From 72155ba99a5ac3d80e13bee9f7e1abadac60a01d Mon Sep 17 00:00:00 2001 From: serega6531 Date: Wed, 22 Apr 2020 00:26:44 +0300 Subject: [PATCH] =?UTF-8?q?=D0=A0=D0=B0=D0=B1=D0=BE=D1=82=D0=B0=20=D0=BD?= =?UTF-8?q?=D0=B0=D0=B4=20=D1=80=D0=B0=D1=81=D1=88=D0=B8=D1=84=D1=80=D0=BE?= =?UTF-8?q?=D0=B2=D0=BA=D0=BE=D0=B9=20RSA=20TLS?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../service/optimization/TlsDecryptor.java | 142 ++++++++---------- .../service/optimization/tls/TlsPacket.java | 12 ++ .../optimization/tls/keys/DhClientParams.java | 20 +-- .../tls/keys/EcdheServerParams.java | 20 +-- .../tls/keys/RsaServerParams.java | 22 --- .../optimization/tls/keys/TlsKeyUtils.java | 37 ++--- .../tls/keys/enums/NamedCurve.java | 28 +++- .../enums/SignatureHashAlgorithmHash.java | 33 ---- .../SignatureHashAlgorithmSignature.java | 33 ---- .../tls/keys/enums/SignatureScheme.java | 58 +++++++ .../tls/records/HandshakeRecord.java | 8 + .../handshakes/BasicRecordContent.java | 4 + .../HelloHandshakeRecordContent.java | 16 ++ .../ServerHelloHandshakeRecordContent.java | 8 + .../utils/{SSLUtils.java => TlsUtils.java} | 16 +- src/test/resources/tls-wolfram.pkmt | 12 -- src/test/resources/tls.pkmt | 15 +- 17 files changed, 236 insertions(+), 248 deletions(-) delete mode 100644 src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/RsaServerParams.java delete mode 100644 src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureHashAlgorithmHash.java delete mode 100644 src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureHashAlgorithmSignature.java create mode 100644 src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureScheme.java rename src/main/java/ru/serega6531/packmate/utils/{SSLUtils.java => TlsUtils.java} (74%) delete mode 100644 src/test/resources/tls-wolfram.pkmt diff --git a/src/main/java/ru/serega6531/packmate/service/optimization/TlsDecryptor.java b/src/main/java/ru/serega6531/packmate/service/optimization/TlsDecryptor.java index 619870c..0b63526 100644 --- a/src/main/java/ru/serega6531/packmate/service/optimization/TlsDecryptor.java +++ b/src/main/java/ru/serega6531/packmate/service/optimization/TlsDecryptor.java @@ -2,19 +2,26 @@ package ru.serega6531.packmate.service.optimization; import lombok.RequiredArgsConstructor; import lombok.SneakyThrows; -import org.springframework.security.crypto.codec.Hex; import ru.serega6531.packmate.model.Packet; -import ru.serega6531.packmate.utils.PacketUtils; -import ru.serega6531.packmate.utils.SSLUtils; +import ru.serega6531.packmate.service.optimization.tls.TlsPacket; +import ru.serega6531.packmate.service.optimization.tls.keys.TlsKeyUtils; +import ru.serega6531.packmate.service.optimization.tls.numbers.CipherSuite; +import ru.serega6531.packmate.service.optimization.tls.numbers.ContentType; +import ru.serega6531.packmate.service.optimization.tls.numbers.HandshakeType; +import ru.serega6531.packmate.service.optimization.tls.records.HandshakeRecord; +import ru.serega6531.packmate.service.optimization.tls.records.handshakes.BasicRecordContent; +import ru.serega6531.packmate.service.optimization.tls.records.handshakes.ClientHelloHandshakeRecordContent; +import ru.serega6531.packmate.service.optimization.tls.records.handshakes.HandshakeRecordContent; +import ru.serega6531.packmate.service.optimization.tls.records.handshakes.ServerHelloHandshakeRecordContent; +import ru.serega6531.packmate.utils.TlsUtils; -import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLEngine; -import javax.net.ssl.SSLEngineResult; +import javax.crypto.Cipher; +import javax.net.ssl.X509KeyManager; import java.io.File; -import java.nio.ByteBuffer; -import java.security.SecureRandom; -import java.util.Arrays; -import java.util.List; +import java.security.cert.X509Certificate; +import java.security.interfaces.RSAPrivateKey; +import java.util.*; +import java.util.stream.Collectors; @RequiredArgsConstructor public class TlsDecryptor { @@ -23,86 +30,65 @@ public class TlsDecryptor { @SneakyThrows public void decryptTls() { - List> sides = PacketUtils.sliceToSides(packets); - File pemFile = new File(getClass().getClassLoader().getResource("tls.pem").getFile()); File keyFile = new File(getClass().getClassLoader().getResource("tls.key").getFile()); - SSLContext context = SSLUtils.createContext(pemFile, keyFile, new TlsFakeSecureRandom()); - SSLEngine serverEngine = context.createSSLEngine(); - serverEngine.setUseClientMode(false); - serverEngine.setNeedClientAuth(true); + X509KeyManager keyManager = TlsUtils.createKeyManager(pemFile, keyFile); - ByteBuffer decodedServerBuf = ByteBuffer.allocate(1000); - ByteBuffer tmp = ByteBuffer.allocate(50); - ByteBuffer tmp2 = ByteBuffer.allocate(50000); -// tmp.put((byte)1); + X509Certificate[] certificateChain = keyManager.getCertificateChain("1"); + RSAPrivateKey privateKey = ((RSAPrivateKey) keyManager.getPrivateKey("1")); - unwrap(serverEngine, packets.get(0).getContent(), decodedServerBuf); - wrap(serverEngine, tmp, tmp2); - wrap(serverEngine, tmp, tmp2); - wrap(serverEngine, tmp, tmp2); - unwrap(serverEngine, packets.get(2).getContent(), decodedServerBuf); - unwrap(serverEngine, packets.get(3).getContent(), decodedServerBuf); - unwrap(serverEngine, packets.get(4).getContent(), decodedServerBuf); - unwrap(serverEngine, packets.get(5).getContent(), decodedServerBuf); + Map> tlsPackets = packets.stream() + .collect(Collectors.toMap(p -> p, this::createTlsHeaders)); - System.out.println(); + ClientHelloHandshakeRecordContent clientHello = (ClientHelloHandshakeRecordContent) + getHandshake(tlsPackets.values(), HandshakeType.CLIENT_HELLO).orElseThrow(); + ServerHelloHandshakeRecordContent serverHello = (ServerHelloHandshakeRecordContent) + getHandshake(tlsPackets.values(), HandshakeType.SERVER_HELLO).orElseThrow(); + + byte[] clientRandom = clientHello.getRandom(); + byte[] serverRandom = serverHello.getRandom(); + + CipherSuite cipherSuite = serverHello.getCipherSuite(); + + if(cipherSuite.name().startsWith("TLS_RSA_")) { + BasicRecordContent clientKeyExchange = (BasicRecordContent) + getHandshake(tlsPackets.values(), HandshakeType.CLIENT_KEY_EXCHANGE).orElseThrow(); + + byte[] encryptedPreMaster = TlsKeyUtils.getClientRsaPreMaster(clientKeyExchange.getContent(), 0); + + Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); + cipher.init(Cipher.DECRYPT_MODE, privateKey); + byte[] preMaster = cipher.doFinal(encryptedPreMaster); + + System.out.println(); + } + + } + + private Optional getHandshake(Collection> packets, + HandshakeType