first commit (from svn to git)

Attacks/license_header.txt

@@ -0,0 +1,8 @@
+<#if licenseFirst??>
+${licenseFirst}
+</#if>
+${licensePrefix}Here comes the text of your license
+${licensePrefix}Each line should be prefixed with ${licensePrefix}
+<#if licenseLast??>
+${licenseLast}
+</#if>

Attacks/nb-configuration.xml

@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project-shared-configuration>
+    <!--
+This file contains additional configuration written by modules in the NetBeans IDE.
+The configuration is intended to be shared among all the users of project and
+therefore it is assumed to be part of version control checkout.
+Without this configuration present, some functionality in the IDE may be limited or fail altogether.
+-->
+    <properties xmlns="http://www.netbeans.org/ns/maven-properties-data/1">
+        <!--
+Properties that influence various parts of the IDE, especially code formatting and the like. 
+You can copy and paste the single properties, into the pom.xml file and the IDE will pick them up.
+That way multiple projects can share the same settings (useful for formatting rules for example).
+Any value defined here will override the pom.xml file value but is only applicable to the current project.
+-->
+        <netbeans.hint.licensePath>${project.basedir}/../license_header.txt</netbeans.hint.licensePath>
+        <netbeans.hint.jdkPlatform>SUN_JDK_1.8</netbeans.hint.jdkPlatform>
+    </properties>
+</project-shared-configuration>

Attacks/nbactions.xml

@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<actions>
+        <action>
+            <actionName>run</actionName>
+            <packagings>
+                <packaging>jar</packaging>
+            </packagings>
+            <goals>
+                <goal>process-classes</goal>
+                <goal>org.codehaus.mojo:exec-maven-plugin:1.2.1:exec</goal>
+            </goals>
+            <properties>
+                <exec.args>-classpath %classpath ${packageClassName} elliptic_test -connect localhost:54433 -named_curve SECP192R1 -public_point_base_x 0x9d42769dfdbe113a851bb6b01b1a515d893b5adbc1f61329 -public_point_base_y 0x74749ac0967a8ff4cc54d93187602dd67eb3d22970aca2ca -premaster_secret 0x9d42769dfdbe113a851bb6b01b1a515d893b5adbc1f61329 -cipher TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA</exec.args>
+                <exec.executable>java</exec.executable>
+            </properties>
+        </action>
+        <action>
+            <actionName>debug</actionName>
+            <packagings>
+                <packaging>jar</packaging>
+            </packagings>
+            <goals>
+                <goal>process-classes</goal>
+                <goal>org.codehaus.mojo:exec-maven-plugin:1.2.1:exec</goal>
+            </goals>
+            <properties>
+                <exec.args>-Xdebug -Xrunjdwp:transport=dt_socket,server=n,address=${jpda.address} -classpath %classpath ${packageClassName} elliptic_test -connect localhost:54433 -named_curve SECP192R1 -public_point_base_x 0x9d42769dfdbe113a851bb6b01b1a515d893b5adbc1f61329 -public_point_base_y 0x74749ac0967a8ff4cc54d93187602dd67eb3d22970aca2ca -premaster_secret 0x9d42769dfdbe113a851bb6b01b1a515d893b5adbc1f61329 -cipher TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA</exec.args>
+                <exec.executable>java</exec.executable>
+                <jpda.listen>true</jpda.listen>
+            </properties>
+        </action>
+        <action>
+            <actionName>profile</actionName>
+            <packagings>
+                <packaging>jar</packaging>
+            </packagings>
+            <goals>
+                <goal>process-classes</goal>
+                <goal>org.codehaus.mojo:exec-maven-plugin:1.2.1:exec</goal>
+            </goals>
+            <properties>
+                <exec.args>-classpath %classpath ${packageClassName} elliptic_test -connect localhost:54433 -named_curve SECP192R1 -public_point_base_x 0x9d42769dfdbe113a851bb6b01b1a515d893b5adbc1f61329 -public_point_base_y 0x74749ac0967a8ff4cc54d93187602dd67eb3d22970aca2ca -premaster_secret 0x9d42769dfdbe113a851bb6b01b1a515d893b5adbc1f61329 -cipher TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA</exec.args>
+                <exec.executable>java</exec.executable>
+            </properties>
+        </action>
+    </actions>

