Skip to content

Commit

Permalink
add probe with an invalid ciphers length filed
Browse files Browse the repository at this point in the history 
cipher id's are encoded in two bytes, thus the length field of the
ciphers array must always be even, see what happens if we send an array
with odd number of bytes
  • Loading branch information
@tomato42
tomato42 committed Aug 27, 2016
1 parent af1363a commit 1a01bcf
Show file tree
Hide file tree
Showing 3 changed files with 108 additions and 0 deletions.
3 changes: 3 additions & 0 deletions prober.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,9 @@
InvalidSessionID(),
InvalidSessionID12(),
InvalidSessionID12PFS(),
InvalidCiphersLength(),
InvalidCiphersLength12(),
InvalidCiphersLength12PFS(),
DoubleClientHello(),
DoubleClientHello12(),
DoubleClientHello12PFS(),
Expand Down
47 changes: 47 additions & 0 deletions probes.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -256,6 +256,53 @@ def __init__(self):
self.ciphers = DEFAULT_PFS_CIPHERS


class InvalidCiphersLength(Probe):
'''Send client hello with length field of ciphers that is invalid (odd)'''

def __init__(self):
super(InvalidCiphersLength, self).__init__()
self.hello_version = TLSRecord.TLS1_0
self.ciphers = DEFAULT_CIPHERS

def make_hello(self, version, cipher_suites):
cipher_bytes = struct.pack('>{0}H'.format(len(cipher_suites)),
*cipher_suites) + b'\x00'
ciphers = struct.pack('>H', len(cipher_bytes)) + cipher_bytes
hello = (struct.pack('>H32sB', version,
b'01234567890123456789012345678901',
0) +
ciphers + b'\x01\x00' + b'\x00\x00')

hello_msg = HandshakeMessage.create(HandshakeMessage.ClientHello,
hello)

record = TLSRecord.create(content_type=TLSRecord.Handshake,
version=TLSRecord.TLS1_0,
message=hello_msg.bytes)
return record.bytes

def test(self, sock):
logging.debug('Sending Client Helo...')
sock.write(self.make_hello(self.hello_version, self.ciphers))

class InvalidCiphersLength12(InvalidCiphersLength):
'''As with InvalidCiphersLength but with TLSv1.2 helo'''

def __init__(self):
super(InvalidCiphersLength12, self).__init__()
self.hello_version = TLSRecord.TLS1_2
self.ciphers = DEFAULT_12_CIPHERS


class InvalidCiphersLength12PFS(InvalidCiphersLength):
'''As with InvalidCiphersLength but with PFS TLSv1.2 hello'''

def __init__(self):
super(InvalidCiphersLength12PFS, self).__init__()
self.hello_version = TLSRecord.TLS1_2
self.ciphers = DEFAULT_PFS_CIPHERS


class DoubleClientHello(NormalHandshake):
'''Two client hellos'''

Expand Down
58 changes: 58 additions & 0 deletions tests/test_probes.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -314,6 +314,64 @@ def test_test(self):
b'\x00\x00'])


class TestInvalidCiphersLength(unittest.TestCase):
def test_test(self):
probe = InvalidCiphersLength()
sock = MockSock()

probe.test(sock)

self.assertEqual(sock.sent_data,
[b'\x16\x03\x01\x00<'
b'\x01\x00\x008'
b'\x03\01' +
RANDOM_STR +
b'\x00'
b'\x00\x0f' +
DEFAULT_CIPHERS_STR + b'\x00'
b'\x01\x00'
b'\x00\x00'])


class TestInvalidCiphersLength12(unittest.TestCase):
def test_test(self):
probe = InvalidCiphersLength12()
sock = MockSock()

probe.test(sock)

self.maxDiff = None
self.assertEqual(sock.sent_data,
[b'\x16\x03\x01\x00T'
b'\x01\x00\x00P'
b'\x03\03' +
RANDOM_STR +
b'\x00'
b"\x00'" +
DEFAULT_12_CIPHERS_STR + b'\x00'
b'\x01\x00'
b'\x00\x00'])


class TestInvalidCiphersLength12PFS(unittest.TestCase):
def test_test(self):
probe = InvalidCiphersLength12PFS()
sock = MockSock()

probe.test(sock)

self.maxDiff = None
self.assertEqual(sock.sent_data,
[b'\x16\x03\x01\x00\x8c'
b'\x01\x00\x00\x88'
b'\x03\03' +
RANDOM_STR +
b'\x00'
b'\x00_' +
DEFAULT_PFS_CIPHERS_STR + b'\x00'
b'\x01\x00'
b'\x00\x00'])


class TestDoubleClientHello(unittest.TestCase):
def test_test(self):
Expand Down

0 comments on commit 1a01bcf

Please sign in to comment.