Bump TLS-Attacker from 5.3.0 to v6.3.4 (#159)

* update dependency TLS-Attacker from 5.3.0 to 6.1.4

* WIP 5.3.0 to 6.1.4: fix generics errors
(Reference TLS-Attacker Commit 49af57bb871219fa2427dc33621e4e2cae42d10c)

* WIP 5.3.0 to 6.1.4: LayerStack receiveData parameter requires generics
(Reference TLS-Attacker Commit 6b0c072fdeec33b41d44031c19b21e6f4dd1db61)

* WIP 5.3.0 to 6.1.4: Connection removed firstTimeout
(Reference TLS-Attacker Commit a4fab98ea9b5856d3fab218dc6d34bbc5cdb4560)

* WIP 5.3.0 to 6.1.4: Rename LayerConfiguration to StackConfiguration
(Reference TLS-Attacker Commit 30260caf1fa15ce2ed061191dc8c6c1a0e321dac)

* WIP 5.3.0 to 6.1.4: Update modifiable-variable dependency
(Reference TLS-Attacker Commit 2adb191ffb001abe609228c71f77af5da1d3da5a)

* WIP 5.3.0 to 6.1.4: Use official CertificateDelegate type

* WIP 5.3.0 to 6.1.4: replace CertificateKeyType with x509attacker
(Reference TLS-Attacker Commit 8a75161ea63160b4a1dac620c9407715f80785ea)

* WIP 5.3.0 to 6.1.4: replace setCertificateListConfig with setCertificateEntryList
(Reference TLS-Attacker Commit 8cbdfa82067eae9c9159c13fc42b278fc93fe55c, 1e40faa3f2cd411a8e5fc33bf89930a8f8c09227)

* WIP 5.3.0 to 6.1.4: fix getCertSignatureTypeString function
(Reference TLS-Attacker Commit 1e40faa3f2cd411a8e5fc33bf89930a8f8c09227)

* WIP 5.3.0 to 6.1.4: fix sul.config
(Reference TLS-Attacker Commit 8f3bba03adb36dd04f4dae8ed6a3e4b1749de22c, 8cbdfa82067eae9c9159c13fc42b278fc93fe55c)

* WIP 6.1.4 to 6.3.3: change version number
fix maven dependency:analyze
And can fix runtime error "Exception in thread "main" java.lang.NoClassDefFoundError: org/xbill/DNS/TextParseException" without adding extra dependency

* WIP 6.1.4 to 6.3.3: stop unwanted logs and added a logger for easier debug

* WIP 6.1.4 to 6.3.3: fix compile error

* WIP 6.1.4 to 6.3.3: fix runtime null exception

* WIP 6.1.4 to 6.3.3: add patch so RSA private and public keys can be correctly set.

* WIP 6.1.4 to 6.3.3: fix initializeTransportHandler
So when we test Client implementations, the socket client address and port will be set
(Reference TLS-Attacker Commit 6f663747dc4ad109e229020e1489e2ff66393319, since they removed similar logic inside ServerUdpTransportHandler.java)

* fix: add patch for TLS-Attacker so EMPTY_CERTIFICATE will be correctly generated.
And also stop the warning logs from protocol.preparator.CertificateMessagePreparator.

* fix: map SignatureAlgorithm items to CertificateKeyType
After this fix, we can learn output RSA_CERTIFICATE instead of RSA_PKCS1_CERTIFICATE

* fix: add disable reordering patch for TLS-Attacker just like TLS-Attacker-v5.3.0.patch

* fix: update scandium.config so TLS-Attacker v6.3.3 can read without runtime error

* fix: add enum mapping for ECDSA signature algorithm

* add TLS-Attacker patch so ECDSA certificate configuration can be correctly set, and prevent unexpected X509Context reset.

* fix tinydtls_client.config format, so no runtime error

* fix client fuzzing: make udp layer behave as before, which will consume the first arrived ClientHello.

* fix: RSAClientKeyExchangePreparator.java uses wrong RSA private key, therefore we will get wrong decrypted PreMaster Secret.

