private static Pkcs1Vector getPlainCorrect(int publicKeyBitLength, ProtocolVersion protocolVersion) { byte[] keyBytes = new byte[HandshakeByteLength.PREMASTER_SECRET]; Arrays.fill(keyBytes, (byte) 42); keyBytes[0] = protocolVersion.getMajor(); keyBytes[1] = protocolVersion.getMinor(); int publicKeyByteLength = publicKeyBitLength / 8; return new Pkcs1Vector("Correctly formatted PKCS#1 PMS message", getPaddedKey(publicKeyByteLength, keyBytes)); }
private void writeProtocolVersion(StatePlaintext statePlaintext) { appendBytes(statePlaintext.getProtocolVersion().getValue()); LOGGER.debug("ProtocolVersion: " + ProtocolVersion.getProtocolVersion(statePlaintext.getProtocolVersion().getValue()).name()); }
@Override public ProtocolVersion convert(String value) { try { return ProtocolVersion.fromString(value); } catch (IllegalArgumentException ex) { throw new ParameterException(ex); } } }
private void prepareProtocolVersion() { ProtocolVersion ourVersion = chooser.getConfig().getHighestProtocolVersion(); ProtocolVersion clientVersion = chooser.getHighestClientProtocolVersion(); int intRepresentationOurVersion = ourVersion.getValue()[0] * 0x100 + ourVersion.getValue()[1]; int intRepresentationClientVersion = clientVersion.getValue()[0] * 0x100 + clientVersion.getValue()[1]; if (chooser.getConfig().isEnforceSettings()) { msg.setProtocolVersion(ourVersion.getValue()); } else { if (chooser.getHighestClientProtocolVersion().isDTLS() && chooser.getConfig().getHighestProtocolVersion().isDTLS()) { msg.setProtocolVersion(ourVersion.getValue()); } else { msg.setProtocolVersion(clientVersion.getValue()); if (!chooser.getHighestClientProtocolVersion().isDTLS() && !chooser.getConfig().getHighestProtocolVersion().isDTLS()) { msg.setProtocolVersion(ourVersion.getValue()); } else { msg.setProtocolVersion(clientVersion.getValue()); msg.setProtocolVersion(chooser.getSelectedProtocolVersion().getValue());
@Override public void execute(State state) throws WorkflowExecutionException { TlsContext tlsContext = state.getTlsContext(getConnectionAlias()); if (isExecuted()) { throw new WorkflowExecutionException("Action already executed!"); } oldValue = tlsContext.getSelectedProtocolVersion(); tlsContext.setSelectedProtocolVersion(newValue); LOGGER.info("Changed ProtocolVersion from " + oldValue == null ? oldValue.name() : null + " to " + newValue.name()); setExecuted(true); }
addExtension(new HeartbeatExtensionMessage()); if (tlsConfig.isAddECPointFormatExtension() && !tlsConfig.getHighestProtocolVersion().isTLS13()) { addExtension(new ECPointFormatExtensionMessage()); && tlsConfig.getHighestProtocolVersion().getMinor() < 0x17) { addExtension(new KeyShareExtensionMessage(ExtensionType.KEY_SHARE_OLD, tlsConfig)); } else {
@Override public byte[] serializeHandshakeMessageContent() { LOGGER.debug("Serializing RSAClientKeyExchangeMessage"); if (!version.isSSL()) { writeSerializedPublicKeyLength(msg); } writeSerializedPublickey(msg); return getAlreadySerialized(); }
private void prepareProtocolVersion(Record record) { if (chooser.getSelectedProtocolVersion().isTLS13() || chooser.getContext().getActiveKeySetTypeWrite() == Tls13KeySetType.EARLY_TRAFFIC_SECRETS) { record.setProtocolVersion(ProtocolVersion.TLS12.getValue()); } else { record.setProtocolVersion(chooser.getSelectedProtocolVersion().getValue()); } LOGGER.debug("ProtocolVersion: " + ArrayConverter.bytesToHexString(record.getProtocolVersion().getValue())); }
sb.append("\n Protocol Version: "); if (getProtocolVersion() != null) { sb.append(ProtocolVersion.getProtocolVersion(getProtocolVersion().getValue())); } else { sb.append("null"); if (!ProtocolVersion.getProtocolVersion(getProtocolVersion().getValue()).isTLS13()) { sb.append(new Date(ArrayConverter.bytesToLong(getUnixTime().getValue()) * 1000)); } else { if (!ProtocolVersion.getProtocolVersion(getProtocolVersion().getValue()).isTLS13()) { sb.append(ArrayConverter.bytesToHexString(getSessionId().getValue())); } else { if (!ProtocolVersion.getProtocolVersion(getProtocolVersion().getValue()).isTLS13()) { sb.append(CompressionMethod.getCompressionMethod(selectedCompressionMethod.getValue())); } else {
