Beispiel #1
0
    def __format__(self, formatstr):
        """Advanced formatting for messages."""
        hexify = False
        verbose = False
        digest = False
        if "h" in formatstr:
            hexify = True
        if "v" in formatstr:
            verbose = True
        if "m" in formatstr:
            digest = True

        if self.certChain is None:
            cert_list = None
        else:
            if isinstance(self.certChain, X509CertChain):
                cert_list = [cert.bytes for cert in self.certChain.x509List]
            else:
                cert_list = self.certChain

            if digest:
                cert_list = "[" + ", ".join(b2a_hex(secureHash(cert, "sha256")) for cert in cert_list) + "]"
            else:
                cert_list = [repr(cert) for cert in cert_list]

        return "Certificate({0})".format(cert_list)
Beispiel #2
0
    def __format__(self, formatstr):
        """Advanced formatting for messages."""
        hexify = False
        verbose = False
        digest = False
        if 'h' in formatstr:
            hexify = True
        if 'v' in formatstr:
            verbose = True
        if 'm' in formatstr:
            digest = True

        if self.certChain is None:
            cert_list = None
        else:
            if isinstance(self.certChain, X509CertChain):
                cert_list = [cert.bytes for cert in self.certChain.x509List]
            else:
                cert_list = self.certChain

            if digest:
                cert_list = "[" + ", ".join(
                    b2a_hex(secureHash(cert, 'sha256'))
                    for cert in cert_list) + "]"
            else:
                cert_list = [repr(cert) for cert in cert_list]

        return "Certificate({0})".format(cert_list)
Beispiel #3
0
def printExporter(connection, expLabel, expLength):
    if expLabel is None:
        return
    expLabel = bytearray(expLabel, "utf-8")
    exp = connection.keyingMaterialExporter(expLabel, expLength)
    exp = b2a_hex(exp).upper()
    print("  Exporter label: {0}".format(expLabel))
    print("  Exporter length: {0}".format(expLength))
    print("  Keying material: {0}".format(exp))
Beispiel #4
0
def printExporter(connection, expLabel, expLength):
    if expLabel is None:
        return
    expLabel = bytearray(expLabel, "utf-8")
    exp = connection.keyingMaterialExporter(expLabel, expLength)
    exp = b2a_hex(exp).upper()
    print("  Exporter label: {0}".format(expLabel))
    print("  Exporter length: {0}".format(expLength))
    print("  Keying material: {0}".format(exp))
Beispiel #5
0
    def __format__(self, formatstr):
        """Advanced formatting for messages."""
        hexify = False
        verbose = ""
        if "h" in formatstr:
            hexify = True
        if "v" in formatstr:
            verbose = "ContentType."

        if hexify:
            data = b2a_hex(self.data)
        else:
            data = repr(self.data)

        return "Message(contentType={0}{1}, data={2})".format(verbose, ContentType.toStr(self.contentType), data)
Beispiel #6
0
    def __format__(self, formatstr):
        """Advanced formatting for messages."""
        hexify = False
        verbose = ""
        if 'h' in formatstr:
            hexify = True
        if 'v' in formatstr:
            verbose = "ContentType."

        if hexify:
            data = b2a_hex(self.data)
        else:
            data = repr(self.data)

        return "Message(contentType={0}{1}, data={2})"\
               .format(verbose, ContentType.toStr(self.contentType), data)
Beispiel #7
0
    def __format__(self, formatstr):
        """Formattable representation of extension."""
        if self.client_shares is None:
            return "KeyShareExtension(None)"

        verbose = ""
        hexlify = False
        if 'v' in formatstr:
            verbose = "GroupName."
        if 'h' in formatstr:
            hexlify = True

        shares = []
        for group_id, share in self.client_shares:
            if hexlify:
                share = b2a_hex(share)
            else:
                share = repr(share)
            shares += ["({0}{1}, {2})".format(verbose,
                                              GroupName.toStr(group_id),
                                              share)]
        return "KeyShareExtension([" + ",".join(shares) + "])"
Beispiel #8
0
def format_bytearray(byte_array, formatstr):
    """Format method for bytearrays."""
    if "x" in formatstr:
        return b2a_hex(byte_array)
    else:
        return repr(byte_array)
Beispiel #9
0
    def process(self, state, msg):
        """Process the Server Key Exchange message"""
        assert msg.contentType == ContentType.handshake
        parser = Parser(msg.write())
        hs_type = parser.get(1)
        assert hs_type == HandshakeType.server_key_exchange

        if self.version is None:
            self.version = state.version
        if self.cipher_suite is None:
            self.cipher_suite = state.cipher
        valid_sig_algs = self.valid_sig_algs
        valid_groups = self.valid_groups

        server_key_exchange = ServerKeyExchange(self.cipher_suite,
                                                self.version)
        server_key_exchange.parse(parser)

        client_random = state.client_random
        server_random = state.server_random
        public_key = state.get_server_public_key()
        server_hello = state.get_last_message_of_type(ServerHello)
        if server_hello is None:
            server_hello = ServerHello
            server_hello.server_version = state.version
        if valid_sig_algs is None:
            # if the value was unset in script, get the advertised value from
            # Client Hello
            client_hello = state.get_last_message_of_type(ClientHello)
            if client_hello is not None:
                sig_algs_ext = client_hello.getExtension(ExtensionType.
                                                         signature_algorithms)
                if sig_algs_ext is not None:
                    valid_sig_algs = sig_algs_ext.sigalgs
            if valid_sig_algs is None:
                # no advertised means support for sha1 only
                valid_sig_algs = [(HashAlgorithm.sha1, SignatureAlgorithm.rsa)]

        try:
            KeyExchange.verifyServerKeyExchange(server_key_exchange,
                                                public_key,
                                                client_random,
                                                server_random,
                                                valid_sig_algs)
        except TLSDecryptionFailed:
            # very rarely validation of signature fails, print it so that
            # we have a chance in debugging it
            print("Bad signature: {0}"
                  .format(b2a_hex(server_key_exchange.signature)),
                  file=sys.stderr)
            raise

        if self.cipher_suite in CipherSuite.dhAllSuites:
            if valid_groups and any(i in range(256, 512)
                                    for i in valid_groups):
                self._checkParams(server_key_exchange)
            state.key_exchange = DHE_RSAKeyExchange(self.cipher_suite,
                                                    clientHello=None,
                                                    serverHello=server_hello,
                                                    privateKey=None)
        elif self.cipher_suite in CipherSuite.ecdhAllSuites:
            # extract valid groups from Client Hello
            if valid_groups is None:
                client_hello = state.get_last_message_of_type(ClientHello)
                if client_hello is not None:
                    groups_ext = client_hello.getExtension(ExtensionType.
                                                           supported_groups)
                    if groups_ext is not None:
                        valid_groups = groups_ext.groups
                if valid_groups is None:
                    # no advertised means support for all
                    valid_groups = GroupName.allEC
            state.key_exchange = \
                ECDHE_RSAKeyExchange(self.cipher_suite,
                                     clientHello=None,
                                     serverHello=server_hello,
                                     privateKey=None,
                                     acceptedCurves=valid_groups)
        else:
            raise AssertionError("Unsupported cipher selected")
        state.key['premaster_secret'] = state.key_exchange.\
            processServerKeyExchange(public_key,
                                     server_key_exchange)

        state.handshake_messages.append(server_key_exchange)
        state.handshake_hashes.update(msg.write())
Beispiel #10
0
def format_bytearray(byte_array, formatstr):
    """Format method for bytearrays."""
    if 'x' in formatstr:
        return b2a_hex(byte_array)
    else:
        return repr(byte_array)