handshakeType) { + return packets.stream() + .flatMap(Collection::stream) + .filter(p -> p.getContentType() == ContentType.HANDSHAKE) + .map(p -> ((HandshakeRecord) p.getRecord())) + .filter(r -> r.getHandshakeType() == handshakeType) + .map(HandshakeRecord::getContent) + .findFirst(); } @SneakyThrows - private void unwrap(SSLEngine serverEngine, byte[] content, ByteBuffer buf) { - SSLEngineResult unwrap = serverEngine.unwrap(ByteBuffer.wrap(content), buf); - System.out.println("UNWRAP " + unwrap); - Runnable delegatedTask = serverEngine.getDelegatedTask(); - if(delegatedTask != null) { - delegatedTask.run(); - } - } + private List createTlsHeaders(Packet p) { + List headers = new ArrayList<>(); + TlsPacket tlsPacket = TlsPacket.newPacket(p.getContent(), 0, p.getContent().length); - @SneakyThrows - private void wrap(SSLEngine serverEngine, ByteBuffer src, ByteBuffer dest) { - SSLEngineResult wrap = serverEngine.wrap(src, dest); - System.out.println("WRAP " + wrap); - Runnable delegatedTask = serverEngine.getDelegatedTask(); - if(delegatedTask != null) { - delegatedTask.run(); - } - } + headers.add(tlsPacket.getHeader()); - private static class TlsFakeSecureRandom extends SecureRandom { - - /* - state 0 - engineInit(SSLContextImpl.java:117) - stage 1 - SessionId. -> RandomCookie - stage 2 - server random (ServerHello.java:575) - stage 3 - XDHKeyPairGenerator.generateKeyPair -> XECOperations.generatePrivate - */ - - private int state = 0; - - @Override - public void nextBytes(byte[] bytes) { - System.out.println("STATE " + state); - StackWalker.getInstance().forEach(System.out::println); - System.out.println("-----------------"); - - switch (state) { - case 0 -> Arrays.fill(bytes, (byte) 0); - case 1, 2, 3 -> System.arraycopy(getFakeBytes(), 0, bytes, 0, bytes.length); - } - - state++; - } - - private byte[] getFakeBytes() { - return switch (state) { - case 1 -> Hex.decode("0ab8b3409555d3d658b1844f52dfc0116467c4b9088d1deb504f3935c10de893"); - case 2 -> Hex.decode("b5474b785c5e9bbadf2b0cd136e9aaf8bc2d89583ef96c479b531b94808349cc"); - case 3 -> Hex.decode("801d96be72cbbd2f4e33b5ec7e5e0b073636269e42c17d1d8996fdd28c9f7230"); - default -> throw new IllegalStateException("Unexpected value: " + state); - }; + while (tlsPacket.getPayload() != null) { + tlsPacket = (TlsPacket) tlsPacket.getPayload(); + headers.add(tlsPacket.getHeader()); } + return headers; } } diff --git a/src/main/java/ru/serega6531/packmate/service/optimization/tls/TlsPacket.java b/src/main/java/ru/serega6531/packmate/service/optimization/tls/TlsPacket.java index 217a46c..8f4eb73 100644 --- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/TlsPacket.java +++ b/src/main/java/ru/serega6531/packmate/service/optimization/tls/TlsPacket.java @@ -120,6 +120,18 @@ public class TlsPacket extends AbstractPacket { } } + public ContentType getContentType() { + return contentType; + } + + public TlsVersion getVersion() { + return version; + } + + public TlsRecord getRecord() { + return record; + } + @Override protected List getRawFields() { List rawFields = new ArrayList<>(); diff --git a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/DhClientParams.java b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/DhClientParams.java index 2eba420..2b3f9b2 100644 --- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/DhClientParams.java +++ b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/DhClientParams.java @@ -1,26 +1,22 @@ package ru.serega6531.packmate.service.optimization.tls.keys; -import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureHashAlgorithmHash; -import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureHashAlgorithmSignature; +import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureScheme; public class DhClientParams { private final byte[] p; private final byte[] g; private final byte[] pubkey; - private final SignatureHashAlgorithmHash signatureHashAlgorithmHash; - private final SignatureHashAlgorithmSignature signatureHashAlgorithmSignature; + private final SignatureScheme signatureScheme; private final byte[] signature; public DhClientParams(byte[] p, byte[] g, byte[] pubkey, - SignatureHashAlgorithmHash signatureHashAlgorithmHash, - SignatureHashAlgorithmSignature signatureHashAlgorithmSignature, + SignatureScheme signatureScheme, byte[] signature) { this.p = p; this.g = g; this.pubkey = pubkey; - this.signatureHashAlgorithmHash = signatureHashAlgorithmHash; - this.signatureHashAlgorithmSignature = signatureHashAlgorithmSignature; + this.signatureScheme = signatureScheme; this.signature = signature; } @@ -36,12 +32,8 @@ public class DhClientParams { return pubkey; } - public SignatureHashAlgorithmHash getSignatureHashAlgorithmHash() { - return signatureHashAlgorithmHash; - } - - public SignatureHashAlgorithmSignature getSignatureHashAlgorithmSignature() { - return signatureHashAlgorithmSignature; + public SignatureScheme getSignatureScheme() { + return signatureScheme; } public byte[] getSignature() { diff --git a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/EcdheServerParams.java b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/EcdheServerParams.java index 762b08b..4150e31 100644 --- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/EcdheServerParams.java +++ b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/EcdheServerParams.java @@ -2,27 +2,23 @@ package ru.serega6531.packmate.service.optimization.tls.keys; import ru.serega6531.packmate.service.optimization.tls.keys.enums.CurveType; import ru.serega6531.packmate.service.optimization.tls.keys.enums.NamedCurve; -import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureHashAlgorithmHash; -import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureHashAlgorithmSignature; +import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureScheme; public class EcdheServerParams { private final CurveType curveType; private final NamedCurve namedCurve; private final byte[] pubkey; - private final SignatureHashAlgorithmHash signatureHashAlgorithmHash; - private final SignatureHashAlgorithmSignature signatureHashAlgorithmSignature; + private final SignatureScheme signatureScheme; private final byte[] signature; public EcdheServerParams(CurveType curveType, NamedCurve namedCurve, byte[] pubkey, - SignatureHashAlgorithmHash signatureHashAlgorithmHash, - SignatureHashAlgorithmSignature signatureHashAlgorithmSignature, + SignatureScheme signatureScheme, byte[] signature) { this.curveType = curveType; this.namedCurve = namedCurve; this.pubkey = pubkey; - this.signatureHashAlgorithmHash = signatureHashAlgorithmHash; - this.signatureHashAlgorithmSignature = signatureHashAlgorithmSignature; + this.signatureScheme = signatureScheme; this.signature = signature; } @@ -38,12 +34,8 @@ public class EcdheServerParams { return pubkey; } - public SignatureHashAlgorithmHash getSignatureHashAlgorithmHash() { - return signatureHashAlgorithmHash; - } - - public SignatureHashAlgorithmSignature getSignatureHashAlgorithmSignature() { - return signatureHashAlgorithmSignature; + public SignatureScheme getSignatureScheme() { + return signatureScheme; } public byte[] getSignature() { diff --git a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/RsaServerParams.java b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/RsaServerParams.java deleted file mode 100644 index 920a87f..0000000 --- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/RsaServerParams.java +++ /dev/null @@ -1,22 +0,0 @@ -package ru.serega6531.packmate.service.optimization.tls.keys; - -import ru.serega6531.packmate.service.optimization.tls.numbers.TlsVersion; - -public class RsaServerParams { - - private final TlsVersion version; - private final byte[] encryptedPreMasterSecret; - - public RsaServerParams(TlsVersion version, byte[] encryptedPreMasterSecret) { - this.version = version; - this.encryptedPreMasterSecret = encryptedPreMasterSecret; - } - - public TlsVersion getVersion() { - return version; - } - - public byte[] getEncryptedPreMasterSecret() { - return encryptedPreMasterSecret; - } -} diff --git a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/TlsKeyUtils.java b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/TlsKeyUtils.java index e7548d0..faed1af 100644 --- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/TlsKeyUtils.java +++ b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/TlsKeyUtils.java @@ -2,9 +2,7 @@ package ru.serega6531.packmate.service.optimization.tls.keys; import ru.serega6531.packmate.service.optimization.tls.keys.enums.CurveType; import ru.serega6531.packmate.service.optimization.tls.keys.enums.NamedCurve; -import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureHashAlgorithmHash; -import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureHashAlgorithmSignature; -import ru.serega6531.packmate.service.optimization.tls.numbers.TlsVersion; +import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureScheme; import java.nio.ByteBuffer; @@ -31,13 +29,10 @@ public final class TlsKeyUtils { byte[] pubKey = new byte[pubKeyLength]; // aka Ys bb.get(pubKey); - SignatureHashAlgorithmHash signatureHashAlgorithmHash = - SignatureHashAlgorithmHash.findByValue(bb.getShort()); - SignatureHashAlgorithmSignature signatureHashAlgorithmSignature = - SignatureHashAlgorithmSignature.findByValue(bb.getShort()); + SignatureScheme signatureScheme = SignatureScheme.findByValue(bb.getShort()); - if (signatureHashAlgorithmHash == null || signatureHashAlgorithmSignature == null) { - throw new IllegalArgumentException("Unknown signature data"); + if (signatureScheme == null) { + throw new IllegalArgumentException("Unknown signature scheme"); } short signatureLength = bb.getShort(); @@ -45,7 +40,7 @@ public final class TlsKeyUtils { bb.get(signature); - return new DhClientParams(p, g, pubKey, signatureHashAlgorithmHash, signatureHashAlgorithmSignature, signature); + return new DhClientParams(p, g, pubKey, signatureScheme, signature); } /** @@ -70,13 +65,10 @@ public final class TlsKeyUtils { byte[] pubkey = new byte[pubkeyLength]; bb.get(pubkey); - SignatureHashAlgorithmHash signatureHashAlgorithmHash = - SignatureHashAlgorithmHash.findByValue(bb.getShort()); - SignatureHashAlgorithmSignature signatureHashAlgorithmSignature = - SignatureHashAlgorithmSignature.findByValue(bb.getShort()); + SignatureScheme signatureScheme = SignatureScheme.findByValue(bb.getShort()); - if (signatureHashAlgorithmHash == null || signatureHashAlgorithmSignature == null) { - throw new IllegalArgumentException("Unknown signature data"); + if (signatureScheme == null) { + throw new IllegalArgumentException("Unknown signature scheme"); } short signatureLength = bb.getShort(); @@ -84,8 +76,7 @@ public final class TlsKeyUtils { bb.get(signature); - return new EcdheServerParams(curveType, namedCurve, pubkey, - signatureHashAlgorithmHash, signatureHashAlgorithmSignature, signature); + return new EcdheServerParams(curveType, namedCurve, pubkey, signatureScheme, signature); } // https://ldapwiki.com/wiki/ClientKeyExchange @@ -104,14 +95,14 @@ public final class TlsKeyUtils { return pubkey; } - public static RsaServerParams parseClientRsa(byte[] rawData, int offset) { + public static byte[] getClientRsaPreMaster(byte[] rawData, int offset) { ByteBuffer bb = ByteBuffer.wrap(rawData).position(offset); - TlsVersion version = TlsVersion.getInstance(bb.getShort()); - byte[] encryptedPreMasterSecret = new byte[46]; - bb.get(encryptedPreMasterSecret); + int length = bb.getShort(); + byte[] encryptedPreMaster = new byte[length]; + bb.get(encryptedPreMaster); - return new RsaServerParams(version, encryptedPreMasterSecret); + return encryptedPreMaster; } } diff --git a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/NamedCurve.java b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/NamedCurve.java index b3f115d..62fb51a 100644 --- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/NamedCurve.java +++ b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/NamedCurve.java @@ -5,7 +5,33 @@ import java.util.Map; public enum NamedCurve { - SECP256R1((short) 0x0017); + SECT163K1((short) 1), + SECT163R1((short) 2), + SECT163R2((short) 3), + SECT193R1((short) 4), + SECT193R2((short) 5), + SECT233K1((short) 6), + SECT233R1((short) 7), + SECT239K1((short) 8), + SECT283K1((short) 9), + SECT283R1((short) 10), + SECT409K1((short) 11), + SECT409R1((short) 12), + SECT571K1((short) 13), + SECT571R1((short) 14), + SECP160K1((short) 15), + SECP160R1((short) 16), + SECP160R2((short) 17), + SECP192K1((short) 18), + SECP192R1((short) 19), + SECP224K1((short) 20), + SECP224R1((short) 21), + SECP256K1((short) 22), + SECP256R1((short) 23), + SECP384R1((short) 24), + SECP521R1((short) 25), + X25519((short) 29), + X448((short) 30); private final short value; diff --git a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureHashAlgorithmHash.java b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureHashAlgorithmHash.java deleted file mode 100644 