sslshake 1.0.12 → 1.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 73fea6614c1a8dac99abcc7e97607e4e33a2f4e1
-  data.tar.gz: 8ffbb4598f29d65b3b03c574641404f76f9ed85c
+SHA256:
+  metadata.gz: 641256e779df0499064eb598aebf58897dc4b9be47c61ec5dc15990a801f3358
+  data.tar.gz: 1f92a00e7c0711d9d7329439f3c59081727631c95e5a5166df044990cdb08046
 SHA512:
-  metadata.gz: c6ee7096edd757778e9b13a8a4090ce4f3982762373132213cc8b605bf7129032a63c44351ccebcaf11a2f5f9f32766269e7c2713703f8fcc0164a77f3be9ca7
-  data.tar.gz: 278ea0a3d288c0d636fe4bb12c34f36bf5be30859e09636932bc45ded810cf8aefd38b8c04a5a3d62b5aad46184a739f3fbaf480aed3c57f227c79ec8f7405ea
+  metadata.gz: fdca401dc68dd60345f32bcb091bf3df052552cc217d13d537acb3af41d53317146ea30385dc3d93a32dfb6216abdb638f32da5534604d511db0a30acc0da981
+  data.tar.gz: 1894127ce300872c215cf2b7c659c1033273fcebef6556fccba8f0496c506ebad06828d71d4d35f519e41ced377b52d2c2df36ec2b90d5a10ca9a83ea4e71dfa

data/.gitignore

@@ -1,3 +1,6 @@
 performance
 .ssldummies
 .testssl
+*.gem
+*.json
+Gemfile.lock

data/Gemfile

@@ -0,0 +1,12 @@
+# encoding: utf-8
+source 'https://rubygems.org'
+gemspec
+
+group :development do
+  gem 'pry'
+  gem 'rb-readline'
+end
+
+group :test do
+  gem 'messages'
+end

data/README.md

@@ -13,6 +13,13 @@ require 'sslshake'
 SSLShake.hello('my.host', port: 4443, protocol: 'tls1.2')
 ```
 
+## Test (requires Docker)
+
+```bash
+bundle install
+bundle exec test/accuracy/test.rb
+```
+
 ## License
 
 MPLv2, see [https://www.mozilla.org/en-US/MPL/2.0/](https://www.mozilla.org/en-US/MPL/2.0/)

data/Rakefile

@@ -0,0 +1,21 @@
+#!/usr/bin/env rake
+# encoding: utf-8
+
+require 'bundler'
+require 'bundler/gem_tasks'
+require 'rake/testtask'
+require 'rubocop/rake_task'
+
+# Rubocop
+desc 'Run Rubocop lint checks'
+task :rubocop do
+  RuboCop::RakeTask.new
+end
+
+# lint the project
+desc 'Run robocop linter'
+task lint: [:rubocop]
+
+# run tests
+task default: [:lint]
+

data/lib/sslshake.rb

@@ -61,7 +61,15 @@ module SSLShake
       cur_socket.send(ssl.hello(opts[:ciphers]), 0)
     else
       ssl = SSLShake::TLS.new
-      cur_socket.send(ssl.hello(protocol, opts[:ciphers]), 0)
+
+      sni = nil
+      if opts[:servername] != nil && opts[:protocol] != 'ssl3'
+        sni = '0000' + sprintf('%04x', opts[:servername].length + 5) +
+            sprintf('%04x', opts[:servername].length + 3) + '00' +
+            sprintf('%04x', opts[:servername].length) +
+            opts[:servername].unpack('H*')[0]
+      end
+      cur_socket.send(ssl.hello(protocol, opts[:ciphers], sni), 0)
     end
 
     res = ssl.parse_hello(cur_socket, opts)

data/lib/sslshake/ciphers.rb

@@ -166,7 +166,12 @@ module SSLShake # rubocop:disable Metrics/ModuleLength
     '00C4' => 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256',
     '00C5' => 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256',
     '00FF' => 'TLS_EMPTY_RENEGOTIATION_INFO_SCSV',
-    '5600' => 'TLS_FALLBACK_SCSV',
+    # See https://tools.ietf.org/html/rfc8446#appendix-B.4
+    "1301" => "TLS_AES_128_GCM_SHA256",
+    "1302" => "TLS_AES_256_GCM_SHA384",
+    "1303" => "TLS_CHACHA20_POLY1305_SHA256",
+    "1304" => "TLS_AES_128_CCM_SHA256",
+    "1305" => "TLS_AES_128_CCM_8_SHA256",
     'C001' => 'TLS_ECDH_ECDSA_WITH_NULL_SHA',
     'C002' => 'TLS_ECDH_ECDSA_WITH_RC4_128_SHA',
     'C003' => 'TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA',
@@ -355,6 +360,6 @@ module SSLShake # rubocop:disable Metrics/ModuleLength
     'FEFE' => 'SSL_RSA_FIPS_WITH_DES_CBC_SHA',
