Работа над расшифровкой TLS
This commit is contained in:
serega6531
@@ -2,6 +2,7 @@ package ru.serega6531.packmate.service.optimization;
|
||||
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.SneakyThrows;
|
||||
import org.springframework.security.crypto.codec.Hex;
|
||||
import ru.serega6531.packmate.model.Packet;
|
||||
import ru.serega6531.packmate.utils.PacketUtils;
|
||||
import ru.serega6531.packmate.utils.SSLUtils;
|
||||
@@ -11,6 +12,8 @@ import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.SSLEngineResult;
|
||||
import java.io.File;
|
||||
import java.nio.ByteBuffer;
|
||||
import java.security.SecureRandom;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
|
||||
@RequiredArgsConstructor
|
||||
@@ -24,15 +27,82 @@ public class TlsDecryptor {
|
||||
|
||||
File pemFile = new File(getClass().getClassLoader().getResource("tls.pem").getFile());
|
||||
File keyFile = new File(getClass().getClassLoader().getResource("tls.key").getFile());
|
||||
SSLContext context = SSLUtils.createContext(pemFile, keyFile);
|
||||
SSLContext context = SSLUtils.createContext(pemFile, keyFile, new TlsFakeSecureRandom());
|
||||
SSLEngine serverEngine = context.createSSLEngine();
|
||||
serverEngine.setUseClientMode(false);
|
||||
serverEngine.setNeedClientAuth(true);
|
||||
|
||||
ByteBuffer decodedServerBuf = ByteBuffer.allocate(1000);
|
||||
ByteBuffer tmp = ByteBuffer.allocate(50);
|
||||
ByteBuffer tmp2 = ByteBuffer.allocate(50000);
|
||||
// tmp.put((byte)1);
|
||||
|
||||
unwrap(serverEngine, packets.get(0).getContent(), decodedServerBuf);
|
||||
wrap(serverEngine, tmp, tmp2);
|
||||
wrap(serverEngine, tmp, tmp2);
|
||||
wrap(serverEngine, tmp, tmp2);
|
||||
unwrap(serverEngine, packets.get(2).getContent(), decodedServerBuf);
|
||||
unwrap(serverEngine, packets.get(3).getContent(), decodedServerBuf);
|
||||
unwrap(serverEngine, packets.get(4).getContent(), decodedServerBuf);
|
||||
unwrap(serverEngine, packets.get(5).getContent(), decodedServerBuf);
|
||||
|
||||
SSLEngineResult unwrap = serverEngine.unwrap(ByteBuffer.wrap(packets.get(0).getContent()), decodedServerBuf);
|
||||
System.out.println();
|
||||
}
|
||||
|
||||
@SneakyThrows
|
||||
private void unwrap(SSLEngine serverEngine, byte[] content, ByteBuffer buf) {
|
||||
SSLEngineResult unwrap = serverEngine.unwrap(ByteBuffer.wrap(content), buf);
|
||||
System.out.println("UNWRAP " + unwrap);
|
||||
Runnable delegatedTask = serverEngine.getDelegatedTask();
|
||||
if(delegatedTask != null) {
|
||||
delegatedTask.run();
|
||||
}
|
||||
}
|
||||
|
||||
@SneakyThrows
|
||||
private void wrap(SSLEngine serverEngine, ByteBuffer src, ByteBuffer dest) {
|
||||
SSLEngineResult wrap = serverEngine.wrap(src, dest);
|
||||
System.out.println("WRAP " + wrap);
|
||||
Runnable delegatedTask = serverEngine.getDelegatedTask();
|
||||
if(delegatedTask != null) {
|
||||
delegatedTask.run();
|
||||
}
|
||||
}
|
||||
|
||||
private static class TlsFakeSecureRandom extends SecureRandom {
|
||||
|
||||
/*
|
||||
state 0 - engineInit(SSLContextImpl.java:117)
|
||||
stage 1 - SessionId.<init> -> RandomCookie
|
||||
stage 2 - server random (ServerHello.java:575)
|
||||
stage 3 - XDHKeyPairGenerator.generateKeyPair -> XECOperations.generatePrivate
|
||||
*/
|