Attacks/pom.xml

@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>de.rub.nds.tlsattacker</groupId>
+        <artifactId>TLS-Attacker</artifactId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+    <artifactId>Attacks</artifactId>
+    <packaging>jar</packaging>
+    <dependencies>
+        <dependency>
+            <groupId>${project.groupId}</groupId>
+            <artifactId>TLS</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-assembly-plugin</artifactId>
+                <version>2.4</version>
+                <configuration>
+                    <descriptorRefs>
+                        <descriptorRef>jar-with-dependencies</descriptorRef>
+                    </descriptorRefs>
+                    <archive>
+                        <manifest>
+                            <mainClass>de.rub.nds.tlsattacker.attacks.Main</mainClass>
+                        </manifest>
+                    </archive>
+                </configuration>
+                <executions>
+                    <execution>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>single</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+
+
+</project>

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/Main.java

@@ -0,0 +1,84 @@
+package de.rub.nds.tlsattacker.attacks;
+
+import de.rub.nds.tlsattacker.tls.Attacker;
+import com.beust.jcommander.JCommander;
+import de.rub.nds.tlsattacker.attacks.config.EarlyCCSCommandConfig;
+import de.rub.nds.tlsattacker.attacks.config.EllipticCurveAttackCommandConfig;
+import de.rub.nds.tlsattacker.attacks.config.EllipticCurveAttackTestCommandConfig;
+import de.rub.nds.tlsattacker.attacks.config.HeartbleedCommandConfig;
+import de.rub.nds.tlsattacker.attacks.config.PoodleCommandConfig;
+import de.rub.nds.tlsattacker.attacks.impl.EarlyCCSAttack;
+import de.rub.nds.tlsattacker.attacks.impl.EllipticCurveAttack;
+import de.rub.nds.tlsattacker.attacks.impl.EllipticCurveAttackTest;
+import de.rub.nds.tlsattacker.attacks.impl.HeartbleedAttack;
+import de.rub.nds.tlsattacker.attacks.impl.PoodleAttack;
+import de.rub.nds.tlsattacker.tls.config.ConfigHandler;
+import de.rub.nds.tlsattacker.tls.config.ConfigHandlerFactory;
+import de.rub.nds.tlsattacker.tls.config.GeneralConfig;
+import de.rub.nds.tlsattacker.tls.exceptions.ConfigurationException;
+import java.security.Security;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+
+/**
+ * 
+ * @author Juraj Somorovsky <juraj.somorovsky@rub.de>
+ */
+public class Main {
+
+    public static void main(String[] args) throws Exception {
+
+	// ECC does not work properly in the NSS provider
+	Security.removeProvider("SunPKCS11-NSS");
+	Security.addProvider(new BouncyCastleProvider());
+
+	GeneralConfig generalConfig = new GeneralConfig();
+	JCommander jc = new JCommander(generalConfig);
+
+	EarlyCCSCommandConfig earlyCCS = new EarlyCCSCommandConfig();
+	jc.addCommand(EarlyCCSCommandConfig.ATTACK_COMMAND, earlyCCS);
+	EllipticCurveAttackTestCommandConfig ellipticTest = new EllipticCurveAttackTestCommandConfig();
+	jc.addCommand(EllipticCurveAttackTestCommandConfig.ATTACK_COMMAND, ellipticTest);
+	EllipticCurveAttackCommandConfig elliptic = new EllipticCurveAttackCommandConfig();
+	jc.addCommand(EllipticCurveAttackCommandConfig.ATTACK_COMMAND, elliptic);
+	HeartbleedCommandConfig heartbleed = new HeartbleedCommandConfig();
+	jc.addCommand(HeartbleedCommandConfig.ATTACK_COMMAND, heartbleed);
+	PoodleCommandConfig poodle = new PoodleCommandConfig();
+	jc.addCommand(PoodleCommandConfig.ATTACK_COMMAND, poodle);
+
+	jc.parse(args);
+
+	if (generalConfig.isHelp() || jc.getParsedCommand() == null) {
+	    jc.usage();
+	    return;
+	}
+
+	Attacker attacker;
+	switch (jc.getParsedCommand()) {
+	    case EarlyCCSCommandConfig.ATTACK_COMMAND:
+		attacker = new EarlyCCSAttack(earlyCCS);
+		break;
+	    case EllipticCurveAttackTestCommandConfig.ATTACK_COMMAND:
+		attacker = new EllipticCurveAttackTest(ellipticTest);
+		break;
+	    case EllipticCurveAttackCommandConfig.ATTACK_COMMAND:
+		attacker = new EllipticCurveAttack(elliptic);
+		break;
+	    case HeartbleedCommandConfig.ATTACK_COMMAND:
+		attacker = new HeartbleedAttack(heartbleed);
+		break;
+	    case PoodleCommandConfig.ATTACK_COMMAND:
+		attacker = new PoodleAttack(poodle);
+		break;
+	    default:
+		throw new ConfigurationException("No command found");
+	}
+	ConfigHandler configHandler = ConfigHandlerFactory.createConfigHandler("client");
+	configHandler.initializeGeneralConfig(generalConfig);
+
+	if (configHandler.printHelpForCommand(jc, attacker.getConfig())) {
+	    return;
+	}
+
+	attacker.executeAttack(configHandler);
+    }
+}

