Merge pull request #372 from RUB-NDS/version2

Updated Version to 2.0

Attacks/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>de.rub.nds.tlsattacker</groupId>
         <artifactId>TLS-Attacker</artifactId>
-        <version>2.0Beta4</version>
+        <version>2.0</version>
     </parent>
     <artifactId>Attacks</artifactId>
     <packaging>jar</packaging>

README.md

@@ -53,11 +53,11 @@ You can find more information about these modules in the Wiki.
 
 ## Features
 Currently, the following features are supported:
-- TLS versions 1.0 (RFC-2246), 1.1 (RFC-4346) 1.2 (RFC-5246) and 1.3 (draft-ietf-tls-tls13-21)
+- SSL 3, TLS versions 1.0 (RFC-2246), 1.1 (RFC-4346) 1.2 (RFC-5246) and 1.3 (draft-ietf-tls-tls13-21)
 - DTLS 1.2 (RFC-6347)(Currently under Development)
 - SSL 2 (Client/Server Hello)
 - (EC)DH and RSA key exchange algorithms
-- CBC and Streamciphers
+- CBC, AEAD and Streamciphers
 - TLS client and server
 - HTTPS
 - MitM (experimental)
@@ -146,31 +146,41 @@ We know many of you hate Java. Therefore, you can also use an XML structure and
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 <workflowTrace>
     <SendAction>
-        <ClientHello>
-            <extensions>
-                <HeartbeatExtension/>
-                <ECPointFormat/>
-                <EllipticCurves/>
-            </extensions>
-        </ClientHello>
+        <messages>
+            <ClientHello>
+                <extensions>
+                    <ECPointFormat/>#
+                    <HeartbeatExtension/>
+                    <EllipticCurves/>
+                </extensions>
+            </ClientHello>
+        </messages>
     </SendAction>
     <ReceiveAction>
-        <ServerHello>
-            <extensions>
-                <HeartbeatExtension/>
-                <ECPointFormat/>
-                <EllipticCurves/>
-            </extensions>
-        </ServerHello>
-        <Certificate/>
-        <ServerHelloDone/>
+        <expectedMessages>
+            <ServerHello>
+                <extensions>
+                    <ECPointFormat/>
+                </extensions>
+            </ServerHello>
+            <Certificate/>
+            <ServerHelloDone/>
+        </expectedMessages>
     </ReceiveAction>
     <SendAction>
-        <Finished/>
+        <messages>
+            <RSAClientKeyExchange>
+                <computations/>
+            </RSAClientKeyExchange>
+            <ChangeCipherSpec/>
+            <Finished/>
+        </messages>
     </SendAction>
     <ReceiveAction>
-        <ChangeCipherSpec/>
-        <Finished/>
+        <expectedMessages>
+            <ChangeCipherSpec/>
+            <Finished/>
+        </expectedMessages>
     </ReceiveAction>
 </workflowTrace>
 ```
@@ -195,49 +205,59 @@ We can of course use this concept by constructing our TLS workflows. Imagine you
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 <workflowTrace>
     <SendAction>
-        <ClientHello>
-            <extensions>
-                <HeartbeatExtension/>
-                <ECPointFormat/>
-                <EllipticCurves/>
-            </extensions>
-        </ClientHello>
+        <messages>
+            <ClientHello>
+                <extensions>
+                    <ECPointFormat/>#
+                    <HeartbeatExtension/>
+                    <EllipticCurves/>
+                </extensions>
+            </ClientHello>
+        </messages>
     </SendAction>
     <ReceiveAction>
-        <ServerHello>
-            <extensions>
-                <HeartbeatExtension/>
-                <ECPointFormat/>
-                <EllipticCurves/>
-            </extensions>
-        </ServerHello>
-        <Certificate/>
-        <ServerHelloDone/>
+        <expectedMessages>
+            <ServerHello>
+                <extensions>
+                    <ECPointFormat/>
+                </extensions>
+            </ServerHello>
+            <Certificate/>
+            <ServerHelloDone/>
+        </expectedMessages>
     </ReceiveAction>
     <SendAction>
-		<RSAClientKeyExchange/>
-		<ChangeCipherSpec/>
-        <Finished/>
+        <messages>
+            <RSAClientKeyExchange>
+                <computations/>
+            </RSAClientKeyExchange>
+            <ChangeCipherSpec/>
+            <Finished/>
+        </messages>
     </SendAction>
     <ReceiveAction>
-        <ChangeCipherSpec/>
-        <Finished/>
+        <expectedMessages>
+            <ChangeCipherSpec/>
+            <Finished/>
+        </expectedMessages>
     </ReceiveAction>
     <SendAction>
-	<Heartbeat>
-            <payloadLength>
-                <integerExplicitValueModification>
-                    <explicitValue>20000</explicitValue>
-                </integerExplicitValueModification>
-            </payloadLength>
-        </Heartbeat><Heartbeat/>
+		<messages>
+			<Heartbeat>
+				<payloadLength>
+					<integerExplicitValueModification>
+						<explicitValue>20000</explicitValue>
+					</integerExplicitValueModification>
+				</payloadLength>
+			</Heartbeat>
+        </messages
     </SendAction>
     <ReceiveAction>
-	<Heartbeat/>
+		<Heartbeat/>
     </ReceiveAction>
 </workflowTrace>
 ```
-As you can see, we explicitly increased the payload length of the Heartbeat message by 2000.
+As you can see, we explicitly increased the payload length of the Heartbeat message by 20000.
 If you run the attack against the vulnerable server (e.g., OpenSSL 1.0.1f), you should see a valid Heartbeat response.
 
