tlsfuzzer.messages module

Objects for generating TLS messages to send.

class tlsfuzzer.messages.AlertGenerator(level=1, description=0)[source]

Bases: MessageGenerator

Generator for TLS Alert messages.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

generate(status)[source]

Send the Alert to server.

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a generator node.

is_expect()

Define object as a generator node.

is_generator()

Define object as a generator node.

post_send(state)

Modify the state after sending the message.

class tlsfuzzer.messages.ApplicationDataGenerator(payload)[source]

Bases: MessageGenerator

Generator for TLS Application Data messages.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

generate(status)[source]

Send data to server in Application Data messages.

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a generator node.

is_expect()

Define object as a generator node.

is_generator()

Define object as a generator node.

post_send(state)

Modify the state after sending the message.

class tlsfuzzer.messages.CertificateGenerator(certs=None, cert_type=None, version=None, context=None)[source]

Bases: HandshakeProtocolMessageGenerator

Generator for TLS handshake protocol Certificate message.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

generate(status)[source]

Create a Certificate message.

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a generator node.

is_expect()

Define object as a generator node.

is_generator()

Define object as a generator node.

post_send(state)

Update handshake hashes after sending.

class tlsfuzzer.messages.CertificateVerifyGenerator(private_key=None, msg_version=None, msg_alg=None, sig_version=None, sig_alg=None, signature=None, rsa_pss_salt_len=None, padding_xors=None, padding_subs=None, mgf1_hash=None, context=None)[source]

Bases: HandshakeProtocolMessageGenerator

Generator for TLS handshake protocol Certificate Verify message.

Variables:
  • msg_alg (tuple(int,int)) – signature and hash algorithm to be set on in the digitally-signed structure of TLSv1.2 Certificate Verify message. By default the first matching algorithm from CertificateRequest that matches our key or sent certificate. If no CertificateRequest received it will send the first algorithm matching our key or certificate sent. If no Certificate nor private key is available, it will select first algorithm from CertificateRequest. If no Certificate, CertificateRequest nor private key is availbale then it will use SHA-1 + RSA The first value in the tuple specifies hash type (from HashAlgorithm) and the second value specifies the signature algorithm (from SignatureAlgorithm). Or the value from SignatureScheme.

  • msg_version (tuple(int,int)) – protocol version that the message is to use, default is taken from current connection state

  • sig_version (tuple(int,int)) – protocol version to use for calculating the verify bytes for the signature (overrides msg_version, but just for the signature). Equal to msg_version by default.

  • sig_alg (tuple(int,int)) – hash and signature algorithm to be used for creating the signature in the message. Equal to msg_alg by default. Requires the sig_version to be set to at least TLSv1.2 to be effective.

  • signature (bytearray) – bytes to sent as the signature of the message

  • padding_xors (dict(int,int)) – which bytes of the pre-encryption RSA padding or post-signature ECDSA signature should be xored and with what values

  • padding_subs (dict(int,int)) – same as padding_xors but substitues specified bytes instead

  • mgf1_hash (str) – name of the hash to be used for calculating MGF1, effective only if sig_alg is set to a RSA_PSS algorithm and sig_version is TLS 1.2 or greater. By default the hash taken from sig_alg.

  • rsa_pss_salt_len (int) – length of the salt (in bytes) used in signature. Effective only if sig_alg is set to a RSA_PSS algorithm and sig_version is TLS 1.2 or greater. By default it’s equal to the length of the hash taken from sig_alg.

  • private_key (RSAKey or ECDSAKey) – key that will be used for signing the message

_get_ecdsa_sig_parameters()[source]

Set up parameters for sign() operation with ecdsa keys.

_get_key_and_key_type(status)[source]

Get a key, or if not possible, certificate for selecting the signature algorithm.

_get_rsa_sig_parameters()[source]

Return parameters for sign() operation with rsa keys.