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/config/EarlyCCSCommandConfig.java

@@ -0,0 +1,15 @@
+package de.rub.nds.tlsattacker.attacks.config;
+
+import de.rub.nds.tlsattacker.tls.config.ClientCommandConfig;
+
+/**
+ * 
+ * @author Juraj Somorovsky <juraj.somorovsky@rub.de>
+ */
+public class EarlyCCSCommandConfig extends ClientCommandConfig {
+
+    public static final String ATTACK_COMMAND = "early_ccs";
+
+    public void test() {
+    }
+}

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/config/EllipticCurveAttackCommandConfig.java

@@ -0,0 +1,51 @@
+package de.rub.nds.tlsattacker.attacks.config;
+
+import com.beust.jcommander.Parameter;
+import de.rub.nds.tlsattacker.attacks.ec.ICEAttacker;
+import de.rub.nds.tlsattacker.tls.config.ClientCommandConfig;
+import de.rub.nds.tlsattacker.tls.protocol.handshake.constants.CipherSuite;
+import de.rub.nds.tlsattacker.tls.protocol.handshake.constants.NamedCurve;
+import de.rub.nds.tlsattacker.tls.workflow.WorkflowTraceType;
+
+/**
+ * 
+ * @author Juraj Somorovsky <juraj.somorovsky@rub.de>
+ */
+public class EllipticCurveAttackCommandConfig extends ClientCommandConfig {
+
+    public static final String ATTACK_COMMAND = "elliptic";
+
+    @Parameter(names = "-additional_equations", description = "Additional equations used when attacking Oracle JSSE server (needed because of a faulty JSSE implementation).")
+    protected int additionalEquations;
+
+    @Parameter(names = "-server_type", description = "Allows to switch between a normal vulnerable server type and an Oracle server type (for oracle a slightly different algorithm is needed).")
+    protected ICEAttacker.ServerType serverType;
+
+    public EllipticCurveAttackCommandConfig() {
+	cipherSuites.clear();
+	cipherSuites.add(CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA);
+	cipherSuites.add(CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA);
+	namedCurves.clear();
+	namedCurves.add(NamedCurve.SECP256R1);
+	workflowTraceType = WorkflowTraceType.HANDSHAKE;
+	additionalEquations = 3;
+	serverType = ICEAttacker.ServerType.NORMAL;
+    }
+
+    public int getAdditionalEquations() {
+	return additionalEquations;
+    }
+
+    public void setAdditionalEquations(int additionalEquations) {
+	this.additionalEquations = additionalEquations;
+    }
+
+    public ICEAttacker.ServerType getServerType() {
+	return serverType;
+    }
+
+    public void setServerType(ICEAttacker.ServerType serverType) {
+	this.serverType = serverType;
+    }
+
+}

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/config/EllipticCurveAttackTestCommandConfig.java

