tlsfuzzer / tlslite-ng Goto Github PK
View Code? Open in Web Editor NEWTLS implementation in pure python, focused on interoperability testing
License: Other
TLS implementation in pure python, focused on interoperability testing
License: Other
Add support for the HMAC-based Extract-and-Expand key Derivation Function from RFC 5869
HMAC_MD5
, HMAC_SHA1
, HMAC_SHA256
, HMAC_SHA384
)secureHash
), convert old methods to itHKDF_expand
function with test vectorsRC4 is not secure, it should not be used unless explicitly selected by user.
Since epydoc is mostly abandoned now, and we use relative imports, which in turn require a patched version of epydoc.
All of this makes setup for contributing harder.
now that ECDHE_RSA is implemented, we can add support for more ChaCha20 ciphersuites
Add support for TLS 1.0 up to TLS 1.2 ciphersuites that use Pre-Shared Key
https://tools.ietf.org/html/draft-ietf-tls-chacha20-poly1305-03 uses different mechanisms and different cipher points than the -00 we have implemented.
Add support for the RSASSA-PSS with MGF1 signature algorithm from RFC 3447
Add continous integration on windows using http://www.appveyor.com/
add support for negotiating FFDHE parameters from RFC 7919
add support for ciphersuites that use SHA384 PRF and/or HMAC
It looks like all unittests pass on pypy (Python 2.7) so it would be useful to add testing of it to Travis CI, we could then make support for it official.
The signature made on parameters doesn't follow TLSv1.2 format, as such the ServerKeyExchange for those ciphers is invalid and not interoperable.
The travis-ci functionality to run tests on OSX is open to public now. Configure .travis.yml
to actually use it.
See: https://docs.travis-ci.com/user/osx-ci-environment/ for configuration.
Support for IPv6 is not certain, having test cases verifying it with all the high level APIs is needed.
Some methods, like _isIP in tlslite/integration/clienthelper.py will certainly need fixing.
Currently the test_tlslite_utils_constanttime.py is running assertions against a large set of possible inputs, causing those tests to dominate overall unit test time.
The tests should be updated to use the hypothesis
module for unit testing.
tlslite.utils.codec.Parser
uses the SyntaxError
exception in case the received data can't be parsed as requested.
This is problematic, as the same exception is raised by the runtime environment when there are syntax errors in running code. So a typo in low level code is easy to miss and hard to debug.
Make the Parser raise a TLSLite specific exception in cases like this.
The methods in Parser should also be documented.
continuing thread from tlslite, issue 113
call to handshakeClientAnonymous fails with handshake_failure
code used and error backtrace
import socket
from tlslite import TLSConnection
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(5)
sock.connect((<ip>,<port>))
c = TLSConnection(socket)
c.handshakeClientAnonymous()
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/<python-path>/tlslite/tlsconnection.py", line 243, in handshakeClientAnonymous
for result in handshaker:
File "/<python-path>/tlslite/tlsconnection.py", line 439, in _handshakeClientAsync
for result in self._handshakeWrapperAsync(handshaker, checker):
File "/<python-path>/tlslite/tlsconnection.py", line 2060, in _handshakeWrapperAsync
for result in handshaker:
File "/<python-path>/tlslite/tlsconnection.py", line 533, in _handshakeClientAsyncHelper
for result in self._clientGetServerHello(settings, clientHello):
File "/<python-path>/tlslite/tlsconnection.py", line 687, in _clientGetServerHello
HandshakeType.server_hello):
File "/<python-path>/tlslite/tlsrecordlayer.py", line 681, in _getMsg
raise TLSRemoteAlert(alert)
tlslite.errors.TLSRemoteAlert: handshake_failure
Add support for cipher suites that use DSA certificates for authentication.
To make the library fully portable, we need to have implementation of 3DES in pure Python, for now we only use it with pycrypto or m2crypto loaded.
While adding support for the non standardized Salsa20 ciphers is mostly useless, and ChaCha20 definitions from agl draft or old IETF drafts are not widely used, having the code points defined will be helpful for the scanners built on top of tlslite-ng
.
Add support for ciphersuites that use ECDSA certificates
the protocol is starting to take final shape
optionally:
While NPN was the first one and is widely deployed, it's the ALPN that is actual standard (and deployments like Google said that they won't support NPN forever).