_make_signature(status)[source]

Create signature for CertificateVerify message.

static _normalise_dict(dictionary, max_byte)[source]
_normalise_subs_and_xors(max_byte)[source]

Make sure that the substitutions and xors don’t go over the size of buffer, this is fine as ECDSA signatures are ASN.1 objects so have variable size

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

_select_msg_alg(status)[source]

Select the signature algorithm based on CertificateRequest from server, either our sent Certificate or our private key and the protocol version.

static _sig_alg_for_certificate(key_alg, accept_sig_algs, version, key)[source]

Select an acceptable signature algorithm based on key algorithm, protocol version and curve name (in case of ECDSA).

static _sig_alg_for_dsa_key(accept_sig_algs, version, key)[source]

Select an acceptable signature algorithm for a given DSA key.

static _sig_alg_for_ecdsa_key(accept_sig_algs, version, key)[source]

Select an acceptable signature algorithm for a given ecdsa key.

static _sig_alg_for_eddsa_key(key_alg, accept_sig_algs)[source]
static _sig_alg_for_rsa_key(key_alg, accept_sig_algs, version)[source]

Select an acceptable signature algorithm for a given rsa key.

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

generate(status)[source]

Create a CertificateVerify message.

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a generator node.

is_expect()

Define object as a generator node.

is_generator()

Define object as a generator node.

post_send(state)

Update handshake hashes after sending.

class tlsfuzzer.messages.ChangeCipherSpecGenerator(extended_master_secret=None, fake=False)[source]

Bases: MessageGenerator

Generator for TLS Change Cipher Spec messages.

Note

After sending the ChangeCipherSpec message, in TLS 1.2 and earlier, the record layer will switch to encrypted communication (or newly negotiated keys). In TLS 1.3 the message has no effect on encryption or record layer state.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

generate(status)[source]

Create a message for sending to server.

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a generator node.

is_expect()

Define object as a generator node.

is_generator()

Define object as a generator node.

post_send(status)[source]

Generate new encryption keys for connection.

class tlsfuzzer.messages.ClearContext(context)[source]

Bases: Command

Object used to zero-out the context used in PHA.

This is necessary if the conversation is executed more than once.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Zero out the associated context

class tlsfuzzer.messages.ClientHelloGenerator(ciphers=None, extensions=None, version=None, session_id=None, random=None, compression=None, ssl2=False, modifiers=None)[source]

Bases: HandshakeProtocolMessageGenerator

Generator for TLS handshake protocol Client Hello messages.

_generate_extensions(state)[source]

Convert extension generators to extension objects.

_handle_modifiers(state, clnt_hello)[source]

Handle processing of the modifiers of the message.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

generate(state)[source]

Create a Client Hello message.

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a generator node.

is_expect()

Define object as a generator node.

is_generator()

Define object as a generator node.

post_send(state)

Update handshake hashes after sending.

class tlsfuzzer.messages.ClientKeyExchangeGenerator(cipher=None, version=None, client_version=None, dh_Yc=None, padding_subs=None, padding_xors=None, ecdh_Yc=None, encrypted_premaster=None, modulus_as_encrypted_premaster=False, p_as_share=False, p_1_as_share=False, premaster_secret=None, padding_byte=None, reuse_encrypted_premaster=False, encrypted_premaster_file=None, encrypted_premaster_length=None, random_premaster=False)[source]

Bases: HandshakeProtocolMessageGenerator

Generator for TLS handshake protocol Client Key Exchange messages.

Variables:
  • dh_Yc (int) – Override the sent dh_Yc value to the specified one

  • padding_subs (dict(int,int)) – Substitutions for the encrypted premaster secret padding bytes (applicable only for the RSA key exchange)

  • padding_xors (dict(int,int)) – XORs for the encrypted premaster secret padding bytes (applicable only for the RSA key exchange)

  • ecdh_Yc (bytearray) – encoded ECC point being the client key share for the key exchange

  • encrypted_premaster (bytearray) – the premaster secret after it was encrypted, as it will be sent on the wire

  • modulus_as_encrypted_premaster (bool) – if True, set the encrypted premaster (the value seen on the wire) to the server’s certificate modulus (the server’s public key)

  • p_as_share (bool) – set the key share to the value p provided by server in Server Key Exchange (applicable only to FFDHE key exchange)

  • p_1_as_share (bool) – set the key share to the value p - 1, as provided by server in Server Key Exchange (applicable only to FFDHE key exchange with safe primes)

  • padding_byte (int) – byte to use as padding instead of randomly generated bytes (applicable only for RSA key exchange)

  • client_version (tuple(int,int)) – the version to set in the RSA pre-master secret

  • reuse_encrypted_premaster (bool) – if set to true, the message generator will create the RSA ciphertext once and reuse it for subsequent connections. Applicable only to RSA key exchange, useful only for tests that run the same conversation over and over (like timing tests).

