diff --git a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/message/computations/GOSTClientComputations.java b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/message/computations/GOSTClientComputations.java index dffafe5572..2fd6fcdd3b 100644 --- a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/message/computations/GOSTClientComputations.java +++ b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/message/computations/GOSTClientComputations.java @@ -39,12 +39,14 @@ public class GOSTClientComputations extends KeyExchangeComputations { public GOSTClientComputations() {} public void setClientPublicKey(Point point) { - this.clientPublicKeyX = - ModifiableVariableFactory.safelySetValue( - this.clientPublicKeyX, point.getFieldX().getData()); - this.clientPublicKeyY = - ModifiableVariableFactory.safelySetValue( - this.clientPublicKeyY, point.getFieldY().getData()); + if (point != null && point.getFieldX() != null && point.getFieldY() != null) { + this.clientPublicKeyX = + ModifiableVariableFactory.safelySetValue( + this.clientPublicKeyX, point.getFieldX().getData()); + this.clientPublicKeyY = + ModifiableVariableFactory.safelySetValue( + this.clientPublicKeyY, point.getFieldY().getData()); + } } public ModifiableBigInteger getClientPublicKeyX() { diff --git a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/preparator/GOSTClientKeyExchangePreparator.java b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/preparator/GOSTClientKeyExchangePreparator.java index e72b1a75fc..650aea9854 100644 --- a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/preparator/GOSTClientKeyExchangePreparator.java +++ b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/preparator/GOSTClientKeyExchangePreparator.java @@ -27,6 +27,7 @@ import java.security.GeneralSecurityException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; +import java.security.PublicKey; import java.util.Arrays; import java.util.HashMap; import java.util.Map; @@ -203,6 +204,10 @@ private void prepareEphemeralKey() { msg.getComputations().setPrivateKey(chooser.getClientEphemeralEcPrivateKey()); Point publicKey = curve.mult(msg.getComputations().getPrivateKey().getValue(), curve.getBasePoint()); + if (publicKey == null) { + LOGGER.warn("Failed to generate ephemeral public key - using base point"); + publicKey = curve.getBasePoint(); + } msg.getComputations().setClientPublicKey(publicKey); } @@ -281,15 +286,38 @@ private void prepareEncryptionParams() { private void prepareKeyBlob() throws IOException { try { + if (msg.getComputations().getClientPublicKeyX() == null + || msg.getComputations().getClientPublicKeyY() == null + || msg.getComputations().getClientPublicKeyX().getValue() == null + || msg.getComputations().getClientPublicKeyY().getValue() == null) { + LOGGER.warn( + "Client public key coordinates are not properly initialized - cannot create GOST key blob"); + msg.setKeyTransportBlob(new byte[0]); + return; + } + Point ecPoint = Point.createPoint( msg.getComputations().getClientPublicKeyX().getValue(), msg.getComputations().getClientPublicKeyY().getValue(), chooser.getSelectedGostCurve().getGroupParameters()); + + if (ecPoint == null) { + LOGGER.warn("Failed to create EC point from coordinates"); + msg.setKeyTransportBlob(new byte[0]); + return; + } + + PublicKey generatedKey = + GOSTUtils.generatePublicKey(chooser.getSelectedGostCurve(), ecPoint); + if (generatedKey == null) { + LOGGER.warn("Failed to generate public key from EC point"); + msg.setKeyTransportBlob(new byte[0]); + return; + } + SubjectPublicKeyInfo ephemeralKey = - SubjectPublicKeyInfo.getInstance( - GOSTUtils.generatePublicKey(chooser.getSelectedGostCurve(), ecPoint) - .getEncoded()); + SubjectPublicKeyInfo.getInstance(generatedKey.getEncoded()); Gost2814789EncryptedKey encryptedKey = new Gost2814789EncryptedKey( @@ -309,7 +337,7 @@ private void prepareKeyBlob() throws IOException { LOGGER.debug("GOST key blob: {}", ASN1Dump.dumpAsString(blob, true)); } catch (Exception e) { msg.setKeyTransportBlob(new byte[0]); - LOGGER.warn("Could not compute correct GOST key blob: using byte[0]"); + LOGGER.warn("Could not compute correct GOST key blob: using byte[0]", e); } } diff --git a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/util/GOSTUtils.java b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/util/GOSTUtils.java index f6c867bd13..506d232f95 100644 --- a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/util/GOSTUtils.java +++ b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/util/GOSTUtils.java @@ -95,6 +95,15 @@ public static PublicKey generatePublicKey(GOSTCurve curve, Point point) { private static PublicKey convertPointToPublicKey( GOSTCurve curve, Point point, String keyFactoryAlg) { try { + if (point == null || point.getFieldX() == null || point.getFieldY() == null) { + LOGGER.error( + "Cannot convert null point or point with null coordinates to public key"); + return null; + } + if (point.getFieldX().getData() == null || point.getFieldY().getData() == null) { + LOGGER.error("Cannot convert point with null coordinate data to public key"); + return null; + } ECParameterSpec ecParameterSpec = getEcParameterSpec(curve); ECPoint ecPoint = new ECPoint(point.getFieldX().getData(), point.getFieldY().getData()); ECPublicKeySpec privateKeySpec = new ECPublicKeySpec(ecPoint, ecParameterSpec);