Safer workflow loading (#903)

* Removed automatic workflow loading/saving from TLS-Attacker "Core"
* TLS-Attacker now issues warnings when workflow traces are loaded via the "secure" function if originalValues are still present in the workflowtrace to avoid confusion

Author: ic0ns

TLS-Client/src/main/java/de/rub/nds/tlsattacker/client/config/ClientCommandConfig.java

@@ -9,14 +9,14 @@
 
 package de.rub.nds.tlsattacker.client.config;
 
+import com.beust.jcommander.Parameter;
 import com.beust.jcommander.ParametersDelegate;
 import de.rub.nds.tlsattacker.core.config.Config;
 import de.rub.nds.tlsattacker.core.config.TLSDelegateConfig;
 import de.rub.nds.tlsattacker.core.config.delegate.CertificateDelegate;
 import de.rub.nds.tlsattacker.core.config.delegate.CipherSuiteDelegate;
 import de.rub.nds.tlsattacker.core.config.delegate.ClientDelegate;
 import de.rub.nds.tlsattacker.core.config.delegate.CompressionDelegate;
-import de.rub.nds.tlsattacker.core.config.delegate.ConfigOutputDelegate;
 import de.rub.nds.tlsattacker.core.config.delegate.FilterDelegate;
 import de.rub.nds.tlsattacker.core.config.delegate.GeneralDelegate;
 import de.rub.nds.tlsattacker.core.config.delegate.HeartbeatDelegate;
@@ -28,8 +28,6 @@
 import de.rub.nds.tlsattacker.core.config.delegate.StarttlsDelegate;
 import de.rub.nds.tlsattacker.core.config.delegate.TimeoutDelegate;
 import de.rub.nds.tlsattacker.core.config.delegate.TransportHandlerDelegate;
-import de.rub.nds.tlsattacker.core.config.delegate.WorkflowInputDelegate;
-import de.rub.nds.tlsattacker.core.config.delegate.WorkflowOutputDelegate;
 import de.rub.nds.tlsattacker.core.config.delegate.WorkflowTypeDelegate;
 import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowTraceType;
 
@@ -56,10 +54,6 @@ public class ClientCommandConfig extends TLSDelegateConfig {
     @ParametersDelegate
     private TimeoutDelegate timeoutDelegate;
     @ParametersDelegate
-    private WorkflowInputDelegate workflowInputDelegate;
-    @ParametersDelegate
-    private WorkflowOutputDelegate workflowOutputDelegate;
-    @ParametersDelegate
     private WorkflowTypeDelegate workflowTypeDelegate;
     @ParametersDelegate
     private HeartbeatDelegate heartbeatDelegate;
@@ -68,12 +62,16 @@ public class ClientCommandConfig extends TLSDelegateConfig {
     @ParametersDelegate
     private FilterDelegate filterDelegate;
     @ParametersDelegate
-    private ConfigOutputDelegate configOutputDelegate;
-    @ParametersDelegate
     private ListDelegate listDelegate;
     @ParametersDelegate
     private StarttlsDelegate starttlsDelegate;
 
+    @Parameter(names = "-workflow_input", description = "A path to a workflow trace that should be exeucted")
+    private String workflowInput = null;
+    @Parameter(names = "-workflow_output",
+        description = "A path in which the executed workflow trace should be stored in")
+    private String workflowOutput = null;
+
     public ClientCommandConfig(GeneralDelegate delegate) {
         super(delegate);
         this.ciphersuiteDelegate = new CipherSuiteDelegate();
@@ -84,13 +82,10 @@ public ClientCommandConfig(GeneralDelegate delegate) {
         this.signatureAndHashAlgorithmDelegate = new SignatureAndHashAlgorithmDelegate();
         this.transportHandlerDelegate = new TransportHandlerDelegate();
         this.timeoutDelegate = new TimeoutDelegate();
-        this.workflowInputDelegate = new WorkflowInputDelegate();
-        this.workflowOutputDelegate = new WorkflowOutputDelegate();
         this.workflowTypeDelegate = new WorkflowTypeDelegate();
         this.heartbeatDelegate = new HeartbeatDelegate();
         this.certificateDelegate = new CertificateDelegate();
         this.filterDelegate = new FilterDelegate();
-        this.configOutputDelegate = new ConfigOutputDelegate();
         this.listDelegate = new ListDelegate();
         this.starttlsDelegate = new StarttlsDelegate();
         this.compressionDelegate = new CompressionDelegate();
@@ -103,14 +98,11 @@ public ClientCommandConfig(GeneralDelegate delegate) {
         addDelegate(protocolVersionDelegate);
         addDelegate(clientDelegate);
         addDelegate(signatureAndHashAlgorithmDelegate);
-        addDelegate(workflowInputDelegate);
-        addDelegate(workflowOutputDelegate);
         addDelegate(workflowTypeDelegate);
         addDelegate(transportHandlerDelegate);
         addDelegate(timeoutDelegate);
         addDelegate(certificateDelegate);
         addDelegate(filterDelegate);
-        addDelegate(configOutputDelegate);
         addDelegate(starttlsDelegate);
     }
 