     'FEFF' => 'SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA',
     'FFE0' => 'SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA',
-    'FFE1' => 'SSL_RSA_FIPS_WITH_DES_CBC_SHA',
+    'FFE1' => 'SSL_RSA_FIPS_WITH_DES_CBC_SHA'
   }.invert.freeze
 end

data/lib/sslshake/sslv2.rb

@@ -53,7 +53,8 @@ module SSLShake
       end
 
       len = head & 0x7fff
-      res['raw'] = response = socket.read(len).unpack('H*')[0].upcase
+      res['raw'] = response = socket_read(socket, len, opts[:timeout], opts[:retries])
+                              .unpack('H*')[0].upcase
       raw = response.scan(/../)
 
       res['message_type'] = MESSAGE_TYPES.key(raw.shift)

data/lib/sslshake/tls.rb

@@ -14,6 +14,16 @@ module SSLShake
       'tls1.0' => '0301',
       'tls1.1' => '0302',
       'tls1.2' => '0303',
+      # NOTE(ssd) 2020-03-21: RFC 8446 4.1.2:
+      #
+      # In TLS 1.3, the client indicates its version preferences in the
+      # "supported_versions" extension (Section 4.2.1) and the
+      # legacy_version field MUST be set to 0x0303, which is the version
+      # number for TLS 1.2.  TLS 1.3 ClientHellos are identified as having
+      # a legacy_version of 0x0303 and a supported_versions extension
+      # present with 0x0304 as the highest version indicated therein.
+      #
+      'tls1.3' => '0303',
     }.freeze
 
     CONTENT_TYPES = {
@@ -38,10 +48,54 @@ module SSLShake
       'Finished'           => '20',
     }.freeze
 
+    ALERT_SEVERITY = {
+      "WARNING" => "01",
+      "FATAL" => "02"
+    }.freeze
+
+    # https://tools.ietf.org/html/rfc5246#appendix-A.3
+    # https://tools.ietf.org/html/rfc8446#appendix-B.2
+    ALERT_DESCRIPTIONS = {
+      "CLOSE_NOTIFY" => "00",
+      "UNEXPECTED_MESSAGE" => "0A",
+      "BAD_RECORD_MAC" => "14",
+      "DECRYPTION_FAILED_RESERVED" => "15",
+      "RECORD_OVERFLOW" => "16",
+      "DECOMPRESSION_FAILURE" => "1E",
+      "HANDSHAKE_FAILURE" => "28",
+      "NO_CERTIFICATE_RESERVED" => "29",
+      "BAD_CERTIFICATE" => "2A",
+      "UNSUPPORTED_CERTIFICATE" => "2B",
+      "CERTIFICATE_REVOKED" => "2C",
+      "CERTIFICATE_EXPIRED" => "2D",
+      "CERTIFICATE_UNKNOWN" => "2D",
+      "ILLEGAL_PARAMETER" => "2E",
+      "UNKNOWN_CA" => "2F",
+      "ACCESS_DENIED" => "30",
+      "DECODE_ERROR" => "31",
+      "DECRYPT_ERROR" => "32",
+      "EXPORT_RESTRICTION_RESERVED" => "3C",
+      "PROTOCOL_VERSION" => "46",
+      "INSUFFICIENT_SECURITY" => "47",
+      "INTERNAL_ERROR" => "50",
+      "USER_CANCELED" => "5A",
+      "NO_RENEGOTIATION" => "64",
+      "MISSING_EXTENSION" => "6D",
+      "UNSUPPORTED_EXTENSION" => "6E",
+      "CERTIFICATE_UNOBTAINABLE_RESERVED" => "6F",
+      "UNRECOGNIZED_NAME" => "70",
+      "BAD_CERTIFICATE_STATUS_RESPONSE" => "71",
+      "BAD_CERTIFICATE_HASH_VALUE_RESERVED" => "72",
+      "UNKNOWN_PSK_IDENTITY" => "73",
+      "CERTIFICATE_REQUIRED" => "74",
+      "NO_APPLICATION_PROTOCOL" => "78",
+    }.freeze
+
     # https://tools.ietf.org/html/rfc6101#appendix-A.6
-    SSL3_CIPHERS = ::SSLShake::CIPHERS.select { |_, v| v < '001F' && v.length == 4 }
+    SSL3_CIPHERS = ::SSLShake::CIPHERS.select { |_, v| v.length == 4 }
     TLS_CIPHERS = ::SSLShake::CIPHERS.select { |k, _| k.start_with? 'TLS_' }
     TLS10_CIPHERS = TLS_CIPHERS.select { |_, v| v[0] == '0' && v[1] == '0' }
+    TLS13_CIPHERS = TLS_CIPHERS.select { |_, v| v[0] == '1' && v[1] == '3' }
 
     # Additional collection of ciphers used by different apps and versions