||||
|
||||
private int state = 0;
|
||||
|
||||
@Override
|
||||
public void nextBytes(byte[] bytes) {
|
||||
System.out.println("STATE " + state);
|
||||
StackWalker.getInstance().forEach(System.out::println);
|
||||
System.out.println("-----------------");
|
||||
|
||||
switch (state) {
|
||||
case 0 -> Arrays.fill(bytes, (byte) 0);
|
||||
case 1, 2, 3 -> System.arraycopy(getFakeBytes(), 0, bytes, 0, bytes.length);
|
||||
}
|
||||
|
||||
state++;
|
||||
}
|
||||
|
||||
private byte[] getFakeBytes() {
|
||||
return switch (state) {
|
||||
case 1 -> Hex.decode("0ab8b3409555d3d658b1844f52dfc0116467c4b9088d1deb504f3935c10de893");
|
||||
case 2 -> Hex.decode("b5474b785c5e9bbadf2b0cd136e9aaf8bc2d89583ef96c479b531b94808349cc");
|
||||
case 3 -> Hex.decode("801d96be72cbbd2f4e33b5ec7e5e0b073636269e42c17d1d8996fdd28c9f7230");
|
||||
default -> throw new IllegalStateException("Unexpected value: " + state);
|
||||
};
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -9,13 +9,14 @@ import javax.net.ssl.TrustManagerFactory;
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.security.KeyStore;
|
||||
import java.security.SecureRandom;
|
||||
|
||||
import static com.google.common.base.Preconditions.checkState;
|
||||
|
||||
public class SSLUtils {
|
||||
|
||||
@SneakyThrows
|
||||
public static SSLContext createContext(File pemFile, File keyFile) {
|
||||
public static SSLContext createContext(File pemFile, File keyFile, SecureRandom random) {
|
||||
final String pass = "abcdef";
|
||||
|
||||
File jksKeystoreFile = File.createTempFile("packmate_", ".jks");
|
||||
@@ -46,7 +47,7 @@ public class SSLUtils {
|
||||
TrustManagerFactory factory = TrustManagerFactory.getInstance(
|
||||
TrustManagerFactory.getDefaultAlgorithm());
|
||||
factory.init(keystore);
|
||||
ret.init(keyManagerFactory.getKeyManagers(), factory.getTrustManagers(), null);
|
||||
ret.init(keyManagerFactory.getKeyManagers(), factory.getTrustManagers(), random);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -4,4 +4,6 @@ out
|
||||
160303007a020000760303b5474b785c5e9bbadf2b0cd136e9aaf8bc2d89583ef96c479b531b94808349cc200ab8b3409555d3d658b1844f52dfc0116467c4b9088d1deb504f3935c10de893130100002e002b0002030400330024001d0020801d96be72cbbd2f4e33b5ec7e5e0b073636269e42c17d1d8996fdd28c9f72301403030001011703030020ec3ee8fb17f72e280f8da426abe1a33d9f90a55fbf5a661350fbd1c1c1a0f632170303032b42eeddcbe378e531fe3ff17eb4a2f0479180650ee48380836211dc2972807094d9d966759a4e222ea65976179d4f35e56fa1f2784694dd3a20066c1629f0021066c3c16dcff4e0eb374daffc765bb762dce06b21661b9869aef570b33ca6feb5ae10c6f3b8d7fef7d23cc3639dc09c6f5a6bdb21c724104b781f202f16210f26cc3ffb35012191ac6da0d0dc2d6c97a825aef658143c165d0621d6e2cf1238edf1a10dd75591b52fa74b38f91fc3c6fb0d011336aa092781c4abe3c53b55e5d103dd291a17fd7ca06516faea3f0b76bc3144616ffcc1d3615752c3b12819eff9830fec7c44948d17cab2e692a020285f4a89c8b397646016559fd8b028c8875970421b9b0340eb2531fdbf471e1a788ea73bb42a1a63e3279e7cf2940297aa2a51daf49a7c451ced900f928092c8fac75c772d0951be31a7143b44db651332e7ba8e8c0d0ac0172705bed8de0a48f71f5345a5c98910416266e2bf96c66ad8ab79a252dc89172c00bbb66f22f74c32127138f56e94c573c07561b4db5fe12af62820aa0c6dd3dd8c62fd55dba30f317152f9a8238f5114373a8f233992c25a4e16612014b50ec59b81c2957eb0fd44beddcc036873d9