def test_fixed_crypto_data_matches_verify_data(self):
client_verify_data = "e23f73911909a86be9e93fdb"
server_verify_data = "c83b8eb028d3c4a8d82c1c17"
tls_ctx = tlsc.TLSSessionCtx()
# tls_ctx.rsa_load_keys(self.pem_priv_key)
client_hello = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientHello(gmt_unix_time=1234,
random_bytes="A" * 28)
# Hello Request should be ignored in verify_data calculation
tls_ctx.insert(tls.TLSHelloRequest())
tls_ctx.insert(client_hello)
tls_ctx.premaster_secret = "B" * 48
epms = "C" * 256
server_hello = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSServerHello(gmt_unix_time=1234,
session_id="",
random_bytes="A" * 28)
tls_ctx.insert(server_hello)
client_kex = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientKeyExchange() /\
tls.TLSClientRSAParams(data=epms)
tls_ctx.insert(client_kex)
self.assertEqual(client_verify_data, binascii.hexlify(tls_ctx.get_verify_data()))
# Make sure that client finish is included in server finish calculation
tls_ctx.set_mode(server=True)
client_finish = tls.TLSRecord() / tls.TLSHandshake() / tls.tls_to_raw(
tls.TLSFinished(data=tls_ctx.get_verify_data()), tls_ctx)
tls_ctx.insert(client_finish)
self.assertEqual(server_verify_data, binascii.hexlify(tls_ctx.get_verify_data()))
def test_encrypted_pms_is_only_available_after_server_certificate_is_presented(
self):
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientHello()
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.insert(pkt)
with self.assertRaises(ValueError):
tls_ctx.get_encrypted_pms()
def _do_kex(self, version):
self.pem_priv_key = """-----BEGIN PRIVATE KEY-----
MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDDLrmt4lKRpm6P
2blptwJsa1EBuxuuAayLjwNqKGvm5c1CAUEa/NtEpUMM8WYKRDwxzakUIGI/BdP3
NOEMphcs5+OekgJLhzoSdtAIrXPy8JIidENZE6FzCJ2b6fHU5O4hoNvv1Bx5yoZr
HVaWJIZMRRocJJ0Nf9oMaU8IE6m6OdBzQHEwcnL2/a8Q3VxstHufzjILmaZD9WL+
6AESlQMKZPNQ+Xd7d4nvnVkY4ZV46tA+KvADGuotgovQwG+uiyQoGRrQUms21vHF
zIvd3G9OCiyCTCHSyfsE3g7tks33NZ8O8gF8xa9OmU9TQPwwAyUr6JQXz0CW77o7
Cr9LpHuNAgMBAAECggEBAJRbMbtfqc8XqDYjEfGur2Lld19Pb0yl7RbvD3NjYhDR
X2DqPyhaRfg5fWubGSp4jyBz6C5qJwMsVN80DFNm83qoj7T52lC6aoOaV6og3V8t
SIZzxLUyXKdpRxM5kR13HSHmeQYkPbi9HcrRM/1PqdzTMXNuyQl3wq9oZDAJchsf
fmoh080htkaxhEb1bMXa2Lj7j2OIkHOsQeIu6BdbxIKRPIT+zrcklE6ocW8fTWAS
Qi3IZ1FYLL+fs6TTxjx0VkC8QLaxWxY0pqTiwS7ndZiZKc3l3ARuvRk8buP+X3Jg
BD86FQ18OXZC9boMbDbzv2cOLtdkq5pS3lJE4F9gjYECgYEA69ukU2pNWot2OPwK
PuPwAXWNrvnvFzQgIc0qOiCmgKJU6wqunlop4Bx5XmetHExVyJVBEhaHoDr0F3Rs
gt8IclKDsWGXoVcgfu3llMimiZ05hOf/XtcGTCZwZenMQ30cFh4ZRuUu7WCZ9tqO
28P8jCXB3IcaRpRnNvVvmCr5NXECgYEA09nUzRW993SlohceRW2C9fT9HZ4BaPWO
5wVlnoo5mlUfAyzl+AGT/WlKmrn/1gAHIznQJ8ZIABQvPaBXhvkANXZP5Ie0lObw
jA7qFuKt7yV4GGlDnU1MOLh+acABMQBGSx8BJDaomH7glTiPEPTZjoP6wfAsd1uv
Knjt7jH2ad0CgYEAx9ghknRd+rx0fbBBVix4riPW20324ihOmZVnlD0aF6B0Z3tz
ncUz+irmQ7GBIpsjjIO60QK6BHAvZrhFQVaNp6B26ZORkSlr5WDZyImDYtMPa6fP
36I+OcPQNOo3I3Acnjj+ne2PJ59Ula92oIudr3pGmv72qpsQIacw2TSAWGECgYEA
sdNAN+HPMn68ZaGoLDjvW8uIB6tQnay5hhvWn8yA65YV0RGH+7Q/Z9BQ6i3EnPor
