## This file is part of Scapy
|
## Copyright (C) 2007, 2008, 2009 Arnaud Ebalard <arno@natisbad.com>
|
## 2015, 2016, 2017 Maxence Tury <maxence.tury@ssi.gouv.fr>
|
## This program is published under a GPLv2 license
|
|
"""
|
Tools for handling TLS sessions and digital certificates.
|
Use load_layer('tls') to load them to the main namespace.
|
|
Prerequisites:
|
|
- You may need to 'pip install cryptography' for the module to be loaded.
|
|
|
Main features:
|
|
- X.509 certificates parsing/building.
|
|
- RSA & ECDSA keys sign/verify methods.
|
|
- TLS records and sublayers (handshake...) parsing/building. Works with
|
versions SSLv2 to TLS 1.2. This may be enhanced by a TLS context. For
|
instance, if Scapy reads a ServerHello with version TLS 1.2 and a cipher
|
suite using AES, it will assume the presence of IVs prepending the data.
|
See test/tls.uts for real examples.
|
|
- TLS encryption/decryption capabilities with many ciphersuites, including
|
some which may be deemed dangerous. Once again, the TLS context enables
|
Scapy to transparently send/receive protected data if it learnt the
|
session secrets. Note that if Scapy acts as one side of the handshake
|
(e.g. reads all server-related packets and builds all client-related
|
packets), it will indeed compute the session secrets.
|
|
- TLS client & server basic automatons, provided for testing and tweaking
|
purposes. These make for a very primitive TLS stack.
|
|
- Additionally, a basic test PKI (key + certificate for a CA, a client and
|
a server) is provided in tls/examples/pki_test.
|
|
|
Unit tests:
|
|
- Various cryptography checks.
|
|
- Reading a TLS handshake between a Firefox client and a GitHub server.
|
|
- Reading TLS 1.3 handshakes from test vectors of a draft RFC.
|
|
- Reading a SSLv2 handshake between s_client and s_server, without PFS.
|
|
- Test our TLS server against s_client with different cipher suites.
|
|
- Test our TLS client against our TLS server (s_server is unscriptable).
|
|
|
TODO list (may it be carved away by good souls):
|
|
- Features to add (or wait for) in the cryptography library:
|
|
- X448 from RFC 7748 (no support in openssl yet);
|
|
- the compressed EC point format.
|
|
|
- About the automatons:
|
|
- Add resumption support, through session IDs or session tickets.
|
|
- Add various checks for discrepancies between client and server.
|
Is the ServerHello ciphersuite ok? What about the SKE params? Etc.
|
|
- Add some examples which illustrate how the automatons could be used.
|
Typically, we could showcase this with Heartbleed.
|
|
- Allow the server to store both one RSA key and one ECDSA key, and
|
select the right one to use according to the ClientHello suites.
|
|
- Find a way to shutdown the automatons sockets properly without
|
simultaneously breaking the unit tests.
|
|
|
- Miscellaneous:
|
|
- Enhance PSK and session ticket support.
|
|
- Define several Certificate Transparency objects.
|
|
- Add the extended master secret and encrypt-then-mac logic.
|
|
- Mostly unused features : DSS, fixed DH, SRP, char2 curves...
|
"""
|
|
from scapy.config import conf
|
|
if not conf.crypto_valid:
|
import logging
|
log_loading = logging.getLogger("scapy.loading")
|
log_loading.info("Can't import python-cryptography v1.7+. "
|
"Disabled PKI & TLS crypto-related features.")
|
