Merge pull request #224 from tls-attacker/newDtlsProbes

Added new tests for dtls

Author: NErinola

TLS-Scanner-Core/src/main/java/de/rub/nds/tlsscanner/core/constants/TlsAnalyzedProperty.java

@@ -42,6 +42,7 @@ public enum TlsAnalyzedProperty implements AnalyzedProperty {
     SUPPORTS_TLS_1_3_DRAFT_26(TlsAnalyzedPropertyCategory.VERSIONS),
     SUPPORTS_TLS_1_3_DRAFT_27(TlsAnalyzedPropertyCategory.VERSIONS),
     SUPPORTS_TLS_1_3_DRAFT_28(TlsAnalyzedPropertyCategory.VERSIONS),
+    SUPPORTS_DTLS_1_0_DRAFT(TlsAnalyzedPropertyCategory.VERSIONS),
     SUPPORTS_DTLS_1_0(TlsAnalyzedPropertyCategory.VERSIONS),
     SUPPORTS_DTLS_1_2(TlsAnalyzedPropertyCategory.VERSIONS),
     SUPPORTS_DTLS_1_3(TlsAnalyzedPropertyCategory.VERSIONS),
@@ -279,9 +280,14 @@ public enum TlsAnalyzedProperty implements AnalyzedProperty {
      * DTLS
      */
     SUPPORTS_DTLS_FRAGMENTATION(TlsAnalyzedPropertyCategory.QUIRKS),
+    DTLS_FRAGMENTATION_REQUIRES_EXTENSION(TlsAnalyzedPropertyCategory.QUIRKS),
+    SUPPORTS_DTLS_FRAGMENTATION_WITH_INDIVIDUAL_PACKETS(TlsAnalyzedPropertyCategory.QUIRKS),
+    DTLS_FRAGMENTATION_WITH_INDIVIDUAL_PACKETS_REQUIRES_EXTENSION(TlsAnalyzedPropertyCategory.QUIRKS),
     SUPPORTS_REORDERING(TlsAnalyzedPropertyCategory.QUIRKS),
     HAS_HVR_RETRANSMISSIONS(TlsAnalyzedPropertyCategory.HELLO_VERIFY_REQUEST),
     HAS_COOKIE_CHECKS(TlsAnalyzedPropertyCategory.HELLO_VERIFY_REQUEST),
+    USES_IP_ADDRESS_FOR_COOKIE(TlsAnalyzedPropertyCategory.HELLO_VERIFY_REQUEST),
+    USES_PORT_FOR_COOKIE(TlsAnalyzedPropertyCategory.HELLO_VERIFY_REQUEST),
     USES_VERSION_FOR_COOKIE(TlsAnalyzedPropertyCategory.HELLO_VERIFY_REQUEST),
     USES_RANDOM_FOR_COOKIE(TlsAnalyzedPropertyCategory.HELLO_VERIFY_REQUEST),
     USES_SESSION_ID_FOR_COOKIE(TlsAnalyzedPropertyCategory.HELLO_VERIFY_REQUEST),

TLS-Scanner-Core/src/main/java/de/rub/nds/tlsscanner/core/constants/TlsProbeType.java

@@ -52,11 +52,14 @@ public enum TlsProbeType implements ProbeType {
     DIRECT_RACCOON("Direct RACCOON"),
     EC_POINT_FORMAT("EC point formats"),
     RACCOON_ATTACK("RACCOON attack"),
+    DTLS_IP_ADDRESS_IN_COOKIE("DTLS ip address in cookie"),
     DTLS_HELLO_VERIFY_REQUEST("DTLS hello verify request"),
     DTLS_COMMON_BUGS("DTLS common bugs"),
-    DTLS_FEATURES("DTLS features"),
+    DTLS_REORDERING("DTLS reordering"),
+    DTLS_FRAGMENTATION("DTLS fragmentation"),
     DTLS_MESSAGE_SEQUENCE_NUMBER("DTLS message sequence number"),
     DTLS_RETRANSMISSIONS("DTLS retransmissions"),
+    DTLS_APPLICATION_FINGERPRINT("DTLS application fingerprint"),
     HTTP_FALSE_START("HTTP false start"),
     HELLO_RETRY("Hello retry"),
     CROSS_PROTOCOL_ALPACA("Alpaca attack"),