A5uMqUZbu4011jHYJpiuXzHvf/GVWAO92KLQReOCgqHd/Aen1MtEdrwOiG+90Ebd
ukLNL3ud61tc4oS2OlJ8p48LFm2mtY3FLA6UEYPoxhUCgYEAtsfWIGnBh7XC+HwI
2higSgN92VpJHSPOyOi0aG/u5AEQ+fsCUIi3KakxzvmiGMAEvWItkKyz2Gu8smtn
2HVsGxI5UW7aLw9s3qe8kyMSfUk6pGamVhJUQmDr77+5zEzykPBxwGwDwdeR43CR
xVgf/Neb/avXgIgi6drj8dp1fWA=
-----END PRIVATE KEY-----
"""
rsa_priv_key = RSA.importKey(self.pem_priv_key)
self.priv_key = PKCS1_v1_5.new(rsa_priv_key)
self.pub_key = PKCS1_v1_5.new(rsa_priv_key.publickey())
self.tls_ctx = tlsc.TLSSessionCtx()
self.tls_ctx.rsa_load_keys(self.pem_priv_key)
# SSLv2
self.record_version = 0x0002
self.version = version
# RSA_WITH_AES_128_SHA
self.cipher_suite = tls.TLSCipherSuite.RSA_WITH_AES_128_CBC_SHA
# DEFLATE
self.comp_method = tls.TLSCompressionMethod.NULL
self.client_hello = tls.TLSRecord(
version=self.record_version) / tls.TLSHandshake(
) / tls.TLSClientHello(version=version,
compression_methods=[self.comp_method],
cipher_suites=[self.cipher_suite])
self.tls_ctx.insert(self.client_hello)
self.server_hello = tls.TLSRecord(
version=self.version) / tls.TLSHandshake() / tls.TLSServerHello(
version=version,
compression_method=self.comp_method,
cipher_suite=self.cipher_suite)
self.tls_ctx.insert(self.server_hello)
# Build method to generate EPMS automatically in TLSSessionCtx
self.client_kex = tls.TLSRecord(
version=self.version) / tls.TLSHandshake(
) / tls.TLSClientKeyExchange(data=self.tls_ctx.get_encrypted_pms())
self.tls_ctx.insert(self.client_kex)
def test_encrypting_pms_fails_if_no_certificate_in_connection(self):
tls_ctx = tlsc.TLSSessionCtx()
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientHello(
version=0x0301)
tls_ctx.insert(pkt)
with self.assertRaises(ValueError):
tls_ctx.get_encrypted_pms()
def test_hmac_used_matches_selected_ciphersuite(self):
import struct
# RSA_WITH_3DES_EDE_CBC_SHA
cipher_suite = 0xa
plaintext = "a" * 32
sec_params = tlsc.TLSSecurityParameters.from_pre_master_secret(self.prf, cipher_suite, self.pre_master_secret,
self.client_random, self.server_random)
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.negotiated.version = tls.TLSVersion.TLS_1_0
tls_ctx.sec_params = sec_params
tls_ctx.client_ctx.sym_keystore = sec_params.client_keystore
self.assertEqual(sec_params.master_secret, self.master_secret)
crypto_ctx = tlsc.CBCCryptoContext(tls_ctx, tls_ctx.client_ctx)
# Pycryptodome does not expose the mode attribute
# self.assertEqual(client_enc_cipher.mode, DES3.MODE_CBC)
crypto_data = tlsc.CryptoData.from_context(tls_ctx, tls_ctx.client_ctx, plaintext)
crypto_container = tlsc.CBCCryptoContainer.from_context(tls_ctx, tls_ctx.client_ctx, crypto_data)
sequence_ = struct.pack("!Q", crypto_data.sequence)
content_type_ = struct.pack("!B", crypto_data.content_type)
version_ = struct.pack("!H", crypto_data.version)
len_ = struct.pack("!H", crypto_data.data_len)
digest_input = "%s%s%s%s%s" % (sequence_, content_type_, version_, len_, plaintext)
self.assertEqual(crypto_container.mac,
