TLS-Attacker v6.3.4

Changes

• Fixed incorrect use of CLI-provided private key

TLS-Attacker v6.3.3

Changes:

• Fixed: content manipulations not considered when setting message length field
• Fixed: UDP socket not re-initialized after it has been closed by ResetConnectionAction
• Various minor code quality improvements

TLS-Attacker v6.3.2

Changes:

• Added RSA PSS RSAE support
• Improved SignatureAndHashAlgorithm selection when a certificate was specified by user
• Fixed missing X.509 context update for pre defined certificate chain
• Fixed parser loop for undefined record content types
• Fixed ClientRandom value not retained in a new CH sent after receiving a HelloRetryRequest in TLS 1.3
• Fixed empty application data messages disappearing during serialization
• Fixed X509 and ASN.1 Attacker classes missing in JAXB context
• Various improvements based on Spotbugs' suggestions

TLS-Attacker v6.1.7

Changes

• When generating static ECDH certificates, TLS-Attacker now defaults to ECDH/ECDSA OID for the public key in the certificate as ECDH-only OID is not supported by OpenSSL
• Updated X.509-Attacker dependency to fix NullPointerException thrown when generating static DH certificates
• Fixed ProtocolAttacker API usage in hash-to-curve code of PWD computations that previously always used the curve's base point if the first X coordinate was not valid for the chosen curve

TLS-Attacker v6.1.4

Changes

• Implemented new X.509-Attacker dependency enabling TLS-Attacker to generate arbitrary certificates dynamically at runtime
• Replaced Bouncycastle certificate parsing with X.509-Attacker parsers
• First constants of TLS-Attacker have been moved to Protocol-Attacker to achieve a unified interface for other protocols
• Added cache for KeyShareCalculator to speed up public key compuations
• Fixed bug in RSA PSS salt generation
• Fixed bug in HTTP header parsing
• Fixed key handling bug in 0-RTT handshakes
• Fixed incorrect RSA PKCS#1v1.5 padding structure for RSA moduli that are not divisible by 8
• Fixed NullPointerExceptions caused by improper extension handling

TLS-Attacker v5.3.0

Changes

• Added support for chinese SM cipher suites in TLS 1.3
• Fixed encryption issue when using client authentication in TLS 1.3
• Fixed a bug for reexecuted WorkflowTraces caused by manipulated LayerConfiguration
• Fixed a bug which caused only the first pre-defined DTLS fragment to be used by the DtlsFragmentLayer

TLS-Attacker v5.2.1

Starting with this release, we attribute the Technology Innovation Institute (@tiiuae) in the license header to reflect the extensive contributions made by its researchers.

Changes

• Set default WorkflowTraceType to DYNAMIC_HANDSHAKE so the user does not have to specify the negotiated key exchange algorithm before execution
• Added flag for automatic extension selection in ServerHello and EncryptedExtensions (defaults to off for backwards compatibility)
• Fixed NullPointerExceptions for pseudo cipher suites (e.g SCSV) enforced in Server Hello

TLS-Attacker v5.1.6

The new version of TLS-Attacker introduces a layer system, which better separates protocols and parts of protocols in the code. This also facilitates the implementation of new application protocols besides HTTP. The user is now also able to define custom protocol layer stacks. Large parts of TLS-Attacker have been refactored for this purpose.

Changes

• Introduced layer system with clear separation of fragment layer, record layer, message layer and HTTP layer
• Refactored parsing to use separate streams for sub structures of messages, such as extensions within handshake messages
• Added support for encrypted Client Hello messages
• Fixed inconsistent use of generic classes which caused issues for some IDEs
• Unified client port reuse across TCP and UDP transport handlers

TLS-Attacker v4.0.2

What's Changed

• Adjusted artifact ID to match guidelines
• Implemented EXPORT cipher suite handling for server
• Implemented Signature Algorithm Cert extension
• Improved certificate selection for server
• Fixed EOF detection in transport handler
• Fixed sockets not closed correctly for WorkflowExecutionExceptions
• Fixed SSL2 messages missing in output of ReceiveAction
• Integrated Bill of Materials (BOM)
• Bumped dependency versions

Full Changelog: 3.8.1...v4.0.2

TLS-Attacker 3.8.1

Changes:

• Fixed Null Pointer Exception in EarlyCCSAction
• Fixed RuntimeException in ECDHEClientKeyExchangeMessage when FFDHE group was negotiated
• Fixed ARIA_256_GCM cipher suites
• Fixed CertificateTypeExtension handling
• Fixed wrong interpretation of FFDHE key share byte values (thanks @SidolFreiburg)