  • encrypted_premaster_file (file object) – The file object from which to read the encrypted premaster secret, on node re-ececution will read subsequent values, does not rewind the file pointer or close the file. The file must be opened in binary mode

  • encrypted_premaster_length (int) – The length of data to read, in bytes

  • random_premaster (bool) – whether to use a random premaster value or the static default (48 zero bytes)

_encrypt_with_fuzzing(public_key)[source]

Use public_key to encrypt premaster secret with fuzzed padding.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

generate(status)[source]

Create a Client Key Exchange message.

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a generator node.

is_expect()

Define object as a generator node.

is_generator()

Define object as a generator node.

post_send(state)[source]

Save intermediate handshake hash value.

class tlsfuzzer.messages.ClientMasterKeyGenerator(cipher=None, master_key=None)[source]

Bases: HandshakeProtocolMessageGenerator

Generator for SSLv2 Handshake Protocol CLIENT-MASTER-KEY message.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

generate(state)[source]

Generate a new CLIENT-MASTER-KEY message.

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a generator node.

is_expect()

Define object as a generator node.

is_generator()

Define object as a generator node.

post_send(state)

Update handshake hashes after sending.

class tlsfuzzer.messages.Close[source]

Bases: Command

Object used to close a TCP connection.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Close currently open connection.

class tlsfuzzer.messages.CloseRST[source]

Bases: Command

Object used to close a TCP connection with a RST packet.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Close currently open connection by sending a RST packet.

class tlsfuzzer.messages.CollectNonces(nonces)[source]

Bases: Command

Start collecting nonces being sent by the server in the provided array.

Works only for ciphers like AES-GCM which use explicit nonces. Ciphers like Chacha20 use implicit nonce constructed from PRF output and sequence number.

Needs to be run after the cipher was negotiated and switched to (after CCS), will collect nonces only till next renegotiation.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Monkey patch the seal() method.

class tlsfuzzer.messages.Command[source]

Bases: TreeNode

Command objects.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()[source]

Define object as a command node.

is_expect()[source]

Define object as a command node.

is_generator()[source]

Define object as a command node.

process(state)[source]

Change the state of the connection.

class tlsfuzzer.messages.Connect(hostname, port, version=(3, 0), timeout=5)[source]

Bases: Command

Object used to connect to a TCP server.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Connect to a server.

class tlsfuzzer.messages.CopyVariables(log)[source]

Bases: Command

Copy current random values of connection to provided arrays.

Available keys are either ClientHello.random, ServerHello.random, ServerHello.session_id or one of the values in key in ConnectionState (premaster_secret, master_secret, ServerHello.extensions.key_share.key_exchange, server handshake traffic secret, exporter master secret, ServerKeyExchange.key_share, ServerKeyExchange.dh_p, ClientKeyExchange.dh_Yc, ClientKeyExchange.ecdh_Yc, DH shared secret, PSK secret, client_verify_data, server_verify_data, client application traffic secret, server application traffic secret, resumption master secret, early secret, or handshake secret)

The log should be a dict (where keys have the above specified names) and values should be arrays (the values will be appended there).

This node needs to be put right after a node that calculate or use the specific values to guarantee correct collection (i.e. if the conversation performs a renegotiation, it needs to be placed after both ExpectServerHello nodes to collect both ServerHello.random values).

Parameters:

log (dict(str,list)) – dictionary with names of values to collect

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Copy current variables to log arrays.

class tlsfuzzer.messages.FinishedGenerator(protocol=None, trunc_start=0, trunc_end=None, pad_byte=0, pad_left=0, pad_right=0, context=None)[source]

Bases: HandshakeProtocolMessageGenerator

Generator for TLS handshake protocol Finished messages.

Note

The FinishedGenerator may influence the record layer encryption. In SSLv2, the record layer will be configured to expect encrypted records and send encrypted records before the message is sent. In SSLv3 up to TLS 1.2 the message has no impact on state of encryption. In TLS 1.3, after the message is sent, the record layer will be switched to use client_application_traffic_secret keys for sending.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

generate(status)[source]

Create a Finished message.

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a generator node.

is_expect()

Define object as a generator node.

is_generator()

Define object as a generator node.

post_send(status)[source]

Perform post-transmit changes needed by generation of Finished.

class tlsfuzzer.messages.FlushMessageList(fragment_list)[source]

Bases: PopMessageFromList

Takes a reference to list, empties it to generate a message.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

generate(state)[source]

Creata a single message to empty the list.

