codtls 0.0.1.alpha

data/lib/codtls/alert.rb

@@ -0,0 +1,64 @@
+require 'codtls/h_type'
+
+module CoDTLS
+  # Tolle Klasse
+  class Alert < Handshake::Type
+    LEVEL = { warning: 1, fatal: 2 }
+    DESCRIPTION = { close_notify: 0,
+                    unexpected_message: 10,
+                    bad_record_mac: 20,
+                    decryption_failed_reserved: 21,
+                    record_overflow: 22,
+                    decompression_failure: 30,
+                    handshake_failure: 40,
+                    no_certificate_reserved: 41,
+                    bad_certificate: 42,
+                    unsupported_certificate: 43,
+                    certificate_revoked: 44,
+                    certificate_expired: 45,
+                    certificate_unknown: 46,
+                    illegal_parameter: 47,
+                    unknown_ca: 48,
+                    access_denied: 49,
+                    decode_error: 50,
+                    decrypt_error: 51,
+                    export_restriction_reserved: 60,
+                    protocol_version: 70,
+                    insufficient_security: 71,
+                    internal_error: 80,
+                    user_canceled: 90,
+                    no_renegotiation: 100,
+                    unsupported_extension: 110 }
+
+    attr_reader :level, :description
+
+    def self.parse(data)
+      data.force_encoding('ASCII-8BIT')
+      Alert.new(LEVEL.key(data[0].ord), DESCRIPTION.key(data[1].ord))
+    end
+
+    public
+
+    def initialize(level, description)
+      super(33)
+      self.level = level
+      self.description = description
+    end
+
+    def level=(level)
+      fail HandshakeError, 'Unknown Level' if LEVEL[level].nil?
+      @level = level
+    end
+
+    def description=(description)
+      fail HandshakeError, 'Unknown Level' if DESCRIPTION[description].nil?
+      @description = description
+    end
+
+    def to_wire
+      w = ''.force_encoding('ASCII-8BIT')
+      w.concat(LEVEL[@level].chr)
+      w.concat(DESCRIPTION[@description].chr)
+    end
+  end
+end

data/lib/codtls/decrypt.rb

@@ -0,0 +1,72 @@
+require 'codtls/record'
+require 'codtls/session'
+require 'openssl/ccm'
+require 'codtls/alert'
+
+module CoDTLS
+  # TODO
+  module RecordLayer
+    # first dtls message will be removed from mesg, so u can call parse
+    # multiple times on a concatenation of many dtls records
+    def self.decrypt(packet, maxlen)
+      # packet = mesg, (address_family, port, hostname, numeric_address)
+
+      mesg, sender_inet_addr = packet
+
+      begin
+        record, data = Record.parse(mesg)
+      rescue RecordError
+        send_alert(sender_inet_addr, :fatal, :decode_error)
+        return ['', sender_inet_addr]
+      end
+
+      session = Session.new(sender_inet_addr[3])
+      unless session.check_seq(record.seq_num)
+        send_alert(sender_inet_addr, :fatal, :decode_error)
+        return ['', sender_inet_addr]
+      end
+
+      if record.epoch > 0
+        keyblock = session.key_block
+        if keyblock.empty?
+          send_alert(sender_inet_addr, :fatal, :decode_error)
+          return ['', sender_inet_addr]
+        end
+
+        ccm = OpenSSL::CCM.new('AES', keyblock[16...32], 8)
+        data = ccm.decrypt(data, record.nonce(keyblock[36...40]))
+        if data.empty?
+          send_alert(sender_inet_addr, :fatal, :bad_record_mac)
+          return ['', sender_inet_addr]
+        end
+      else
+        if session.epoch > 0
+          # When Epoch > 0 is known, message in epoch 0 isnt acceptable
+          send_alert(sender_inet_addr, :fatal, :unexpected_message)
+          return ['', sender_inet_addr]
+        end
+
+        # WARNING: !!! -> disabled for testing purpose
+        # if record.type == :appdata
+        #   send_alert(sender_inet_addr, :fatal, :unexpected_message)
+        #   return ['', sender_inet_addr]
+        # end
+      end
+
+      if record.type == :alert
+        session.clear
+        return ['', sender_inet_addr]
+      end
+
+      session.seq = record.seq_num
+      [data[0...maxlen], sender_inet_addr]
+    end
+
+    def self.send_alert(sender_inet_addr, lvl, desc)
+      e = encrypt(Alert.new(lvl, desc).to_wire, sender_inet_addr[3], :alert)
+
+      s = UDPSocket.new(sender_inet_addr[0])
+      s.send(e, 0, sender_inet_addr[3], sender_inet_addr[1])
+    end
+  end
+end

