Key material hard to specify by user

Question

Key material hard to specify by user

Closed this issue 10 months ago · 0 comments

Using different key material (e.g., certificate/key pair, pre-shared key, etc) currently requires changes to the TLS-Attacker configuration file supplied via -sulConfig. Changing this file is far from trivial, particularly when specifying a new certificate/key, which are specified as byte strings. For example, this is how a basic RSA certificate/key pair is specified in the default configuration file.

 <defaultExplicitCertificateKeyPair>
        <certPublicKeyType>RSA</certPublicKeyType>
        <certSignatureType>RSA</certSignatureType>
        <certificateBytes>
00 03 D3 00 03 D0 30 82  03 CC 30 82 02 B4 A0 03
...
15 C1 5E B7 D5 18
</certificateBytes>
        <RsaPublicKey>
            <publicExponent>65537</publicExponent>
            <modulus>..</modulus>
            <.../>
        </RsaPrivateKey>
</defaultExplicitCertificateKeyPair>

It would be much better if key material could be specified as it is in TLS/DTLS test programs, via arguments e.g., pointing to key/certificate files, or providing the pre-shared key.