Implement RFC 7301
since Travis has OpenSSL installed, we can use it to check most obvious things like AES-GCM, client certificates or protocol versions in general
The current TLSv1.3 draft includes extending the TLSv1.2 to support RSA-PSS too.
depends on #108
Implement Maximum Fragment Length Notification, also known as max_fragment_length, from RFC 6066
after connecting using
tls.py client -u alice -p abra123cadabra localhost:4443
(incorrectly syntaxed in README)
Server:
tls.py server -v verifierDB localhost:4443
I am an HTTPS test server, I will listen on localhost:4443
Serving files from /home/sander/src/tlslite-ng/tests
Using verifier DB...
About to handshake...
----------------------------------------
Exception happened during processing of request from ('127.0.0.1', 36312)
Traceback (most recent call last):
File "/usr/lib/python2.7/SocketServer.py", line 596, in process_request_thread
self.finish_request(request, client_address)
File "/usr/local/lib/python2.7/dist-packages/tlslite/integration/tlssocketservermixin.py", line 55, in finish_request
if self.handshake(tlsConnection) == True:
File "/usr/local/bin/tls.py", line 345, in handshake
reqCert=reqCert)
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1102, in handshakeServer
nextProtos=nextProtos, anon=anon):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1131, in handshakeServerAsync
for result in self._handshakeWrapperAsync(handshaker, checker):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1906, in _handshakeWrapperAsync
for result in handshaker:
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1264, in _handshakeServerAsyncHelper
settings):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1575, in _serverSRPKeyExchange
serverKeyExchange = keyExchange.makeServerKeyExchange(sigHash)
File "/usr/local/lib/python2.7/dist-packages/tlslite/keyexchange.py", line 406, in makeServerKeyExchange
entry = self.verifierDB[srpUsername]
File "/usr/local/lib/python2.7/dist-packages/tlslite/basedb.py", line 59, in __getitem__
valueStr = self.db[username]
File "/usr/lib/python2.7/bsddb/__init__.py", line 270, in __getitem__
return _DeadlockWrap(lambda: self.db[key]) # self.db[key]
File "/usr/lib/python2.7/bsddb/dbutils.py", line 68, in DeadlockWrap
return function(*_args, **_kwargs)
File "/usr/lib/python2.7/bsddb/__init__.py", line 270, in <lambda>
return _DeadlockWrap(lambda: self.db[key]) # self.db[key]
TypeError: String or Integer object expected for key, unicode found
----------------------------------------
Tested on Python 2.7.12 and Python 2.7.3
Implement ciphers from https://tools.ietf.org/html/draft-ietf-tls-chacha20-poly1305-00
Allow for loading of a set of CA certificates (or support for the OpenSSL CApath) and verification if the signatures on the certificates were made by the CAs.
Add support for RFC 4507
Add support for draft-ietf-tls-curve25519-01. See also RFC 7748.
Possible implementations for Ed25519:
And for Curve25519:
the scripts/tls.py
server writes responses line by line (at least the headers do), creating a lot of Application Data fragments and leaks the information about size of headers
it should use some caching mechanism so that if all HTTP data fits in a single record, it should send a single record
python3-ecdsa, python3-coverage and python3-libs
are named
python34-ecdsa, python34-coverage and python34-libs
Some packages need to be installed with pip. Pip installation file can be downloaded at
https://pip.pypa.io/en/stable/installing/
pip2 is installed with command python get-pip.py
pip3 is installed with command python3 get-pip.py
python3-hypothesis, python-diff-cover, python3-diff-cover and python3-pylint
has to be installed with pip as
diff-cover for pip2
hypothesis, diff-cover and pylint for pip3
I;m having trouble:
root@ml ~/tlslite-ng# make test
cd tests/ && python ./tlstest.py server localhost:4433 . & sleep 1
cd tests/ && python ./tlstest.py client localhost:4433 .
