scapy.layers.tls.automaton_cli

TLS客户端自动机. 这构成了原始的TLS堆栈. 显然,您需要网络访问权限.

我们支持SSLv2到TLS 1.2版本,以及许多功能. 目前没有会话恢复机制.

为了使用您选择的一个密码套件将客户端运行到tcp / 50000:> from scapy.all import *> ch = TLSClientHello(密码= <密码套件的int代码>)> t = TLSClientAutomaton(dport = 50000, client_hello = ch)> t.run()

class scapy.layers.tls.automaton_cli.TLSClientAutomaton(*args, **kargs)

Bases: scapy.layers.tls.automaton._TLSAutomaton

一个简单的TLS测试客户端自动机. 尝试使某些状态或条件过载,然后查看另一端发生的情况.

停止该客户端的最佳方法不是键入中断,而是键入" quit". 这不会是发送到服务器的消息.

_'mycert'和'mykey'可以作为文件名提供. 如果服务器要求客户端身份验证,则将在握手中使用它们. 无需设置_'server_name'. _'client_hello'可以保存要发送到服务器的TLSClientHello或SSLv2ClientHello. 这对于扩展调整特别有用. _'version'是发布协议版本(" sslv2"," tls1"," tls12"等)的更快方法.它可能会被先前的" client_hello"覆盖. _'data'是握手完成后要发送到服务器的原始数据的列表. " stop_server"和" quit"都将以这种方式工作.