@@ -123,4 +115,13 @@ public Config createConfig() {
         }
         return config;
     }
+
+    public String getWorkflowInput() {
+        return workflowInput;
+    }
+
+    public String getWorkflowOutput() {
+        return workflowOutput;
+    }
+
 }

TLS-Client/src/main/java/de/rub/nds/tlsattacker/client/main/TlsClient.java

@@ -15,11 +15,14 @@
 import de.rub.nds.tlsattacker.core.config.Config;
 import de.rub.nds.tlsattacker.core.config.delegate.GeneralDelegate;
 import de.rub.nds.tlsattacker.core.config.delegate.ListDelegate;
-import de.rub.nds.tlsattacker.core.exceptions.ConfigurationException;
 import de.rub.nds.tlsattacker.core.exceptions.WorkflowExecutionException;
 import de.rub.nds.tlsattacker.core.state.State;
 import de.rub.nds.tlsattacker.core.workflow.WorkflowExecutor;
 import de.rub.nds.tlsattacker.core.workflow.WorkflowExecutorFactory;
+import de.rub.nds.tlsattacker.core.workflow.WorkflowTrace;
+import de.rub.nds.tlsattacker.core.workflow.WorkflowTraceSerializer;
+import java.io.File;
+import java.io.FileInputStream;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 
@@ -47,20 +50,35 @@ public static void main(String[] args) {
 
             try {
                 Config tlsConfig = config.createConfig();
+                WorkflowTrace trace = null;
+                if (config.getWorkflowInput() != null) {
+                    LOGGER.debug("Reading workflow trace from " + config.getWorkflowInput());
+                    trace =
+                        WorkflowTraceSerializer.secureRead(new FileInputStream(new File(config.getWorkflowInput())));
+                }
                 TlsClient client = new TlsClient();
-                client.startTlsClient(tlsConfig);
+                State state = client.startTlsClient(tlsConfig, trace);
+                if (config.getWorkflowOutput() != null) {
+                    trace = state.getWorkflowTrace();
+                    LOGGER.debug("Writing workflow trace to " + config.getWorkflowOutput());
+                    WorkflowTraceSerializer.write(new File(config.getWorkflowOutput()), trace);
+                }
             } catch (Exception e) {
                 LOGGER.error("Encountered an uncaught Exception aborting. See debug for more info.", e);
             }
         } catch (ParameterException e) {
-            LOGGER.error("Could not parse provided parameters. " + e.getLocalizedMessage());
-            LOGGER.debug(e);
+            LOGGER.error("Could not parse provided parameters. " + e.getLocalizedMessage(), e);
             commander.usage();
         }
     }
 
-    public void startTlsClient(Config config) {
-        State state = new State(config);
+    public State startTlsClient(Config config, WorkflowTrace trace) {
+        State state;
+        if (trace == null) {
+            state = new State(config);
+        } else {
+            state = new State(config, trace);
+        }
         WorkflowExecutor workflowExecutor =
             WorkflowExecutorFactory.createWorkflowExecutor(config.getWorkflowExecutorType(), state);
 
@@ -71,5 +89,6 @@ public void startTlsClient(Config config) {
                 "The TLS protocol flow was not executed completely, follow the debug messages for more information.");
             LOGGER.debug(ex.getLocalizedMessage(), ex);
         }
+        return state;
     }
 }

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/config/Config.java

@@ -497,21 +497,6 @@ public static Config createEmptyConfig() {
     @XmlElementWrapper
     private List<RequestItemV2> statusRequestV2RequestList;
 
-    /**
-     * If we should use a workflow trace specified in File
-     */
-    private String workflowInput = null;
-
-    /**
-     * If set, save the workflow trace to this file after trace execution.
-     */
-    private String workflowOutput = null;
-
-    /**
-     * If set, save the actually used config to this file after trace execution.
-     */
-    private String configOutput = null;
-
     /**
      * The Type of workflow trace that should be generated
      */
@@ -2643,30 +2628,6 @@ public void setWorkflowTraceType(WorkflowTraceType workflowTraceType) {
         this.workflowTraceType = workflowTraceType;
     }
 
-    public String getWorkflowOutput() {
-        return workflowOutput;
-    }
-
-    public void setWorkflowOutput(String workflowOutput) {
-        this.workflowOutput = workflowOutput;
-    }
-
-    public String getConfigOutput() {
-        return configOutput;
-    }
-
-    public void setConfigOutput(String configOutput) {
-        this.configOutput = configOutput;
-    }
-
-    public String getWorkflowInput() {
-        return workflowInput;
-    }
-
-    public void setWorkflowInput(String workflowInput) {
-        this.workflowInput = workflowInput;
-    }
-
     public NamedGroup getDefaultSelectedNamedGroup() {
         return defaultSelectedNamedGroup;
     }