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a generator node.

is_expect()

Define object as a generator node.

is_generator()

Define object as a generator node.

post_send(state)

Modify the state after sending the message.

class tlsfuzzer.messages.FlushMessageQueue(description=None)[source]

Bases: Command

Flush the record layer queue of messages.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Change the state of the connection.

class tlsfuzzer.messages.HandshakeProtocolMessageGenerator[source]

Bases: MessageGenerator

Message generator for TLS Handshake protocol messages.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

generate(state)

Return a message ready to write to socket.

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a generator node.

is_expect()

Define object as a generator node.

is_generator()

Define object as a generator node.

post_send(state)[source]

Update handshake hashes after sending.

class tlsfuzzer.messages.HeartbeatGenerator(payload, message_type=1, padding_length=None)[source]

Bases: MessageGenerator

Generator for heartbeat messages.

Variables:
  • message_type (int) – the type of the message to send, see HeartbeatMessageType enum for values

  • payload (bytearray) – data to be sent to the other size for it to echo it back

  • padding (bytearray) – payload to be sent to the other side, it should be at least 16 bytes long for the message to be valid

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

generate(state)[source]

Create a Heartbeat message.

Return type:

~tlslite.messages.Heartbeat

Returns:

heartbeat message to be sent to the other side

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a generator node.

is_expect()

Define object as a generator node.

is_generator()

Define object as a generator node.

post_send(state)

Modify the state after sending the message.

class tlsfuzzer.messages.KeyUpdateGenerator(message_type=0)[source]

Bases: MessageGenerator

Generator for TLS 1.3 KeyUpdate message.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

generate(state)[source]

Generate a KeyUpdate message.

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a generator node.

is_expect()

Define object as a generator node.

is_generator()

Define object as a generator node.

post_send(state)[source]

Perform post-transmit changes needed by generation of KeyUpdate.

class tlsfuzzer.messages.MessageGenerator[source]

Bases: TreeNode

Message generator objects.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

generate(state)[source]

Return a message ready to write to socket.

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()[source]

Define object as a generator node.

is_expect()[source]

Define object as a generator node.

is_generator()[source]

Define object as a generator node.

post_send(state)[source]

Modify the state after sending the message.

class tlsfuzzer.messages.PlaintextMessageGenerator(content_type, data, description=None)[source]

Bases: Command

Send a plaintext data record irrespective of encryption state.

Does not update handshake hashes, record layer state, does not fragment, etc.

Variables:
  • content_type (int) – content type of message, used in record layer header. See ContentType for well-known values

  • ~.data (bytearray) – payload for the record

  • ~.description (str) – identifier to print when processing of the node fails

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Send the message over the socket.

class tlsfuzzer.messages.PopMessageFromList(fragment_list)[source]

Bases: MessageGenerator

Takes a reference to list, pops a message from it to generate one.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

generate(state)[source]

Create a message using the reference to list from init.

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a generator node.

is_expect()

Define object as a generator node.

is_generator()

Define object as a generator node.

post_send(state)[source]

Modify the state after sending the message.

class tlsfuzzer.messages.RawMessageGenerator(content_type, data, description=None)[source]

Bases: MessageGenerator

Generator for arbitrary record layer messages.

Can generate message with any content_type and any payload. Will be encrypted if encryption is negotiated in the connection.

Variables:
  • content_type (int) – content type of message, used in record layer header. See ContentType for well-known values

  • ~.data (bytearray) – payload for the record

  • ~.description (str) – identifier to print when processing of the node fails

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

generate(state)[source]

Create a tlslite-ng message that can be send.

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a generator node.

is_expect()

Define object as a generator node.

is_generator()

Define object as a generator node.

post_send(state)

Modify the state after sending the message.

class tlsfuzzer.messages.RawSocketWriteGenerator(data, description=None)[source]

Bases: Command

Send a plaintext data irrespective of encryption state.

Does not update handshake hashes, record layer state, does not fragment, etc.

Variables:
  • ~.data (bytearray) – data to send

  • ~.description (str) – identifier to print when processing of the node fails

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Send the message over the socket.

class tlsfuzzer.messages.ResetHandshakeHashes[source]

Bases: Command

Object used to reset current state of handshake hashes to zero.

Used for session renegotiation or resumption.