ADDED_CERTIFICATEVERIFY(*args, **kargs)
ADDED_CHANGECIPHERSPEC(*args, **kargs)
ADDED_CLIENTCERTIFICATE(*args, **kargs)
ADDED_CLIENTDATA(*args, **kargs)
ADDED_CLIENTFINISHED(*args, **kargs)
ADDED_CLIENTHELLO(*args, **kargs)
ADDED_CLIENTKEYEXCHANGE(*args, **kargs)
CLOSE_NOTIFY(*args, **kargs)
CONNECT(*args, **kargs)
FINAL(*args, **kargs)
HANDLED_CERTIFICATEREQUEST(*args, **kargs)
HANDLED_CHANGECIPHERSPEC(*args, **kargs)
HANDLED_SERVERCERTIFICATE(*args, **kargs)
HANDLED_SERVERDATA(*args, **kargs)
HANDLED_SERVERFINISHED(*args, **kargs)
HANDLED_SERVERHELLO(*args, **kargs)
HANDLED_SERVERHELLODONE(*args, **kargs)
HANDLED_SERVERKEYEXCHANGE(*args, **kargs)
INITIAL(*args, **kargs)
INIT_TLS_SESSION(*args, **kargs)
MISSING_SERVERCERTIFICATE(*args, **kargs)
MISSING_SERVERHELLO(*args, **kargs)
MISSING_SERVERKEYEXCHANGE(*args, **kargs)
PREPARE_CLIENTFLIGHT1(*args, **kargs)
PREPARE_CLIENTFLIGHT2(*args, **kargs)
RECEIVED_SERVERDATA(*args, **kargs)
RECEIVED_SERVERFLIGHT1(*args, **kargs)
RECEIVED_SERVERFLIGHT2(*args, **kargs)
SENT_CLIENTDATA(*args, **kargs)
SENT_CLIENTFLIGHT1(*args, **kargs)
SENT_CLIENTFLIGHT2(*args, **kargs)
SSLv2_ADDED_CLIENTCERTIFICATE(*args, **kargs)
SSLv2_ADDED_CLIENTDATA(*args, **kargs)
SSLv2_ADDED_CLIENTFINISHED(*args, **kargs)
SSLv2_ADDED_CLIENTHELLO(*args, **kargs)
SSLv2_ADDED_CLIENTMASTERKEY(*args, **kargs)
SSLv2_CLOSE_NOTIFY(*args, **kargs)
SSLv2_HANDLED_REQUESTCERTIFICATE(*args, **kargs)
SSLv2_HANDLED_SERVERDATA(*args, **kargs)
SSLv2_HANDLED_SERVERFINISHED(*args, **kargs)
SSLv2_HANDLED_SERVERHELLO(*args, **kargs)
SSLv2_HANDLED_SERVERVERIFY(*args, **kargs)
SSLv2_MISSING_SERVERFINISHED(*args, **kargs)
SSLv2_MISSING_SERVERHELLO(*args, **kargs)
SSLv2_MISSING_SERVERVERIFY(*args, **kargs)
SSLv2_PREPARE_CLIENTHELLO(*args, **kargs)
SSLv2_RECEIVED_SERVERDATA(*args, **kargs)
SSLv2_RECEIVED_SERVERFINISHED(*args, **kargs)
SSLv2_RECEIVED_SERVERHELLO(*args, **kargs)
SSLv2_RECEIVED_SERVERVERIFY(*args, **kargs)
SSLv2_SENT_CLIENTCERTIFICATE(*args, **kargs)
SSLv2_SENT_CLIENTDATA(*args, **kargs)
SSLv2_SENT_CLIENTFINISHED(*args, **kargs)
SSLv2_SENT_CLIENTHELLO(*args, **kargs)
SSLv2_SENT_CLIENTMASTERKEY(*args, **kargs)
SSLv2_WAITING_CLIENTDATA(*args, **kargs)
SSLv2_WAITING_SERVERDATA(*args, **kargs)
SSLv2_WAITING_SERVERFINISHED(*args, **kargs)
SSLv2_WAITING_SERVERHELLO(*args, **kargs)
SSLv2_WAITING_SERVERVERIFY(*args, **kargs)
TLS13_ADDED_CLIENTFINISHED(*args, **kargs)
TLS13_ADDED_CLIENTHELLO(*args, **kargs)
TLS13_HANDLED_CERTIFICATE(*args, **kargs)
TLS13_HANDLED_CERTIFICATE_VERIFY(*args, **kargs)
TLS13_HANDLED_ENCRYPTEDEXTENSIONS(*args, **kargs)
TLS13_HANDLED_FINISHED(*args, **kargs)
TLS13_HANDLED_SERVERHELLO(*args, **kargs)
TLS13_HELLO_RETRY_REQUESTED(*args, **kargs)
TLS13_PREPARE_CLIENTFLIGHT2(*args, **kargs)
TLS13_RECEIVED_SERVERFLIGHT1(*args, **kargs)
TLS13_SENDING_CLIENTFLIGHT1(*args, **kargs)
TLS13_SENT_CLIENTFLIGHT1(*args, **kargs)
TLS13_SENT_CLIENTFLIGHT2(*args, **kargs)
TLS13_START(*args, **kargs)
TLS13_WAITING_ENCRYPTEDEXTENSIONS(*args, **kargs)
TLS13_WAITING_SERVERFLIGHT1(*args, **kargs)
WAITING_SERVERDATA(*args, **kargs)
WAITING_SERVERFLIGHT1(*args, **kargs)
WAITING_SERVERFLIGHT2(*args, **kargs)
WAIT_CLIENTDATA(*args, **kargs)
actions = {'add_ClientData': [], 'close_session': [], 'missing_ServerCertificate': [], 'missing_ServerHello': [], 'missing_ServerKeyExchange': [], 'no_more_ClientData': [], 'should_add_ChangeCipherSpec_from_CertificateVerify': [], 'should_add_ChangeCipherSpec_from_ClientKeyExchange': [], 'should_add_ClientCertificate': [], 'should_add_ClientFinished': [], 'should_add_ClientHello': [], 'should_add_ClientKeyExchange_from_ClientCertificate': [], 'should_add_ClientKeyExchange_from_ClientFlight2': [], 'should_add_ClientVerify': [], 'should_handle_CertificateRequest_from_ServerCertificate': [], 'should_handle_CertificateRequest_from_ServerKeyExchange': [], 'should_handle_ChangeCipherSpec': [], 'should_handle_Finished': [], 'should_handle_ServerCertificate': [], 'should_handle_ServerData': [], 'should_handle_ServerHello': [], 'should_handle_ServerHelloDone_from_CertificateRequest': [], 'should_handle_ServerHelloDone_from_ServerCertificate': [], 'should_handle_ServerHelloDone_from_ServerKeyExchange': [], 'should_handle_ServerKeyExchange_from_ServerCertificate': [], 'should_send_ClientData': [], 'should_send_ClientFlight1': [], 'should_send_ClientFlight2': [], 'should_wait_ClientData': [], 'sslv2_add_ClientData': [], 'sslv2_close_session': [], 'sslv2_missing_ServerFinished': [], 'sslv2_missing_ServerHello': [], 'sslv2_missing_ServerVerify': [], 'sslv2_no_more_ClientData': [], 'sslv2_should_add_ClientCertificate': [], 'sslv2_should_add_ClientFinished_from_NoServerVerify': [], 'sslv2_should_add_ClientFinished_from_ServerVerify': [], 'sslv2_should_add_ClientHello': [], 'sslv2_should_add_ClientMasterKey': [], 'sslv2_should_handle_RequestCertificate': [], 'sslv2_should_handle_ServerData': [], 'sslv2_should_handle_ServerFinished': [], 'sslv2_should_handle_ServerHello': [], 'sslv2_should_handle_ServerVerify': [], 'sslv2_should_send_ClientCertificate': [], 'sslv2_should_send_ClientData': [], 'sslv2_should_send_ClientFinished': [], 'sslv2_should_send_ClientHello': [], 'sslv2_should_send_ClientMasterKey': [], 'sslv2_should_wait_ClientData': [], 'sslv2_should_wait_ServerFinished_from_ServerVerify': [], 'tls13_missing_CertificateVerify': [], 'tls13_missing_ServerHello': [], 'tls13_missing_encryptedExtension': [], 'tls13_should_add_ClientFinished': [], 'tls13_should_add_ClientHello': [], 'tls13_should_add_ClientHello_Retry': [], 'tls13_should_handle_AlertMessage_': [], 'tls13_should_handle_CertificateVerify': [], 'tls13_should_handle_EncryptedExtensions': [], 'tls13_should_handle_HelloRetryRequest': [], 'tls13_should_handle_ServerHello': [], 'tls13_should_handle_certificate_from_encryptedExtensions': [], 'tls13_should_handle_encrytpedExtensions': [], 'tls13_should_handle_finished': [], 'tls13_should_send_ClientFlight1': [], 'tls13_should_send_ClientFlight2': []}
add_ClientData()

用户可以键入:GET / HTTP / 1.1rnHost:testserver.comrnrn处理特殊字符,使其成为有效的HTTP请求.