TLS-Server-Scanner/src/main/java/de/rub/nds/tlsscanner/serverscanner/constants/ApplicationProtocol.java

@@ -10,6 +10,12 @@
 package de.rub.nds.tlsscanner.serverscanner.constants;
 
 public enum ApplicationProtocol {
+    ECHO,
+    STUN,
+    TURN,
+    VPN_CITRIX,
+    VPN_FORTINET,
+    COAP,
     HTTP,
     FTP,
     SMTP,

TLS-Server-Scanner/src/main/java/de/rub/nds/tlsscanner/serverscanner/execution/TlsServerScanner.java

@@ -63,10 +63,13 @@
 import de.rub.nds.tlsscanner.serverscanner.probe.ConnectionClosingProbe;
 import de.rub.nds.tlsscanner.serverscanner.probe.DirectRaccoonProbe;
 import de.rub.nds.tlsscanner.serverscanner.probe.DrownProbe;
+import de.rub.nds.tlsscanner.serverscanner.probe.DtlsApplicationFingerprintProbe;
 import de.rub.nds.tlsscanner.serverscanner.probe.DtlsBugsProbe;
-import de.rub.nds.tlsscanner.serverscanner.probe.DtlsFeaturesProbe;
+import de.rub.nds.tlsscanner.serverscanner.probe.DtlsFragmentationProbe;
 import de.rub.nds.tlsscanner.serverscanner.probe.DtlsHelloVerifyRequestProbe;
+import de.rub.nds.tlsscanner.serverscanner.probe.DtlsIpAddressInCookieProbe;
 import de.rub.nds.tlsscanner.serverscanner.probe.DtlsMessageSequenceProbe;
+import de.rub.nds.tlsscanner.serverscanner.probe.DtlsReorderingProbe;
 import de.rub.nds.tlsscanner.serverscanner.probe.DtlsRetransmissionsProbe;
 import de.rub.nds.tlsscanner.serverscanner.probe.ECPointFormatProbe;
 import de.rub.nds.tlsscanner.serverscanner.probe.EarlyCcsProbe;
@@ -215,11 +218,14 @@ protected void fillProbeLists() {
         afterList.add(new RaccoonAttackAfterProbe());
         afterList.add(new CertificateSignatureAndHashAlgorithmAfterProbe());
         if (config.getDtlsDelegate().isDTLS()) {
-            addProbeToProbeList(new DtlsFeaturesProbe(configSelector, parallelExecutor));
+            addProbeToProbeList(new DtlsReorderingProbe(configSelector, parallelExecutor));
+            addProbeToProbeList(new DtlsFragmentationProbe(configSelector, parallelExecutor));
             addProbeToProbeList(new DtlsHelloVerifyRequestProbe(configSelector, parallelExecutor));
             addProbeToProbeList(new DtlsBugsProbe(configSelector, parallelExecutor));
             addProbeToProbeList(new DtlsMessageSequenceProbe(configSelector, parallelExecutor));
             addProbeToProbeList(new DtlsRetransmissionsProbe(configSelector, parallelExecutor));
+            addProbeToProbeList(new DtlsApplicationFingerprintProbe(configSelector, parallelExecutor));
+            addProbeToProbeList(new DtlsIpAddressInCookieProbe(configSelector, parallelExecutor), false);
             afterList.add(new DtlsRetransmissionAfterProbe());
             afterList.add(new DestinationPortAfterProbe());
         } else {

TLS-Server-Scanner/src/main/java/de/rub/nds/tlsscanner/serverscanner/passive/DestinationPortExtractor.java