index 599a590..0000000 --- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureHashAlgorithmHash.java +++ /dev/null @@ -1,33 +0,0 @@ -package ru.serega6531.packmate.service.optimization.tls.keys.enums; - -import java.util.HashMap; -import java.util.Map; - -public enum SignatureHashAlgorithmHash { - - SHA256((byte) 4), - SHA512((byte) 6); - - private final byte value; - - private static final Map map = new HashMap<>(); - - SignatureHashAlgorithmHash(byte value) { - this.value = value; - } - - static { - for (SignatureHashAlgorithmHash curve : values()) { - map.put(curve.getValue(), curve); - } - } - - public byte getValue() { - return value; - } - - public static SignatureHashAlgorithmHash findByValue(short value) { - return map.get(value); - } - -} diff --git a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureHashAlgorithmSignature.java b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureHashAlgorithmSignature.java deleted file mode 100644 index b84a9eb..0000000 --- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureHashAlgorithmSignature.java +++ /dev/null @@ -1,33 +0,0 @@ -package ru.serega6531.packmate.service.optimization.tls.keys.enums; - -import java.util.HashMap; -import java.util.Map; - -public enum SignatureHashAlgorithmSignature { - - RSA((byte) 1), - ECDSA((byte) 3); - - private final byte value; - - private static final Map map = new HashMap<>(); - - SignatureHashAlgorithmSignature(byte value) { - this.value = value; - } - - static { - for (SignatureHashAlgorithmSignature curve : values()) { - map.put(curve.getValue(), curve); - } - } - - public byte getValue() { - return value; - } - - public static SignatureHashAlgorithmSignature findByValue(short value) { - return map.get(value); - } - -} diff --git a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureScheme.java b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureScheme.java new file mode 100644 index 0000000..58a1ba9 --- /dev/null +++ b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureScheme.java @@ -0,0 +1,58 @@ +package ru.serega6531.packmate.service.optimization.tls.keys.enums; + +import java.util.HashMap; +import java.util.Map; + +public enum SignatureScheme { + + /* RSASSA-PKCS1-v1_5 algorithms */ + RSA_PKCS1_SHA256((short) 0x0401), + RSA_PKCS1_SHA384((short) 0x0501), + RSA_PKCS1_SHA512((short) 0x0601), + + /* ECDSA algorithms */ + ECDSA_SECP256R1_SHA256((short) 0x0403), + ECDSA_SECP384R1_SHA384((short) 0x0503), + ECDSA_SECP521R1_SHA512((short) 0x0603), + + /* RSASSA-PSS algorithms with public key OID RSAEncryption */ + RSA_PSS_RSAE_SHA256((short) 0x0804), + RSA_PSS_RSAE_SHA384((short) 0x0805), + RSA_PSS_RSAE_SHA512((short) 0x0806), + + /* EDDSA algorithms */ + ED25519((short) 0x0807), + ED448((short) 0x0808), + + /* RSASSA-PSS algorithms with public key OID RSASSA-PSS */ + RSA_PSS_PSS_SHA256((short) 0x0809), + RSA_PSS_PSS_SHA384((short) 0x080a), + RSA_PSS_PSS_SHA512((short) 0x080b), + + /* Legacy algorithms */ + RSA_PKCS1_SHA1((short) 0x0201), + ECDSA_SHA1((short) 0x0203); + + private final short value; + + private static final Map map = new HashMap<>(); + + SignatureScheme(short value) { + this.value = value; + } + + static { + for (SignatureScheme curve : values()) { + map.put(curve.getValue(), curve); + } + } + + public short getValue() { + return value; + } + + public static SignatureScheme findByValue(short value) { + return map.get(value); + } + +} diff --git a/src/main/java/ru/serega6531/packmate/service/optimization/tls/records/HandshakeRecord.java b/src/main/java/ru/serega6531/packmate/service/optimization/tls/records/HandshakeRecord.java index d320cf9..904a576 100644 --- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/records/HandshakeRecord.java +++ b/src/main/java/ru/serega6531/packmate/service/optimization/tls/records/HandshakeRecord.java @@ -56,6 +56,14 @@ public class HandshakeRecord implements TlsRecord { } } + public HandshakeType getHandshakeType() { + return handshakeType; + } + + public HandshakeRecordContent getContent() { + return content; + } + @Override public String toString() { return " Handshake length: " + handshakeLength + "\n" + diff --git a/src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/BasicRecordContent.java b/src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/BasicRecordContent.java index 3053cbb..79bc6ed 100644 --- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/BasicRecordContent.java +++ b/src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/BasicRecordContent.java @@ -25,6 +25,10 @@ public class BasicRecordContent implements HandshakeRecordContent { } } + public byte[] getContent() { + return content; + } + @Override public String toString() { return " [" + content.length + " bytes]"; diff --git a/src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/HelloHandshakeRecordContent.java b/src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/HelloHandshakeRecordContent.java index b39d246..84bf537 100644 --- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/HelloHandshakeRecordContent.java +++ b/src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/HelloHandshakeRecordContent.java @@ -55,6 +55,22 @@ public abstract class HelloHandshakeRecordContent implements HandshakeRecordCont } } + public TlsVersion getVersion() { + return version; + } + + public byte[] getRandom() { + return random; + } + + public byte[] getSessionId() { + return sessionId; + } + + public List getExtensions() { + return extensions; + } + @Override public String toString() { return " TLS version: " + version + "\n" + diff --git a/src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/ServerHelloHandshakeRecordContent.java b/src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/ServerHelloHandshakeRecordContent.java index dfd9382..6cd3cc0 100644 --- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/ServerHelloHandshakeRecordContent.java +++ b/src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/ServerHelloHandshakeRecordContent.java @@ -46,6 +46,14 @@ public class ServerHelloHandshakeRecordContent extends HelloHandshakeRecordConte readExtensions(rawData, EXTENSIONS_OFFSET + sessionIdLength + offset, false); } + public CipherSuite getCipherSuite() { + return cipherSuite; + } + + public CompressionMethod getCompressionMethod() { + return compressionMethod; + } + @Override public String toString() { return super.toString() + "\n" + diff --git a/src/main/java/ru/serega6531/packmate/utils/SSLUtils.java