search

tls-attacker / TLS-Attacker

TLS-Attacker is a Java-based framework for analyzing TLS libraries. It can be used to manually test TLS clients and servers or as as a software library for more advanced tools.
Apache License 2.0
778 stars 135 forks source link

How to construct a TLS Record with empty content? #154

Open lh0xf opened 1 year ago

lh0xf commented 1 year ago

I want to construct some empty TLS messages (like EmptyClientHello, EmptyChangeCipherSpec) to test if the TLS implementations handles them correctly. Also, I want to achieve this through xml files. Below are my codes.

<workflowTrace>
    <Send>
        <messages>
        </messages>
        <records>
            <Record>
                <contentType>
                    <ByteExplicitValueModification>
                        <explicitValue>22</explicitValue>
                    </ByteExplicitValueModification>
                </contentType>
                <length>
                    <IntegerExplicitValueModification>
                        <explicitValue>0</explicitValue>
                    </IntegerExplicitValueModification>
                </length>
            </Record>
        </records>
    </Send>
</workflowTrace>

Does it work ? Thanks for any help.

ic0ns commented 1 year ago

On which version of TLS-Attacker are you? We recently had bigger changes around this, I want to make sure that the solution will work for you.

lh0xf commented 1 year ago

TLS-Attacker 3.7.3

<dependency>
            <groupId>de.rub.nds.tlsattacker</groupId>
            <artifactId>TLS-Core</artifactId>
            <version>3.7.3</version>
            <type>jar</type>
</dependency>