HVLearn is an open-source tool/framework for analyzing hostname verification in SSL/TLS implementations using automata learning. It is good for finding bugs, vulnerabilities and RFC discrepancies in implementations. The core of this project is written in Java and mainly implemented with LearnLib project. Some parts of the code are written in C, particularly for generating certificate template.
Given a specific pattern of certificate identifier (e.g., common name and subject alternative name fields), HVLearn uses automata learning algorithms to infer a Deterministic Finite Automaton (DFA) that describes the set of all hostnames that match the given certificate identifier. The output inferred DFA can be compared to DFAs from different implementations to find discrepancies or performed an equivalence test against a DFA which is derived from any regular expression as an expected rule.
For more detail about algorithm and evaluation, see our paper:
HVLearn: Automated Black-box Analysis of Hostname Verification in SSL/TLS
Implementations
[PDF]
Suphannee Sivakorn, George Argyros, Kexin Pei, Angelos D. Keromytis and Suman Jana
Want to try? Please refer to our Wiki page for setting up instruction and framework implementation. Look for certificate templates we have used in testing, they are in our CERT_TEMPLATES directory.
HVLearn is developed at Columbia University, New York, NY, USA in 2016-2017.
HVLearn is developed and maintained by (alphabetically):Found a bug? Please open a new issue!
All code and documentation copyright the HVLearn Authors and Network Security Lab at Columbia University, New York, NY, USA. Code released under MIT License and document released under Creative Commons.