b/src/main/java/ru/serega6531/packmate/utils/TlsUtils.java similarity index 74% rename from src/main/java/ru/serega6531/packmate/utils/SSLUtils.java rename to src/main/java/ru/serega6531/packmate/utils/TlsUtils.java index 46ff826..bee8c20 100644 --- a/src/main/java/ru/serega6531/packmate/utils/SSLUtils.java +++ b/src/main/java/ru/serega6531/packmate/utils/TlsUtils.java @@ -4,19 +4,17 @@ import com.google.common.base.Splitter; import lombok.SneakyThrows; import javax.net.ssl.KeyManagerFactory; -import javax.net.ssl.SSLContext; -import javax.net.ssl.TrustManagerFactory; +import javax.net.ssl.X509KeyManager; import java.io.File; import java.io.FileInputStream; import java.security.KeyStore; -import java.security.SecureRandom; import static com.google.common.base.Preconditions.checkState; -public class SSLUtils { +public class TlsUtils { @SneakyThrows - public static SSLContext createContext(File pemFile, File keyFile, SecureRandom random) { + public static X509KeyManager createKeyManager(File pemFile, File keyFile) { final String pass = "abcdef"; File jksKeystoreFile = File.createTempFile("packmate_", ".jks"); @@ -43,13 +41,7 @@ public class SSLUtils { KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keystore, pass.toCharArray()); - SSLContext ret = SSLContext.getInstance("TLSv1.2"); - TrustManagerFactory factory = TrustManagerFactory.getInstance( - TrustManagerFactory.getDefaultAlgorithm()); - factory.init(keystore); - ret.init(keyManagerFactory.getKeyManagers(), factory.getTrustManagers(), random); - - return ret; + return (X509KeyManager) keyManagerFactory.getKeyManagers()[0]; } } diff --git a/src/test/resources/tls-wolfram.pkmt b/src/test/resources/tls-wolfram.pkmt deleted file mode 100644 index 8d6a11d..0000000 --- a/src/test/resources/tls-wolfram.pkmt +++ /dev/null @@ -1,12 +0,0 @@ -in -16030102080100020403033cacafd80da2c7b6507ad4a82dd44469a5ede59b3f1d3f5595b8533147e51a322007571463d48695c8ef338d64d4ca58829ce8c82f40f1119f4262fe18ae5bb43a0022aaaa130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a010001994a4a00000000001900170000147777772e776f6c6672616d616c7068612e636f6d00170000ff01000100000a000a00083a3a001d00170018000b00020100002300d032cc6da13ecb9a423fdaeee85ac3c111698f6e1bfb0b23cb4b0aa834049fb66969e3a3c78099562f7a56df248c819f1364c69b72d7cd1cd194c6386ecf6d1c80d291a90796082b7349b17fd0bfccf3db57ca1067756e5b93e1d300c239b693787d392889c43954d5dfc7f80405768fcfcb794c3efb2334c521a4b63777c240a2eb0e323265d3d96399c75af9502cd351995d1a7405ffdbbf79ee9196ad223c4e2a95001cd0822182640df1bb9b96ac604d99371e4ce1bbfe226b557977c1f4c52114288ce0e43fa924ea2739d104a2a70010000e000c02683208687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201001200000033002b00293a3a000100001d0020ee0e132bfe9596d5ae8bbc24c6028eda34234bea39c3e669691a1ee161559113002d00020101002b000b0aeaea0304030303020301001b00030200025a5a000100 -out -16030300410200003d03035e9dc313cbb7f3eac9fa8c65d2eceff70245667880a2b4b411b292930823d21600c02f00001500000000ff01000100000b00040300010200230000 -160303142e0b00142a0014270006c2308206be308205a6a0030201020208282df9ff6f0fbd7f300d06092a864886f70d01010b05003081b4310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c65311a3018060355040a1311476f44616464792e636f6d2c20496e632e312d302b060355040b1324687474703a2f2f63657274732e676f64616464792e636f6d2f7265706f7369746f72792f313330310603550403132a476f2044616464792053656375726520436572746966696361746520417574686f72697479202d204732301e170d3139303131363139353431385a170d3231303131363139353431385a30403121301f060355040b1318446f6d61696e20436f6e74726f6c2056616c696461746564311b301906035504030c122a2e776f6c6672616d616c7068612e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100cc32bc417eb7ad0b53caac654a295d2b21a3962e748c03fd83409e663134a321f05b1b80707dd3944c04d503f85c46f230a8f8d9b5ca1a293f411386066b7af589d3fdd180ebe4422222955931221065addaea9b5d8461c8bea94620cf8d21c6e828e64fa34eb34092c1355c07ec3c8af0aea72620df1d8ef7c54686ee3ca243caa55a2ca746dd0ff19fa24f80f18ac0a59139df8714471d0f4c10bdeee4ecd36e26c17e73a06310deb24762e473c6d4f0b0454531b174a25123b99105dde04c136414dca747a3a303b508bfc86536fd6f4f7ed5e5cc05bf3036a06876b9bc2850c926b698761c3968b312f8d718aa7e6811fac6e72a9ac06e2eb3f1b48930330203010001a382034530820341300c0603551d130101ff04023000301d0603551d250416301406082b0601050507030106082b06010505070302300e0603551d0f0101ff0404030205a030370603551d1f0430302e302ca02aa0288626687474703a2f2f63726c2e676f64616464792e636f6d2f676469673273312d3930372e63726c305d0603551d20045630543048060b6086480186fd6d010717013039303706082b06010505070201162b687474703a2f2f6365727469666963617465732e676f64616464792e636f6d2f7265706f7369746f72792f3008060667810c010201307606082b06010505070101046a3068302406082b060105050730018618687474703a2f2f6f6373702e676f64616464792e636f6d2f304006082b060105050730028634687474703a2f2f6365727469666963617465732e676f64616464792e636f6d2f7265706f7369746f72792f67646967322e637274301f0603551d2304183016801440c2bd278ecc348330a233d7fb6cb3f0b42c80ce302f0603551d110428302682122a2e776f6c6672616d616c7068612e636f6d8210776f6c6672616d616c7068612e636f6d301d0603551d0e04160414ad7962c67d71f16ec954a7172e0a822595208eb03082017f060a2b06010401d6790204020482016f0482016b0169007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000168583a9c040000040300473045022048e3d869c091a5acb1fa7a6f5dbb62b44941b75f945948e27c44a85b12273e14022100b2e85859da20a9c63b7372e09c95a4298bbcff2afdd9b02a313cb461a312af40007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000168583a9d6c0000040300483046022100dcba67948e0831c649f9607aba1ca1b49a7b7d3f97d2f1dada43016a1d85db53022100fb9330cc24e523185879643c5dcb537b99dc423e85d364173f7d29a519565fdf0076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a800000168583aa24300000403004730450220129e12ac21b519ff3ad7274615b12c3c0183d15155ffabf8de708aa3bf8dc4b2022100a1633c63c181cbd453e6395629231cbb678a3583913eb481acda388bd66f53d3300d06092a864886f70d01010b0500038201010079e399f3a4adb47505781034b6e94c033971fb5e557cb2b8c2cf82e9500a15a7b2795929b62319a2c0257c8717214f855aa0d8559b14a9bbcacd1b052dd7227392681df33954e5b18d433ec4b7f8434f5cfe2b6b1852206f54d97af5cf5ece31b189bc150c36e8e350cbf912c50e11ba3fa7ff72c4c85f0ffca1be56adf0526ad092e06bffa45986d0fa3e8328d22d5ff028e7f77122c34970470e59ad559918a1d5f8713cda60ee551e9d3b3944951908edd90cde7a68db3e676636d01d2555f48133cf6db20e563b39d887f07228c9a76997ec053e360526bf5a2a84bb8baee098c4149f267c153166d189c248742b28014812293d7798b543e75e192cbe2f0004d4308204d0308203b8a003020102020107300d06092a864886f70d01010b0500308183310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c65311a