Merge branch 'master' into fuzzing_cert

Author: ic0ns

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/Main.java

@@ -21,8 +21,6 @@
 import de.rub.nds.tlsattacker.attacks.config.PskBruteForcerAttackServerCommandConfig;
 import de.rub.nds.tlsattacker.attacks.config.SimpleMitmProxyCommandConfig;
 import de.rub.nds.tlsattacker.attacks.config.TLSPoodleCommandConfig;
-import de.rub.nds.tlsattacker.attacks.config.TooManyAlgorithmsAttackConfig;
-import de.rub.nds.tlsattacker.attacks.config.WinshockCommandConfig;
 import de.rub.nds.tlsattacker.attacks.config.delegate.GeneralAttackDelegate;
 import de.rub.nds.tlsattacker.attacks.impl.Attacker;
 import de.rub.nds.tlsattacker.attacks.impl.BleichenbacherAttacker;
@@ -37,19 +35,24 @@
 import de.rub.nds.tlsattacker.attacks.impl.PskBruteForcerAttackServer;
 import de.rub.nds.tlsattacker.attacks.impl.SimpleMitmProxy;
 import de.rub.nds.tlsattacker.attacks.impl.TLSPoodleAttacker;
-import de.rub.nds.tlsattacker.attacks.impl.TooManyAlgorithmsAttacker;
-import de.rub.nds.tlsattacker.attacks.impl.WinshockAttacker;
 import de.rub.nds.tlsattacker.core.config.TLSDelegateConfig;
 import de.rub.nds.tlsattacker.core.config.delegate.GeneralDelegate;
 import de.rub.nds.tlsattacker.core.exceptions.ConfigurationException;
 import static de.rub.nds.tlsattacker.util.ConsoleLogger.CONSOLE;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 
+/**
+ *
+ */
 public class Main {
 
     private static final Logger LOGGER = LogManager.getLogger();
 
+    /**
+     *
+     * @param args
+     */
     public static void main(String[] args) {
         GeneralDelegate generalDelegate = new GeneralAttackDelegate();
         JCommander jc = new JCommander(generalDelegate);
@@ -73,16 +76,12 @@ public static void main(String[] args) {
         jc.addCommand(TLSPoodleCommandConfig.ATTACK_COMMAND, tlsPoodle);
         Cve20162107CommandConfig cve20162107 = new Cve20162107CommandConfig(generalDelegate);
         jc.addCommand(Cve20162107CommandConfig.ATTACK_COMMAND, cve20162107);
-        WinshockCommandConfig winshock = new WinshockCommandConfig(generalDelegate);
-        jc.addCommand(WinshockCommandConfig.ATTACK_COMMAND, winshock);
         EarlyCCSCommandConfig earlyCCS = new EarlyCCSCommandConfig(generalDelegate);
         jc.addCommand(EarlyCCSCommandConfig.ATTACK_COMMAND, earlyCCS);
         PoodleCommandConfig poodle = new PoodleCommandConfig(generalDelegate);
         jc.addCommand(PoodleCommandConfig.ATTACK_COMMAND, poodle);
         SimpleMitmProxyCommandConfig simpleMitmProxy = new SimpleMitmProxyCommandConfig(generalDelegate);
         jc.addCommand(SimpleMitmProxyCommandConfig.ATTACK_COMMAND, simpleMitmProxy);
-        TooManyAlgorithmsAttackConfig tooManyAlgorithms = new TooManyAlgorithmsAttackConfig(generalDelegate);
-        jc.addCommand(TooManyAlgorithmsAttackConfig.ATTACK_COMMAND, tooManyAlgorithms);
         DrownCommandConfig drownConfig = new DrownCommandConfig(generalDelegate);
         jc.addCommand(DrownCommandConfig.COMMAND, drownConfig);
         jc.parse(args);
@@ -114,12 +113,6 @@ public static void main(String[] args) {
             case Cve20162107CommandConfig.ATTACK_COMMAND:
                 attacker = new Cve20162107Attacker(cve20162107, cve20162107.createConfig());
                 break;
-            case WinshockCommandConfig.ATTACK_COMMAND:
-                attacker = new WinshockAttacker(winshock, winshock.createConfig());
-                break;
-            case TooManyAlgorithmsAttackConfig.ATTACK_COMMAND:
-                attacker = new TooManyAlgorithmsAttacker(tooManyAlgorithms, tooManyAlgorithms.createConfig());
-                break;
             case EarlyCCSCommandConfig.ATTACK_COMMAND:
                 attacker = new EarlyCCSAttacker(earlyCCS, earlyCCS.createConfig());
                 break;
@@ -169,6 +162,12 @@ public static void main(String[] args) {
         }
     }
 