HMAC.new(sec_params.client_keystore.hmac, digest_input, digestmod=SHA).digest())
decrypted = crypto_ctx.decrypt(crypto_ctx.encrypt(crypto_container))
self.assertEqual(str(crypto_container), decrypted)
self.assertTrue(str(crypto_container).startswith(plaintext))
def test_streaming_mac_and_padding_are_added_if_session_context_is_provided(
self):
data = "%s%s" % ("A" * 2, "B" * MD5.digest_size)
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.sec_params = tlsc.TLSSecurityParameters(
tls.TLSCipherSuite.RSA_EXPORT1024_WITH_RC4_56_MD5, "A" * 48,
"B" * 32, "C" * 32)
records = tls.TLSAlert(data, ctx=tls_ctx)
self.assertEqual("B" * MD5.digest_size, records[tls.TLSAlert].mac)
self.assertEqual("", records[tls.TLSAlert].padding)
def test_negotiated_compression_method_is_used_in_context(self):
# DEFLATE
compression_method = 0x1
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSServerHello(gmt_unix_time=123456, random_bytes="A" * 28,
compression_method=compression_method)
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.insert(pkt)
self.assertEqual(tls_ctx.params.negotiated.compression_algo,
tlsc.TLSCompressionParameters.comp_params[compression_method]["name"])
input_ = "some data" * 16
self.assertEqual(tls_ctx.compression.method.decompress(tls_ctx.compression.method.compress(input_)), input_)
def test_negotiated_cipher_is_used_in_context(self):
# RSA_WITH_NULL_MD5
cipher_suite = 0x1
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSServerHello(gmt_unix_time=123456, random_bytes="A" * 28,
cipher_suite=cipher_suite)
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.insert(pkt)
self.assertEqual(tls_ctx.negotiated.key_exchange,
tlsc.TLSSecurityParameters.crypto_params[cipher_suite]["key_exchange"]["name"])
self.assertEqual(tls_ctx.negotiated.mac,
tlsc.TLSSecurityParameters.crypto_params[cipher_suite]["hash"]["name"])
def test_cbc_mac_and_padding_are_added_if_session_context_is_provided(
self):
data = "%s%s%s" % ("A" * 2, "B" * SHA.digest_size, "\x03" * 4)
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.sec_params = tlsc.TLSSecurityParameters(
tls.TLSCipherSuite.RSA_WITH_DES_CBC_SHA, "A" * 48, "B" * 32,
"C" * 32)
records = tls.TLSAlert(data, ctx=tls_ctx)
self.assertEqual(ord("\x03"), records[tls.TLSAlert].padding_len)
self.assertEqual("\x03" * 3, records[tls.TLSAlert].padding)
self.assertEqual("B" * SHA.digest_size, records[tls.TLSAlert].mac)
def test_keys_are_set_in_context_when_loaded(self):
tls_ctx = tlsc.TLSSessionCtx()
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientHello(version=0x0301)
tls_ctx.insert(pkt)
tls_ctx.server_ctx.load_rsa_keys(self.pem_priv_key)
self.assertIsNotNone(tls_ctx.server_ctx.asym_keystore.private)
self.assertIsNotNone(tls_ctx.server_ctx.asym_keystore.public)
# Broken due to pycrypto bug: https://github.com/dlitz/pycrypto/issues/114
# Uncomment when fixed upstream
# self.assertTrue(tls_ctx.crypto.server.asym_keystore.private.can_decrypt())
# self.assertTrue(tls_ctx.crypto.server.asym_keystore.public.can_decrypt())
self.assertTrue(tls_ctx.server_ctx.asym_keystore.private.can_encrypt())