3018060355040a1311476f44616464792e636f6d2c20496e632e3131302f06035504031328476f20446164647920526f6f7420436572746966696361746520417574686f72697479202d204732301e170d3131303530333037303030305a170d3331303530333037303030305a3081b4310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c65311a3018060355040a1311476f44616464792e636f6d2c20496e632e312d302b060355040b1324687474703a2f2f63657274732e676f64616464792e636f6d2f7265706f7369746f72792f313330310603550403132a476f2044616464792053656375726520436572746966696361746520417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100b9e0cb10d4af76bdd49362eb3064b881086cc304d962178e2fff3e65cf8fce62e63c521cda16454b55ab786b63836290ce0f696c99c81a148b4ccc4533ea88dc9ea3af2bfe80619d7957c4cf2ef43f303c5d47fc9a16bcc3379641518e114b54f828bed08cbef030381ef3b026f86647636dde7126478f384753d1461db4e3dc00ea45acbdbc71d9aa6f00dbdbcd303a794f5f4c47f81def5bc2c49d603bb1b24391d8a4334eeab3d6274fad258aa5c6f4d5d0a6ae7405645788b54455d42d2a3a3ef8b8bde9320a029464c4163a50f14aaee77933af0c20077fe8df0439c269026c6352fa77c11bc87487c8b993185054354b694ebc3bd3492e1fdcc1d252fb0203010001a382011a30820116300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e0416041440c2bd278ecc348330a233d7fb6cb3f0b42c80ce301f0603551d230418301680143a9a8507106728b6eff6bd05416e20c194da0fde303406082b0601050507010104283026302406082b060105050730018618687474703a2f2f6f6373702e676f64616464792e636f6d2f30350603551d1f042e302c302aa028a0268624687474703a2f2f63726c2e676f64616464792e636f6d2f6764726f6f742d67322e63726c30460603551d20043f303d303b0604551d20003033303106082b06010505070201162568747470733a2f2f63657274732e676f64616464792e636f6d2f7265706f7369746f72792f300d06092a864886f70d01010b05000382010100087e6c9310c838b896a9904bffa15f4f04ef6c3e9c8806c9508fa673f757311bbebce42fdbf8bad35be0b4e7e679620e0ca2d76a637331b5f5a848a43b082da25d90d7b47c254f115630c4b6449d7b2c9de55ee6ef0c61aabfe42a1bee849eb8837dc143ce44a713700d911ff4c813ad8360d9d872a873241eb5ac220eca17896258441bab892501000fcdc41b62db51b4d30f512a9bf4bc73fc76ce36a4cdd9d82ceaae9bf52ab290d14d75188a3f8a4190237d5b4bfea403589b46b2c3606083f87d5041cec2a190c3bbef022fd21554ee4415d90aaea78a33edb12d763626dc04eb9ff7611f15dc876fee469628ada1267d0a09a72e04a38dbcf8bc0430010004813082047d30820365a00302010202031be715300d06092a864886f70d01010b05003063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3134303130313037303030305a170d3331303533303037303030305a308183310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c65311a3018060355040a1311476f44616464792e636f6d2c20496e632e3131302f06035504031328476f20446164647920526f6f7420436572746966696361746520417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100bf716208f1fa5934f71bc918a3f7804958e9228313a6c52043013b84f1e685499f27eaf6841b4ea0b4db7098c73201b1053e074eeef4fa4f2f593022e7ab19566be28007fcf316758039517be5f935b6744ea98d8213e4b63fa90383faa2be8a156a7fde0bc3b6191405caeac3a804943b467c320df3006622c88d696d368c1118b7d3b21c60b438fa028cced3dd4607de0a3eeb5d7cc87cfbb02b53a4926269512505611a44818c2ca9439623dfac3a819a0e29c51ca9e95d1eb69e9e300a39cef18880fb4b5dcc32ec85624325340256270191b43b702a3f6eb1e89c88017d9fd4f9db536d609dbf2ce758abb85f46fccec41b033c09eb49315c6946b3e0470203010001a382011730820113300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e041604143a9a8507106728b6eff6bd05416e20c194da0fde301f0603551d23041830168014d2c4b0d291d44c1171b361cb3da1fedda86ad4e3303406082b0601050507010104283026302406082b060105050730018618687474703a2f2f6f6373702e676f64616464792e636f6d2f30320603551d1f042b30293027a025a0238621687474703a2f2f63726c2e676f64616464792e636f6d2f6764726f6f742e63726c30460603551d20043f303d303b0604551d20003033303106082b06010505070201162568747470733a2f2f63657274732e676f64616464792e636f6d2f7265706f7369746f72792f300d06092a864886f70d01010b05000382010100590b53bd928611a7247bed5b31cf1d1f6c70c5b86ebe4ebbf6be9750e1307fba285c6294c2e37e33f7fb427685db951c8c225875090c886567390a1609c5a03897a4c523933fb418a601064491e3a76927b45a257f3ab732cddd84ff2a382933a4dd67b285fea188201c5089c8dc2af64203374ce688dfd5af24f2b1c3dfccb5ece0995eb74954203c94180cc71c521849a46de1b3580bc9d8ecd9ae1c328e28700de2fea6179e840fbd5770b35ae91fa08653bbef7cff690be048c3b7930bc80a54c4ac5d1467376ccaa52f310837aa6e6f8cbc9be2575d2481af97979c84ad6cac374c66f361911120e4be309f7aa42909b0e1345f6477184051df8c30a6af00040430820400308202e8a003020102020100300d06092a864886f70d01010505003063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137303632305a170d3334303632393137303632305a3063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100de9dd7ea571849a15bebd75f4886eabeddffe4ef671cf46568b35771a05e77bbed9b49e970803d561863086fdaf2ccd03f7f0254225410d8b281d4c0753d4b7fc777c33e78ab1a03b5206b2f6a2bb1c5887ec4bb1eb0c1d845276faa3758f78726d7d82df6a917b71f72364ea6173f659892db2a6e5da2fe88e00bde7fe58d15e1ebcb3ad5e212a2132dd88eaf5f123da0080508b65ca565380445991ea3606074c541a572621b62c51f6f5f1a42be025165a8ae23186afc7803a94d7f80c3faab5afca140a4ca1916feb2c8ef5e730dee77bd9af67998bcb10767a2150ddda058c6447b0a3e62285fba41075358cf117e3874c5f8ffb569908f8474ea971baf020103a381c03081bd301d0603551d0e04160414d2c4b0d291d44c1171b361cb3da1fedda86ad4e330818d0603551d230481853081828014d2c4b0d291d44c1171b361cb3da1fedda86ad4e3a167a4653063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100324bf3b2ca3e91fc12c6a1078c8e77a03306145c901e18f708a63d0a19f98780116e69e4961730ff3491637238eecc1c01a31d9428a431f67ac454d7f6e5315803a2ccce62db944573b5bf45c924b5d58202ad2379698db8b64dcecf4cca3323e81c88aa9d8b416e16c920e5899ecd3bda70f77e992620145425ab6e7385e69b219d0a6c820ea8f8c20cfa101e6c96ef870dc40f618badee832b95f88e92847239eb20ea83ed83cd976e08bceb4e26b6732be4d3f64cfe2671e26111744aff571a870f75482ecf516917a002126195d5d140b2104ceec4ac1043a6a59e0ad595629a0dcf8882c5320ce42b9f45e60d9f289cb1b92a5a57ad370faf1d7fdbbd9f -160303014d0c0001490300174104a6597b80cf773fa31ff1feb9999ac8af9ef7249de5679d3212cc56e76efbe796ff06baf7186d8bf5c33053779eaf0ef560139a9405813238167f2743d24f21f30401010067e524e5c265f39cd8b0fa60c88e07936d7b14c3da4034156d140a4dd20de3e819789911956afe97e19fbc4975c477c982d3a504fcf0b1f560a6a2c9df8fe2c83efff710bcdba1c127817aa3e1960ecac7e21e11c4efd24ce53ca0d51a52c1f1dec4924a442adc22853613e15a6b9b118909b04cebad1d413b11b87799ac9db84fb1c3f1380776ca243175d5237ff31e200fd380c00cb48b7abc539fa3d9870a276ac54b33d2579b964831efd0238df2455fc5ddbade451b6d160eb49e86e47187e3c248a45fb437b6d60ffaedba91e522ff75b6bc39540927e28520a79bfaa7ff64ad1e1d6415d134b72f5a60c0373b3e231b54a0a0143e67b89fb3eb5af09416030300040e000000 -in -1603030046100000424104d19edcdc25f96f94535af6ad13d3eed143a5d9578e6eb032bffe3366f6f05d177e8ba7b0180c633f2dd840daa88059d49b4694ec478cea5dae8489222c7adb5414030300010116030300280000000000000000d3313dba0b45962f68599291aff278149c2533d2be074f6adaee660a38abce27 -out -16030300da040000d60000012c00d0ab99aa4957c3bb4136c3ba78b8336f9fbc18b6b963cf89eae4856faced407b70f0b15ba2777aaf7a0b8ea6ee79a13a1a42c73d39aebb625f296d421eadbffe1429276391b3c257e175949d1cb1ca67239ce6726340de4bd46e56e15ec5566c4168941085b6dd3dc9c158e37e52dd1ecde908635e73f0826ba068793fc73a4350a4c4881471d5e848de45f258357e590403b271538a3b05a978664d044585b20007c750c9a2bb930c107338338959e987938d3858ddbedefe6d11bf4caa2718717495ff300e058267089b163ba198092d1403030001011603030028473e0c496206364b850e5fb95bb8c21e2e0f3726f233d323ff01a91d48db03b4396a5aaadc7f45b0 -in -17030302e30000000000000001d1b7489da691fe047432696ef1eb14e17029b379f35621e2d066d49bcfad48db3ae58893753344cfabbd1c021cd8f89ea7ce89b3cffeae7175784e3895d4bef4fb7a47e36732594bfdcc2144ecac486b23858a0bbb231d498bc2fb89bc8422c8ff9330cb705ff4af82b4ebbc2705f43c869ff8d95948168e49c96af6cc3649d0dc1d98c796096bd024f48d665e5f4da719a21fb7363e1f7b44e27b2954efd9cbc5add833f9fe1eb807922c162e78b9e1e8855ff0d8ae75ea1392ecb5169875b61249ac48a0c2952fe0ad60e150294e7ebab0c09cf92ec955c1d280ef04a691b05a42a3eccbd2ef14e8b6179a8bd80352c0ceaa242afe966e587b6b19c8fb256e6903065ffd7c4a3d1fe8fd056e9fee5f236082ee407c738603d9fdf979e13e051d2049df6ac3ac085d591d0c7ee019037ac7c0477de9aefab2f7a1f1e3c50ae3dfb320fa55a020989239d53a8b174950f970a9c772780fafc7b6a77bc7dce612bb21eb0cca85b4a0c0f2e4798e6ffeef43d80789bdd6e3102ff94c7dfd014e232afc51b80644b6dab149e2da1dd9e3f9f2969f6fd42d84a794f796294dbe1b03739a60b9216eb533662fab15db8d059964b3a6c4686da3437d5f9e94bf901a036784da90e38d787450789bc0cba68992086f6909967309005efadfb654d01f5edc40fa4555a24273b4ae3f1baf17f148910d26c847df201795a01e901c5dd240ae8512a22f63a5c34ce43c293930a27cb092d2ea3a015e37e06c7258fc72bbda0bdf1361d3c7997ed23703433f002af4df019f29d3853472cb8c1125605c6257e357a9e50f917e8e991733529d6d422a9948aa2d290dbca1446aacead7294486e05f1fb0dd81699aa450665e66c8435fc2b324be690f0fba817fd534dd49722427bd7dc22a04c0e4181b0b39bc3bd20460f2c30936c01f9ff14b9326d0db3e771fb30867474debf05473a98d2a80e56bf6e9d365ba1ebf13024c9ef7480d8c5f2ed486d17dfb4282d028c53a2b5523e324e645954b14b2197f39ec \ No newline at end of file diff --git a/src/test/resources/tls.pkmt b/src/test/resources/tls.pkmt index 652d805..5b7bdc7 100644 --- a/src/test/resources/tls.pkmt +++ b/src/test/resources/tls.pkmt @@ -1,9 +1,12 @@ in -1603010200010001fc030363f4cc940241c2f8f5d873219ed7e87479e6e95da93b58f49b35256108c7eaa4200ab8b3409555d3d658b1844f52dfc0116467c4b9088d1deb504f3935c10de8930022dada130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a010001913a3a00000000000e000c0000096c6f63616c686f737400170000ff01000100000a000a00081a1a001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201001200000033002b00291a1a000100001d0020db6ec7b4c7e221efbefc2c50c9ff9f18196f64c455b90e1b64fe942f17628c39002d00020101002b000b0a0a0a0304030303020301001b00030200021a1a000100001500cf000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +1603010200010001fc030390914f68516b81cac71084c9a782b26b48a6237b667a92f5eabf9f2ea57b72ce208e5729c1c73a88705ecb7fdac15b44afa2065bd5808f2c0cc727bbf6c94f388c00223a3a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a010001919a9a00000000000e000c0000096c6f63616c686f737400170000ff01000100000a000a0008dada001d00170018000b0002010000230078c01c25e4ccf646a429350378d91d86de0e68260e93144ba9806ba444d93c924bfb737394e915d1ffa572e28a7c5228776ca37e35127cde3970a4b0af3ed434fef7b4a625b109ab2e277654f0a1b1d79e2460556a328f110d59a44f5fa62226272a85939e58c46438c12484e96724d464397c51db52e1bd560010000e000c02683208687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201001200000033002b0029dada000100001d00205a7c204c5b777a37aa4508c900aa828e60840583dd7d737af1c21857d9bcf258002d00020101002b000b0a9a9a0304030303020301001b0003020002fafa00010000150057000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 out -160303007a020000760303b5474b785c5e9bbadf2b0cd136e9aaf8bc2d89583ef96c479b531b94808349cc200ab8b3409555d3d658b1844f52dfc0116467c4b9088d1deb504f3935c10de893130100002e002b0002030400330024001d0020801d96be72cbbd2f4e33b5ec7e5e0b073636269e42c17d1d8996fdd28c9f72301403030001011703030020ec3ee8fb17f72e280f8da426abe1a33d9f90a55fbf5a661350fbd1c1c1a0f632170303032b42eeddcbe378e531fe3ff17eb4a2f0479180650ee48380836211dc2972807094d9d966759a4e222ea65976179d4f35e56fa1f2784694dd3a20066c1629f0021066c3c16dcff4e0eb374daffc765bb762dce06b21661b9869aef570b33ca6feb5ae10c6f3b8d7fef7d23cc3639dc09c6f5a6bdb21c724104b781f202f16210f26cc3ffb35012191ac6da0d0dc2d6c97a825aef658143c165d0621d6e2cf1238edf1a10dd75591b52fa74b38f91fc3c6fb0d011336aa092781c4abe3c53b55e5d103dd291a17fd7ca06516faea3f0b76bc3144616ffcc1d3615752c3b12819eff9830fec7c44948d17cab2e692a020285f4a89c8b397646016559fd8b028c8875970421b9b0340eb2531fdbf471e1a788ea73bb42a1a63e3279e7cf2940297aa2a51daf49a7c451ced900f928092c8fac75c772d0951be31a7143b44db651332e7ba8e8c0d0ac0172705bed8de0a48f71f5345a5c98910416266e2bf96c66ad8ab79a252dc89172c00bbb66f22f74c32127138f56e94c573c07561b4db5fe12af62820aa0c6dd3dd8c62fd55dba30f317152f9a8238f5114373a8f233992c25a4e16612014b50ec59b81c2957eb0fd44beddcc036873d9193b0daa518de00c506a46c76499700fe6c8175c9ba56b4c42d390c3415e74bf3b04a762c004e9549571670f0a226e77d2a73b60f7302ca69065ab5e2e4c972f96f596ccb1e734fa2c1a15076c2536a84c8394d7bb3c9b9db44b342be05e93301499611078095b4c5da6171b211ceb6ecc4889a9d0af97936bc2a135a8aff5b7851b874b74210b0ebb2e25f9f780d2d868b68113f96daeaee0cf3dba9ca9416c80d37d00498895a9bf700153c30efc838b36040f2a5ba3c518af7ea50479975d61863de8ec29aaabda9f62c087b59219d63eda1f54bec28ae34dfcfd19e45166c097c419215c2d836101b0cd4ee06dfc4f42c9d7fadbb59af33d59041ef18df9670eb1472fe67fdcc712812ff874ca9c921b5a1a7daba389669c5d916ee5409d392faf6af03c36c42120fa0d37e418ab9e50f19aa141e6809b36b77e0b92660edeee2086fb72e6e79e47ceca17fb98f137a1b20d75b76dd640b5f3a13fef7069c6d3d58f2c26bdf5800e4e3ab5a9553224257fcee7170303011998f724838a24b8c7c785228a59d9de487f121ea2546c9e328f6af05497a6534a5d899ffa33931a19718b0f13f0d69d1cc46ee6b4a46555637a1fd7fc1626ba247869f3ff0afc65ef9dd2c111f0605ac15950d8c0a55604d1b4acea04d288f01c5baa1ee4211a5ad5f28e007b9607f7d1f7894fb367a47b5ac776f6ab146046d5f187dc521253536a23885c6919bd0650613f0d9b35c9a45fde3cd81c86c88ccdbc42beb36e666d726f55f16a293295dd3c9ea91ce93ad69248c0488ea1946022f52184ef31fc8ad55ac5bde1add744c1c03d0361d636c929b3c6e84d9fbf027647cee28e3a1db2870ab7fdb4b059745b677aec66e8798dfdb9790231562b46ceec478ec9e1cb1d22c6a038a4e9ce295a9f77a3bb0803cec3a91703030035d288fffb76adea324fe965bbab064300e1f1ef39512a1627029c5d2d2dff890d73f8b1d751b813f6a4d6220123323d173a8c2a3de31703030093f3fdf993d25b149eb103c99d4f1556fbe55127ff8f5c9846f181c180033ffa063235e2b77a951a80ab10866c756cd575f7fad5fefb281585730832983ddd76d55a15f9e67d592ca90372df949afa715bd5d8d941bef2ddc9640dd296a4056b9d26d6fe51c587bdf6a3997f492d37a7664f5ecf299fd2eac21de93cfc38318cb0473d7a0b37680158b0e85bd1954da27ab51f62 +160303003b0200003703035df3f3659516e0a7a76a6035ebd0382abac1680d30bf46fb84d8e896763bc76c00003500000f00230000ff01000100000b0002010016030303170b00031300031000030d30820309308201f1a00302010202143fc1b471b9156b97b95cc7e19b47b08bd14a9958300d06092a864886f70d01010b050030143112301006035504030c096c6f63616c686f7374301e170d3230303431373133323132355a170d3231303431373133323132355a30143112301006035504030c096c6f63616c686f737430820122300d06092a864886f70d01010105000382010f003082010a0282010100d624eeb9a26ff92cc034f30f54937ea1e2e910ed0b7c9dba5b787cf1a2b978946c1604048400498360d51c18ed02c6094e13ddc5f413cd1a7eaa563f18a69de471318ecec5dc16b774c11a576d2c1bca79e6a930988a088bcc889d6ac7d4ac6ba5e2cd5f55915d910652a76639a44531ab518a7008025708ccc960b57611aabd3700e69b34268491a00f8dcecfc17931e54e6f14bd3f5e0fd111f1199854e8b579d709fdeced8f5095c9dab95f6ed0366c0bbaab00c2adfc236ee796ad4d5394a1a83435e9b83c218fdc2e5e10241ed255bacb7f7749eca6398bb0cd128614889191c03259b7ec1c64bb454b38f4727d01b8453a3343d8825508b904dea2c5190203010001a3533051301d0603551d0e04160414da78a59601d5fd5c44d117f9b1594d6c4a20b3c7301f0603551d23041830168014da78a59601d5fd5c44d117f9b1594d6c4a20b3c7300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100836f3b5cbedc0644f75a5478331a1c83693b92105f85419353963d1db65cb15f37be48d8e90db3461b41d64c0d04efca3ce13ef9350f80ef5c2fac01935419212c54cc497502f37164ea94a9952e6d128ccde033a1517e22d911c625eb41ef3445563722312975a8ea04a39e120ea7dffe423a1dd49ef71d1da16c9db0aca527c051850ef49d2cea12cf1c825549aa847cef69796d88f6f52eec79f333c6ef6b0c33722155d2fe43aceebfd936db7e218261db1e6ec643d50033b16bb62931668c65a8a435d671dfa1ee878a4c662f46d48453f83f20cb6d1fa1eb4ff375b69069bfd186ec52d1b080a01337298009af7d1edab60e55519c1bc405cbc4a4a38f16030300040e000000 in -140303000101170303003522332775a6617895c810ddad7f99ecc7d16ce79eec84cfaf1ff96933e7c9d50a2c44cb430f4483e77df7c62e3167e5936b5e8fae34 -1703030057a6cbca0de9d81daa74309ed33a8d7b739f90adf1fd434d9115f162bac1ba6ba1ddafc6e5ef4d1f5dbb531d6d0f160e77205e3a73a5a174318180e4c5595cdffe7dab9d01f3f559d08f2c1f04ff6e9e214078df21fecb17 -17030301ade0ee7e00d876bfdc3b1af18e83fd12edfb00bb8913544269212ffdfec774a3738b975da716351ccc311aec12deef57c327bc7b05b4c64cb471f117a3a0c672e48ad36ca79c689580a7e039d9b6d38a4fa9c6812fb3439d6815edc4fb3d9819f7a8a4ccccfffefddd7168fd436f9a0181420157563230f9e66cce28373c467abba43b286bff548d9e100cead7bc6dd3e3c1d9054dc32016705c64bece7f14bfc34d710ba133ca430b3119437892950ac24151b3d27485db401c9d7ddeca1d22a37c3938de2e5e63ebda1203a2c7ddefaff7103e6fce89f0ef6c4a372733def21ca525fa2812792b8f61d6f72301a7c333092a54bdea527cf3e9cdf1a1659b6c687502fb975d37e58238f2f1e5b5deaadde43dd7ce5af14b5a86271c1a2ccd66d434a03f6f81c1bfaa0ae78359d1d105fe03899a94c3f40484d0d3c8f18221434dad2a6547c012f3e36eb0006d631bceba4e0e6b088a96f0e8dbc4b6adced3e50b24515f977fe92665ae9b1cf3b119174f8ecbc3499d8bb3501e9a494d4deb16f503444132350f0ed4a6568b4dc85b9a548dd3072a7af501390f68bccffab2839918038c648e8420d4d73d3ec8e0 -170303001ab26d3805e7ecc6915b08c0dd1118021eda932dea1a38d7cfcbfc \ No newline at end of file +16030301061000010201000ffb67c0fefca6b44b535dad72c4c965c0fc2655979f67a304fd98ef726f59fb87819cf2709088ce1a799e1c1f87ddb20b12cc14d8a8aedec951d8edba0e808353bfde5f4bac74f74882126579837dee3d70e133270cf7ea241084ce346345d70e182acdeca51cb410cfe79d2e67f276718f5c03a86e2d0cfd6277eb1a89b2ee3307d63f24ea8c1f5755f7af0e0e3fefd970ff43fcdec757e0105385cfc87ad2db84337c7d4b709d21c63aea8d885b633a059069dd2189ceb9034eb9d4f50e01edc875795df4d2556457efdf8fc0c0442cd9d89644b1293cc0ec3b1d24f70679d85d15842c03f3c75ab87b5625d3ab8bdf1f2664de38f5f2dc4c5471b0cc386c14030300010116030300401a929cecb3d0a62e0923885c7cea8441b708953e76ff1238d576264a88920be543d83254acb9e61412e3e94b911c77f5ef4488235fd8a7bcbc16f3dc43f7a5ad +out +16030300820400007e000000000078a83cd59dc5514c4efe5904a808c9d6ff4fcd94c1d8378aeb4bb93bb7edd96bfc96c2a595ad2f57c0cf8ffeb46a13da593c54796dec82340ae9ab854565c13237c689fe3fa7d66d9989c2bcb1375b48cc68f2129cb781ab211356170a0b99c7751d3a658a5a5b35900ebb52ac19460c19ed03196c78d15c9814030300010116030300407e8b678bb57f29ef50352e831c7af45cf963359347e3be4fc8caae3066495edef04af59d1958ca66b9c255b71fd3c2efb0e5b24c290be1baec3880aacde08671 +in +17030302b00ac07f953e2f4e10a46082de38b31b9a45e70f008e545d48da877ce854238fe9b5f32dfde15b51c1e0c92410a169bb015287d92771ca2f8e64bcaec6da2ee03e793298a8f67ff5892e228dcac6d0d5c7e76e2ee98aaf394bd728a8d791b082bd05b6f4dce8d9d78e29fcf201c54d1cc721e7cfeeb3d9e0ee1d09acf03f6cd39a4a9581fa2cc01e81482daf39988f6ac451eaec4556827d8e928ddb5e761f5b005bacde9c129db4d0ae068063ae6cf24775a57c37438275a6dfab4621436617b3a197a958d01c60c6db21fec6f0ffd19a66bba730f3f91da0dd99407d17a03a9a0dcc6cac6bd89e1ad3e47b0e52f4c6e21b603d7843ef852526e597ef07a045b7c5ec9b2468e11a465e32b4349b17d2ac90c683d0fd510f81c53879679da22355eb4fae89574843941e3993e530ce956efc3b50807fa687912a4c3b5a087a926a41c49993c8da60f7873a41186eae562e8a9ec7367e6808f4cc83f5e67b0fc79e2efc4e5b734a519f2aa7b3dfb89dd848c0da255d3f20f6d169e8566788c38ef54b543ae41073123d44474e514b883f956ee1330792cab686db3e95363123dfa0b4246e139a365784d56c5bbd6db9a8099c5117487b8b1c313741921784c4b399be18a59bd98d729f9d048ecf2f0dae6c782a2d6ed8b45dfe5f47388d8da99b213e26a6a284ff1758ada6bdddbb991b62b410415bd38f823f57f83dafaa177ac86e68bfc17de4d7cf4333bf5098947913072491e9c3341ae1b95c8710b90a3dafc55f0643e8d240dd79259958c115b15520a98cdf7a43b3a7c6647aadf417bdacb2e7560763cdfa827ad5ce6846d267af4730dd221c9ac1e4adb6f47648af732bd88ecc6da2c13e0bd6881ee16fcc34830928737a52614fc80b6ceb7dd5dfffe95c377a999eb3505a9b82c13ae4da71d21bbb33583b12663364a3538c77df683adc78936ba525dd7c0e2fa662e505a2df +out +170303011072181c58ad94344f833a3c6517232928ff5614ef47044478a71d54c4de8a6e9edc2d0808128d6b6440230c6cfecc653e3e02536f9bd7bcae8cb0668627147ba3b548725a3549dc31a5b69cb15654e692610d8472be09c083d47a7ef0dd4ea464845e62c9fd2b88def3c3feb2367309c4d2440d7bd3d89b26ae67c947c9887257462bc7f5e5088bbe15b132fe01e5eabc8cd60ae31db08046d5b0dbc4ac1705c93b7c74ce741d4e52a5c8591e214877f38bc0b9216a4bd8527ff10878b5f8cec4d37427c021fad6de75f643e6b83466a5833493e6bab8e07e5b6e73ad3b8a3171ddd1dc91a709476eb90d40e1994c3b7d2d8ddde97c23fff4fbb34435d90bd68f8f6b645c80e9bd5d0dba6d36ecf2d420 \ No newline at end of file