Merge pull request #438 from RUB-NDS/null_integration

Null integration

Author: ic0ns

.gitignore

@@ -41,3 +41,4 @@ Utils/.project
 Utils/.settings/org.eclipse.core.resources.prefs
 Utils/.settings/org.eclipse.jdt.core.prefs
 .project
+test.sh

TLS-Client/src/test/java/de/rub/nds/tlsattacker/client/main/TlsClientTest.java

@@ -164,7 +164,7 @@ public void testExecuteWorkflows(PublicKeyAlgorithm algorithm, int port) {
     private void testProtocolCompatibility(List<String> serverList, Config config, PublicKeyAlgorithm algorithm) {
         LOGGER.info(config.getHighestProtocolVersion());
         for (CipherSuite cs : CipherSuite.getImplemented()) {
-            if (cs.name().toUpperCase().contains("NULL")) {
+            if (cs.name().toUpperCase().contains("NULL") || cs.name().toUpperCase().contains("ANON")) {
                 continue;
             }
             Set<PublicKeyAlgorithm> requiredAlgorithms = AlgorithmResolver.getRequiredKeystoreAlgorithms(cs);

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/constants/CipherSuite.java

@@ -432,6 +432,8 @@ public enum CipherSuite {
 
     private int value;
 
+    public static final int EXPORT_SYMMETRIC_KEY_SIZE_BYTES = 5;
+
     private static final Map<Integer, CipherSuite> MAP;
 
     private CipherSuite(int value) {
@@ -501,10 +503,10 @@ public int getValue() {
      * Returns true in case the cipher suite enforces ephemeral keys. This is
      * the case for ECDHE and DHE cipher suites.
      *
-     * @return True if the Ciphersuite is Ephermaral
+     * @return True if the Ciphersuite is Ephemeral
      */
     public boolean isEphemeral() {
-        return this.name().contains("DHE_");
+        return this.name().contains("DHE_") || this.isAnon();
     }
 
     public boolean isPskOrDhPsk() {
@@ -532,6 +534,11 @@ public boolean isExport() {
         return this.name().contains("EXPORT");
     }
 