def test_decrypted_pms_matches_generated_pms(self):
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.server_ctx.load_rsa_keys(self.pem_priv_key)
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientHello()
tls_ctx.insert(pkt)
epms = tls_ctx.get_encrypted_pms()
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSServerHello()
tls_ctx.insert(pkt)
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientKeyExchange() / tls.TLSClientRSAParams(data=epms)
tls_ctx.insert(pkt)
self.assertEqual(tls_ctx.encrypted_premaster_secret, epms)
self.assertEqual(tls_ctx.premaster_secret, self.priv_key.decrypt(epms, None))
def test_client_dh_parameters_generateion_matches_fixed_data(self):
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.crypto.server.dh.p = "\xdaX<\x16\xd9\x85\"\x89\xd0\xe4\xafuoL\xca\x92\xddK\xe53\xb8\x04\xfb\x0f\xed\x94\xef\x9c\x8aD\x03\xedWFP\xd3i\x99\xdb)\xd7v\'k\xa2\xd3\xd4\x12\xe2\x18\xf4\xdd\x1e\x08L\xf6\xd8\x00>|Gt\xe83"
tls_ctx.crypto.server.dh.g = "\x02"
tls_ctx.crypto.server.dh.y_s = "b\x1bF\xd4\xbe\xc6\x83d\x80\x1e\xeam\x86^\xcc!\xb2\x1b\x85+\xbd$j\xc9\x05\xf4\x14\x82 7\x8f_\x13\xcb\xef\xabyd\xb4\xc8\xda\xde\xac\xe8Zr\x8f\xb5\xfc\n\x16\xb0b\xf7\xd9!\x8d\x03\xef\n\r9\xd8\x87"
client_privkey = 5398526532442504864680398257365369432058147704829279760748758494328728516319L
client_pubkey = tls_ctx.get_client_dh_pubkey(client_privkey)
self.assertEqual(
"/T\xdc;\xc49\xa6\x8cD\xd4\xc1\x07I|\xb6\xc8\xaf\xb5\x04\xe9\xfb\t\x0e}\x14~\xa4\x1f\xdfo\x08u)Z\xb3\x0e\x1c^\xa3x0\x90\xa1\xd7\x82\x9dLT\xa6^\xcc\xf7\xae\x87\x97\x86vi\x02s\x10\xb3\xdbo",
client_pubkey)
self.assertEqual(
"}\xcae\xd2y\xd7F$\xde\"\xa9s\xfbNR9v\x19t9\x87\xa8\xa3\x9c\xccb]\x13\xb7\x8a\x8f\xdf\x7fv\x05\xa6\xf1\xa7\xc8\xf4X\xe3\xd4\xac\xd6\x1e4\xb4\x1cc\xbb\xce\xbe\x94lQ\x91\xb9\xde\xb7\xa6gu_",
tls_ctx.crypto.session.premaster_secret)
def _create_context(self, target, keyfile=None):
self.target = target
self.keyfile = keyfile
session = ssl_tls_crypto.TLSSessionCtx()
if keyfile:
print "* load servers privatekey for ciphertext decryption (RSA key only): %s" % keyfile
session.rsa_load_keys_from_file(keyfile)
session.printed = False
self.ssl_session_map[target] = session
else:
print "!! missing private key"
def test_tls_1_1_and_above_cbc_iv_is_null(self):
# RSA_WITH_AES_128_CBC_SHA
cipher_suite = 0x2f
sec_params = tlsc.TLSSecurityParameters.from_pre_master_secret(self.prf, cipher_suite, self.pre_master_secret,
self.client_random, self.server_random)
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.negotiated.version = tls.TLSVersion.TLS_1_1
tls_ctx.requires_iv = True
tls_ctx.sec_params = sec_params
# Creating the CryptoContext will set the IV to null if required
tlsc.CBCCryptoContext(tls_ctx, tls_ctx.client_ctx)
tlsc.CBCCryptoContext(tls_ctx, tls_ctx.server_ctx)
self.assertEqual(tls_ctx.client_ctx.sym_keystore.iv, "\x00" * 16)
