search

tintinweb / scapy-ssl_tls

SSL/TLS layers for scapy the interactive packet manipulation tool
GNU General Public License v2.0
419 stars 156 forks source link

Initial changes for client DHE support #35

Closed alexmgr closed 9 years ago

alexmgr commented 9 years ago

Initial pass at DHE support. Requires more work (DSA, actual Y_c generation and pms derivation, rebase, ...) but initial framework is there. Made preparatory changes for client ECDHE support also if I ever get to implement TLS 1.2 support.

buildhive commented 9 years ago

tintin » scapy-ssl_tls #111 FAILURE Looks like there's a problem with this pull request (what's this?)

buildhive commented 9 years ago

tintin » scapy-ssl_tls #112 SUCCESS This pull request looks good (what's this?)

alexmgr commented 9 years ago

This is what a TLS 1.1 with DHE + CBC mode looks like:

<TLSSessionCtx: id=4394621392
     params.handshake.client=<TLSClientHello  version=TLS_1_1 cipher_suites=[51] compression_methods=[0] |>
     params.handshake.server=<TLSServerHello  version=TLS_1_1 gmt_unix_time=3611277296 random_bytes='p\x83\x0f\xe9\xd7\xfb\x04\x8e\x15O\xd8\xbd\xf6\xa4M\xee\xa8\x02L9\xd0D\xdc>K\xf8\x0b\x7f' session_id_length=0x20 session_id='}\x1fZh\xa7\x1b\xbe\\*\x19\xfe:\xad\xed\x1c\x95\xacYj\xf4\x88\r\xf3\x85Pe\xc4\x10\xa8\xf3ky' cipher_suite=DHE_RSA_WITH_AES_128_CBC_SHA compression_method=NULL |>
     params.negotiated.version=TLS_1_1
     params.negotiated.ciphersuite=DHE_RSA_WITH_AES_128_CBC_SHA
     params.negotiated.key_exchange=DHE
     params.negotiated.encryption=('AES', 16, 'CBC')
     params.negotiated.mac=SHA
     params.negotiated.compression=NULL
     crypto.client.enc=<Crypto.Cipher.AES.AESCipher instance at 0x105f9b878>
     crypto.client.dec=<Crypto.Cipher.AES.AESCipher instance at 0x105f9b950>
     crypto.server.enc=<Crypto.Cipher.AES.AESCipher instance at 0x105f9b998>
     crypto.server.dec=<Crypto.Cipher.AES.AESCipher instance at 0x105f9b9e0>
     crypto.server.rsa.privkey=None
     crypto.server.rsa.pubkey=<Crypto.Cipher.PKCS1_v1_5.PKCS115_Cipher instance at 0x105f7d830>
     crypto.server.dsa.privkey=None
     crypto.server.dsa.pubkey=None
     crypto.client.dh.x='\x0b\xefu.0\x16\xec\x06n\xad\\n|(\xbe\\B\x98\x03\xb9\xaa8\xcb\x0e\xa3\x83[\xb0\x862\xf6\xdf'
     crypto.client.dh.y_c='/T\xdc;\xc49\xa6\x8cD\xd4\xc1\x07I|\xb6\xc8\xaf\xb5\x04\xe9\xfb\t\x0e}\x14~\xa4\x1f\xdfo\x08u)Z\xb3\x0e\x1c^\xa3x0\x90\xa1\xd7\x82\x9dLT\xa6^\xcc\xf7\xae\x87\x97\x86vi\x02s\x10\xb3\xdbo'
     crypto.server.dh.p='\xdaX<\x16\xd9\x85"\x89\xd0\xe4\xafuoL\xca\x92\xddK\xe53\xb8\x04\xfb\x0f\xed\x94\xef\x9c\x8aD\x03\xedWFP\xd3i\x99\xdb)\xd7v\'k\xa2\xd3\xd4\x12\xe2\x18\xf4\xdd\x1e\x08L\xf6\xd8\x00>|Gt\xe83'
     crypto.server.dh.g='\x02'
     crypto.server.dh.x=None