close_session()
conditions = {'ADDED_CERTIFICATEVERIFY': [<function TLSClientAutomaton.should_add_ChangeCipherSpec_from_CertificateVerify>], 'ADDED_CHANGECIPHERSPEC': [<function TLSClientAutomaton.should_add_ClientFinished>], 'ADDED_CLIENTCERTIFICATE': [<function TLSClientAutomaton.should_add_ClientKeyExchange_from_ClientCertificate>], 'ADDED_CLIENTDATA': [<function TLSClientAutomaton.should_send_ClientData>], 'ADDED_CLIENTFINISHED': [<function TLSClientAutomaton.should_send_ClientFlight2>], 'ADDED_CLIENTHELLO': [<function TLSClientAutomaton.should_send_ClientFlight1>], 'ADDED_CLIENTKEYEXCHANGE': [<function TLSClientAutomaton.should_add_ClientVerify>, <function TLSClientAutomaton.should_add_ChangeCipherSpec_from_ClientKeyExchange>], 'CLOSE_NOTIFY': [<function TLSClientAutomaton.close_session>], 'CONNECT': [], 'FINAL': [], 'HANDLED_CERTIFICATEREQUEST': [<function TLSClientAutomaton.should_handle_ServerHelloDone_from_CertificateRequest>], 'HANDLED_CHANGECIPHERSPEC': [<function TLSClientAutomaton.should_handle_Finished>], 'HANDLED_SERVERCERTIFICATE': [<function TLSClientAutomaton.should_handle_ServerKeyExchange_from_ServerCertificate>, <function TLSClientAutomaton.missing_ServerKeyExchange>, <function TLSClientAutomaton.should_handle_CertificateRequest_from_ServerCertificate>, <function TLSClientAutomaton.should_handle_ServerHelloDone_from_ServerCertificate>], 'HANDLED_SERVERDATA': [], 'HANDLED_SERVERFINISHED': [<function TLSClientAutomaton.should_wait_ClientData>], 'HANDLED_SERVERHELLO': [<function TLSClientAutomaton.should_handle_ServerCertificate>, <function TLSClientAutomaton.missing_ServerCertificate>], 'HANDLED_SERVERHELLODONE': [], 'HANDLED_SERVERKEYEXCHANGE': [<function TLSClientAutomaton.should_handle_ServerHelloDone_from_ServerKeyExchange>, <function TLSClientAutomaton.should_handle_CertificateRequest_from_ServerKeyExchange>], 'INITIAL': [], 'INIT_TLS_SESSION': [], 'MISSING_SERVERCERTIFICATE': [], 'MISSING_SERVERHELLO': [], 'MISSING_SERVERKEYEXCHANGE': [], 'PREPARE_CLIENTFLIGHT1': [<function TLSClientAutomaton.should_add_ClientHello>], 'PREPARE_CLIENTFLIGHT2': [<function TLSClientAutomaton.should_add_ClientCertificate>, <function TLSClientAutomaton.should_add_ClientKeyExchange_from_ClientFlight2>], 'RECEIVED_SERVERDATA': [<function TLSClientAutomaton.should_handle_ServerData>], 'RECEIVED_SERVERFLIGHT1': [<function TLSClientAutomaton.should_handle_ServerHello>, <function TLSClientAutomaton.missing_ServerHello>], 'RECEIVED_SERVERFLIGHT2': [<function TLSClientAutomaton.should_handle_ChangeCipherSpec>], 'SENT_CLIENTDATA': [], 'SENT_CLIENTFLIGHT1': [], 'SENT_CLIENTFLIGHT2': [], 'SSLv2_ADDED_CLIENTCERTIFICATE': [<function TLSClientAutomaton.sslv2_should_send_ClientCertificate>], 'SSLv2_ADDED_CLIENTDATA': [<function TLSClientAutomaton.sslv2_should_send_ClientData>], 'SSLv2_ADDED_CLIENTFINISHED': [<function TLSClientAutomaton.sslv2_should_send_ClientFinished>], 'SSLv2_ADDED_CLIENTHELLO': [<function TLSClientAutomaton.sslv2_should_send_ClientHello>], 'SSLv2_ADDED_CLIENTMASTERKEY': [<function TLSClientAutomaton.sslv2_should_send_ClientMasterKey>], 'SSLv2_CLOSE_NOTIFY': [<function TLSClientAutomaton.sslv2_close_session>], 'SSLv2_HANDLED_REQUESTCERTIFICATE': [<function TLSClientAutomaton.sslv2_should_add_ClientCertificate>], 'SSLv2_HANDLED_SERVERDATA': [], 'SSLv2_HANDLED_SERVERFINISHED': [<function TLSClientAutomaton.sslv2_should_wait_ClientData>], 'SSLv2_HANDLED_SERVERHELLO': [<function TLSClientAutomaton.sslv2_should_add_ClientMasterKey>], 'SSLv2_HANDLED_SERVERVERIFY': [<function TLSClientAutomaton.sslv2_should_add_ClientFinished_from_ServerVerify>, <function TLSClientAutomaton.sslv2_should_wait_ServerFinished_from_ServerVerify>], 'SSLv2_MISSING_SERVERFINISHED': [], 'SSLv2_MISSING_SERVERHELLO': [], 'SSLv2_MISSING_SERVERVERIFY': [], 'SSLv2_PREPARE_CLIENTHELLO': [<function TLSClientAutomaton.sslv2_should_add_ClientHello>], 'SSLv2_RECEIVED_SERVERDATA': [<function TLSClientAutomaton.sslv2_should_handle_ServerData>], 'SSLv2_RECEIVED_SERVERFINISHED': [<function TLSClientAutomaton.sslv2_should_handle_ServerFinished>, <function