self.assertEqual(tls_ctx.server_ctx.sym_keystore.iv, "\x00" * 16)
def test_explicit_iv_is_added_for_tls_1_1_if_session_context_is_provided(
self):
data = "%s%s%s%s" % ("C" * AES.block_size, "A" * 2,
"B" * SHA.digest_size, "\x03" * 4)
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.params.negotiated.version = tls.TLSVersion.TLS_1_1
tls_ctx.sec_params = tlsc.TLSSecurityParameters(
tls.TLSCipherSuite.RSA_WITH_AES_256_CBC_SHA, "A" * 48, "B" * 32,
"C" * 32, True)
records = tls.TLSAlert(data, ctx=tls_ctx)
self.assertEqual(ord("\x03"), records[tls.TLSAlert].padding_len)
self.assertEqual("\x03" * 3, records[tls.TLSAlert].padding)
self.assertEqual("B" * SHA.digest_size, records[tls.TLSAlert].mac)
self.assertEqual("C" * AES.block_size,
records[tls.TLSAlert].explicit_iv)
def test_client_ecdh_parameters_generation_matches_fixed_data(self):
tls_ctx = tlsc.TLSSessionCtx()
secp256r1 = reg.get_curve("secp256r1")
public = ec.Point(secp256r1, 71312736565121892539464098105317518227531978702333415386264829982789952731614,
108064706642599821618918248475955325719985341096102200103424860263181813987462)
tls_ctx.server_ctx.kex_keystore = tlsk.ECDHKeyStore(secp256r1, public)
client_privkey = 15320484772785058360598040144348894600917526501829289880527760633524785596585
client_keys = ec.Keypair(secp256r1, client_privkey)
client_pubkey = tls_ctx.get_client_ecdh_pubkey(client_privkey)
self.assertTrue(client_pubkey.startswith("\x04"))
self.assertEqual("\x04%s%s" % (tlsc.int_to_str(client_keys.pub.x), tlsc.int_to_str(client_keys.pub.y)),
client_pubkey)
self.assertEqual(client_keys.pub, tls_ctx.client_ctx.kex_keystore.public)
self.assertEqual("'(\x17\x94l\xd7AO\x03\xd4Fi\x05}mP\x1aX5C7\xf0_\xa9\xb0\xac\xba{r\x1f\x12\x8f",
tls_ctx.premaster_secret)
def test_client_dh_parameters_generation_matches_fixed_data(self):
tls_ctx = tlsc.TLSSessionCtx()
p = 11435638110073884015312138951374632602058080675070521707579703088370446597672067452229024566834732449017970455481029703480957707976441965258194321262569523
g = 2
public = 5138256925703068273978027748090991496798559132548080008963338818789329120888330364361710579103845963013102056863555649866832856399945018230203391434938503
tls_ctx.server_ctx.kex_keystore = tlsk.DHKeyStore(g, p, public)
client_privkey = 5398526532442504864680398257365369432058147704829279760748758494328728516319
client_pubkey = tls_ctx.get_client_dh_pubkey(client_privkey)
self.assertEqual(
("/T\xdc;\xc49\xa6\x8cD\xd4\xc1\x07I|\xb6\xc8\xaf\xb5\x04\xe9\xfb\t\x0e}\x14~\xa4\x1f\xdfo\x08u)Z\xb3\x0e"
"\x1c^\xa3x0\x90\xa1\xd7\x82\x9dLT\xa6^\xcc\xf7\xae\x87\x97\x86vi\x02s\x10\xb3\xdbo"),
client_pubkey)
self.assertEqual(
("}\xcae\xd2y\xd7F$\xde\"\xa9s\xfbNR9v\x19t9\x87\xa8\xa3\x9c\xccb]\x13\xb7\x8a\x8f\xdf\x7fv\x05\xa6\xf1\xa7"
"\xc8\xf4X\xe3\xd4\xac\xd6\x1e4\xb4\x1cc\xbb\xce\xbe\x94lQ\x91\xb9\xde\xb7\xa6gu_"),
tls_ctx.premaster_secret)
def test_fixed_crypto_data_matches_verify_data(self):
verify_data = "12003ac89553b7a233da64b9"