Test 0 - anonymous handshake
Test 0 - Anonymous server handshake
Test 1 - good X.509
Test 1 - good X509 (plus SNI)
Traceback (most recent call last):
File "./tlstest.py", line 1279, in <module>
clientTestCmd(sys.argv[2:])
File "./tlstest.py", line 118, in clientTestCmd
connection.handshakeClientCert(serverName=address[0])
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 350, in handshakeClientCert
for result in handshaker:
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 366, in _handshakeClientAsync
for result in self._handshakeWrapperAsync(handshaker, checker):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1906, in _handshakeWrapperAsync
for result in handshaker:
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 545, in _handshakeClientAsyncHelper
nextProto):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 964, in _clientFinished
for result in self._sendFinished(masterSecret, cipherSuite, nextProto):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1847, in _sendFinished
for result in self._sendMsg(finished):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsrecordlayer.py", line 590, in _sendMsg
for result in self._sendMsgThroughSocket(msgFragment):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsrecordlayer.py", line 597, in _sendMsgThroughSocket
for result in self._recordLayer.sendRecord(msg):
File "/usr/local/lib/python2.7/dist-packages/tlslite/recordlayer.py", line 469, in sendRecord
data = self._encryptThenSeal(data, contentType)
File "/usr/local/lib/python2.7/dist-packages/tlslite/recordlayer.py", line 417, in _encryptThenSeal
buf = self._writeState.encContext.seal(nonce, buf, authData)
File "/usr/local/lib/python2.7/dist-packages/tlslite/utils/chacha20_poly1305.py", line 55, in seal
otk = self.poly1305_key_gen(self.key, nonce)
File "/usr/local/lib/python2.7/dist-packages/tlslite/utils/chacha20_poly1305.py", line 36, in poly1305_key_gen
poly = ChaCha(key, nonce)
File "/usr/local/lib/python2.7/dist-packages/tlslite/utils/chacha.py", line 137, in __init__
self.key = ChaCha._bytearray_to_words(key)
File "/usr/local/lib/python2.7/dist-packages/tlslite/utils/chacha.py", line 122, in _bytearray_to_words
compat26Str(data[i*4:(i+1)*4])))
struct.error: unpack requires a string argument of length 4
make: *** [test] Error 1
root@ml ~/tlslite-ng# Traceback (most recent call last):
File "./tlstest.py", line 1281, in <module>
serverTestCmd(sys.argv[2:])
File "./tlstest.py", line 764, in serverTestCmd
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key)
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1102, in handshakeServer
nextProtos=nextProtos, anon=anon):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1131, in handshakeServerAsync
for result in self._handshakeWrapperAsync(handshaker, checker):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1906, in _handshakeWrapperAsync
for result in handshaker:
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1316, in _handshakeServerAsyncHelper
nextProtos):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1807, in _serverFinished
expect_next_protocol=nextProtos is not None):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1895, in _getFinished
HandshakeType.finished):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsrecordlayer.py", line 646, in _getMsg
for result in self._getNextRecord():
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsrecordlayer.py", line 817, in _getNextRecord
for result in self._getNextRecordFromSocket():
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsrecordlayer.py", line 841, in _getNextRecordFromSocket
for result in self._recordLayer.recvRecord():
File "/usr/local/lib/python2.7/dist-packages/tlslite/recordlayer.py", line 695, in recvRecord
for result in self._recordSocket.recv():
File "/usr/local/lib/python2.7/dist-packages/tlslite/recordlayer.py", line 188, in recv
for record in self._recvHeader():
File "/usr/local/lib/python2.7/dist-packages/tlslite/recordlayer.py", line 122, in _recvHeader
for result in self._sockRecvAll(1):
File "/usr/local/lib/python2.7/dist-packages/tlslite/recordlayer.py", line 109, in _sockRecvAll
raise TLSAbruptCloseError()
tlslite.errors.TLSAbruptCloseError: TLSAbruptCloseError()
running regular example:
root@ml tlslite-ng/tests# tls.py server -k serverX509Key.pem -c serverX509Cert.pem localhost:4443
I am an HTTPS test server, I will listen on localhost:4443
Serving files from /root/tlslite-ng/tests
Using certificate and private key...
About to handshake...
----------------------------------------
Exception happened during processing of request from ('127.0.0.1', 48303)
Traceback (most recent call last):
File "/usr/lib/python2.7/SocketServer.py", line 593, in process_request_thread
self.finish_request(request, client_address)
File "/usr/local/lib/python2.7/dist-packages/tlslite/integration/tlssocketservermixin.py", line 55, in finish_request
if self.handshake(tlsConnection) == True:
File "/usr/local/bin/tls.py", line 345, in handshake
reqCert=reqCert)
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1102, in handshakeServer
nextProtos=nextProtos, anon=anon):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1131, in handshakeServerAsync
for result in self._handshakeWrapperAsync(handshaker, checker):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1906, in _handshakeWrapperAsync
for result in handshaker:
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1316, in _handshakeServerAsyncHelper
nextProtos):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1807, in _serverFinished
expect_next_protocol=nextProtos is not None):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1895, in _getFinished
