Rooba
/
scapy
mirror of https://github.com/secdev/scapy.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
scapy/doc/notebooks/tls/notebook4_tls13.ipynb

144 lines
3.5 KiB
Plaintext
Raw Blame History

{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# TLS 1.3 handshake overview\n",
"This is the basic TLS 1.3 handshake:\n",
"\n",
"<img src=\"images/handshake_tls13.png\" alt=\"Handshake TLS 1.3\" width=\"400\"/>"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true
},
"outputs": [],
"source": [
"from scapy.all import *"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"record1_str = open('raw_data/tls_session_13/01_cli.raw').read()\n",
"record1 = TLS(record1_str)\n",
"sess = record1.tls_session\n",
"record1.show()"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"record2_str = open('raw_data/tls_session_13/02_srv.raw').read()\n",
"record2 = TLS(record2_str, tls_session=sess.mirror())\n",
"record2.show()"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"record3_str = open('raw_data/tls_session_13/03_cli.raw').read()\n",
"record3 = TLS(record3_str, tls_session=sess.mirror())\n",
"record3.show()"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true
},
"outputs": [],
"source": [
"# The PFS relies on the ECDH secret below being kept from observers, and deleted right after the key exchange\n",
"#from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateNumbers\n",
"#from cryptography.hazmat.backends import default_backend\n",
"#secp256r1_client_privkey = open('raw_data/tls_session_13/cli_key.raw').read()\n",
"#pubnum = sess.tls13_client_pubshares[\"secp256r1\"].public_numbers()\n",
"#privnum = EllipticCurvePrivateNumbers(pkcs_os2ip(secp256r1_client_privkey), pubnum)\n",
"#privkey = privnum.private_key(default_backend())\n",
"#sess.tls13_client_privshares[\"secp256r1\"] = privkey"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"scrolled": true
},
"outputs": [],
"source": [
"record4_str = open('raw_data/tls_session_13/04_srv.raw').read()\n",
"record4 = TLS(record4_str, tls_session=sess.mirror())\n",
"record4.show()"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"record5_str = open('raw_data/tls_session_13/05_srv.raw').read()\n",
"record5 = TLS(record5_str, tls_session=sess)\n",
"record5.show()"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"record6_str = open('raw_data/tls_session_13/06_cli.raw').read()\n",
"record6 = TLS(record6_str, tls_session=sess.mirror())\n",
"record6.show()"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## Observations sur TLS 1.3\n",
"* Certificat désormais chiffré...\n",
"* ...mais pas le Server Name dans le ClientHello\n",
"* Risques du mode 0-RTT"
]
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 2",
"language": "python",
"name": "python2"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 2
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython2",
"version": "2.7.13"
}
},
"nbformat": 4,
"nbformat_minor": 2
}
Reference in New Issue View Git Blame Copy Permalink