@@ -11,6 +11,9 @@
 
 import de.rub.nds.scanner.core.passive.StatExtractor;
 import de.rub.nds.tlsattacker.core.state.State;
+import de.rub.nds.tlsattacker.transport.TransportHandler;
+import de.rub.nds.tlsattacker.transport.udp.ClientUdpTransportHandler;
+import de.rub.nds.tlsattacker.transport.udp.ServerUdpTransportHandler;
 import de.rub.nds.tlsattacker.transport.udp.UdpTransportHandler;
 import de.rub.nds.tlsscanner.core.passive.TrackableValueType;
 
@@ -22,8 +25,9 @@ public DestinationPortExtractor() {
 
     @Override
     public void extract(State state) {
-        if (state.getTlsContext().getTransportHandler() instanceof UdpTransportHandler) {
-            int port = ((UdpTransportHandler) state.getTlsContext().getTransportHandler()).getDstPort();
+        TransportHandler handler = state.getTlsContext().getTransportHandler();
+        if (handler instanceof ClientUdpTransportHandler || handler instanceof ServerUdpTransportHandler) {
+            int port = ((UdpTransportHandler) handler).getDstPort();
             if (port != -1) {
                 put(port);
             }

TLS-Server-Scanner/src/main/java/de/rub/nds/tlsscanner/serverscanner/probe/DtlsApplicationFingerprintProbe.java