data/lib/codtls/ecc.rb

@@ -0,0 +1,26 @@
+require 'openssl'
+
+module CoDTLS
+  # Class for multiplicaion on elliptic curve secp256r1 (prime256v1)
+  class ECC
+    # Does a scalar multiplication with a point on elliptic curve secp256r1.
+    #
+    # @param private_key [String] scalar for the multiplication (msb)
+    # @param public_key [String] point for the multiplication (0x04, x, y)
+    #
+    # @return [String] the resulting point (0x04, x, y)
+    def self.mult(private_key, public_key = nil)
+      key = OpenSSL::BN.new(private_key, 2)
+
+      group = OpenSSL::PKey::EC::Group.new('prime256v1')
+      if public_key.nil?
+        point = group.generator
+      else
+        bignum = OpenSSL::BN.new(public_key, 2)
+        point = OpenSSL::PKey::EC::Point.new(group, bignum)
+      end
+
+      point.mul(key).to_bn.to_s(2)
+    end
+  end
+end

data/lib/codtls/encrypt.rb

@@ -0,0 +1,29 @@
+require 'codtls/record'
+require 'codtls/session'
+require 'openssl/ccm'
+
+module CoDTLS
+  # TODO
+  module RecordLayer
+    # TODO
+    def self.encrypt(mesg, ip, type = :default)
+      session = Session.new(ip)
+      type = session.handshake? ? :handshake : :appdata if type == :default
+
+      # WARNING: !!! -> disabled for testing purpose
+      # if session.epoch == 0 && type == :appdata
+      #   fail SecureSocketError, 'app-data not allowed in epoch 0'
+      # end
+
+      record = Record.new(type, session.epoch, session.seq)
+
+      if record.epoch > 0
+        keyblock = session.key_block
+        ccm = OpenSSL::CCM.new('AES', keyblock[0...16], 8)
+        record.to_wire + ccm.encrypt(mesg, record.nonce(keyblock[32...36]))
+      else
+        record.to_wire + mesg
+      end
+    end
+  end
+end

data/lib/codtls/h_changecipherspec.rb

@@ -0,0 +1,25 @@
+require 'codtls/h_type'
+
+module CoDTLS
+  module Handshake
+    # Tolle Klasse
+    class ChangeCipherSpec < Type
+      def self.parse(data)
+        data.force_encoding('ASCII-8BIT')
+        fail HandshakeError, 'Missing data' if data.length < 1
+        fail HandshakeError, 'Wrong value' unless data[0] == "\x01"
+        ChangeCipherSpec.new
+      end
+
+      public
+
+      def initialize
+        super(32)
+      end
+
+      def to_wire
+        "\x01".force_encoding('ASCII-8BIT')
+      end
+    end
+  end
+end

data/lib/codtls/h_chello.rb

@@ -0,0 +1,79 @@
+require 'codtls/h_type'
+
+module CoDTLS
+  module Handshake
+    # Tolle Klasse
+    class ClientHello < Type
+      attr_reader :time, :random, :cookie
+
+      public
+
+      def initialize(time, random, cookie = nil)
+        super(1)
+        self.time = time
+        self.random = random
+        self.cookie = cookie
+      end
+
+      def time=(time)
+        if time.nil? || time > 0xFFFFFFFF
+          fail HandshakeError, 'Invalid time value'
+        end
+        @time = time
+      end
+
+      def random=(random)
+        if random.nil? || random.b.length != 28
+          fail HandshakeError, 'Random needs to have a length of 28 byte'
+        else
+          @random = random.force_encoding('ASCII-8BIT')
+        end
+      end
+
+      def cookie=(cookie)
+        @cookie = cookie
+        unless @cookie.nil?
+          @cookie.force_encoding('ASCII-8BIT')
+          if @cookie.length > 255
+            fail HandshakeError, 'Maximum cookie length is 255'
+          end
+        end
+      end
+
+      def to_wire
+        s = String.new("\xFE\xFD".force_encoding('ASCII-8BIT')) # Version 1.2
+        s.concat([@time].pack('N'))
+        s.concat(@random)
+        if @cookie.nil?
+          s.concat('00'.hex.chr)
+        else
+          s.concat([@cookie.length].pack('C'))
+          s.concat(@cookie)
+        end
+        s.concat('00'.hex.chr) # Ciphersuite Length
+        s.concat('02'.hex.chr) # Ciphersuite Length
+        s.concat('FF'.hex.chr) # Ciphersuite: TLS_PSK_ECDH_WITH_AES_128_CCM_8
+        s.concat('01'.hex.chr) # Ciphersuite: TLS_PSK_ECDH_WITH_AES_128_CCM_8
+        s.concat('01'.hex.chr) # Compression Methods Length
+        s.concat('00'.hex.chr) # No Compression
+        s.concat('00'.hex.chr) # Extensions Length
+        s.concat('0E'.hex.chr) # Extensions Length
+        s.concat('00'.hex.chr) # Supported Elliptic Curves Extension
+        s.concat('0a'.hex.chr) # Supported Elliptic Curves Extension
+        s.concat('00'.hex.chr) # Supported Elliptic Curves Extension Length
+        s.concat('04'.hex.chr) # Supported Elliptic Curves Extension Length
+        s.concat('00'.hex.chr) # Elliptic Curves Arrays Length
+        s.concat('02'.hex.chr) # Elliptic Curves Arrays Length
+        s.concat('00'.hex.chr) # Elliptic Curve secp256r1
+        s.concat('23'.hex.chr) # Elliptic Curve secp256r1
+        s.concat('00'.hex.chr) # Supported Point Formats Extension
+        s.concat('0B'.hex.chr) # Supported Point Formats Extension
+        s.concat('00'.hex.chr) # Supported Point Formats Extension Length
+        s.concat('02'.hex.chr) # Supported Point Formats Extension Length
+        s.concat('01'.hex.chr) # Point Formats Arrays Length
+        s.concat('00'.hex.chr) # Uncompressed Point
+        s
+      end
+    end
+  end
+end