+    /**
+     *
+     * @param jc
+     * @param config
+     * @return
+     */
     public static boolean isPrintHelpForCommand(JCommander jc, TLSDelegateConfig config) {
         return config.getGeneralDelegate().isHelp();
     }

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/actions/EarlyCcsAction.java

@@ -12,7 +12,6 @@
 import de.rub.nds.modifiablevariable.bool.ModifiableBoolean;
 import de.rub.nds.tlsattacker.core.constants.AlgorithmResolver;
 import de.rub.nds.tlsattacker.core.constants.ProtocolMessageType;
-import de.rub.nds.tlsattacker.core.exceptions.WorkflowExecutionException;
 import de.rub.nds.tlsattacker.core.protocol.handler.ClientKeyExchangeHandler;
 import de.rub.nds.tlsattacker.core.protocol.message.ClientKeyExchangeMessage;
 import de.rub.nds.tlsattacker.core.record.AbstractRecord;
@@ -25,20 +24,38 @@
 import java.util.List;
 
 /**
+ * This Action is used by the EarlyCcs Attack. It sends a ClientKeyExchange
+ * message and adjusts the cryptographic material accordingly.
  *
- * @author robert
  */
 public class EarlyCcsAction extends TlsAction {
 
     private final Boolean targetOpenssl1_0_0;
 
-    public EarlyCcsAction(Boolean adjustContext) {
-        this.targetOpenssl1_0_0 = adjustContext;
+    /**
+     * Constructor for the Action. If the target is Openssl 1.0.0 the boolean
+     * value should be set to true
+     *
+     * @param targetsOpenssl1_0_0
+     *            If the target is an openssl 1.0.0 server
+     */
+    public EarlyCcsAction(Boolean targetsOpenssl1_0_0) {
+        this.targetOpenssl1_0_0 = targetsOpenssl1_0_0;
     }
 
+    /**
+     * Sends a ClientKeyExchange message depending on the currently selected
+     * ciphersuite. Depening on the target version cryptographic material is
+     * adjusted.
+     *
+     * @param state
+     *            the State in which the action should be executed in
+     * @throws IOException
+     *             If something goes wrong during the transmission of the
+     *             ClientKeyExchange message
+     */
     @Override
-    public void execute(State state) throws WorkflowExecutionException, IOException {
-        Record r = new Record();
+    public void execute(State state) throws IOException {
         WorkflowConfigurationFactory factory = new WorkflowConfigurationFactory(state.getConfig());
         ClientKeyExchangeMessage message = factory.createClientKeyExchangeMessage(AlgorithmResolver
                 .getKeyExchangeAlgorithm(state.getTlsContext().getChooser().getSelectedCipherSuite()));
@@ -63,9 +80,12 @@ public void execute(State state) throws WorkflowExecutionException, IOException
         setExecuted(true);
     }
 
+    /**
+     * Rests the executed state of the action
+     */
     @Override
     public void reset() {
-        // nothing to do;
+        setExecuted(false);
     }
 
     @Override

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/bruteforce/GuessProvider.java

@@ -8,16 +8,39 @@
  */
 package de.rub.nds.tlsattacker.attacks.bruteforce;
 
+/**
+ * A GuessProvider is responsible for the creation of byte[] sequences for brute
+ * force attacks. The guess provider should minimize the number of guesses
+ * according to heuristics.
+ */
 public abstract class GuessProvider {
 
     private final GuessProviderType type;
 
+    /**
+     * Constructor
+     *
+     * @param type
+     *            Type of the GuessProvider
+     */
     public GuessProvider(GuessProviderType type) {
         this.type = type;
     }
 
+    /**
+     * Returns the next guess for the attack. Guesses should not repeat, but it
+     * is not completly prohibited by this API. Returns null if no more guesses
+     * are available.
+     *
+     * @return The next byte[] to be used in the brute force attack.
+     */
     public abstract byte[] getGuess();
 
+    /**
+     * Retunrs the type of this GuessProvider
+     *
+     * @return Type of this GuessProvider
+     */
     public GuessProviderType getType() {
         return type;
     }

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/bruteforce/GuessProviderFactory.java

@@ -10,8 +10,25 @@
 
 import java.io.InputStream;
 
+/**
+ * A Factory class for GuessProvider instances, which creates GuessProvider
+ * objects based on a GuessProviderType.
+ */
 public class GuessProviderFactory {
 