@@ -0,0 +1,201 @@
+/**
+ * TLS-Server-Scanner - A TLS configuration and analysis tool based on TLS-Attacker
+ *
+ * Copyright 2017-2022 Ruhr University Bochum, Paderborn University, Hackmanit GmbH
+ *
+ * Licensed under Apache License, Version 2.0
+ * http://www.apache.org/licenses/LICENSE-2.0.txt
+ */
+
+package de.rub.nds.tlsscanner.serverscanner.probe;
+
+import com.google.common.primitives.Bytes;
+import de.rub.nds.modifiablevariable.util.ArrayConverter;
+import de.rub.nds.modifiablevariable.util.Modifiable;
+import de.rub.nds.scanner.core.constants.TestResult;
+import de.rub.nds.scanner.core.constants.TestResults;
+import de.rub.nds.tlsattacker.core.config.Config;
+import de.rub.nds.tlsattacker.core.constants.RunningModeType;
+import de.rub.nds.tlsattacker.core.protocol.ProtocolMessage;
+import de.rub.nds.tlsattacker.core.protocol.message.ApplicationMessage;
+import de.rub.nds.tlsattacker.core.record.AbstractRecord;
+import de.rub.nds.tlsattacker.core.record.Record;
+import de.rub.nds.tlsattacker.core.state.State;
+import de.rub.nds.tlsattacker.core.workflow.ParallelExecutor;
+import de.rub.nds.tlsattacker.core.workflow.WorkflowTrace;
+import de.rub.nds.tlsattacker.core.workflow.WorkflowTraceUtil;
+import de.rub.nds.tlsattacker.core.workflow.action.ReceiveAction;
+import de.rub.nds.tlsattacker.core.workflow.action.SendAction;
+import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowConfigurationFactory;
+import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowTraceType;
+import de.rub.nds.tlsscanner.core.constants.TlsProbeType;
+import de.rub.nds.tlsscanner.serverscanner.constants.ApplicationProtocol;
+import de.rub.nds.tlsscanner.serverscanner.probe.result.DtlsApplicationFingerprintResult;
+import de.rub.nds.tlsscanner.serverscanner.report.ServerReport;
+import de.rub.nds.tlsscanner.serverscanner.selector.ConfigSelector;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+public class DtlsApplicationFingerprintProbe
+    extends TlsServerProbe<ConfigSelector, ServerReport, DtlsApplicationFingerprintResult> {
+
+    private List<ApplicationProtocol> supportedApplications;
+    private TestResult isAcceptingUnencryptedAppData;
+
+    public DtlsApplicationFingerprintProbe(ConfigSelector configSelector, ParallelExecutor parallelExecutor) {
+        super(parallelExecutor, TlsProbeType.DTLS_APPLICATION_FINGERPRINT, configSelector);
+    }
+
+    @Override
+    public DtlsApplicationFingerprintResult executeTest() {
+        supportedApplications = new ArrayList<>();
+        isAcceptingUnencryptedAppData = TestResults.NOT_TESTED_YET;
+        if (!isEchoServer()) {
+            isVpnSupported();
+            isStunSupported();
+            isTurnSupported();
+            isCoapSupported();
+        }
+        return new DtlsApplicationFingerprintResult(supportedApplications, isAcceptingUnencryptedAppData);
+    }
+
+    private boolean isEchoServer() {
+        byte[] appData = ArrayConverter.hexStringToByteArray("9988776655443322110000112233445566778899");
+        byte[] data = isProtocolSupported(appData);
+        if (Arrays.equals(data, appData)) {
+            supportedApplications.add(ApplicationProtocol.ECHO);
+            return true;
+        }
+        return false;
+    }
+
+    private void isVpnSupported() {
+        byte[] length = ArrayConverter.hexStringToByteArray("0118");
+        byte[] string = ArrayConverter.hexStringToByteArray("0047467479706500636c7468656c6c6f005356504e434f4f4b494500");
+        byte[] cookie = ArrayConverter.hexStringToByteArray("34626a384f64735a486a6f644e736859512b59");
+        byte[] appData = ArrayConverter.concatenate(length, string, cookie);
+        byte[] data = isProtocolSupported(appData);
+        byte[] fortinetHandshakeFail =
+            ArrayConverter.hexStringToByteArray("00214746747970650073767268656C6C6F0068616E647368616B65006661696C00");
+        byte[] fortinetHandshakeOk =
+            ArrayConverter.hexStringToByteArray("001f4746747970650073767268656C6C6F0068616E647368616B65006f6b00");
+        byte[] citrixResponse = ArrayConverter.hexStringToByteArray("FF0000010000000000000000000000000000000001");
+        if (Bytes.indexOf(data, fortinetHandshakeFail) != -1) {
+            supportedApplications.add(ApplicationProtocol.VPN_FORTINET);
+            isAcceptingUnencryptedAppData(appData);
+        } else if (Bytes.indexOf(data, fortinetHandshakeOk) != -1) {
+            supportedApplications.add(ApplicationProtocol.VPN_FORTINET);
+            isAcceptingUnencryptedAppData(appData);
+        } else if (Bytes.indexOf(data, citrixResponse) != -1) {
+            supportedApplications.add(ApplicationProtocol.VPN_CITRIX);
+            isAcceptingUnencryptedAppData(appData);
+        }
+    }
+
+    private void isStunSupported() {
+        byte[] type = ArrayConverter.hexStringToByteArray("0001");
+        byte[] length = ArrayConverter.hexStringToByteArray("0000");
+        byte[] cookie = ArrayConverter.hexStringToByteArray("2112a442");