193b0daa518de00c506a46c76499700fe6c8175c9ba56b4c42d390c3415e74bf3b04a762c004e9549571670f0a226e77d2a73b60f7302ca69065ab5e2e4c972f96f596ccb1e734fa2c1a15076c2536a84c8394d7bb3c9b9db44b342be05e93301499611078095b4c5da6171b211ceb6ecc4889a9d0af97936bc2a135a8aff5b7851b874b74210b0ebb2e25f9f780d2d868b68113f96daeaee0cf3dba9ca9416c80d37d00498895a9bf700153c30efc838b36040f2a5ba3c518af7ea50479975d61863de8ec29aaabda9f62c087b59219d63eda1f54bec28ae34dfcfd19e45166c097c419215c2d836101b0cd4ee06dfc4f42c9d7fadbb59af33d59041ef18df9670eb1472fe67fdcc712812ff874ca9c921b5a1a7daba389669c5d916ee5409d392faf6af03c36c42120fa0d37e418ab9e50f19aa141e6809b36b77e0b92660edeee2086fb72e6e79e47ceca17fb98f137a1b20d75b76dd640b5f3a13fef7069c6d3d58f2c26bdf5800e4e3ab5a9553224257fcee7170303011998f724838a24b8c7c785228a59d9de487f121ea2546c9e328f6af05497a6534a5d899ffa33931a19718b0f13f0d69d1cc46ee6b4a46555637a1fd7fc1626ba247869f3ff0afc65ef9dd2c111f0605ac15950d8c0a55604d1b4acea04d288f01c5baa1ee4211a5ad5f28e007b9607f7d1f7894fb367a47b5ac776f6ab146046d5f187dc521253536a23885c6919bd0650613f0d9b35c9a45fde3cd81c86c88ccdbc42beb36e666d726f55f16a293295dd3c9ea91ce93ad69248c0488ea1946022f52184ef31fc8ad55ac5bde1add744c1c03d0361d636c929b3c6e84d9fbf027647cee28e3a1db2870ab7fdb4b059745b677aec66e8798dfdb9790231562b46ceec478ec9e1cb1d22c6a038a4e9ce295a9f77a3bb0803cec3a91703030035d288fffb76adea324fe965bbab064300e1f1ef39512a1627029c5d2d2dff890d73f8b1d751b813f6a4d6220123323d173a8c2a3de31703030093f3fdf993d25b149eb103c99d4f1556fbe55127ff8f5c9846f181c180033ffa063235e2b77a951a80ab10866c756cd575f7fad5fefb281585730832983ddd76d55a15f9e67d592ca90372df949afa715bd5d8d941bef2ddc9640dd296a4056b9d26d6fe51c587bdf6a3997f492d37a7664f5ecf299fd2eac21de93cfc38318cb0473d7a0b37680158b0e85bd1954da27ab51f62
|
||||
in
|
||||
140303000101170303003522332775a6617895c810ddad7f99ecc7d16ce79eec84cfaf1ff96933e7c9d50a2c44cb430f4483e77df7c62e3167e5936b5e8fae34
|
||||
1703030057a6cbca0de9d81daa74309ed33a8d7b739f90adf1fd434d9115f162bac1ba6ba1ddafc6e5ef4d1f5dbb531d6d0f160e77205e3a73a5a174318180e4c5595cdffe7dab9d01f3f559d08f2c1f04ff6e9e214078df21fecb17
|
||||
1703030057a6cbca0de9d81daa74309ed33a8d7b739f90adf1fd434d9115f162bac1ba6ba1ddafc6e5ef4d1f5dbb531d6d0f160e77205e3a73a5a174318180e4c5595cdffe7dab9d01f3f559d08f2c1f04ff6e9e214078df21fecb17
|
||||
17030301ade0ee7e00d876bfdc3b1af18e83fd12edfb00bb8913544269212ffdfec774a3738b975da716351ccc311aec12deef57c327bc7b05b4c64cb471f117a3a0c672e48ad36ca79c689580a7e039d9b6d38a4fa9c6812fb3439d6815edc4fb3d9819f7a8a4ccccfffefddd7168fd436f9a0181420157563230f9e66cce28373c467abba43b286bff548d9e100cead7bc6dd3e3c1d9054dc32016705c64bece7f14bfc34d710ba133ca430b3119437892950ac24151b3d27485db401c9d7ddeca1d22a37c3938de2e5e63ebda1203a2c7ddefaff7103e6fce89f0ef6c4a372733def21ca525fa2812792b8f61d6f72301a7c333092a54bdea527cf3e9cdf1a1659b6c687502fb975d37e58238f2f1e5b5deaadde43dd7ce5af14b5a86271c1a2ccd66d434a03f6f81c1bfaa0ae78359d1d105fe03899a94c3f40484d0d3c8f18221434dad2a6547c012f3e36eb0006d631bceba4e0e6b088a96f0e8dbc4b6adced3e50b24515f977fe92665ae9b1cf3b119174f8ecbc3499d8bb3501e9a494d4deb16f503444132350f0ed4a6568b4dc85b9a548dd3072a7af501390f68bccffab2839918038c648e8420d4d73d3ec8e0
|
||||
170303001ab26d3805e7ecc6915b08c0dd1118021eda932dea1a38d7cfcbfc
|
||||
Reference in New Issue
Block a user