tls_ctx = tlsc.TLSSessionCtx()
# tls_ctx.rsa_load_keys(self.pem_priv_key)
client_hello = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientHello(gmt_unix_time=1234,
random_bytes="A" * 28)
tls_ctx.insert(client_hello)
tls_ctx.crypto.session.premaster_secret = "B" * 48
epms = "C" * 256
server_hello = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSServerHello(gmt_unix_time=1234,
random_bytes="A" * 28)
tls_ctx.insert(server_hello)
client_kex = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientKeyExchange() /\
tls.TLSClientRSAParams(data=epms)
tls_ctx.insert(client_kex)
self.assertEqual(binascii.hexlify(tls_ctx.get_verify_data()), verify_data)
def __init__(self, *args, **kwargs):
self.state = None
self.channel_uuid = str(uuid.uuid4().bytes)
self.ready = False
self._buffer = []
self._tls_recv_buffer = []
self._tls_recv_deferred = None
self._keepalive_loop = None
self._datacarry = ''
self._tlscarry = ''
self._havecommand = False
self.tls_ctx = ssl_tls_crypto.TLSSessionCtx(True)
def _static_tls_handshake(self):
# Setup static parameters, so PRF output is reproducible
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.crypto.session.premaster_secret = "\x03\x01" + "C" * 46
client_hello = tls.TLSRecord(
version="TLS_1_0") / tls.TLSHandshake() / tls.TLSClientHello(
version="TLS_1_0",
gmt_unix_time=1234,
random_bytes="A" * 28,
session_id="",
compression_methods=[0],
cipher_suites=(tls.TLSCipherSuite.RSA_WITH_AES_128_CBC_SHA))
tls_ctx.insert(client_hello)
server_hello = binascii.unhexlify(
"160301004a02000046030155662cd45fade845839a3c8dba0e46f1abcd2fd941f4e95e75ab6d61811abcf420960ccadc00abc7043cca458d9a1df1cb877a5005b53f754ac80d392990fae3c7002f00160301047c0b0004780004750004723082046e30820356a003020102020900d1e1f53a9203251a300d06092a864886f70d0101050500308180310b3009060355040613025553311330110603550408130a536f6d652d53746174653112301006035504071309536f6d652d6369747931153013060355040a130c536f6d652d636f6d70616e793110300e060355040b1307536f6d652d4f55311f301d06035504031316736f6d652d7365727665722e736f6d652e7768657265301e170d3135303532323139313631325a170d3235303531393139313631325a308180310b3009060355040613025553311330110603550408130a536f6d652d53746174653112301006035504071309536f6d652d6369747931153013060355040a130c536f6d652d636f6d70616e793110300e060355040b1307536f6d652d4f55311f301d06035504031316736f6d652d7365727665722e736f6d652e776865726530820122300d06092a864886f70d01010105000382010f003082010a0282010100cd7b7165ee7528f107cf666edc673eedc863544ebe8cc3741346015eea182a73a9e18e26f6f1553d83843d2bdacdd4501faec7b4f5446b8790053f152e23f70d121ca7f63a22a657536ee4b50b8777568ef469905ce05211178dd9ebe223b21246cce4baf351d0b81b464830e15fb7178cf5f39e7673de7779e5dbbd7a3d2ea98589b0d6003635447693ed2ec632c3dbb632ac254e3b8cd78e1ea160982627e2cd3a369c4bb43c486141b97fbbd9d3cb014b92e0ec6ecf46ded64749bbecfb6f98d0d2f459d5cf0054a6522280af961dfcbe1650937180f43decf2f8725b94eeec10248cdc70acad63bcc3cd5370d0dc0f3cba8d369909c6b917f243e5e5bc270203010001a381e83081e5301d0603551d0e041604143cc2f7fc85dbbe4b0566b35bde744484438ae83e3081b50603551d230481ad3081aa80143cc2f7fc85dbbe4b0566b35bde744484438ae83ea18186a48183308180310b3009060355040613025553311330110603550408130a536f6d652d53746174653112301006035504071309536f6d652d6369747931153013060355040a130c536f6d652d636f6d70616e793110300e060355040b1307536f6d652d4f55311f301d06035504031316736f6d652d7365727665722e736f6d652e7768657265820900d1e1f53a9203251a300c0603551d13040530030101ff300d06092a864886f70d0101050500038201010001738e2985692d8239fb1795e6ea0718755cf106cd739f7113afd3a074add07f981b06f34b9df3e1658c153355c5061b369d60d341eb4ccefdd98d6d6790be499cde8bd5705d1a8a89bb141599f3319914f8539e294848c106386218d8679da46ba90a2ce7587265cb55d6a629569b65581ee2e88ded264b81dff1c11e2c55728efe170dfe4f76706fbbda137b02e0fa987355b0cfdb3f8637e35473e4a6eccdcbc27d55d1f956a5f2c454e937df71d42e21d45d227477e26053b8be003fa527746b163b3d4b9a585d2860e5080ed9737d4c5fa5a32eee45a4e56d8a03542349619084580cc9c6c25b1ac7f3854b501423eafdd32896af92ce8ca6923947d77c16030100040e000000"
)
tls_ctx.insert(tls.TLS(server_hello))
return tls_ctx
def test_cleartext_message_matches_decrypted_message_with_stream_cipher(self):
# RSA_WITH_RC4_128_SHA
cipher_suite = 0x5
plaintext = "a" * 32
sec_params = tlsc.TLSSecurityParameters.from_pre_master_secret(self.prf, cipher_suite, self.pre_master_secret,
self.client_random, self.server_random)
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.negotiated.version = tls.TLSVersion.TLS_1_0
tls_ctx.sec_params = sec_params
tls_ctx.client_ctx.sym_keystore = sec_params.client_keystore
tls_ctx.server_ctx.sym_keystore = sec_params.server_keystore
self.assertEqual(sec_params.master_secret, self.master_secret)
crypto_ctx = tlsc.StreamCryptoContext(tls_ctx, tls_ctx.client_ctx)
tls_ctx.client_ctx.crypto_ctx = crypto_ctx
crypto_container = tlsc.CBCCryptoContainer.from_data(tls_ctx, tls_ctx.client_ctx, plaintext)
decrypted = crypto_ctx.decrypt(crypto_ctx.encrypt(crypto_container))
self.assertEqual(str(crypto_container), decrypted)
self.assertTrue(str(crypto_container).startswith(plaintext))
def __init__(self, target, client=True, tls_ctx=None):
self.client = client
self.target = target
try:
self._s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
except Exception as err:
print('[!] Cannot create socket')
print(err)
if tls_ctx is None:
import scapy_ssl_tls.ssl_tls_crypto as tlsc
self.tls_ctx = tlsc.TLSSessionCtx(self.client)
else:
self.tls_ctx = tls_ctx
self.ctx = self.tls_ctx.client_ctx if self.client else self.tls_ctx.server_ctx
self.compress_hook = None
self.pre_encrypt_hook = None
self.encrypt_hook = None
def setUp(self):
cipher_suite = tls.TLSCipherSuite.ECDHE_RSA_WITH_AES_128_GCM_SHA256
self.tls_ctx = tlsc.TLSSessionCtx()
self.tls_ctx.negotiated.version = tls.TLSVersion.TLS_1_2
self.tls_ctx.server_ctx.sequence = 5
self.tls_ctx.server_ctx.nonce = 72623859790382856
self.ctx = self.tls_ctx.server_ctx
self.prf = tlsc.TLSPRF(tls.TLSVersion.TLS_1_0)