Also prepares for negotiation (or dropping) of record_size_limit extension.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Reset current running handshake protocol hashes.

class tlsfuzzer.messages.ResetRenegotiationInfo(client=None, server=None)[source]

Bases: Command

Object used to reset state of data needed for secure renegotiation.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Reset current Finished message values.

class tlsfuzzer.messages.ResetWriteConnectionState[source]

Bases: Command

Reset _writeState configuration to default values

All sent messages will be unencrypted now

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Change the state of the connection.

class tlsfuzzer.messages.SetMaxRecordSize(max_size=None)[source]

Bases: Command

Change the Record Layer to send records of non standard size.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Change the size of messages in record layer.

class tlsfuzzer.messages.SetPaddingCallback(cb=None)[source]

Bases: Command

Set the padding callback which returns the length of the padding to be added to the message in the record layer.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

static add_fixed_padding_cb(size)[source]

Returns a callback function which returns a fixed number as the padding size

static fill_padding_cb(length, contenttype, max_padding)[source]

Simple callback which returns the maximum padding size as the size of the padding to be added to the message

static fixed_length_cb(size)[source]

Returns a callback function which returns a fixed number as the padding size

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Set the callback which returns the length of the padding in record layer.

class tlsfuzzer.messages.SetRecordVersion(version)[source]

Bases: Command

Change the version used at record layer.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Change the state of the connection.

class tlsfuzzer.messages.TCPBufferingDisable[source]

Bases: Command

Stop buffering all writes on the TCP level.

All messages will be now passed directly to the TCP socket

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Disable TCP buffering.

class tlsfuzzer.messages.TCPBufferingEnable[source]

Bases: Command

Start buffering all writes on the TCP level of connection.

You will need to call an explicit flush to send the messages.

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Enable TCP buffering.

class tlsfuzzer.messages.TCPBufferingFlush[source]

Bases: Command

Send all messages in the buffer.

Does not change the state of buffering

_repr(attributes)

Return a text representation of the object.

Parameters:

attributes (list(str)) – names of attributes of the object that will be included in the text representation

add_child(child)

Sets the parameter as the child of the node

Returns:

the child node

get_all_siblings()

Return iterator with all siblings of node

Return type:

iterator

is_command()

Define object as a command node.

is_expect()

Define object as a command node.

is_generator()

Define object as a command node.

process(state)[source]

Flush all messages to TCP socket.

tlsfuzzer.messages._apply_function(data, settings, fun)[source]

Modify data based on settings and function fun.

Client Hello cookie extension handler.

Copies the cookie extension from last HRR message.

tlsfuzzer.messages.ch_key_share_handler(state)[source]

Client Hello key_share extension handler.

Generates the key share for the group selected by server in the last HRR message.

tlsfuzzer.messages.div_ceil(divident, divisor)[source]

Perform integer division of divident by divisor, round up.

tlsfuzzer.messages.fuzz_encrypted_message(generator, substitutions=None, xors=None)[source]

Change arbitrary bytes of the authenticated ciphertext block.

Can modify authentication tag of AEAD ciphers and CBC ciphers working in encrypt then MAC mode.

Parameters:
  • generator (MessageGenerator) – modified message

  • substitutions (dict(int,int)) – modify specified bytes of the message, the keys indicate the positions in the message (negative numbers count from the end of messages), the values of the dictionary specify the values to change the bytes to

  • xors (dict(int,int)) – modify specified bytes of the message, the keys indicate the positions in the message (negative numbers count from the end of messages), the values of the dictionary specify the values to xor with

tlsfuzzer.messages.fuzz_mac(generator, substitutions=None, xors=None)[source]

Change arbitrary bytes of the MAC value.

Works with stream and CBC cipher suites in SSL 3 up to TLS 1.2. Works with both encrypt then MAC and MAC then encrypt connections.

Parameters:
  • generator (MessageGenerator) – modified message

  • substitutions (dict(int,int)) – modify specified bytes of the message, the keys indicate the positions in the message (negative numbers count from the end of messages), the values of the dictionary specify the values to change the bytes to

  • xors (dict(int,int)) – modify specified bytes of the message, the keys indicate the positions in the message (negative numbers count from the end of messages), the values of the dictionary specify the values to xor with

tlsfuzzer.messages.fuzz_message(generator, substitutions=None, xors=None)[source]

Change arbitrary bytes of the message after write.