@@ -0,0 +1,61 @@
+package de.rub.nds.tlsattacker.attacks.config;
+
+import com.beust.jcommander.Parameter;
+import de.rub.nds.tlsattacker.tls.config.ClientCommandConfig;
+import de.rub.nds.tlsattacker.tls.config.converters.BigIntegerConverter;
+import de.rub.nds.tlsattacker.tls.protocol.handshake.constants.CipherSuite;
+import de.rub.nds.tlsattacker.tls.protocol.handshake.constants.NamedCurve;
+import de.rub.nds.tlsattacker.tls.workflow.WorkflowTraceType;
+import java.math.BigInteger;
+
+/**
+ * 
+ * @author Juraj Somorovsky <juraj.somorovsky@rub.de>
+ */
+public class EllipticCurveAttackTestCommandConfig extends ClientCommandConfig {
+
+    public static final String ATTACK_COMMAND = "elliptic_test";
+
+    @Parameter(names = "-premaster_secret", description = "Premaster Secret String (use 0x at the beginning for a hex value)", converter = BigIntegerConverter.class, required = true)
+    BigInteger premasterSecret;
+
+    @Parameter(names = "-public_point_base_x", description = "Public key point coordinate X sent to the server (use 0x at the beginning for a hex value)", converter = BigIntegerConverter.class, required = true)
+    BigInteger publicPointBaseX;
+
+    @Parameter(names = "-public_point_base_y", description = "Public key point coordinate Y sent to the server (use 0x at the beginning for a hex value)", converter = BigIntegerConverter.class, required = true)
+    BigInteger publicPointBaseY;
+
+    public EllipticCurveAttackTestCommandConfig() {
+	cipherSuites.clear();
+	cipherSuites.add(CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA);
+	cipherSuites.add(CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA);
+	namedCurves.clear();
+	namedCurves.add(NamedCurve.SECP256R1);
+	workflowTraceType = WorkflowTraceType.HANDSHAKE;
+    }
+
+    public BigInteger getPremasterSecret() {
+	return premasterSecret;
+    }
+
+    public void setPremasterSecret(BigInteger premasterSecret) {
+	this.premasterSecret = premasterSecret;
+    }
+
+    public BigInteger getPublicPointBaseX() {
+	return publicPointBaseX;
+    }
+
+    public void setPublicPointBaseX(BigInteger publicPointBaseX) {
+	this.publicPointBaseX = publicPointBaseX;
+    }
+
+    public BigInteger getPublicPointBaseY() {
+	return publicPointBaseY;
+    }
+
+    public void setPublicPointBaseY(BigInteger publicPointBaseY) {
+	this.publicPointBaseY = publicPointBaseY;
+    }
+
+}

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/config/HeartbleedCommandConfig.java

@@ -0,0 +1,32 @@
+package de.rub.nds.tlsattacker.attacks.config;
+
+import com.beust.jcommander.Parameter;
+import de.rub.nds.tlsattacker.tls.config.ClientCommandConfig;
+import de.rub.nds.tlsattacker.tls.protocol.extension.constants.HeartbeatMode;
+import de.rub.nds.tlsattacker.tls.workflow.WorkflowTraceType;
+
+/**
+ * 
+ * @author Juraj Somorovsky <juraj.somorovsky@rub.de>
+ */
+public class HeartbleedCommandConfig extends ClientCommandConfig {
+
+    public static final String ATTACK_COMMAND = "heartbleed";
+
+    @Parameter(names = "-payload_length", description = "Payload length sent in the client heartbeat message")
+    Integer payloadLength;
+
+    public HeartbleedCommandConfig() {
+	workflowTraceType = WorkflowTraceType.FULL;
+	payloadLength = 20000;
+	heartbeatMode = HeartbeatMode.PEER_ALLOWED_TO_SEND;
+    }
+
+    public Integer getPayloadLength() {
+	return payloadLength;
+    }
+
+    public void setPayloadLength(Integer payloadLength) {
+	this.payloadLength = payloadLength;
+    }
+}

Attacks/src/main/java/de/rub/nds/tlsattacker/attacks/config/PoodleCommandConfig.java

@@ -0,0 +1,13 @@
+package de.rub.nds.tlsattacker.attacks.config;
+
+import de.rub.nds.tlsattacker.tls.config.ClientCommandConfig;
+
+/**
+ * 
+ * @author Juraj Somorovsky <juraj.somorovsky@rub.de>
+ */
+public class PoodleCommandConfig extends ClientCommandConfig {
+
+    public static final String ATTACK_COMMAND = "poodle";
+
+}