+    public boolean isExportSymmetricCipher() {
+        return this.name().contains("DES40") || this.name().contains("RC4_40") || this.name().contains("RC2_CBC_40")
+                || this.name().contains("DES_CBC_40");
+    }
+
     /**
      * Returns true in case the cipher suite is a CBC cipher suite.
      *
@@ -640,14 +647,21 @@ public static List<CipherSuite> getImplemented() {
         list.add(TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA);
         list.add(TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA);
         list.add(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA);
+        list.add(TLS_DH_anon_EXPORT_WITH_RC4_40_MD5);
+        list.add(TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA);
+        list.add(TLS_DH_anon_WITH_RC4_128_MD5);
+        list.add(TLS_DH_anon_WITH_DES_CBC_SHA);
+        list.add(TLS_DH_anon_WITH_3DES_EDE_CBC_SHA);
         list.add(TLS_DH_DSS_WITH_AES_128_CBC_SHA);
         list.add(TLS_DH_RSA_WITH_AES_128_CBC_SHA);
         list.add(TLS_DHE_DSS_WITH_AES_128_CBC_SHA);
         list.add(TLS_DHE_RSA_WITH_AES_128_CBC_SHA);
+        list.add(TLS_DH_anon_WITH_AES_128_CBC_SHA);
         list.add(TLS_DH_DSS_WITH_AES_256_CBC_SHA);
         list.add(TLS_DH_RSA_WITH_AES_256_CBC_SHA);
         list.add(TLS_DHE_DSS_WITH_AES_256_CBC_SHA);
         list.add(TLS_DHE_RSA_WITH_AES_256_CBC_SHA);
+        list.add(TLS_DH_anon_WITH_AES_256_CBC_SHA);
         list.add(TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA);
         list.add(TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA);
         list.add(TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA);
@@ -666,10 +680,14 @@ public static List<CipherSuite> getImplemented() {
         list.add(TLS_DH_RSA_WITH_AES_256_GCM_SHA384);
         list.add(TLS_DH_RSA_WITH_AES_128_GCM_SHA256);
         list.add(TLS_DH_DSS_WITH_AES_256_GCM_SHA384);
+        list.add(TLS_DH_anon_WITH_AES_128_GCM_SHA256);
+        list.add(TLS_DH_anon_WITH_AES_256_GCM_SHA384);
         list.add(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256);
         list.add(TLS_DHE_RSA_WITH_AES_256_GCM_SHA384);
         list.add(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256);
         list.add(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256);
+        list.add(TLS_DH_anon_WITH_AES_128_CBC_SHA256);
+        list.add(TLS_DH_anon_WITH_AES_256_CBC_SHA256);
         list.add(TLS_DHE_RSA_WITH_DES_CBC_SHA);
         list.add(TLS_DHE_RSA_WITH_AES_128_CCM);
         list.add(TLS_DHE_RSA_WITH_AES_256_CCM);
@@ -750,6 +768,7 @@ public static List<CipherSuite> getImplemented() {
         list.add(TLS_ECDH_ECDSA_WITH_RC4_128_SHA);
         list.add(TLS_ECDHE_ECDSA_WITH_RC4_128_SHA);
         list.add(TLS_ECDH_RSA_WITH_RC4_128_SHA);
+        list.add(TLS_ECDH_anon_WITH_NULL_SHA);
         list.add(TLS_SRP_SHA_WITH_AES_128_CBC_SHA);
         list.add(TLS_SRP_SHA_WITH_AES_256_CBC_SHA);
         list.add(TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256);
@@ -849,6 +868,57 @@ public static List<CipherSuite> getImplemented() {
         list.add(TLS_ECDHE_PSK_WITH_NULL_SHA);
         list.add(TLS_ECDHE_PSK_WITH_NULL_SHA256);
         list.add(TLS_ECDHE_PSK_WITH_NULL_SHA384);
+        list.add(TLS_DH_DSS_WITH_DES_CBC_SHA);
+        list.add(TLS_DHE_DSS_WITH_DES_CBC_SHA);
+        list.add(TLS_DH_DSS_WITH_AES_128_CBC_SHA256);
+        list.add(TLS_DHE_DSS_WITH_AES_128_CBC_SHA256);
+        list.add(TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA);
+        list.add(TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA);
+        list.add(TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA);
+        list.add(UNOFFICIAL_TLS_ECDH_anon_WITH_NULL_SHA);
+        list.add(UNOFFICIAL_TLS_ECDH_anon_WITH_RC4_128_SHA);
+        list.add(UNOFFICIAL_TLS_ECDH_anon_WITH_DES_CBC_SHA);
+        list.add(UNOFFICIAL_TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA);
+        list.add(TLS_DHE_DSS_WITH_AES_256_CBC_SHA256);
+        list.add(TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA);
+        list.add(TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA);
+        list.add(TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA);
+        list.add(TLS_DH_DSS_WITH_SEED_CBC_SHA);
+        list.add(TLS_DHE_DSS_WITH_SEED_CBC_SHA);
+        list.add(TLS_DH_anon_WITH_SEED_CBC_SHA);
+        list.add(TLS_DH_DSS_WITH_AES_128_GCM_SHA256);
+        list.add(TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256);
+        list.add(TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256);
+        list.add(TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256);
+        list.add(TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256);
+        list.add(TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256);
+        list.add(TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256);
+        list.add(TLS_ECDH_anon_WITH_RC4_128_SHA);
+        list.add(TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA);
+        list.add(TLS_ECDH_anon_WITH_AES_128_CBC_SHA);
+        list.add(TLS_ECDH_anon_WITH_AES_256_CBC_SHA);
+        list.add(TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256);
+        list.add(TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384);
+        list.add(TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256);
+        list.add(TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384);
+        list.add(TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256);
+        list.add(TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384);
+        list.add(TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256);
+        list.add(TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384);
+        list.add(TLS_DH_anon_WITH_ARIA_128_CBC_SHA256);
+        list.add(TLS_DH_anon_WITH_ARIA_256_CBC_SHA384);
+        list.add(TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256);
+        list.add(TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384);
+        list.add(TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256);
+        list.add(TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384);
+        list.add(TLS_DH_anon_WITH_ARIA_128_GCM_SHA256);
+        list.add(TLS_DH_anon_WITH_ARIA_256_GCM_SHA384);
+        list.add(TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256);
+        list.add(TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384);
+        list.add(TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256);
+        list.add(TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384);
+        list.add(TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256);
+        list.add(TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384);
         return list;
     }
 
@@ -874,4 +944,12 @@ public boolean isTLS13() {
     public boolean isImplemented() {
         return getImplemented().contains(this);
     }
+
+    public boolean isSHA256() {
+        return this.name().contains("SHA256");
+    }
+
+    public boolean isAnon() {
+        return this.name().contains("anon");
+    }
 }

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/constants/KeyExchangeAlgorithm.java

@@ -41,4 +41,8 @@ public enum KeyExchangeAlgorithm {
     public boolean isEC() {
         return this.name().contains("EC");
     }
+
+    public boolean isAnon() {
+        return this.name().contains("ANON");
+    }
 }