     OPENSSL_1_0_2_TLS10_CIPHERS = 'c014c00ac022c021c02000390038003700360088008700860085c00fc00500350084c013c009c01fc01ec01d00330032008000810082008300310030009a0099009800970045004400430042c00ec004002f009600410007c011c0070066c00cc00200050004c012c008c01cc01bc01a001600130010000dc00dc003000a006300150012000f000c006200090065006400140011000e000b00080006000300ff'.freeze
@@ -66,9 +120,37 @@ module SSLShake
       when 'ssl3'
         ciphers = cipher_string(SSL3_CIPHERS, cipher_search)
       when 'tls1.0', 'tls1.1'
-        ciphers = cipher_string(TLS10_CIPHERS, cipher_search)
+        ciphers = cipher_string(TLS_CIPHERS, cipher_search)
+        (extensions ||= '') << '000f000101' # add Heartbeat
+        extensions << '000d00140012040308040401050308050501080606010201' # add signature_algorithms
+        extensions << '000b00020100' # add ec_points_format
+        extensions << '000a000a0008fafa001d00170018' # add elliptic_curve
       when 'tls1.2'
         ciphers = cipher_string(TLS_CIPHERS, cipher_search)
+        (extensions ||= '') << '000f000101' # add Heartbeat
+        extensions << '000d00140012040308040401050308050501080606010201' # add signature_algorithms
+        extensions << '000b00020100' # add ec_points_format
+        extensions << '000a000a0008fafa001d00170018' # add elliptic_curve
+      when 'tls1.3'
+        ciphers = cipher_string(TLS13_CIPHERS, cipher_search)
+        (extensions ||= '') << '002b0003020304' # TLSv1.3 Supported Versions extension
+        extensions << '000d00140012040308040401050308050501080606010201' # add signature_algorithms
+        extensions << '000a00080006001d00170018' # Supported Groups extension
+        # This is a pre-generated public/private key pair using the x25519 curve:
+        # It was generated from the command line with:
+        #
+        # > openssl-1.1.1e/apps/openssl genpkey -algorithm x25519 > pkey
+        # > openssl-1.1.1e/apps/openssl pkey -noout -text < pkey
+        # priv:
+        #     30:90:f3:89:f4:9e:52:59:3c:ba:e9:f4:78:84:a0:
+        #     23:86:73:5e:f5:c9:46:6c:3a:c3:4e:ec:56:57:81:
+        #     5d:62
+        # pub:
+        #     e7:08:71:36:d0:81:e0:16:19:3a:cb:67:ca:b8:28:
+        #     d9:45:92:16:ff:36:63:0d:0d:5a:3d:9d:47:ce:3e:
+        #     cd:7e
+        public_key= 'e7087136d081e016193acb67cab828d9459216ff36630d0d5a3d9d47ce3ecd7e'
+        extensions << '003300260024001d0020' + public_key
       else
         fail UserError, "This version is not supported: #{version.inspect}"
       end
@@ -77,10 +159,17 @@ module SSLShake
 
     def parse_hello(socket, opts) # rubocop:disable Meterics/AbcSize
       raw = socket_read(socket, 5, opts[:timeout], opts[:retries])
-            .unpack('H*')[0].upcase.scan(/../)
+              .unpack('H*')[0].upcase.scan(/../)
       type = raw.shift
       if type == CONTENT_TYPES['Alert']
-        return { 'error' => 'SSL Alert.' }
+        raw.shift(2) # Shift off version
+        len = raw.shift(2).join.to_i(16)
+        raw_alert = socket_read(socket, len, opts[:timeout], opts[:retries])
+                      .unpack('H*')[0].upcase.scan(/../)
+        severity = ALERT_SEVERITY.key(raw_alert.shift)
+        desc_raw = raw_alert.shift
+        description = ALERT_DESCRIPTIONS.key(desc_raw)
+        return { 'error' => "SSL Alert: #{severity} #{description || desc_raw}" }
       end
       unless type == CONTENT_TYPES['Handshake']
         return { 'error' => 'Failed to parse response. It is not an SSL handshake.' }
@@ -90,7 +179,8 @@ module SSLShake