TLSClientAutomaton.sslv2_should_handle_RequestCertificate>, <function TLSClientAutomaton.sslv2_missing_ServerFinished>], 'SSLv2_RECEIVED_SERVERHELLO': [<function TLSClientAutomaton.sslv2_should_handle_ServerHello>, <function TLSClientAutomaton.sslv2_missing_ServerHello>], 'SSLv2_RECEIVED_SERVERVERIFY': [<function TLSClientAutomaton.sslv2_should_handle_ServerVerify>, <function TLSClientAutomaton.sslv2_should_add_ClientFinished_from_NoServerVerify>, <function TLSClientAutomaton.sslv2_missing_ServerVerify>], 'SSLv2_SENT_CLIENTCERTIFICATE': [], 'SSLv2_SENT_CLIENTDATA': [], 'SSLv2_SENT_CLIENTFINISHED': [], 'SSLv2_SENT_CLIENTHELLO': [], 'SSLv2_SENT_CLIENTMASTERKEY': [], 'SSLv2_WAITING_CLIENTDATA': [<function TLSClientAutomaton.sslv2_add_ClientData>, <function TLSClientAutomaton.sslv2_no_more_ClientData>], 'SSLv2_WAITING_SERVERDATA': [], 'SSLv2_WAITING_SERVERFINISHED': [], 'SSLv2_WAITING_SERVERHELLO': [], 'SSLv2_WAITING_SERVERVERIFY': [], 'TLS13_ADDED_CLIENTFINISHED': [<function TLSClientAutomaton.tls13_should_send_ClientFlight2>], 'TLS13_ADDED_CLIENTHELLO': [], 'TLS13_HANDLED_CERTIFICATE': [<function TLSClientAutomaton.tls13_should_handle_CertificateVerify>, <function TLSClientAutomaton.tls13_missing_CertificateVerify>], 'TLS13_HANDLED_CERTIFICATE_VERIFY': [<function TLSClientAutomaton.tls13_should_handle_finished>], 'TLS13_HANDLED_ENCRYPTEDEXTENSIONS': [<function TLSClientAutomaton.tls13_should_handle_certificate_from_encryptedExtensions>], 'TLS13_HANDLED_FINISHED': [], 'TLS13_HANDLED_SERVERHELLO': [<function TLSClientAutomaton.tls13_should_handle_encrytpedExtensions>, <function TLSClientAutomaton.tls13_missing_encryptedExtension>], 'TLS13_HELLO_RETRY_REQUESTED': [<function TLSClientAutomaton.tls13_should_add_ClientHello_Retry>], 'TLS13_PREPARE_CLIENTFLIGHT2': [<function TLSClientAutomaton.tls13_should_add_ClientFinished>], 'TLS13_RECEIVED_SERVERFLIGHT1': [<function TLSClientAutomaton.tls13_should_handle_ServerHello>, <function TLSClientAutomaton.tls13_should_handle_HelloRetryRequest>, <function TLSClientAutomaton.tls13_should_handle_AlertMessage_>, <function TLSClientAutomaton.tls13_missing_ServerHello>], 'TLS13_SENDING_CLIENTFLIGHT1': [<function TLSClientAutomaton.tls13_should_send_ClientFlight1>], 'TLS13_SENT_CLIENTFLIGHT1': [], 'TLS13_SENT_CLIENTFLIGHT2': [], 'TLS13_START': [<function TLSClientAutomaton.tls13_should_add_ClientHello>], 'TLS13_WAITING_ENCRYPTEDEXTENSIONS': [<function TLSClientAutomaton.tls13_should_handle_EncryptedExtensions>], 'TLS13_WAITING_SERVERFLIGHT1': [], 'WAITING_SERVERDATA': [], 'WAITING_SERVERFLIGHT1': [], 'WAITING_SERVERFLIGHT2': [], 'WAIT_CLIENTDATA': [<function TLSClientAutomaton.add_ClientData>, <function TLSClientAutomaton.no_more_ClientData>]}
initial_states = [<function ATMT.state.<locals>.deco.<locals>.state_wrapper>]
ioevents = {'ADDED_CERTIFICATEVERIFY': [], 'ADDED_CHANGECIPHERSPEC': [], 'ADDED_CLIENTCERTIFICATE': [], 'ADDED_CLIENTDATA': [], 'ADDED_CLIENTFINISHED': [], 'ADDED_CLIENTHELLO': [], 'ADDED_CLIENTKEYEXCHANGE': [], 'CLOSE_NOTIFY': [], 'CONNECT': [], 'FINAL': [], 'HANDLED_CERTIFICATEREQUEST': [], 'HANDLED_CHANGECIPHERSPEC': [], 'HANDLED_SERVERCERTIFICATE': [], 'HANDLED_SERVERDATA': [], 'HANDLED_SERVERFINISHED': [], 'HANDLED_SERVERHELLO': [], 'HANDLED_SERVERHELLODONE': [], 'HANDLED_SERVERKEYEXCHANGE': [], 'INITIAL': [], 'INIT_TLS_SESSION': [], 'MISSING_SERVERCERTIFICATE': [], 'MISSING_SERVERHELLO': [], 'MISSING_SERVERKEYEXCHANGE': [], 'PREPARE_CLIENTFLIGHT1': [], 'PREPARE_CLIENTFLIGHT2': [], 'RECEIVED_SERVERDATA': [], 'RECEIVED_SERVERFLIGHT1': [], 'RECEIVED_SERVERFLIGHT2': [], 'SENT_CLIENTDATA': [], 'SENT_CLIENTFLIGHT1': [], 'SENT_CLIENTFLIGHT2': [], 'SSLv2_ADDED_CLIENTCERTIFICATE': [], 'SSLv2_ADDED_CLIENTDATA': [], 'SSLv2_ADDED_CLIENTFINISHED': [], 'SSLv2_ADDED_CLIENTHELLO': [], 'SSLv2_ADDED_CLIENTMASTERKEY': [], 'SSLv2_CLOSE_NOTIFY': [], 'SSLv2_HANDLED_REQUESTCERTIFICATE': [], 'SSLv2_HANDLED_SERVERDATA': [], 'SSLv2_HANDLED_SERVERFINISHED': [], 'SSLv2_HANDLED_SERVERHELLO': [], 'SSLv2_HANDLED_SERVERVERIFY': [], 'SSLv2_MISSING_SERVERFINISHED': [], 'SSLv2_MISSING_SERVERHELLO': [], 