data/lib/codtls/h_content.rb

@@ -0,0 +1,57 @@
+require 'codtls/h_chello'
+require 'codtls/h_verify'
+require 'codtls/h_shello'
+require 'codtls/h_keyexchange'
+require 'codtls/h_shellodone'
+require 'codtls/h_finished'
+require 'codtls/h_changecipherspec'
+require 'codtls/alert'
+
+module CoDTLS
+  module Handshake
+    # Tolle Klasse
+    class Content
+      TYPE = Array.new(64, nil)
+      # TYPE[0] = hello_request
+      TYPE[1] = Handshake::ClientHello
+      TYPE[2] = Handshake::ServerHello
+      TYPE[3] = Handshake::HelloVerifyRequest
+      # TYPE[11] = certificate
+      TYPE[12] = Handshake::ServerKeyExchange
+      # TYPE[13] = certificate_request
+      TYPE[14] = Handshake::ServerHelloDone
+      # TYPE[15] = certificate_verify
+      TYPE[16] = Handshake::ClientKeyExchange
+      TYPE[20] = Handshake::Finished
+      TYPE[32] = Handshake::ChangeCipherSpec
+      TYPE[33] = Alert
+
+      # data == string -> content vorne abnehmen.
+      # rueckgabe ist spezifisches content object
+      def self.get_content(data)
+        data.force_encoding('ASCII-8BIT')
+        header = data.slice!(0).ord
+        (4 - header & 0x03).times { data.insert(0, "\x00") }
+        length = data.slice!(0...4).unpack('N')[0]
+        if TYPE[(header & 0xFC) >> 2].nil?
+          fail HandshakeError, 'unknown content type'
+        end
+        fail HandshakeError, 'missing handshake data' if data.length < length
+        TYPE[(header & 0xFC) >> 2].parse(data.slice!(0...length))
+      end
+
+      # content braucht to_wire methode.
+      # wird in content verpackt und an data-string angehangen
+      def self.add_content(data, content)
+        header = content.id << 2
+        content = content.to_wire
+        length = [content.length].pack('N')
+        length.slice!(0) while length[0] == "\x00"
+        header |= length.length
+        data.concat(header.chr)
+        data.concat(length)
+        data.concat(content)
+      end
+    end
+  end
+end

data/lib/codtls/h_finished.rb

@@ -0,0 +1,30 @@
+require 'codtls/h_type'
+
+module CoDTLS
+  module Handshake
+    # Tolle Klasse
+    class Finished < Type
+      attr_reader :value
+
+      def self.parse(data)
+        if data.force_encoding('ASCII-8BIT').length < 2
+          fail HandshakeError, 'Missing data'
+        end
+        Finished.new(data)
+      end
+
+      public
+
+      def initialize(value)
+        super(20)
+        @value = value
+        @value = '' if value.nil?
+        @value.force_encoding('ASCII-8BIT')
+      end
+
+      def to_wire
+        @value.force_encoding('ASCII-8BIT')
+      end
+    end
+  end
+end