+        byte[] transactionId = ArrayConverter.hexStringToByteArray("112233445566778899001122");
+        byte[] appData = ArrayConverter.concatenate(type, length, cookie, transactionId);
+        byte[] data = isProtocolSupported(appData);
+        if (Bytes.indexOf(data, transactionId) != -1) {
+            supportedApplications.add(ApplicationProtocol.STUN);
+            isAcceptingUnencryptedAppData(appData);
+        }
+    }
+
+    private void isTurnSupported() {
+        byte[] type = ArrayConverter.hexStringToByteArray("0003");
+        byte[] length = ArrayConverter.hexStringToByteArray("0008");
+        byte[] cookie = ArrayConverter.hexStringToByteArray("2112a442");
+        byte[] transactionId = ArrayConverter.hexStringToByteArray("112233445566778899001122");
+        byte[] requestedTransport = ArrayConverter.hexStringToByteArray("0019000411000000");
+        byte[] appData = ArrayConverter.concatenate(type, length, cookie, transactionId, requestedTransport);
+        byte[] data = isProtocolSupported(appData);
+        if (Bytes.indexOf(data, transactionId) != -1) {
+            supportedApplications.add(ApplicationProtocol.TURN);
+            isAcceptingUnencryptedAppData(appData);
+        }
+    }
+
+    private void isCoapSupported() {
+        byte[] header = ArrayConverter.hexStringToByteArray("4000");
+        byte[] messageId = ArrayConverter.hexStringToByteArray("9812");
+        byte[] appData = ArrayConverter.concatenate(header, messageId);
+        byte[] data = isProtocolSupported(appData);
+        if (Bytes.indexOf(data, messageId) != -1) {
+            supportedApplications.add(ApplicationProtocol.COAP);
+            isAcceptingUnencryptedAppData(appData);
+        }
+    }
+
+    private byte[] isProtocolSupported(byte[] data) {
+        Config config = configSelector.getBaseConfig();
+        WorkflowTrace trace = new WorkflowConfigurationFactory(config)
+            .createWorkflowTrace(WorkflowTraceType.DYNAMIC_HANDSHAKE, RunningModeType.CLIENT);
+        trace.addTlsAction(new SendAction(new ApplicationMessage(config, data)));
+        ReceiveAction receiveAction = new ReceiveAction(new ApplicationMessage());
+        trace.addTlsAction(receiveAction);
+        State state = new State(config, trace);
+        executeState(state);
+        if (receiveAction.getReceivedRecords() != null && !receiveAction.getReceivedRecords().isEmpty()) {
+            ByteArrayOutputStream receivedAppData = new ByteArrayOutputStream();
+            try {
+                for (AbstractRecord record : receiveAction.getReceivedRecords()) {
+                    receivedAppData.write(record.getCleanProtocolMessageBytes().getValue());
+                }
+            } catch (IOException ex) {
+                LOGGER.error("Could not write cleanProtocolMessageBytes to receivedAppData");
+            }
+            return receivedAppData.toByteArray();
+        } else {
+            return new byte[0];
+        }
+    }
+
+    private void isAcceptingUnencryptedAppData(byte[] data) {
+        Config config = configSelector.getBaseConfig();
+        WorkflowTrace trace = new WorkflowConfigurationFactory(config)
+            .createWorkflowTrace(WorkflowTraceType.DYNAMIC_HANDSHAKE, RunningModeType.CLIENT);
+        trace.addTlsAction(new SendAction(new ApplicationMessage(config, data)));
+        trace.addTlsAction(new ReceiveAction(new ApplicationMessage()));
+        State state = new State(config, trace);
+        executeState(state);
+        ProtocolMessage receivedMessage = WorkflowTraceUtil.getLastReceivedMessage(state.getWorkflowTrace());
+
+        trace = new WorkflowConfigurationFactory(config).createWorkflowTrace(WorkflowTraceType.DYNAMIC_HANDSHAKE,
+            RunningModeType.CLIENT);
+        SendAction sendAction = new SendAction(new ApplicationMessage(config, data));
+        Record record = new Record(config);
+        record.setEpoch(Modifiable.explicit(0));
+        sendAction.setRecords(record);
+        trace.addTlsAction(sendAction);
+        trace.addTlsAction(new ReceiveAction(new ApplicationMessage()));
+        state = new State(config, trace);
+        executeState(state);
+        ProtocolMessage receivedMessageModified = WorkflowTraceUtil.getLastReceivedMessage(state.getWorkflowTrace());
+        if (receivedMessage != null && receivedMessageModified != null && receivedMessage.getCompleteResultingMessage()
+            .equals(receivedMessageModified.getCompleteResultingMessage())) {
+            isAcceptingUnencryptedAppData = TestResults.TRUE;
+        }
+    }
+
+    @Override
+    public boolean canBeExecuted(ServerReport report) {
+        return true;
+    }
+
+    @Override
+    public DtlsApplicationFingerprintResult getCouldNotExecuteResult() {
+        return new DtlsApplicationFingerprintResult(null, TestResults.COULD_NOT_TEST);
+    }
+
+    @Override
+    public void adjustConfig(ServerReport report) {
+    }
+
+}