private byte[] computeVerifyData() throws CryptoException { if (chooser.getSelectedProtocolVersion().isTLS13()) { try { HKDFAlgorithm hkdfAlgortihm = AlgorithmResolver.getHKDFAlgorithm(chooser.getSelectedCipherSuite()); throw new CryptoException(ex); } else if (chooser.getSelectedProtocolVersion().isSSL()) { LOGGER.trace("Calculating VerifyData:"); final byte[] handshakeMessageContent = chooser.getContext().getDigest().getRawBytes();
/** * Return true, if protocol version TLS 1.3 * * @return True if protocolVersion is TLS.13 or a Draft of TLS 1.3 */ public boolean isTLS13() { return this == TLS13 || this.getMajor() == 0x7F; }
public static List<ProtocolVersion> getProtocolVersions(byte[] values) { List<ProtocolVersion> versions = new LinkedList<>(); if (values.length % 2 != 0) { throw new UnknownProtocolVersionException("Last ProtocolVersion are unknown!"); } int pointer = 0; while (pointer < values.length) { byte[] version = new byte[2]; version[0] = values[pointer]; version[1] = values[pointer + 1]; ProtocolVersion tempVersion = getProtocolVersion(version); if (tempVersion != null) { versions.add(tempVersion); } pointer += 2; } return versions; }
/** * Return the highest protocol version. * * @param list * The List of protocolVersions to search in * @return The highest ProtocolVersion */ public static ProtocolVersion getHighestProtocolVersion(List<ProtocolVersion> list) { ProtocolVersion highestProtocolVersion = null; for (ProtocolVersion pv : list) { if (highestProtocolVersion == null) { highestProtocolVersion = pv; } if (pv != null && ArrayConverter.bytesToInt(pv.getValue()) > ArrayConverter.bytesToInt(highestProtocolVersion .getValue())) { highestProtocolVersion = pv; } } return highestProtocolVersion; }
@Override public void adjustTLSExtensionContext(SupportedVersionsExtensionMessage message) { byte[] versionBytes = message.getSupportedVersions().getValue(); if (versionBytes.length % HandshakeByteLength.VERSION != 0) { throw new AdjustmentException("Could not create resonable ProtocolVersions from VersionBytes"); } List<ProtocolVersion> versionList = ProtocolVersion.getProtocolVersions(versionBytes); if (context.getTalkingConnectionEndType() == ConnectionEndType.CLIENT) { context.setClientSupportedProtocolVersions(versionList); context.setHighestClientProtocolVersion(ProtocolVersion.getHighestProtocolVersion(versionList)); } else { if (versionList.size() == 1) { context.setSelectedProtocolVersion(versionList.get(0)); } else { LOGGER.warn("Received a SupportedProtocolVersionExtension with unknown contents"); } } }
&& tlsConfig.getHighestProtocolVersion().getMinor() < 0x17) { addExtension(new KeyShareExtensionMessage(ExtensionType.KEY_SHARE_OLD, tlsConfig)); } else {
private boolean isDTLS() { return chooser.getSelectedProtocolVersion().isDTLS(); }
vulnerable |= executeAttackRound(version, suite); } catch (Throwable t) { LOGGER.warn("Problem while testing " + version.name() + " with Ciphersuite " + suite.name()); LOGGER.debug(t);
protected byte[] serializeRsaParams() { if (!version.isSSL()) { writeSerializedPublicKeyLength(msg); } writeSerializedPublickey(msg); return getAlreadySerialized(); }
private void prepareProtocolVersion(ClientHelloMessage msg) { if (chooser.getConfig().getHighestProtocolVersion().isTLS13()) { msg.setProtocolVersion(ProtocolVersion.TLS12.getValue()); } else { msg.setProtocolVersion(chooser.getConfig().getHighestProtocolVersion().getValue()); } LOGGER.debug("ProtocolVersion: " + ArrayConverter.bytesToHexString(msg.getProtocolVersion().getValue())); }
@Override protected void parseHandshakeMessageContent(ServerHelloMessage msg) { LOGGER.debug("Parsing ServerHelloMessage"); parseProtocolVersion(msg); ProtocolVersion version = ProtocolVersion.getProtocolVersion(msg.getProtocolVersion().getValue()); if (version != null) { setVersion(version); } parseRandom(msg); if (!getVersion().isTLS13()) { parseSessionIDLength(msg); parseSessionID(msg); } parseSelectedCiphersuite(msg); if (!getVersion().isTLS13()) { parseSelectedComressionMethod(msg); } if (hasExtensionLengthField(msg)) { parseExtensionLength(msg); if (hasExtensions(msg)) { parseExtensionBytes(msg); } } }