 Further examples on attacks and further explanations on TLS-Attacker can be found in the Wiki.
@@ -259,6 +279,7 @@ The following people have contributed code to the TLS-Attacker Project:
 - Lucas Hartmann: TLS-MitM Workflows
 - Florian Linsner: PSK
 - Pierre Tilhaus: Code quality improvements
+- Felix Kleine-Wilde: SSL 3 Support
 
 Additionally we would like to thank all the other people who have contributed code to the project.
 

TLS-Client/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>de.rub.nds.tlsattacker</groupId>
         <artifactId>TLS-Attacker</artifactId>
-        <version>2.0Beta4</version>
+        <version>2.0</version>
     </parent>
     <name>TLS-Client</name>
     <artifactId>TLS-Client</artifactId>

TLS-Core/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>de.rub.nds.tlsattacker</groupId>
         <artifactId>TLS-Attacker</artifactId>
-        <version>2.0Beta4</version>
+        <version>2.0</version>
     </parent>
     <artifactId>TLS-Core</artifactId>
     <packaging>jar</packaging>

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/workflow/action/WaitingAction.java

@@ -29,7 +29,7 @@ public WaitingAction() {
     @Override
     public void execute(State state) throws WorkflowExecutionException, IOException {
         Boolean success;
-        LOGGER.info("Wating " + time + "ms...");
+        LOGGER.info("Waiting " + time + "ms...");
         try {
             Thread.sleep(time);
             success = true;

TLS-Mitm/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>de.rub.nds.tlsattacker</groupId>
         <artifactId>TLS-Attacker</artifactId>
-        <version>2.0Beta4</version>
+        <version>2.0</version>
     </parent>
     <artifactId>TLS-Mitm</artifactId>
     <packaging>jar</packaging>

TLS-Server/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>de.rub.nds.tlsattacker</groupId>
         <artifactId>TLS-Attacker</artifactId>
-        <version>2.0Beta4</version>
+        <version>2.0</version>
     </parent>
     <artifactId>TLS-Server</artifactId>
     <packaging>jar</packaging>

Transport/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>de.rub.nds.tlsattacker</groupId>
         <artifactId>TLS-Attacker</artifactId>
-        <version>2.0Beta4</version>
+        <version>2.0</version>
     </parent>
     <artifactId>Transport</artifactId>
     <packaging>jar</packaging>

Utils/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>de.rub.nds.tlsattacker</groupId>
         <artifactId>TLS-Attacker</artifactId>
-        <version>2.0Beta4</version>
+        <version>2.0</version>
     </parent>
     <artifactId>Utils</artifactId>
     <packaging>jar</packaging>

pom.xml

@@ -3,7 +3,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>de.rub.nds.tlsattacker</groupId>
     <artifactId>TLS-Attacker</artifactId>
-    <version>2.0Beta4</version>
+    <version>2.0</version>
     <packaging>pom</packaging>
     <inceptionYear>2015</inceptionYear>
     <name>TLS-Attacker</name>