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/crypto/MD5Utils.java

@@ -0,0 +1,29 @@
+/**
+ * TLS-Attacker - A Modular Penetration Testing Framework for TLS
+ *
+ * Copyright 2014-2017 Ruhr University Bochum / Hackmanit GmbH
+ *
+ * Licensed under Apache License 2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
+ */
+package de.rub.nds.tlsattacker.core.crypto;
+
+import org.bouncycastle.crypto.digests.MD5Digest;
+
+public class MD5Utils {
+
+    public static void md5Update(MD5Digest md5, byte[] bytes) {
+        md5.update(bytes, 0, bytes.length);
+    }
+
+    public static byte[] MD5(byte[]... byteArrays) {
+        MD5Digest md5 = new MD5Digest();
+        for (byte[] bytes : byteArrays) {
+            md5Update(md5, bytes);
+        }
+        byte[] md5Output = new byte[md5.getDigestSize()];
+        md5.doFinal(md5Output, 0);
+        return md5Output;
+    }
+
+}

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/crypto/PseudoRandomFunction.java

@@ -55,6 +55,12 @@ public class PseudoRandomFunction {
      */
     public static final String EXTENDED_MASTER_SECRET_LABEL = "extended master secret";
 
+    public static final String CLIENT_WRITE_KEY_LABEL = "client write key";
+
+    public static final String SERVER_WRITE_KEY_LABEL = "server write key";
+
+    public static final String IV_BLOCK_LABEL = "IV block";
+
     /**
      * Computes PRF output of the provided size using the given mac algorithm
      *

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/handler/DHEServerKeyExchangeHandler.java

@@ -8,6 +8,7 @@
  */
 package de.rub.nds.tlsattacker.core.protocol.handler;
 
+import de.rub.nds.tlsattacker.core.constants.AlgorithmResolver;
 import de.rub.nds.tlsattacker.core.protocol.message.DHEServerKeyExchangeMessage;
 import de.rub.nds.tlsattacker.core.protocol.parser.DHEServerKeyExchangeParser;
 import de.rub.nds.tlsattacker.core.protocol.preparator.DHEServerKeyExchangePreparator;
@@ -23,7 +24,8 @@ public DHEServerKeyExchangeHandler(TlsContext tlsContext) {
 
     @Override
     public DHEServerKeyExchangeParser getParser(byte[] message, int pointer) {
-        return new DHEServerKeyExchangeParser(pointer, message, tlsContext.getChooser().getLastRecordVersion());
+        return new DHEServerKeyExchangeParser(pointer, message, tlsContext.getChooser().getLastRecordVersion(),
+                AlgorithmResolver.getKeyExchangeAlgorithm(tlsContext.getChooser().getSelectedCipherSuite()));
     }
 
     @Override

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/handler/ECDHEServerKeyExchangeHandler.java

@@ -9,6 +9,7 @@
 package de.rub.nds.tlsattacker.core.protocol.handler;
 
 import de.rub.nds.modifiablevariable.util.ArrayConverter;
+import de.rub.nds.tlsattacker.core.constants.AlgorithmResolver;
 import de.rub.nds.tlsattacker.core.constants.NamedGroup;
 import de.rub.nds.tlsattacker.core.crypto.ECCUtilsBCWrapper;
 import de.rub.nds.tlsattacker.core.crypto.ec.CustomECPoint;
@@ -32,7 +33,8 @@ public ECDHEServerKeyExchangeHandler(TlsContext tlsContext) {
 
     @Override
     public ECDHEServerKeyExchangeParser getParser(byte[] message, int pointer) {
-        return new ECDHEServerKeyExchangeParser(pointer, message, tlsContext.getChooser().getLastRecordVersion());
+        return new ECDHEServerKeyExchangeParser(pointer, message, tlsContext.getChooser().getLastRecordVersion(),
+                AlgorithmResolver.getKeyExchangeAlgorithm(tlsContext.getChooser().getSelectedCipherSuite()));
     }
 
     @Override

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/handler/factory/HandlerFactory.java

@@ -310,6 +310,7 @@ private static HandshakeMessageHandler getServerKeyExchangeHandler(TlsContext co
             case ECDH_ECDSA:
             case ECDH_RSA:
             case ECDHE_RSA:
+            case ECDH_ANON:
                 return new ECDHEServerKeyExchangeHandler(context);
             case DHE_DSS:
             case DHE_RSA:

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/parser/DHClientKeyExchangeParser.java

@@ -56,11 +56,7 @@ protected T createHandshakeMessage() {
      *            Message to write in
      */
     private void parseSerializedPublicKeyLength(T message) {
-        if (getVersion().isSSL()) {
-            message.setPublicKeyLength(getBytesLeft());
-        } else {
-            message.setPublicKeyLength(parseIntField(HandshakeByteLength.DH_PUBLICKEY_LENGTH));
-        }
+        message.setPublicKeyLength(parseIntField(HandshakeByteLength.DH_PUBLICKEY_LENGTH));
         LOGGER.debug("SerializedPublicKeyLength: " + message.getPublicKeyLength().getValue());
     }