HandshakeType.finished):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsrecordlayer.py", line 646, in _getMsg
for result in self._getNextRecord():
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsrecordlayer.py", line 817, in _getNextRecord
for result in self._getNextRecordFromSocket():
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsrecordlayer.py", line 841, in _getNextRecordFromSocket
for result in self._recordLayer.recvRecord():
File "/usr/local/lib/python2.7/dist-packages/tlslite/recordlayer.py", line 695, in recvRecord
for result in self._recordSocket.recv():
File "/usr/local/lib/python2.7/dist-packages/tlslite/recordlayer.py", line 188, in recv
for record in self._recvHeader():
File "/usr/local/lib/python2.7/dist-packages/tlslite/recordlayer.py", line 122, in _recvHeader
for result in self._sockRecvAll(1):
File "/usr/local/lib/python2.7/dist-packages/tlslite/recordlayer.py", line 109, in _sockRecvAll
raise TLSAbruptCloseError()
TLSAbruptCloseError: TLSAbruptCloseError()
----------------------------------------
Response from client
root@ml tlslite-ng/tests# tls.py client localhost:4443 Traceback (most recent call last):
File "/usr/local/bin/tls.py", line 387, in <module>
clientCmd(sys.argv[2:])
File "/usr/local/bin/tls.py", line 264, in clientCmd
settings=settings, serverName=address[0])
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 350, in handshakeClientCert
for result in handshaker:
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 366, in _handshakeClientAsync
for result in self._handshakeWrapperAsync(handshaker, checker):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1906, in _handshakeWrapperAsync
for result in handshaker:
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 545, in _handshakeClientAsyncHelper
nextProto):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 964, in _clientFinished
for result in self._sendFinished(masterSecret, cipherSuite, nextProto):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsconnection.py", line 1847, in _sendFinished
for result in self._sendMsg(finished):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsrecordlayer.py", line 590, in _sendMsg
for result in self._sendMsgThroughSocket(msgFragment):
File "/usr/local/lib/python2.7/dist-packages/tlslite/tlsrecordlayer.py", line 597, in _sendMsgThroughSocket
for result in self._recordLayer.sendRecord(msg):
File "/usr/local/lib/python2.7/dist-packages/tlslite/recordlayer.py", line 469, in sendRecord
data = self._encryptThenSeal(data, contentType)
File "/usr/local/lib/python2.7/dist-packages/tlslite/recordlayer.py", line 417, in _encryptThenSeal
buf = self._writeState.encContext.seal(nonce, buf, authData)
File "/usr/local/lib/python2.7/dist-packages/tlslite/utils/chacha20_poly1305.py", line 55, in seal
otk = self.poly1305_key_gen(self.key, nonce)
File "/usr/local/lib/python2.7/dist-packages/tlslite/utils/chacha20_poly1305.py", line 36, in poly1305_key_gen
poly = ChaCha(key, nonce)
File "/usr/local/lib/python2.7/dist-packages/tlslite/utils/chacha.py", line 137, in __init__
self.key = ChaCha._bytearray_to_words(key)
File "/usr/local/lib/python2.7/dist-packages/tlslite/utils/chacha.py", line 122, in _bytearray_to_words
compat26Str(data[i*4:(i+1)*4])))
struct.error: unpack requires a string argument of length 4
@tomato42 any help appreciated
ecdsa
is rather unpythonic (e.g. accessor methods instead of properties) and some of its versions installed on systems we are used may be clobbered (Fedora) or simply old. Doing a refactor of it and incorporating it would make use of tlslite-ng much simpler.
Add support for padding extension from RFC 7685
calcExtendedMasterSecret()
, calcMasterSecret()
, calcFinished()
, _calcKeyBlock()
, all use essentially the same code, with just different labels. We should move it to single place
AECDH support is limited to just client code, extend server code to support it too
Add support for Datagram TLS - TLS over UDP
Add support for X9.62 compressed ECC point format from prime field curves and characteristic 2 curves.
related: #373
In Python 3.4 (backported to older as enum34) Enum type was added to handle better the enumerations. IntEnum could be used for AlertDescription, HandshakeType, etc.
since verification of RSA signatures is very inexpensive and failure in signature is usually fatal, make sure that the result of signing is sane
The current integration testing code could benefit from some refactoring. The auto-numbering is a massive improvement, but there's still some minor annoyances:
make test
runs to fail ('Address already in use'). The exact circumstances for triggering this are unclear, beyond getting (un)lucky when you abort the test.One option that comes to mind is to rewrite the tests to use the async API, which would remove the need for separate client and server processes. Testing could then be managed with the unittest module, to be consistent with the unit tests. Seem reasonable?
Also, a couple of minor notes related to testing in general:
make test
target doesn't seem particularly useful given that it's undocumented and tests the installed copy of tlslite instead of the local copy. It also doesn't run unit tests and only runs the test on the default python. Perhaps the 'test' and 'test-local' targets should be removed, and 'test-dev' split up so that 'test' can invoke the unit/integration tests without running the linter/coverage checker.For now the renegotiation is rejected on server side and simply unsupported in client side.
When implementing we need to make sure that the certificates and encryption settings stay associated with correct session.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.