Modified data includes handshake protocol header but doesn’t include record header, content type or record-level padding.

Parameters:
  • generator (MessageGenerator) – modified message

  • substitutions (dict(int,int)) – modify specified bytes of the message, the keys indicate the positions in the message (negative numbers count from the end of messages), the values of the dictionary specify the values to change the bytes to

  • xors (dict(int,int)) – modify specified bytes of the message, the keys indicate the positions in the message (negative numbers count from the end of messages), the values of the dictionary specify the values to xor with

tlsfuzzer.messages.fuzz_padding(generator, min_length=None, substitutions=None, xors=None)[source]

Change the padding of the message.

Works with CBC ciphers only.

Note: the “-1” position is the byte with the length of padding while “-2” is the last byte of padding (if padding has non-zero length)

Parameters:
  • generator (MessageGenerator) – modified message

  • min_length (int) – the minimum length of padding created, including the byte specifying length of padding, must be smaller than 257

  • substitutions (dict(int,int)) – modify specified bytes of the message, the keys indicate the positions in the message (negative numbers count from the end of messages), the values of the dictionary specify the values to change the bytes to

  • xors (dict(int,int)) – modify specified bytes of the message, the keys indicate the positions in the message (negative numbers count from the end of messages), the values of the dictionary specify the values to xor with

tlsfuzzer.messages.fuzz_pkcs1_padding(key, substitutions=None, xors=None, padding_byte=None)[source]

Fuzz the PKCS#1 padding used in signatures or encryption.

Use to modify Client Key Exchange padding of encrypted value.

tlsfuzzer.messages.fuzz_plaintext(generator, substitutions=None, xors=None)[source]

Change arbitrary bytes of the plaintext right before encryption.

Get access to all data before encryption, including the IV, MAC and padding.

Works only with CBC ciphers. in EtM mode will not include MAC.

Note: the “-1” position is the byte with length of padding while “-2” is the last byte of padding (if padding has non-zero length)

Parameters:
  • substitutions (dict(int,int)) – modify specified bytes of the message, the keys indicate the positions in the message (negative numbers count from the end of messages), the values of the dictionary specify the values to change the bytes to

  • xors (dict(int,int)) – modify specified bytes of the message, the keys indicate the positions in the message (negative numbers count from the end of messages), the values of the dictionary specify the values to xor with

tlsfuzzer.messages.pad_handshake(generator, size=0, pad_byte=0, pad=None)[source]

Pad or truncate handshake messages.

Pad or truncate a handshake message by given amount of bytes, use negative size to truncate. Update handshake protocol header to compensate.

Parameters:
  • generator (MessageGenerator) – modified message

  • size (int) – number of bytes to add at the end (if positive) or number of bytes to remove at the end of payload (if negative)

  • pad_byte (int) – numerical value of added bytes, must be between 0 and 255 inclusive

  • pad (bytearray) – bytes to add at the end of payload

tlsfuzzer.messages.post_send_msg_sock_restore(obj, method_name, old_method_name)[source]

Un-Monkey patch a method of msg_sock.

(Method used internally by tlsfuzzer.)

tlsfuzzer.messages.queue_message(generator)[source]

Queue message with other ones of the same content type.

Allow coalescing of the message with other messages with the same content type, this allows for sending Certificate and CertificateVerify in a single record.

tlsfuzzer.messages.replace_plaintext(generator, new_plaintext)[source]

Change the plaintext of the message right before encryption.

Will replace all data before encryption, including the IV, MAC and padding.

Note: works only with CBC ciphers. in EtM mode will NOT modify MAC.

Length of new_plaintext must be multiple of negotiated cipher block size (8 bytes for 3DES, 16 bytes for AES)

tlsfuzzer.messages.skip_post_send(generator)[source]

Make the post_send method of generator do nothing.

This is useful when combining messages that update connection state, like KeyUpdate or Finished in TLS 1.3.

tlsfuzzer.messages.split_message(generator, fragment_list, size)[source]

Split a given message type to multiple messages.

Allows for splicing message into the middle of a different message type

tlsfuzzer.messages.substitute_and_xor(data, substitutions, xors)[source]

Apply changes from substitutions and xors to data for fuzzing.

(Method used internally by tlsfuzzer.)

tlsfuzzer.messages.truncate_handshake(generator, size=0, pad_byte=0)[source]

Truncate a handshake message.

See pad_handshake() for inverse of this function