data/lib/codtls/h_keyexchange.rb

@@ -0,0 +1,131 @@
+require 'codtls/h_type'
+
+module CoDTLS
+  module Handshake
+    # Tolle Klasse
+    class KeyExchange < Type
+      ECCURVETYPE = { explicit_prime: "\x01",
+                      explicit_char2: "\x02",
+                      named_curve:    "\x03"
+                      # reserved(248..255)
+                      # max = 255
+      }
+      NAMEDCURVE = { sect163k1: "\x00\x01",
+                     sect163r1: "\x00\x02",
+                     sect163r2: "\x00\x03",
+                     sect193r1: "\x00\x04",
+                     sect193r2: "\x00\x05",
+                     sect233k1: "\x00\x06",
+                     sect233r1: "\x00\x07",
+                     sect239k1: "\x00\x08",
+                     sect283k1: "\x00\x09",
+                     sect283r1: "\x00\x10",
+                     sect409k1: "\x00\x11",
+                     sect409r1: "\x00\x12",
+                     sect571k1: "\x00\x13",
+                     sect571r1: "\x00\x14",
+                     secp160k1: "\x00\x15",
+                     secp160r1: "\x00\x16",
+                     secp160r2: "\x00\x17",
+                     secp192k1: "\x00\x18",
+                     secp192r1: "\x00\x19",
+                     secp224k1: "\x00\x20",
+                     secp224r1: "\x00\x21",
+                     secp256k1: "\x00\x22",
+                     secp256r1: "\x00\x23",
+                     secp384r1: "\x00\x24",
+                     secp521r1: "\x00\x25",
+                     # reserved: \xfe\x00..\xfe\xff
+                     arbitrary_explicit_prime_curves: "\xff\x01",
+                     arbitrary_explicit_char2_curves: "\xff\x02"
+                     # max: \xffff
+      }
+      POINTTYPE = { compressed: "\x02",
+                    uncompressed: "\x04",
+                    hybrid: "\x06"
+      }
+
+      attr_reader :psk_hint, :curve, :point
+
+      def self.parse_ex(type, data)
+        # pskHint_len (2) + pskHint (16) + ECTyp (1) + NamedCurve (2) +
+        # ECPoint_len (1) + Point_type (1) + p_X (32) + p_Y (32) = (87)
+        data.force_encoding('ASCII-8BIT')
+        psk_len = data.slice!(0...2).unpack('n')[0]
+        psk_hint = data.slice!(0...psk_len)
+        curve = data.slice!(0...3)
+        point_len = data.slice!(0...1).ord
+        point = data.slice!(0...point_len)
+        type.new(psk_hint, curve, point)
+      end
+
+      public
+
+      def initialize(type, psk_hint, curve, point)
+        super(type)
+        self.psk_hint = psk_hint
+        self.curve = curve
+        self.point = point
+      end
+
+      def psk_hint=(psk_hint)
+        if psk_hint.nil? || psk_hint.b.length == 0
+          fail HandshakeError, 'PSK-Hint needed'
+        else
+          @psk_hint = psk_hint.force_encoding('ASCII-8BIT')
+        end
+      end
+
+      def curve=(curve)
+        if curve.nil? || curve.b.length == 0
+          fail HandshakeError, 'Curve needed'
+        else
+          @curve = curve.force_encoding('ASCII-8BIT')
+        end
+      end
+
+      def point=(point)
+        if point.nil? || point.b.length == 0
+          fail HandshakeError, 'Point needed'
+        else
+          @point = point.force_encoding('ASCII-8BIT')
+        end
+      end
+
+      def to_wire
+        # pskHint_len (2) + pskHint (16) + ECTyp (1) + NamedCurve (2) +
+        # ECPoint_len (1) + Point_type (1) + p_X (32) + p_Y (32) = (87)
+        s = ''
+        s.force_encoding('ASCII-8BIT')
+        s.concat([@psk_hint.length].pack('n'))
+        s.concat(@psk_hint)
+        s.concat(@curve)
+        s.concat([@point.length].pack('c'))
+        s.concat(@point)
+        s
+      end
+    end
+
+    # laber
+    class ServerKeyExchange < KeyExchange
+      def self.parse(data)
+        parse_ex(ServerKeyExchange, data)
+      end
+
+      def initialize(psk_hint, curve, point)
+        super(12, psk_hint, curve, point)
+      end
+    end
+
+    # laber
+    class ClientKeyExchange < KeyExchange
+      def self.parse(data)
+        parse_ex(ClientKeyExchange, data)
+      end
+
+      def initialize(psk_hint, curve, point)
+        super(16, psk_hint, curve, point)
+      end
+    end
+  end
+end