scapy.layers.tls.keyexchange
TLS key exchange logic.
- class scapy.layers.tls.keyexchange.ClientDiffieHellmanPublic(_pkt, /, *, dh_Yclen=None, dh_Yc=b'')[source]
Bases:
_GenericTLSSessionInheritance
If the user provides a value for dh_Yc attribute, we assume he will set the pms and ms accordingly and trigger the key derivation on his own.
XXX As specified in 7.4.7.2. of RFC 4346, we should distinguish the needs for implicit or explicit value depending on availability of DH parameters in client certificate. For now we can only do ephemeral/explicit DH.
- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | DH YCLEN | DH YC | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. ClientDiffieHellmanPublic
ClientDiffieHellmanPublic fields dh_Yclen
None
dh_Yc
b''
- class scapy.layers.tls.keyexchange.ClientECDiffieHellmanPublic(_pkt, /, *, ecdh_Yclen=None, ecdh_Yc=b'')[source]
Bases:
_GenericTLSSessionInheritance
Note that the ‘len’ field is 1 byte longer than with the previous class.
- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ECDH YCLEN | ECDH YC | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. ClientECDiffieHellmanPublic
ClientECDiffieHellmanPublic fields ecdh_Yclen
None
ecdh_Yc
b''
- class scapy.layers.tls.keyexchange.ClientPSKIdentity(_pkt, /, *, psk_identity_len=None, psk_identity=b'')[source]
Bases:
Packet
XXX We provide parsing abilities for ServerPSKParams, but the context operations have not been implemented yet. See RFC 4279. Note that we do not cover the (EC)DHE_PSK nor the RSA_PSK key exchange, which should contain either an EncryptedPMS or a ClientDiffieHellmanPublic.
- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | PSK IDENTITY LEN | PSK IDENTITY | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. ClientPSKIdentity
ClientPSKIdentity fields psk_identity_len
None
psk_identity
b''
- class scapy.layers.tls.keyexchange.ECCurvePkt(_pkt, /, *, alen=None, a=b'', blen=None, b=b'')[source]
Bases:
Packet
- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ALEN | A | BLEN | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | B | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. ECCurvePkt
ECCurvePkt fields alen
None
a
b''
blen
None
b
b''
- class scapy.layers.tls.keyexchange.ECPentanomialBasis(_pkt, /, *, k1len=None, k1=b'', k2len=None, k2=b'', k3len=None, k3=b'')[source]
Bases:
Packet
- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | K1LEN | K1 | K2LEN | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | K2 | K3LEN | K3 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | +-+-+-+-+-+-+-+-+ Fig. ECPentanomialBasis
ECPentanomialBasis fields k1len
None
k1
b''
k2len
None
k2
b''
k3len
None
k3
b''
- val = 1
- class scapy.layers.tls.keyexchange.ECTrinomialBasis(_pkt, /, *, klen=None, k=b'')[source]
Bases:
Packet
- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | KLEN | K | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. ECTrinomialBasis
ECTrinomialBasis fields klen
None
k
b''
- val = 0
- class scapy.layers.tls.keyexchange.EncryptedPreMasterSecret(_pkt, /, *, client_version=None, random=None)[source]
Bases:
_GenericTLSSessionInheritance
Pay attention to implementation notes in section 7.4.7.1 of RFC 5246.
- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CLIENT VERSION | RANDOM | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | | + + | | + + | | + + | | + + | | + + | | + + | | + + | | + + | | + + | | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. EncryptedPreMasterSecret
EncryptedPreMasterSecret fields client_version
_TLSClientVersionField
None
random
None
- post_build(pkt, pay)[source]
We encrypt the premaster secret (the 48 bytes) with either the server certificate or the temporary RSA key provided in a server key exchange message. After that step, we add the 2 bytes to provide the length, as described in implementation notes at the end of section 7.4.7.1.
- class scapy.layers.tls.keyexchange.ServerDHParams(_pkt, /, *, dh_plen=None, dh_p=b'', dh_glen=None, dh_g=b'', dh_Yslen=None, dh_Ys=b'')[source]
Bases:
_GenericTLSSessionInheritance
ServerDHParams for FFDH-based key exchanges, as defined in RFC 5246/7.4.3.
Either with .fill_missing() or .post_dissection(), the server_kx_privkey or server_kx_pubkey of the TLS context are updated according to the parsed/assembled values. It is the user’s responsibility to store and restore the original values if he wants to keep them. For instance, this could be done between the writing of a ServerKeyExchange and the receiving of a ClientKeyExchange (which includes secret generation).
- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | DH PLEN | DH P | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | DH GLEN | DH G | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | DH YSLEN | DH YS | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. ServerDHParams
ServerDHParams fields dh_plen
None
dh_p
b''
dh_glen
None
dh_g
b''
dh_Yslen
None
dh_Ys
b''
- class scapy.layers.tls.keyexchange.ServerECDHExplicitChar2Params(_pkt, /, *, curve_type=2, m=None, basis_type=None, basis=<ECTrinomialBasis |>, curve=<ECCurvePkt |>, baselen=None, base=b'', order=None, cofactor=None, pointlen=None, point=b'')[source]
Bases:
_GenericTLSSessionInheritance
We provide parsing abilities for Char2Params, but there is no support from the cryptography library, hence no context operations.
- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CURVE TYPE | M | BASIS TYPE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | BASIS | CURVE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | BASELEN | BASE | ORDER | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | COFACTOR | POINTLEN | POINT | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. ServerECDHExplicitChar2Params
ServerECDHExplicitChar2Params fields curve_type
2
m
None
basis_type
_ECBasisTypeField
None
basis
_ECBasisField
<ECTrinomialBasis |>
curve
<ECCurvePkt |>
baselen
None
base
b''
order
None
cofactor
None
pointlen
None
point
b''
- class scapy.layers.tls.keyexchange.ServerECDHExplicitPrimeParams(_pkt, /, *, curve_type=1, plen=None, p=b'', curve=None, baselen=None, base=b'', orderlen=None, order=b'', cofactorlen=None, cofactor=b'', pointlen=None, point=b'')[source]
Bases:
_GenericTLSSessionInheritance
We provide parsing abilities for ExplicitPrimeParams, but there is no support from the cryptography library, hence no context operations.
- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CURVE TYPE | PLEN | P | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CURVE | BASELEN | BASE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | ORDERLEN | ORDER | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | COFACTORLEN | COFACTOR | POINTLEN | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | POINT | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. ServerECDHExplicitPrimeParams
ServerECDHExplicitPrimeParams fields curve_type
1
plen
None
p
b''
curve
None
baselen
None
base
b''
orderlen
None
order
b''
cofactorlen
None
cofactor
b''
pointlen
None
point
b''
- class scapy.layers.tls.keyexchange.ServerECDHNamedCurveParams(_pkt, /, *, curve_type=3, named_curve=None, pointlen=None, point=None)[source]
Bases:
_GenericTLSSessionInheritance
- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CURVE TYPE | NAMED CURVE | POINTLEN | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | POINT | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. ServerECDHNamedCurveParams
ServerECDHNamedCurveParams fields curve_type
3
named_curve
None
pointlen
None
point
None
- class scapy.layers.tls.keyexchange.ServerPSKParams(_pkt, /, *, psk_identity_hint_len=None, psk_identity_hint=b'')[source]
Bases:
Packet
XXX We provide some parsing abilities for ServerPSKParams, but the context operations have not been implemented yet. See RFC 4279. Note that we do not cover the (EC)DHE_PSK key exchange, which should contain a Server*DHParams after ‘psk_identity_hint’.
- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | PSK IDENTITY HINT LEN | PSK IDENTITY HINT | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. ServerPSKParams
ServerPSKParams fields psk_identity_hint_len
None
psk_identity_hint
b''
- class scapy.layers.tls.keyexchange.ServerRSAParams(_pkt, /, *, rsamodlen=None, rsamod=b'', rsaexplen=None, rsaexp=b'')[source]
Bases:
_GenericTLSSessionInheritance
Defined for RSA_EXPORT kx : it enables servers to share RSA keys shorter than their principal {>512}-bit key, when it is not allowed for kx.
This should not appear in standard RSA kx negotiation, as the key has already been advertised in the Certificate message.
- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | RSAMODLEN | RSAMOD | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | RSAEXPLEN | RSAEXP | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. ServerRSAParams
ServerRSAParams fields rsamodlen
None
rsamod
b''
rsaexplen
None
rsaexp
b''
- class scapy.layers.tls.keyexchange.SigAndHashAlgField(name: str, default: I | None, enum: Dict[I, str] | Dict[str, I] | List[str] | DADict[I, str] | Type[Enum] | Tuple[Callable[[I], str], Callable[[str], I]], fmt: str = 'H')[source]
Bases:
EnumField
Used in _TLSSignature.
- phantom_value = None
- class scapy.layers.tls.keyexchange.SigAndHashAlgsField(name: str, default: List[AnyField] | None, field: AnyField, length_from: Callable[[Packet], int] | None = None, count_from: Callable[[Packet], int] | None = None, max_count: int | None = None)[source]
Bases:
FieldListField
Used in TLS_Ext_SignatureAlgorithms and TLSCertificateResquest.
- phantom_value = []
- class scapy.layers.tls.keyexchange.SigAndHashAlgsLenField(name: str, default: Optional[Any], length_of: Optional[str] = None, fmt: str = 'H', count_of: Optional[str] = None, adjust: Callable[[Packet, int], int] = <function FieldLenField.<lambda>>)[source]
Bases:
FieldLenField
Used in TLS_Ext_SignatureAlgorithms and TLSCertificateResquest.
- phantom_value = 0
- class scapy.layers.tls.keyexchange.SigLenField(name: str, default: Optional[Any], length_of: Optional[str] = None, fmt: str = 'H', count_of: Optional[str] = None, adjust: Callable[[Packet, int], int] = <function FieldLenField.<lambda>>)[source]
Bases:
FieldLenField
There is a trick for SSLv2, which uses implicit lengths…
- class scapy.layers.tls.keyexchange.SigValField(name: str, default: bytes, length_from: Callable[[Packet], int] | None = None, max_length: Any | None = None)[source]
Bases:
StrLenField
There is a trick for SSLv2, which uses implicit lengths…
- scapy.layers.tls.keyexchange.phantom_decorate(f, get_or_add)[source]
Decorator for version-dependent fields. If get_or_add is True (means get), we return s, self.phantom_value. If it is False (means add), we return s.
- scapy.layers.tls.keyexchange.phantom_mode(pkt)[source]
We expect this. If tls_version is not set, this means we did not process any complete ClientHello, so we’re most probably reading/building a signature_algorithms extension, hence we cannot be in phantom_mode. However, if the tls_version has been set, we test for TLS 1.2.