0xb00b5/0xb00b5-packmate
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Работа над расшифровкой TLS

Browse Source
This commit is contained in:
serega6531
2020-04-23 00:19:37 +03:00
parent 482d74f4b4
commit 6302a2d7cc
2 changed files with 48 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
src/main/java/ru/serega6531/packmate/service/optimization/TlsDecryptor.java
View File

@@ -18,8 +18,11 @@ import ru.serega6531.packmate.utils.PRF;
import ru.serega6531.packmate.utils.TlsUtils; import ru.serega6531.packmate.utils.TlsUtils;
import javax.crypto.Cipher; import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.X509KeyManager; import javax.net.ssl.X509KeyManager;
import java.io.File; import java.io.File;
import java.nio.ByteBuffer;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPrivateKey;
import java.util.*; import java.util.*;
@@ -67,14 +70,48 @@ public class TlsDecryptor {
byte[] encryptedPreMaster = TlsKeyUtils.getClientRsaPreMaster(clientKeyExchange.getContent(), 0); byte[] encryptedPreMaster = TlsKeyUtils.getClientRsaPreMaster(clientKeyExchange.getContent(), 0);
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.DECRYPT_MODE, privateKey); rsa.init(Cipher.DECRYPT_MODE, privateKey);
byte[] preMaster = cipher.doFinal(encryptedPreMaster); byte[] preMaster = rsa.doFinal(encryptedPreMaster);
byte[] seed1 = ArrayUtils.addAll(clientRandom, serverRandom); byte[] randomCS = ArrayUtils.addAll(clientRandom, serverRandom);
byte[] seed2 = ArrayUtils.addAll(serverRandom, clientRandom); byte[] randomSC = ArrayUtils.addAll(serverRandom, clientRandom);
byte[] masterSecret = PRF.getBytes(preMaster, "master secret", seed1, 48); byte[] masterSecret = PRF.getBytes(preMaster, "master secret", randomCS, 48);
byte[] expanded = PRF.getBytes(masterSecret, "key expansion", seed2, 136); byte[] expanded = PRF.getBytes(masterSecret, "key expansion", randomSC, 136);
byte[] clientMacKey = new byte[20];
byte[] serverMacKey = new byte[20];
byte[] clientEncryptionKey = new byte[32];
byte[] serverEncryptionKey = new byte[32];
byte[] clientIV = new byte[16];
byte[] serverIV = new byte[16];
ByteBuffer bb = ByteBuffer.wrap(expanded);
bb.get(clientMacKey);
bb.get(serverMacKey);
bb.get(clientEncryptionKey);
bb.get(serverEncryptionKey);
bb.get(clientIV);
bb.get(serverIV);
Cipher aes = Cipher.getInstance("AES/CBC/NoPadding"); // TLS_RSA_WITH_AES_256_CBC_SHA
SecretKeySpec skeySpec = new SecretKeySpec(clientEncryptionKey, "AES");
IvParameterSpec ivParameterSpec = new IvParameterSpec(clientIV);
aes.init(Cipher.DECRYPT_MODE, skeySpec, ivParameterSpec);
byte[] data = tlsPackets.entrySet().stream()
.filter(ent -> ent.getKey().isIncoming())
.map(Map.Entry::getValue)
.flatMap(Collection::stream)
.filter(p -> p.getContentType() == ContentType.HANDSHAKE)
.map(p -> ((HandshakeRecord) p.getRecord()))
.filter(r -> r.getHandshakeType() == HandshakeType.ENCRYPTED_HANDSHAKE_MESSAGE)
.map(r -> ((BasicRecordContent) r.getContent()))
.findFirst()
.orElseThrow()
.getContent();
byte[] decrypt = aes.doFinal(data);
System.out.println(); System.out.println();
} }

4
src/main/java/ru/serega6531/packmate/service/optimization/tls/records/ApplicationDataRecord.java
View File

@@ -21,6 +21,10 @@ public class ApplicationDataRecord implements TlsRecord {
System.arraycopy(rawData, offset, data, 0, length); System.arraycopy(rawData, offset, data, 0, length);
} }
public byte[] getData() {
return data;
}
@Override @Override
public String toString() { public String toString() {
return " Encrypted data: [" + data.length + " bytes]"; return " Encrypted data: [" + data.length + " bytes]";