Home | History | Annotate | Download | only in tls 
      1 {
      2  "cells": [
      3   {
      4    "cell_type": "markdown",
      5    "metadata": {},
      6    "source": [
      7     "# Notebook 1: X.509 certificates"
      8    ]
      9   },
     10   {
     11    "cell_type": "markdown",
     12    "metadata": {},
     13    "source": [
     14     "## Jupyter notebook cheat sheet"
     15    ]
     16   },
     17   {
     18    "cell_type": "code",
     19    "execution_count": null,
     20    "metadata": {
     21     "collapsed": false
     22    },
     23    "outputs": [],
     24    "source": [
     25     "# Use Shift+Enter to run the current cell\n",
     26     "print 'Hello!'"
     27    ]
     28   },
     29   {
     30    "cell_type": "code",
     31    "execution_count": null,
     32    "metadata": {
     33     "collapsed": false
     34    },
     35    "outputs": [],
     36    "source": [
     37     "# You may also use Alt+Enter to run the current cell, then create a new cell right below\n",
     38     "from datetime import datetime\n",
     39     "print 'This is the time right now: %s' % datetime.now()"
     40    ]
     41   },
     42   {
     43    "cell_type": "code",
     44    "execution_count": null,
     45    "metadata": {
     46     "collapsed": false
     47    },
     48    "outputs": [],
     49    "source": [
     50     "# If needed, pause the cell edition with Ctrl-M.\n",
     51     "# Then you can delete the current cell with D+D. You can also undo cell deletion with Z.\n",
     52     "# Finally, should Jupyter become stuck in execution, use Kernel/Interrupt from the menu bar.\n",
     53     "print 'Got it!'"
     54    ]
     55   },
     56   {
     57    "cell_type": "markdown",
     58    "metadata": {},
     59    "source": [
     60     "## Data manipulation with Scapy"
     61    ]
     62   },
     63   {
     64    "cell_type": "code",
     65    "execution_count": null,
     66    "metadata": {
     67     "collapsed": true
     68    },
     69    "outputs": [],
     70    "source": [
     71     "from scapy.all import *\n",
     72     "load_layer('tls')"
     73    ]
     74   },
     75   {
     76    "cell_type": "code",
     77    "execution_count": null,
     78    "metadata": {
     79     "collapsed": false
     80    },
     81    "outputs": [],
     82    "source": [
     83     "keystr = open('raw_data/pki/ca_key.der', 'rb').read()\n",
     84     "print repr(keystr)\n",
     85     "# (btw, you can hide the output of a cell by double-clicking on the left of the output)"
     86    ]
     87   },
     88   {
     89    "cell_type": "code",
     90    "execution_count": null,
     91    "metadata": {
     92     "collapsed": false
     93    },
     94    "outputs": [],
     95    "source": [
     96     "privkey = RSAPrivateKey(keystr)\n",
     97     "privkey.show()"
     98    ]
     99   },
    100   {
    101    "cell_type": "code",
    102    "execution_count": null,
    103    "metadata": {
    104     "collapsed": false
    105    },
    106    "outputs": [],
    107    "source": [
    108     "v = privkey.version\n",
    109     "print 'The \\'version\\' stripped from any ASN.1 encoding is 0x%02x.' % v.val\n",
    110     "print 'The \\'version\\' field corresponds to bytes  %r.' % raw(v)"
    111    ]
    112   },
    113   {
    114    "cell_type": "code",
    115    "execution_count": null,
    116    "metadata": {
    117     "collapsed": false
    118    },
    119    "outputs": [],
    120    "source": [
    121     "privkey.version = ASN1_INTEGER(1)\n",
    122     "privkey.modulus.val *= 2\n",
    123     "privkey.show()"
    124    ]
    125   },
    126   {
    127    "cell_type": "code",
    128    "execution_count": null,
    129    "metadata": {
    130     "collapsed": false
    131    },
    132    "outputs": [],
    133    "source": [
    134     "print 'Original data: %r...' % keystr[:13]\n",
    135     "print 'New version bytes:          %r' % raw(privkey.version)\n",
    136     "print 'New modulus bytes:                      %r...' % raw(privkey.modulus)[:6]\n",
    137     "print 'Rebuilt data:  %r...' % raw(privkey)[:13]"
    138    ]
    139   },
    140   {
    141    "cell_type": "markdown",
    142    "metadata": {
    143     "collapsed": true
    144    },
    145    "source": [
    146     "## X.509 certificate features"
    147    ]
    148   },
    149   {
    150    "cell_type": "code",
    151    "execution_count": null,
    152    "metadata": {