'SSLv2_MISSING_SERVERVERIFY': [], 'SSLv2_PREPARE_CLIENTHELLO': [], 'SSLv2_RECEIVED_SERVERDATA': [], 'SSLv2_RECEIVED_SERVERFINISHED': [], 'SSLv2_RECEIVED_SERVERHELLO': [], 'SSLv2_RECEIVED_SERVERVERIFY': [], 'SSLv2_SENT_CLIENTCERTIFICATE': [], 'SSLv2_SENT_CLIENTDATA': [], 'SSLv2_SENT_CLIENTFINISHED': [], 'SSLv2_SENT_CLIENTHELLO': [], 'SSLv2_SENT_CLIENTMASTERKEY': [], 'SSLv2_WAITING_CLIENTDATA': [], 'SSLv2_WAITING_SERVERDATA': [], 'SSLv2_WAITING_SERVERFINISHED': [], 'SSLv2_WAITING_SERVERHELLO': [], 'SSLv2_WAITING_SERVERVERIFY': [], 'TLS13_ADDED_CLIENTFINISHED': [], 'TLS13_ADDED_CLIENTHELLO': [], 'TLS13_HANDLED_CERTIFICATE': [], 'TLS13_HANDLED_CERTIFICATE_VERIFY': [], 'TLS13_HANDLED_ENCRYPTEDEXTENSIONS': [], 'TLS13_HANDLED_FINISHED': [], 'TLS13_HANDLED_SERVERHELLO': [], 'TLS13_HELLO_RETRY_REQUESTED': [], 'TLS13_PREPARE_CLIENTFLIGHT2': [], 'TLS13_RECEIVED_SERVERFLIGHT1': [], 'TLS13_SENDING_CLIENTFLIGHT1': [], 'TLS13_SENT_CLIENTFLIGHT1': [], 'TLS13_SENT_CLIENTFLIGHT2': [], 'TLS13_START': [], 'TLS13_WAITING_ENCRYPTEDEXTENSIONS': [], 'TLS13_WAITING_SERVERFLIGHT1': [], 'WAITING_SERVERDATA': [], 'WAITING_SERVERFLIGHT1': [], 'WAITING_SERVERFLIGHT2': [], 'WAIT_CLIENTDATA': []}
ionames = []
iosupersockets = []
missing_ServerCertificate()
missing_ServerHello()
missing_ServerKeyExchange()
no_more_ClientData()
parse_args(server='127.0.0.1', dport=4433, server_name=None, mycert=None, mykey=None, client_hello=None, version=None, data=None, ciphersuite=None, curve=None, **kargs)
recv_conditions = {'ADDED_CERTIFICATEVERIFY': [], 'ADDED_CHANGECIPHERSPEC': [], 'ADDED_CLIENTCERTIFICATE': [], 'ADDED_CLIENTDATA': [], 'ADDED_CLIENTFINISHED': [], 'ADDED_CLIENTHELLO': [], 'ADDED_CLIENTKEYEXCHANGE': [], 'CLOSE_NOTIFY': [], 'CONNECT': [], 'FINAL': [], 'HANDLED_CERTIFICATEREQUEST': [], 'HANDLED_CHANGECIPHERSPEC': [], 'HANDLED_SERVERCERTIFICATE': [], 'HANDLED_SERVERDATA': [], 'HANDLED_SERVERFINISHED': [], 'HANDLED_SERVERHELLO': [], 'HANDLED_SERVERHELLODONE': [], 'HANDLED_SERVERKEYEXCHANGE': [], 'INITIAL': [], 'INIT_TLS_SESSION': [], 'MISSING_SERVERCERTIFICATE': [], 'MISSING_SERVERHELLO': [], 'MISSING_SERVERKEYEXCHANGE': [], 'PREPARE_CLIENTFLIGHT1': [], 'PREPARE_CLIENTFLIGHT2': [], 'RECEIVED_SERVERDATA': [], 'RECEIVED_SERVERFLIGHT1': [], 'RECEIVED_SERVERFLIGHT2': [], 'SENT_CLIENTDATA': [], 'SENT_CLIENTFLIGHT1': [], 'SENT_CLIENTFLIGHT2': [], 'SSLv2_ADDED_CLIENTCERTIFICATE': [], 'SSLv2_ADDED_CLIENTDATA': [], 'SSLv2_ADDED_CLIENTFINISHED': [], 'SSLv2_ADDED_CLIENTHELLO': [], 'SSLv2_ADDED_CLIENTMASTERKEY': [], 'SSLv2_CLOSE_NOTIFY': [], 'SSLv2_HANDLED_REQUESTCERTIFICATE': [], 'SSLv2_HANDLED_SERVERDATA': [], 'SSLv2_HANDLED_SERVERFINISHED': [], 'SSLv2_HANDLED_SERVERHELLO': [], 'SSLv2_HANDLED_SERVERVERIFY': [], 'SSLv2_MISSING_SERVERFINISHED': [], 'SSLv2_MISSING_SERVERHELLO': [], 'SSLv2_MISSING_SERVERVERIFY': [], 'SSLv2_PREPARE_CLIENTHELLO': [], 'SSLv2_RECEIVED_SERVERDATA': [], 'SSLv2_RECEIVED_SERVERFINISHED': [], 'SSLv2_RECEIVED_SERVERHELLO': [], 'SSLv2_RECEIVED_SERVERVERIFY': [], 'SSLv2_SENT_CLIENTCERTIFICATE': [], 'SSLv2_SENT_CLIENTDATA': [], 'SSLv2_SENT_CLIENTFINISHED': [], 'SSLv2_SENT_CLIENTHELLO': [], 'SSLv2_SENT_CLIENTMASTERKEY': [], 'SSLv2_WAITING_CLIENTDATA': [], 'SSLv2_WAITING_SERVERDATA': [], 'SSLv2_WAITING_SERVERFINISHED': [], 'SSLv2_WAITING_SERVERHELLO': [], 'SSLv2_WAITING_SERVERVERIFY': [], 'TLS13_ADDED_CLIENTFINISHED': [], 'TLS13_ADDED_CLIENTHELLO': [], 'TLS13_HANDLED_CERTIFICATE': [], 'TLS13_HANDLED_CERTIFICATE_VERIFY': [], 'TLS13_HANDLED_ENCRYPTEDEXTENSIONS': [], 'TLS13_HANDLED_FINISHED': [], 'TLS13_HANDLED_SERVERHELLO': [], 'TLS13_HELLO_RETRY_REQUESTED': [], 'TLS13_PREPARE_CLIENTFLIGHT2': [], 'TLS13_RECEIVED_SERVERFLIGHT1': [], 'TLS13_SENDING_CLIENTFLIGHT1': [], 'TLS13_SENT_CLIENTFLIGHT1': [], 'TLS13_SENT_CLIENTFLIGHT2': [], 'TLS13_START': [], 'TLS13_WAITING_ENCRYPTEDEXTENSIONS': [], 'TLS13_WAITING_SERVERFLIGHT1': [], 'WAITING_SERVERDATA': [], 'WAITING_SERVERFLIGHT1': [], 'WAITING_SERVERFLIGHT2': [], 'WAIT_CLIENTDATA': []}
should_add_ChangeCipherSpec_from_CertificateVerify()
should_add_ChangeCipherSpec_from_ClientKeyExchange()
should_add_ClientCertificate()