self.pre_master_secret = "\x03\x01aaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbb"
self.client_random = "a" * 32
self.server_random = "z" * 32
self.master_secret = binascii.unhexlify(
"43278712b1feba3622c5745f79908a77b6e801239fc19390240cc45a17517b6218dfcb3f370c97f15329251e7a20ffb0")
self.tls_ctx.sec_params = tlsc.TLSSecurityParameters.from_master_secret(self.prf, cipher_suite,
self.master_secret,
self.client_random, self.server_random)
self.tls_ctx.server_ctx.sym_keystore = self.tls_ctx.sec_params.server_keystore
self.tls_ctx.client_ctx.sym_keystore = self.tls_ctx.sec_params.client_keystore
unittest.TestCase.setUp(self)
def test_session_context_is_removed_from_scapy_on_init(self):
pkt = tls.TLSRecord() / tls.TLSAlert()
records = tls.TLS(str(pkt), ctx=tlsc.TLSSessionCtx())
with self.assertRaises(KeyError):
records.fields["ctx"]
W2/MA0YV0ug2FYinHcZdvKM6dimH8GLfa3X8xKRfzjGjTiMSwsdjgMa4awY3tEHH
674jhAECgYEA/zqMrc0zsbNk83sjgaYIug5kzEpN4ic020rSZsmQxSCerJTgNhmg
utKSCt0Re09Jt3LqG48msahX8ycqDsHNvlEGPQSbMu9IYeO3Wr3fAm75GEtFWePY
BhM73I7gkRt4s8bUiUepMG/wY45c5tRF23xi8foReHFFe9MDzh8fJFECgYEA9EFX
4qAik1pOJGNei9BMwmx0I0gfVEIgu0tzeVqT45vcxbxr7RkTEaDoAG6PlbWP6D9a
WQNLp4gsgRM90ZXOJ4up5DsAWDluvaF4/omabMA+MJJ5kGZ0gCj5rbZbKqUws7x8
bp+6iBfUPJUbcqNqFmi/08Yt7vrDnMnyMw2A/sECgYEAiiuRMxnuzVm34hQcsbhH
6ymVqf7j0PW2qK0F4H1ocT9qhzWFd+RB3kHWrCjnqODQoI6GbGr/4JepHUpre1ex
4UEN5oSS3G0ru0rC3U4C59dZ5KwDHFm7ffZ1pr52ljfQDUsrjjIMRtuiwNK2OoRa
WSsqiaL+SDzSB+nBmpnAizECgYBdt/y6rerWUx4MhDwwtTnel7JwHyo2MDFS6/5g
n8qC2Lj6/fMDRE22w+CA2esp7EJNQJGv+b27iFpbJEDh+/Lf5YzIT4MwVskQ5bYB
JFcmRxUVmf4e09D7o705U/DjCgMH09iCsbLmqQ38ONIRSHZaJtMDtNTHD1yi+jF+
OT43gQKBgQC/2OHZoko6iRlNOAQ/tMVFNq7fL81GivoQ9F1U0Qr+DH3ZfaH8eIkX
xT0ToMPJUzWAn8pZv0snA0um6SIgvkCuxO84OkANCVbttzXImIsL7pFzfcwV/ERK
UM6j0ZuSMFOCr/lGPAoOQU0fskidGEHi1/kW+suSr28TqsyYZpwBDQ==
-----END RSA PRIVATE KEY-----
"""
session = ssl_tls_crypto.TLSSessionCtx()
session.rsa_load_keys(privkey)
session.printed = False
ssl_session_map[target] = session
print "* ready!"
while True:
sniff(filter="tcp port %d" % target[1],
prn=process_ssl,
store=0,
timeout=3)
s.close()
def test_random_pms_is_generated_on_client_hello(self):
tls_ctx = tlsc.TLSSessionCtx()
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientHello(
version=0x0301)
tls_ctx.insert(pkt)
self.assertIsNotNone(tls_ctx.crypto.session.premaster_secret)
def test_load_rsa_privkey_from_pem_file(self):
pem_file = env_local_file("openssl_1_0_1_f_server.pem")
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.rsa_load_keys_from_file(pem_file)
self.assertTrue(tls_ctx.crypto.server.rsa.privkey)
self.assertTrue(tls_ctx.crypto.server.rsa.pubkey)
def test_load_rsa_privkey_from_pem_file(self):
pem_file = env_local_file("openssl_1_0_1_f_server.pem")
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.server_ctx.load_rsa_keys_from_file(pem_file)
self.assertTrue(tls_ctx.server_ctx.asym_keystore.private)
self.assertTrue(tls_ctx.server_ctx.asym_keystore.public)