• Home
• de.rub.nds.tlsattacker
• Attacks
• 3.7.1
• source code
• LeakyExportBenchmarkRunnable.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

de.rub.nds.tlsattacker.attacks.impl.drown.LeakyExportBenchmarkRunnable Maven / Gradle / Ivy

/**
 * TLS-Attacker - A Modular Penetration Testing Framework for TLS
 *
 * Copyright 2014-2021 Ruhr University Bochum, Paderborn University, Hackmanit GmbH
 *
 * Licensed under Apache License, Version 2.0
 * http://www.apache.org/licenses/LICENSE-2.0.txt
 */

package de.rub.nds.tlsattacker.attacks.impl.drown;

import de.rub.nds.tlsattacker.core.constants.SSL2CipherSuite;
import java.util.Arrays;

/**
 * Runnable for benchmarking the brute-force performance of ServerVerifyChecker in a multi-threaded setup.
 */
class LeakyExportBenchmarkRunnable implements Runnable {

    private int firstByteFrom;
    private int firstByteTo;
    private SSL2CipherSuite cipherSuite;
    private byte[] encrypted;
    private byte[] baseMasterKey;
    private byte[] challenge;
    private byte[] sessionId;
    private byte[] iv;

    public LeakyExportBenchmarkRunnable(SSL2CipherSuite cipherSuite, int firstByteFrom, int firstByteTo) {
        this.cipherSuite = cipherSuite;
        this.firstByteFrom = firstByteFrom;
        this.firstByteTo = firstByteTo;
    }

    public void init(byte[] encrypted, byte[] baseMasterKey, byte[] challenge, byte[] sessionId, byte[] iv) {
        this.encrypted = encrypted;
        this.baseMasterKey = baseMasterKey;
        this.challenge = challenge;
        this.sessionId = sessionId;
        this.iv = iv;
    }

    @Override
    public void run() {
        // Use ints for iteration because otherwise the loop condition will be
        // affected by wrap-arounds
        for (int a = firstByteFrom; a < firstByteTo; a++) {
            for (int b = -128; b < 128; b++) {
                for (int c = -128; c < 128; c++) {
                    byte[] masterKey = Arrays.copyOf(baseMasterKey, baseMasterKey.length);
                    masterKey[0] = (byte) a;
                    masterKey[1] = (byte) b;
                    masterKey[2] = (byte) c;
                    byte[] key = ServerVerifyChecker.makeKeyMaterial(masterKey, challenge, sessionId, "0");

                    if (cipherSuite == SSL2CipherSuite.SSL_CK_RC4_128_EXPORT40_WITH_MD5) {
                        ServerVerifyChecker.decryptRC4(key, encrypted);
                    } else if (cipherSuite == SSL2CipherSuite.SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5) {
                        ServerVerifyChecker.decryptRC2(key, encrypted, iv, 0);
                    }
                }
            }
        }
    }
}