如果服务器发送了CertificateRequest,我们将发送一个Certificate消息. 如果没有可用的证书,则发送一个空的证书消息:-这是RFC 4346(第7.4.6节)中应该的-这是RFC 5246(第7.4.6节)中必须的

XXX我们可能想添加完整的链.

should_add_ClientFinished()
should_add_ClientHello()
should_add_ClientKeyExchange()
should_add_ClientKeyExchange_from_ClientCertificate()
should_add_ClientKeyExchange_from_ClientFlight2()
should_add_ClientVerify()

RFC 5246的XXX第7.4.7.1节规定,仅在具有签名功能的客户端证书(即不包含固定的DH参数的客户端证书)之后发送CertificateVerify消息. 在添加消息之前,我们应该验证一下. 当证书消息为空时,我们也应该处理这种情况.

should_handle_CertificateRequest()

XXX我们应该检查CertificateRequest属性是否与密码套件等存在差异.

should_handle_CertificateRequest_from_ServerCertificate()
should_handle_CertificateRequest_from_ServerKeyExchange()
should_handle_ChangeCipherSpec()
should_handle_Finished()
should_handle_ServerCertificate()
should_handle_ServerData()
should_handle_ServerHello()

XXX我们应该检查ServerHello属性与我们自己的ClientHello之间的差异.

should_handle_ServerHelloDone()
should_handle_ServerHelloDone_from_CertificateRequest()
should_handle_ServerHelloDone_from_ServerCertificate()
should_handle_ServerHelloDone_from_ServerKeyExchange()
should_handle_ServerKeyExchange_from_ServerCertificate()

XXX我们应该检查ServerKeyExchange属性与我们自己的ClientHello以及ServerHello和证书是否存在差异.

