new HeartbeatMessage(tlsConfig);
         trace.addTlsAction(new SendAction(message));
         trace.addTlsAction(new ReceiveAction(new HeartbeatMessage()));

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/impl/PaddingOracleAttacker.java

@@ -10,7 +10,7 @@
 
 import de.rub.nds.tlsattacker.attacks.config.PaddingOracleCommandConfig;
 import de.rub.nds.tlsattacker.attacks.exception.AttackFailedException;
-import de.rub.nds.tlsattacker.attacks.exception.PaddingOracleUnstableException;
+import de.rub.nds.tlsattacker.attacks.exception.OracleUnstableException;
 import de.rub.nds.tlsattacker.attacks.padding.PaddingTraceGenerator;
 import de.rub.nds.tlsattacker.attacks.padding.PaddingTraceGeneratorFactory;
 import de.rub.nds.tlsattacker.attacks.padding.PaddingVectorGenerator;
@@ -165,7 +165,7 @@ public Boolean isVulnerable() {
     public boolean lookEqual(List<VectorResponse> responseVectorListOne, List<VectorResponse> responseVectorListTwo) {
         boolean result = true;
         if (responseVectorListOne.size() != responseVectorListTwo.size()) {
-            throw new PaddingOracleUnstableException(
+            throw new OracleUnstableException(
                     "The padding Oracle seems to be unstable - there is something going terrible wrong. We recommend manual analysis");
         }
 
@@ -191,7 +191,7 @@ public boolean lookEqual(List<VectorResponse> responseVectorListOne, List<Vector
                 continue;
             }
             if (equivalentVector.getFingerprint() == null) {
-                LOGGER.error("Equivalent vector has no fingerprint:" + testedSuite + " - " + testedVersion);
+                LOGGER.warn("Equivalent vector has no fingerprint:" + testedSuite + " - " + testedVersion);
                 equivalentVector.setErrorDuringHandshake(true);
                 result = false;
                 continue;
@@ -200,7 +200,7 @@ public boolean lookEqual(List<VectorResponse> responseVectorListOne, List<Vector
             EqualityError error = FingerPrintChecker.checkEquality(vectorResponseOne.getFingerprint(),
                     equivalentVector.getFingerprint(), true);
             if (error != EqualityError.NONE) {
-                LOGGER.error("There is an error beween rescan:" + error + " - " + testedSuite + " - " + testedVersion);
+                LOGGER.warn("There is an error beween rescan:" + error + " - " + testedSuite + " - " + testedVersion);
                 result = false;
                 vectorResponseOne.setShaky(true);
             }
@@ -231,19 +231,17 @@ public List<VectorResponse> createVectorResponseList() {
             ResponseFingerprint fingerprint = null;
             if (pair.getFingerPrintTask().isHasError()) {
                 errornousScans = true;
-                LOGGER.error("Could not extract fingerprint for " + pair.toString());
+                LOGGER.warn("Could not extract fingerprint for " + pair.toString());
                 VectorResponse vectorResponse = new VectorResponse(pair.getVector(), null, testedVersion, testedSuite,
                         tlsConfig.getDefaultApplicationMessageData().getBytes().length);
                 vectorResponse.setErrorDuringHandshake(true);
                 tempResponseVectorList.add(vectorResponse);
-                LOGGER.error("Could not execute whole workflow: " + testedSuite + " - " + testedVersion);
-
             } else {
                 testedSuite = pair.getFingerPrintTask().getState().getTlsContext().getSelectedCipherSuite();
                 testedVersion = pair.getFingerPrintTask().getState().getTlsContext().getSelectedProtocolVersion();
                 if (testedSuite == null || testedVersion == null) {
                     LOGGER.fatal("Could not find ServerHello after successful extraction");
-                    throw new PaddingOracleUnstableException("Fatal Extraction error");
+                    throw new OracleUnstableException("Fatal Extraction error");
                 }
                 fingerprint = pair.getFingerPrintTask().getFingerprint();
                 tempResponseVectorList.add(new VectorResponse(pair.getVector(), fingerprint, testedVersion,

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/task/FingerPrintTask.java

@@ -43,6 +43,7 @@ public void execute() {
         try {
             WorkflowExecutor executor = new DefaultWorkflowExecutor(state);
             executor.executeWorkflow();
+
             if (!state.getWorkflowTrace().executedAsPlanned()) {
                 throw new FingerprintExtractionException(
                         "Could not extract fingerprint. Not all actions executed as planned");

TLS-Client/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>de.rub.nds.tlsattacker</groupId>
         <artifactId>TLS-Attacker</artifactId>
-        <version>3.1</version>
+        <version>3.2</version>
     </parent>
     <name>TLS-Client</name>
     <artifactId>TLS-Client</artifactId>

TLS-Core/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>de.rub.nds.tlsattacker</groupId>
         <artifactId>TLS-Attacker</artifactId>
-        <version>3.1</version>
+        <version>3.2</version>
     </parent>
     <artifactId>TLS-Core</artifactId>
     <packaging>jar</packaging>

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/config/Config.java

@@ -2826,8 +2826,8 @@ public RunningModeType getDefaultRunningMode() {
         return defaultRunningMode;
     }
 
-    public void setDefaulRunningMode(RunningModeType defaulRunningMode) {
-        this.defaultRunningMode = defaulRunningMode;
+    public void setDefaultRunningMode(RunningModeType defaultRunningMode) {
+        this.defaultRunningMode = defaultRunningMode;
     }
 
     public Boolean isStopActionsAfterFatal() {

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/config/delegate/ClientDelegate.java

@@ -43,7 +43,7 @@ public void setHost(String host) {
 
     @Override
     public void applyDelegate(Config config) {
-        config.setDefaulRunningMode(RunningModeType.CLIENT);
+        config.setDefaultRunningMode(RunningModeType.CLIENT);
 
         if (host == null) {
             // Though host is a required parameter we can get here if