    153     "collapsed": false
    154    },
    155    "outputs": [],
    156    "source": [
    157     "# Let's reload the original key, then let's load a certificate associated with it\n",
    158     "privkey = RSAPrivateKey(keystr)\n",
    159     "cert = X509_Cert(open('raw_data/pki/ca_cert.der', 'rb').read())\n",
    160     "cert.show()"
    161    ]
    162   },
    163   {
    164    "cell_type": "code",
    165    "execution_count": null,
    166    "metadata": {
    167     "collapsed": false
    168    },
    169    "outputs": [],
    170    "source": [
    171     "cert.tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.show()\n",
    172     "cert.tbsCertificate.subject[-1].rdn[0].show()"
    173    ]
    174   },
    175   {
    176    "cell_type": "code",
    177    "execution_count": null,
    178    "metadata": {
    179     "collapsed": false,
    180     "scrolled": true
    181    },
    182    "outputs": [],
    183    "source": [
    184     "cert.tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.modulus == privkey.modulus"
    185    ]
    186   },
    187   {
    188    "cell_type": "code",
    189    "execution_count": null,
    190    "metadata": {
    191     "collapsed": false
    192    },
    193    "outputs": [],
    194    "source": [
    195     "cert.tbsCertificate.extensions[2].show()"
    196    ]
    197   },
    198   {
    199    "cell_type": "code",
    200    "execution_count": null,
    201    "metadata": {
    202     "collapsed": false
    203    },
    204    "outputs": [],
    205    "source": [
    206     "cert.signatureAlgorithm.algorithm"
    207    ]
    208   },
    209   {
    210    "cell_type": "markdown",
    211    "metadata": {},
    212    "source": [
    213     "## Scapy crypto tools"
    214    ]
    215   },
    216   {
    217    "cell_type": "code",
    218    "execution_count": null,
    219    "metadata": {
    220     "collapsed": true
    221    },
    222    "outputs": [],
    223    "source": [
    224     "# Let's reload the key with Scapy's crypto-enhanced wrapper\n",
    225     "privkey = PrivKey('raw_data/pki/ca_key.der')"
    226    ]
    227   },
    228   {
    229    "cell_type": "code",
    230    "execution_count": null,
    231    "metadata": {
    232     "collapsed": false
    233    },
    234    "outputs": [],
    235    "source": [
    236     "privkey.der == keystr"
    237    ]
    238   },
    239   {
    240    "cell_type": "code",
    241    "execution_count": null,
    242    "metadata": {
    243     "collapsed": false
    244    },
    245    "outputs": [],
    246    "source": [
    247     "print privkey.key\n",
    248     "print privkey.pubkey"
    249    ]
    250   },
    251   {
    252    "cell_type": "code",
    253    "execution_count": null,
    254    "metadata": {
    255     "collapsed": false
    256    },
    257    "outputs": [],
    258    "source": [
    259     "# We can compute the RSA signature over the part of the certificate which is to be signed\n",
    260     "privkey.sign(raw(cert.tbsCertificate))"
    261    ]
    262   },
    263   {
    264    "cell_type": "code",
    265    "execution_count": null,
    266    "metadata": {
    267     "collapsed": false
    268    },
    269    "outputs": [],
    270    "source": [
    271     "cert.signatureValue"
    272    ]
    273   },
    274   {
    275    "cell_type": "code",
    276    "execution_count": null,
    277    "metadata": {
    278     "collapsed": false
    279    },
    280    "outputs": [],
    281    "source": [
    282     "# We can quickly modify a certificate field and update the signature accordingly\n",
    283     "cert.tbsCertificate.serialNumber.val = 0xdeadcafe\n",
    284     "cert.tbsCertificate.subject[-1].rdn[0].value.val = 'my new deadcafe CA'    \n",
    285     "cert2 = privkey.resignCert(cert)\n",
    286     "cert2.show()"
    287    ]
    288   }
    289  ],
    290  "metadata": {
    291   "kernelspec": {
    292    "display_name": "Python 2",
    293    "language": "python",
    294    "name": "python2"
    295   },
    296   "language_info": {
    297    "codemirror_mode": {
    298     "name": "ipython",
    299     "version": 2
    300    },
    301    "file_extension": ".py",
    302    "mimetype": "text/x-python",
    303    "name": "python",
    304    "nbconvert_exporter": "python",
    305    "pygments_lexer": "ipython2",
    306    "version": "2.7.13"
    307   }
    308  },
    309  "nbformat": 4,
    310  "nbformat_minor": 2
    311 }
    312