     crypto.server.dh.y_s='b\x1bF\xd4\xbe\xc6\x83d\x80\x1e\xeam\x86^\xcc!\xb2\x1b\x85+\xbd$j\xc9\x05\xf4\x14\x82 7\x8f_\x13\xcb\xef\xabyd\xb4\xc8\xda\xde\xac\xe8Zr\x8f\xb5\xfc\n\x16\xb0b\xf7\xd9!\x8d\x03\xef\n\r9\xd8\x87'
     crypto.session.encrypted_premaster_secret=None
     crypto.session.premaster_secret='}\xcae\xd2y\xd7F$\xde"\xa9s\xfbNR9v\x19t9\x87\xa8\xa3\x9c\xccb]\x13\xb7\x8a\x8f\xdf\x7fv\x05\xa6\xf1\xa7\xc8\xf4X\xe3\xd4\xac\xd6\x1e4\xb4\x1cc\xbb\xce\xbe\x94lQ\x91\xb9\xde\xb7\xa6gu_'
     crypto.session.master_secret='\xe2n\r9@\x08\xc9\xb6\xe6\xac\xc3\xa6\n\'[E\xdd\x82\x82\xe4\x12KH%\xf2Hb}>\x00\x11\xd6\x83\x0b"\xd3\xb9\xaa\xf9r\x1d\xf1G\xfcE\x8c\xe0\xcb'
     crypto.session.randombytes.client='U\x88\\lc!\xfe\t\x06\x81^ft\xf0\xb5C\xd9\x99t\xd6e5\xee\x8e\xfa\xbf\xcb\x81\x89\x17\xf0#'
     crypto.session.randombytes.server='\xd7?\xb7\xf0p\x83\x0f\xe9\xd7\xfb\x04\x8e\x15O\xd8\xbd\xf6\xa4M\xee\xa8\x02L9\xd0D\xdc>K\xf8\x0b\x7f'
     crypto.session.key.client.mac='\x8bs\xc7\xa5\x060\xbc\xb7\xe5e\x92\x10\x16(\x02\x81[Q\x177'
     crypto.session.key.client.encryption='d<\xb3\xde)\x8dp\x99F_\xfb\x11\x01\xa6\xd6\x1e'
     crypto.session.key.cllient.iv='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
     crypto.session.key.server.mac='\xa8\xfde\xeeP \x10\xfb\xae\xac-s\x93\xb7\xff\x8e\xef\x89\x0fm'
     crypto.session.key.server.encryption='\xb9\xbc|@K)\xac\xbf\xe7\xbe\xb4;\xcfd\x9dp'
     crypto.session.key.server.iv='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
     crypto.session.key.length.mac=20
     crypto.session.key.length.encryption=16
     crypto.session.key.length.iv=16
>
tintinweb commented 9 years ago

excellent work :+1:

quick'n'dirty testing against

all worked fine. had some issues with the topsites but looking very good so far!

alexmgr commented 9 years ago

Thanks for testing it out. What issues did you hit? Can you send me the urls which failed? I'll have a look and fix if possible.

tintinweb commented 9 years ago

Layer 8 problem detected ;) your code is working perfectly fine. Looks like most of the topsites disabled support for DHE in favor of ECDHE, that's why I got handshake errors.

alexmgr commented 9 years ago

Cool ;) I might merge this in then. It should allow easy ECDHE support once TLS 1.2 is implemented.

DSA key loading is lacking due to pycrypto lacking importKeys interface. Filed bug with them, we'll see what come out of it. I might port the self contained code used to load the DSA keys from their master otherwise. But that's for another change ;)

tintinweb commented 9 years ago

go ahead with the merge and thanks for adding DHE support!

buildhive commented 9 years ago

tintin » scapy-ssl_tls #117 SUCCESS This pull request looks good (what's this?)