+    /**
+     * Creates GuessProvider objects based on a GuessProviderType. Some
+     * GuessProvider require an InputSource to create their guesses. If the
+     * GuessProvider does not use an InputStream, the InputStream is ignored
+     *
+     * @param type
+     *            Type of the GuessProvider which should be created
+     * @param guessSource
+     *            An InputStream as an input source for the GuessProvider. If
+     *            the GuessProvider does not use an InputStream the guessSource
+     *            is ignored.
+     * @return A new GuessProvider object.
+     */
     public static GuessProvider createGuessProvider(GuessProviderType type, InputStream guessSource) {
         switch (type) {
             case INCREMENTING:

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/bruteforce/GuessProviderType.java

@@ -8,7 +8,18 @@
  */
 package de.rub.nds.tlsattacker.attacks.bruteforce;
 
+/**
+ * A Type of GuessProvider.
+ */
 public enum GuessProviderType {
+
+    /**
+     * An IncrementingGuessProvider just tries all byte[] sequences in order
+     */
     INCREMENTING,
+    /**
+     * A WordListGuessProvider uses an InputSource to try all words from the
+     * InputSource
+     */
     WORDLIST
 }

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/bruteforce/IncrementingGuessProvider.java

@@ -8,23 +8,37 @@
  */
 package de.rub.nds.tlsattacker.attacks.bruteforce;
 
+/**
+ * An IncrementingGuessProvider is a GuessProvider which tries all byte[]
+ * sequences in a growing order. Starting by an empty byte[] and then continuing
+ * the sequence with th byte[] size increased by 1. It would then try 00, 01,
+ * 02, ..., FF and continue with 00 00, 00 01, 00 02 , ... to FF, FF and so on.
+ */
 public class IncrementingGuessProvider extends GuessProvider {
 
     private byte[] lastGuess = null;
 
     private int size = 0;
 
+    /**
+     * Default Constructor
+     */
     public IncrementingGuessProvider() {
         super(GuessProviderType.INCREMENTING);
     }
 
+    /**
+     * Returns the last Guess incremented by 1.
+     * 
+     * @return
+     */
     @Override
     public byte[] getGuess() {
         byte[] guess = getIncrementedGuess();
         return guess;
     }
 
-    public byte[] getIncrementedGuess() {
+    private byte[] getIncrementedGuess() {
         if (lastGuess == null) {
             lastGuess = new byte[size];
         } else {
@@ -37,7 +51,7 @@ public byte[] getIncrementedGuess() {
         return lastGuess;
     }
 
-    public byte[] createdIncrementedAtPosition(byte[] array, int position) {
+    private byte[] createdIncrementedAtPosition(byte[] array, int position) {
         if (array.length > position) {
             array[position] = (byte) (array[position] + 1);
             if (array[position] == 0) {

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/bruteforce/WordListGuessProvider.java

@@ -14,15 +14,33 @@
 import java.io.InputStream;
 import java.io.InputStreamReader;
 
+/**
+ * A GuessProvider based on a WordList. It reads bytes from the inpustream until
+ * a newline character is found. If the InputStream does not contain anymore
+ * lines. Null is returned.
+ */
 public class WordListGuessProvider extends GuessProvider {
 
     private final BufferedReader bufferedReader;
 
+    /**
+     * Constructor
+     *
+     * @param stream
+     *            An Inputstream to read Guesses from
+     */
     public WordListGuessProvider(InputStream stream) {
         super(GuessProviderType.WORDLIST);
         bufferedReader = new BufferedReader(new InputStreamReader(stream));
     }
 
+    /**
+     * Returns the next word from the inputstream. If no more words are in the
+     * in InputStream null is returned.
+     *
+     * @return The next word from the inputstream. If no more words are in the
+     *         in InputStream null is returned.
+     */
     @Override
     public byte[] getGuess() {
         try {

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/config/AttackConfig.java

@@ -12,21 +12,40 @@
 import de.rub.nds.tlsattacker.core.config.TLSDelegateConfig;
 import de.rub.nds.tlsattacker.core.config.delegate.GeneralDelegate;
 
+/**
+ *
+ */
 public abstract class AttackConfig extends TLSDelegateConfig {
 
     @Parameter(names = "-skipConnectionCheck", description = "If set to true the Attacker will not check if the target is reachable.")
     private boolean skipConnectionCheck = false;
 
+    /**
+     *
+     * @param delegate
+     */
     public AttackConfig(GeneralDelegate delegate) {
         super(delegate);
     }
 
+    /**
+     *
+     * @return
+     */
     public abstract boolean isExecuteAttack();
 
+    /**
+     *
+     * @return
+     */
     public boolean isSkipConnectionCheck() {
         return skipConnectionCheck;
     }
 
+    /**
+     *
+     * @param skipConnectionCheck
+     */
     public void setSkipConnectionCheck(boolean skipConnectionCheck) {
         this.skipConnectionCheck = skipConnectionCheck;
     }