hdZddlZddlmZmZddlmZddlmZm Z m Z m Z ddl m Z ddlmZmZGdd e ZGd d eZGd d eZdZdZdZdZdZdZdZdZdZdZdS)z2 TLS helpers, provided as out-of-context methods. N)orbchb)warning) ByteEnumFieldShortEnumField FieldLenField StrLenField)Packet) _tls_type _tls_versionc~eZdZdZeddeeddeedddde dd d gZ dS) TLSPlaintextz TLS PlaintexttypeNversionlendataz!H) length_offmtc|jS)N)r)pkts Z/mounts/lovelace/software/anaconda3/lib/python3.11/site-packages/scapy/layers/tls/tools.pyzTLSPlaintext.ssw) length_from) __name__ __module__ __qualname__namerr rr rr fields_descrrrrst D =y99!>)T<@@ =DIII;vr+>+>@@@AKKKrrceZdZdZdS) TLSCompressedzTLS CompressedNrrrrr!rrr#r# DDDrr#ceZdZdZdS) TLSCiphertextzTLS CiphertextNr$r!rrr'r'#r%rr'ct}|j|_|j|_||j|_t |j|_|S)z Compress p (a TLSPlaintext instance) using compression algorithm instance alg and return a TLSCompressed instance. )r#rrcompressrralgpcs r _tls_compressr.'sH A VAF AI \\!& ! !AF KKAE Hrct}|j|_|j|_||j|_t |j|_|S)z Decompress c (a TLSCompressed instance) using compression algorithm instance alg and return a TLSPlaintext instance. )rrr decompressrrr+r-r,s r_tls_decompressr24sH A VAF AI ^^AF # #AF KKAE Hrctjd|}||t|z}|xj|z c_|xj|jz c_dS)a^ Compute the MAC using provided MAC alg instance over TLSCiphertext c using current write sequence number write_seq_num. Computed MAC is then appended to c.data and c.len is updated to reflect that change. It is the caller responsibility to increment the sequence number after the operation. The function has no return value. !QN)structpackdigestbytesrrhash_len)r+r- write_seq_numhs r _tls_mac_addr<AsVKm44M =588+,,AFFaKFFEES\EEEErc|j}|j|krdS|j| d}|xj|zc_|jd| |_tjd|}||t |z}||kS)a9 Verify if the MAC in provided message (message resulting from decryption and padding removal) is valid. Current read sequence number is used in the verification process. If the MAC is valid: - The function returns True - The packet p is updated in the following way: trailing MAC value is removed from p.data and length is updated accordingly. In case of error, False is returned, and p may have been modified. Also note that it is the caller's responsibility to update the read sequence number after the operation. FNr4)r9rrr5r6r7r8)r+r, read_seq_numh_size received_hr;s r_tls_mac_verifyrAOs \Fuv~~u!JEEVOEE VHfWH AF;t\22L <%((*++A ?rc|j |z}t||dzz}|xjt|z c_|xj|z c_dS)a6 Provided with cipher block size parameter and current TLSCompressed packet p (after MAC addition), the function adds required, deterministic padding to p.data before encryption step, as it is defined for TLS (i.e. not SSL and its allowed random padding). The function has no return value. N)rrr)r, block_sizepadlenpaddings r _tls_add_padrGksPeVj F&kkVaZ(GEES\\EEFFgFFFFrc|jdkrtddSt|jd}|dz}|j|krtddS|j| dt ||zkr-tdt |j| ddS|jd| |_|xj|zc_dS) ak Provided with a just decrypted TLSCiphertext (now a TLSPlaintext instance) p, the function removes the trailing padding found in p.data. It also performs some sanity checks on the padding (length, content, ...). False is returned if one of the check fails. Otherwise, True is returned, indicating that p.data and p.len have been updated. rCz#Message format is invalid (padding)FzInvalid padding lengthNzPadding content is invalid %sT)rrrrrrepr)r,rEpadsizes r _tls_del_padrLxs uqyy5666u __FqjGuw()))uvwhiiCKK'111/afgXYY6G1H1HIIIu VIgXI AFEEWEE 4rct}|j|_|j|_||j|_t |j|_|S)z Provided with an already MACed TLSCompressed packet, and a stream or block cipher alg, the function converts it into a TLSCiphertext (i.e. encrypts it and updates length). The function returns a newly created TLSCiphertext instance. )r'rrencryptrrr*s r _tls_encryptrOsH A VAF AI [[ AF KKAE Hrct}|j|_|j|_||j|_t |j|_|S)z Provided with a TLSCiphertext instance c, and a stream or block cipher alg, the function decrypts c.data and returns a newly created TLSPlaintext. )rrrdecryptrrr1s r _tls_decryptrRsH A VAF AI [[ AF KKAE Hrct|}tjd|}||ddz}t}|j|_|j|_|||||_t|j|_|S)a Provided with a TLSCompressed instance p, the function applies AEAD cipher alg to p.data and builds a new TLSCiphertext instance. Unlike for block and stream ciphers, for which the authentication step is done separately, AEAD alg does it simultaneously: this is the reason why write_seq_num is passed to the function, to be incorporated in authenticated data. Note that it is the caller's responsibility to increment # noqa: E501 write_seq_num afterwards. r4N) r8r5r6r'rr auth_encryptrr)r+r,r:PAr-s r_tls_aead_auth_encryptrXsz aAKm44M"1"AA VAF AI   aM 2 2AF KKAE Hrch|jt|ddz |jz }tjd|}|tjd|j|j|z}t}|j|_|j|_||_|||j ||_ |j dS|S)a Provided with a TLSCiphertext instance c, the function applies AEAD cipher alg auth_decrypt function to c.data (and additional data) in order to authenticate the data and decrypt c.data. When those steps succeed, the result is a newly created TLSCompressed instance. On error, None is returned. Note that it is the caller's responsibility to increment read_seq_num afterwards. nonce_explicit_lenrr4z!BHHN) rgetattrtag_lenr5r6rrr# auth_decryptr)r+r-r>plenrWr,s r_tls_aead_auth_decryptr_s 573 4a88 83; FD;t\22Lv{61619dCCCAA VAF AI AE   a 6 6AFv~t Hr)__doc__r5 scapy.compatrr scapy.errorr scapy.fieldsrrrr scapy.packetr scapy.layers.tls.basefieldsr r rr#r'r.r2r<rArGrLrOrRrXr_r!rrrfs !!!!!!!!666666666666????????AAAAA6AAALL           8   <           ,     r