       res['version'] = VERSIONS.key(raw.shift(2).join(''))
       len = raw.shift(2).join.to_i(16)
 
-      res['raw'] = response = socket.read(len).unpack('H*')[0].upcase
+      res['raw'] = response = socket_read(socket, len, opts[:timeout], opts[:retries])
+                              .unpack('H*')[0].upcase
       raw = response.scan(/../)
 
       res['handshake_type'] = HANDSHAKE_TYPES.key(raw.shift)
@@ -110,9 +200,24 @@ module SSLShake
         end
       res['cipher_suite'] = ciphers.key(raw.shift(2).join(''))
       res['compression_method'] = raw.shift
+
+      #
+      # TLS 1.3 pretends to be TLS 1.2 in the preceeding headers for
+      # compatibility. To correctly identify it, we have to look at
+      # any Supported Versions extensions that the server sent us.
+      #
+      all_ext_len = raw.shift(2).join.to_i(16)
+      all_ext_data = raw.shift(all_ext_len)
+      while all_ext_data.length > 0
+        ext_type = all_ext_data.shift(2).join
+        ext_len = all_ext_data.shift(2).join.to_i(16)
+        ext_data = all_ext_data.shift(ext_len)
+        if ext_type == '002B' && ext_data.join == '0304' # Supported Versions
+          res['version'] = 'tls1.3'
+        end
+      end
       res['success'] = true
       res['success'] = (res['version'] == opts[:protocol]) unless opts[:protocol].nil?
-
       res
     rescue SystemCallError, Alert => _
       return { 'error' => 'Failed to parse response. The connection was terminated.' }

data/lib/sslshake/version.rb

@@ -3,5 +3,5 @@
 # license: MPLv2
 
 module SSLShake
-  VERSION = '1.0.12'.freeze
+  VERSION = '1.3.1'.freeze
 end

data/sslshake.gemspec

@@ -11,7 +11,7 @@ Gem::Specification.new do |spec|
   spec.summary       = 'Ruby library for pure SSL/TLS handshake testing.'
   spec.description   = 'This is a library to simulate SSL and TLS handshake from SSLv2, SSLv3, to TLS 1.0-1.2. It does not rely on OpenSSL and is not designed as a replacement either. It targets full support for even older handshakes, which are not available in current releases of OpenSSL anymore. It also aims to be executable on all systems with a sufficiently modern version of Ruby without any additional requirements or pre-compiled binaries.'
   spec.homepage      = 'https://github.com/arlimus/sslshake'
-  spec.license       = 'MPLv2'
+  spec.license       = 'MPL-2.0'
 
   spec.files = `git ls-files -z`.split("\x0").reject {|f| f.match(%r{^(test|spec|features)/}) }
   spec.require_paths = ['lib']

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sslshake
 version: !ruby/object:Gem::Version
-  version: 1.0.12
+  version: 1.3.1
 platform: ruby
 authors:
 - Dominik Richter
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-08-15 00:00:00.000000000 Z
+date: 2020-06-14 00:00:00.000000000 Z
 dependencies: []
 description: This is a library to simulate SSL and TLS handshake from SSLv2, SSLv3,
   to TLS 1.0-1.2. It does not rely on OpenSSL and is not designed as a replacement
@@ -23,7 +23,9 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
+- Gemfile
 - README.md
+- Rakefile
 - lib/sslshake.rb
 - lib/sslshake/ciphers.rb
 - lib/sslshake/common.rb
@@ -33,9 +35,9 @@ files:
 - sslshake.gemspec
 homepage: https://github.com/arlimus/sslshake
 licenses:
-- MPLv2
+- MPL-2.0
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -50,9 +52,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.5.1
-signing_key: 
+rubygems_version: 3.1.3
+signing_key:
 specification_version: 4
 summary: Ruby library for pure SSL/TLS handshake testing.
 test_files: []