should_send_ClientData()
should_send_ClientFlight1()
should_send_ClientFlight2()
should_wait_ClientData()
sslv2_add_ClientData()
sslv2_close_session()
sslv2_missing_ServerFinished()
sslv2_missing_ServerHello()
sslv2_missing_ServerVerify()
sslv2_no_more_ClientData()
sslv2_should_add_ClientCertificate()
sslv2_should_add_ClientFinished()
sslv2_should_add_ClientFinished_from_NoServerVerify()
sslv2_should_add_ClientFinished_from_ServerVerify()
sslv2_should_add_ClientHello()
sslv2_should_add_ClientMasterKey()
sslv2_should_handle_RequestCertificate()
sslv2_should_handle_ServerData()
sslv2_should_handle_ServerFinished()
sslv2_should_handle_ServerHello()
sslv2_should_handle_ServerVerify()
sslv2_should_send_ClientCertificate()
sslv2_should_send_ClientData()
sslv2_should_send_ClientFinished()
sslv2_should_send_ClientHello()
sslv2_should_send_ClientMasterKey()
sslv2_should_wait_ClientData()
sslv2_should_wait_ServerFinished_from_ServerVerify()
state = None
states = {'ADDED_CERTIFICATEVERIFY': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'ADDED_CHANGECIPHERSPEC': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'ADDED_CLIENTCERTIFICATE': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'ADDED_CLIENTDATA': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'ADDED_CLIENTFINISHED': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'ADDED_CLIENTHELLO': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'ADDED_CLIENTKEYEXCHANGE': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'CLOSE_NOTIFY': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'CONNECT': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'FINAL': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'HANDLED_CERTIFICATEREQUEST': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'HANDLED_CHANGECIPHERSPEC': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'HANDLED_SERVERCERTIFICATE': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'HANDLED_SERVERDATA': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'HANDLED_SERVERFINISHED': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'HANDLED_SERVERHELLO': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'HANDLED_SERVERHELLODONE': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'HANDLED_SERVERKEYEXCHANGE': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'INITIAL': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'INIT_TLS_SESSION': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'MISSING_SERVERCERTIFICATE': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'MISSING_SERVERHELLO': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'MISSING_SERVERKEYEXCHANGE': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'PREPARE_CLIENTFLIGHT1': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'PREPARE_CLIENTFLIGHT2': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'RECEIVED_SERVERDATA': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'RECEIVED_SERVERFLIGHT1': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'RECEIVED_SERVERFLIGHT2': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SENT_CLIENTDATA': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SENT_CLIENTFLIGHT1': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SENT_CLIENTFLIGHT2': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_ADDED_CLIENTCERTIFICATE': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_ADDED_CLIENTDATA': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_ADDED_CLIENTFINISHED': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_ADDED_CLIENTHELLO': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_ADDED_CLIENTMASTERKEY': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_CLOSE_NOTIFY': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_HANDLED_REQUESTCERTIFICATE': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_HANDLED_SERVERDATA': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_HANDLED_SERVERFINISHED': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_HANDLED_SERVERHELLO': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_HANDLED_SERVERVERIFY': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_MISSING_SERVERFINISHED': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_MISSING_SERVERHELLO': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_MISSING_SERVERVERIFY': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_PREPARE_CLIENTHELLO': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_RECEIVED_SERVERDATA': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_RECEIVED_SERVERFINISHED': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_RECEIVED_SERVERHELLO': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_RECEIVED_SERVERVERIFY': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_SENT_CLIENTCERTIFICATE': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_SENT_CLIENTDATA': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_SENT_CLIENTFINISHED': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_SENT_CLIENTHELLO': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_SENT_CLIENTMASTERKEY': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_WAITING_CLIENTDATA': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_WAITING_SERVERDATA': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_WAITING_SERVERFINISHED': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_WAITING_SERVERHELLO': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'SSLv2_WAITING_SERVERVERIFY': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'TLS13_ADDED_CLIENTFINISHED': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'TLS13_ADDED_CLIENTHELLO': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'TLS13_HANDLED_CERTIFICATE': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'TLS13_HANDLED_CERTIFICATE_VERIFY': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'TLS13_HANDLED_ENCRYPTEDEXTENSIONS': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'TLS13_HANDLED_FINISHED': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'TLS13_HANDLED_SERVERHELLO': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'TLS13_HELLO_RETRY_REQUESTED': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'TLS13_PREPARE_CLIENTFLIGHT2': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'TLS13_RECEIVED_SERVERFLIGHT1': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'TLS13_SENDING_CLIENTFLIGHT1': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'TLS13_SENT_CLIENTFLIGHT1': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'TLS13_SENT_CLIENTFLIGHT2': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'TLS13_START': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'TLS13_WAITING_ENCRYPTEDEXTENSIONS': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'TLS13_WAITING_SERVERFLIGHT1': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'WAITING_SERVERDATA': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'WAITING_SERVERFLIGHT1': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'WAITING_SERVERFLIGHT2': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>, 'WAIT_CLIENTDATA': <function ATMT.state.<locals>.deco.<locals>.state_wrapper>}
timeout = {'ADDED_CERTIFICATEVERIFY': [(None, None)], 'ADDED_CHANGECIPHERSPEC': [(None, None)], 'ADDED_CLIENTCERTIFICATE': [(None, None)], 'ADDED_CLIENTDATA': [(None, None)], 'ADDED_CLIENTFINISHED': [(None, None)], 'ADDED_CLIENTHELLO': [(None, None)], 'ADDED_CLIENTKEYEXCHANGE': [(None, None)], 'CLOSE_NOTIFY': [(None, None)], 'CONNECT': [(None, None)], 'FINAL': [(None, None)], 'HANDLED_CERTIFICATEREQUEST': [(None, None)], 'HANDLED_CHANGECIPHERSPEC': [(None, None)], 'HANDLED_SERVERCERTIFICATE': [(None, None)], 'HANDLED_SERVERDATA': [(None, None)], 'HANDLED_SERVERFINISHED': [(None, None)], 'HANDLED_SERVERHELLO': [(None, None)], 'HANDLED_SERVERHELLODONE': [(None, None)], 'HANDLED_SERVERKEYEXCHANGE': [(None, None)], 'INITIAL': [(None, None)], 'INIT_TLS_SESSION': [(None, None)], 'MISSING_SERVERCERTIFICATE': [(None, None)], 'MISSING_SERVERHELLO': [(None, None)], 'MISSING_SERVERKEYEXCHANGE': [(None, None)], 'PREPARE_CLIENTFLIGHT1': [(None, None)], 'PREPARE_CLIENTFLIGHT2': [(None, None)], 'RECEIVED_SERVERDATA': [(None, None)], 'RECEIVED_SERVERFLIGHT1': [(None, None)], 'RECEIVED_SERVERFLIGHT2': [(None, None)], 'SENT_CLIENTDATA': [(None, None)], 'SENT_CLIENTFLIGHT1': [(None, None)], 'SENT_CLIENTFLIGHT2': [(None, None)], 'SSLv2_ADDED_CLIENTCERTIFICATE': [(None, None)], 'SSLv2_ADDED_CLIENTDATA': [(None, None)], 'SSLv2_ADDED_CLIENTFINISHED': [(None, None)], 'SSLv2_ADDED_CLIENTHELLO': [(None, None)], 'SSLv2_ADDED_CLIENTMASTERKEY': [(None, None)], 'SSLv2_CLOSE_NOTIFY': [(None, None)], 'SSLv2_HANDLED_REQUESTCERTIFICATE': [(None, None)], 'SSLv2_HANDLED_SERVERDATA': [(None, None)], 'SSLv2_HANDLED_SERVERFINISHED': [(None, None)], 'SSLv2_HANDLED_SERVERHELLO': [(None, None)], 'SSLv2_HANDLED_SERVERVERIFY': [(None, None)], 'SSLv2_MISSING_SERVERFINISHED': [(None, None)], 'SSLv2_MISSING_SERVERHELLO': [(None, None)], 'SSLv2_MISSING_SERVERVERIFY': [(None, None)], 'SSLv2_PREPARE_CLIENTHELLO': [(None, None)], 'SSLv2_RECEIVED_SERVERDATA': [(None, None)], 'SSLv2_RECEIVED_SERVERFINISHED': [(None, None)], 'SSLv2_RECEIVED_SERVERHELLO': [(None, None)], 'SSLv2_RECEIVED_SERVERVERIFY': [(None, None)], 'SSLv2_SENT_CLIENTCERTIFICATE': [(None, None)], 'SSLv2_SENT_CLIENTDATA': [(None, None)], 'SSLv2_SENT_CLIENTFINISHED': [(None, None)], 'SSLv2_SENT_CLIENTHELLO': [(None, None)], 'SSLv2_SENT_CLIENTMASTERKEY': [(None, None)], 'SSLv2_WAITING_CLIENTDATA': [(None, None)], 'SSLv2_WAITING_SERVERDATA': [(None, None)], 'SSLv2_WAITING_SERVERFINISHED': [(None, None)], 'SSLv2_WAITING_SERVERHELLO': [(None, None)], 'SSLv2_WAITING_SERVERVERIFY': [(None, None)], 'TLS13_ADDED_CLIENTFINISHED': [(None, None)], 'TLS13_ADDED_CLIENTHELLO': [(None, None)], 'TLS13_HANDLED_CERTIFICATE': [(None, None)], 'TLS13_HANDLED_CERTIFICATE_VERIFY': [(None, None)], 'TLS13_HANDLED_ENCRYPTEDEXTENSIONS': [(None, None)], 'TLS13_HANDLED_FINISHED': [(None, None)], 'TLS13_HANDLED_SERVERHELLO': [(None, None)], 'TLS13_HELLO_RETRY_REQUESTED': [(None, None)], 'TLS13_PREPARE_CLIENTFLIGHT2': [(None, None)], 'TLS13_RECEIVED_SERVERFLIGHT1': [(None, None)], 'TLS13_SENDING_CLIENTFLIGHT1': [(None, None)], 'TLS13_SENT_CLIENTFLIGHT1': [(None, None)], 'TLS13_SENT_CLIENTFLIGHT2': [(None, None)], 'TLS13_START': [(None, None)], 'TLS13_WAITING_ENCRYPTEDEXTENSIONS': [(None, None)], 'TLS13_WAITING_SERVERFLIGHT1': [(None, None)], 'WAITING_SERVERDATA': [(None, None)], 'WAITING_SERVERFLIGHT1': [(None, None)], 'WAITING_SERVERFLIGHT2': [(None, None)], 'WAIT_CLIENTDATA': [(None, None)]}
tls13_missing_CertificateVerify()
tls13_missing_ServerHello()
tls13_missing_encryptedExtension()
tls13_should_add_ClientFinished()
tls13_should_add_ClientHello()
tls13_should_add_ClientHello_Retry()
tls13_should_handle_AlertMessage_()
tls13_should_handle_Certificate()
tls13_should_handle_CertificateVerify()
tls13_should_handle_EncryptedExtensions()
tls13_should_handle_HelloRetryRequest()
tls13_should_handle_ServerHello()

XXX我们应该检查ServerHello属性与我们自己的ClientHello之间的差异.

tls13_should_handle_certificate_from_encryptedExtensions()
tls13_should_handle_encrytpedExtensions()
tls13_should_handle_finished()
tls13_should_send_ClientFlight1()
tls13_should_send_ClientFlight2()
vprint_sessioninfo()