* fix: PionDTLS-2-0-9_Client_psk regression test

* upgrade TLS-Attacker dependency from 6.3.3 to 6.3.4
Removed patches for RSAClientKeyExchangePreparator.java, TlsContext.java and Context.java

* Delete experiments/patches/TLS-Attacker-v6.3.3.patch

* Remove redundant casts from TlsStepContext.java

* Remove redundant casts from DtlsOutputMapper.java

* update patch for CertificateMessagePreparator.java

* remove redundant @SuppressWarnings("rawtypes")

* Remove BouncyCastle

* Remove org,bouncycastle:bcprov-jdk15on

* Revert BouncyCastle removal [ci skip]

* Revert BouncyCastle removal

---------

Co-authored-by: Kostis Sagonas <kostis@it.uu.se>

Author: c-southwest

experiments/configs/scandium.config

@@ -30,53 +30,54 @@
     <defaultPSKKey>1234</defaultPSKKey>
 
     <!-- Note: this fixes any certificate input -->
-    <autoSelectCertificate>false</autoSelectCertificate>
-    <defaultExplicitCertificateKeyPair>
-		<certPublicKeyType>ECDH</certPublicKeyType>
-		<certSignatureType>ECDSA</certSignatureType>
-		<signatureAndHashAlgorithm>ECDSA_SHA256</signatureAndHashAlgorithm>
-		<certificateBytes>00 01 90 00 01 8D 30 82 01 89 30 82 01 2F A0 03 02 01
-			02 02 14 0A 0C 65 9A 72 DA 6E B8 94 E2 AD D6 05 3F F1 34 6C 85 0B 5C
-			30 0A 06 08 2A 86 48 CE 3D 04 03 02 30 1A 31 18 30 16 06 03 55 04 03
-			0C 0F 64 74 6C 73 2D 66 75 7A 7A 65 72 2E 63 6F 6D 30 1E 17 0D 32 34
-			30 36 30 36 31 32 31 33 30 38 5A 17 0D 33 38 30 32 31 33 31 32 31 33
-			30 38 5A 30 1A 31 18 30 16 06 03 55 04 03 0C 0F 64 74 6C 73 2D 66 75
-			7A 7A 65 72 2E 63 6F 6D 30 59 30 13 06 07 2A 86 48 CE 3D 02 01 06 08
-			2A 86 48 CE 3D 03 01 07 03 42 00 04 6A 83 DF 69 81 D8 13 65 47 B9 EC
-			FA 48 DD B0 CD C4 E2 72 01 E0 28 30 95 7D BE FB 64 AE 3A 98 66 05 F7
-			2E 1E 95 2E FF 01 E5 07 D7 A5 6E 76 4D 91 3C AC 2C 89 D8 B7 41 38 03
-			C1 7B A6 F9 AE D2 33 A3 53 30 51 30 1D 06 03 55 1D 0E 04 16 04 14 F6
-			A5 32 E0 73 F5 25 70 A5 41 36 CB 22 8E 12 E4 F9 BD F3 D3 30 1F 06 03
-			55 1D 23 04 18 30 16 80 14 F6 A5 32 E0 73 F5 25 70 A5 41 36 CB 22 8E
-			12 E4 F9 BD F3 D3 30 0F 06 03 55 1D 13 01 01 FF 04 05 30 03 01 01 FF
-			30 0A 06 08 2A 86 48 CE 3D 04 03 02 03 48 00 30 45 02 21 00 D0 36 BC
-			32 EF 96 8F 25 81 D1 41 70 BC D4 72 66 0F 55 FB F2 4B E1 E1 C2 C9 02
-			B4 B6 49 83 E5 CC 02 20 44 0C D3 51 68 12 5C B2 C4 08 D5 B1 F2 31 BB
-			60 AE 6D FB 88 0F B2 ED E7 18 33 01 1A 49 5A D6 2C</certificateBytes>
-		<EcPublicKey>
-			<point>
-				<xFieldElementFp>
-					<data>
-						48178160849216113900197610826518050538097581403529018892565414719684416804966</data>
-					<modulus>
-						115792089210356248762697446949407573530086143415290314195533631308867097853951</modulus>
-				</xFieldElementFp>
-				<yFieldElementFp>
-					<data>
-						2698293772757809793845528399156327847751712523799934234434860240672436179507</data>
-					<modulus>
-						115792089210356248762697446949407573530086143415290314195533631308867097853951</modulus>
-				</yFieldElementFp>
-				<infinity>false</infinity>
-			</point>
-			<group>SECP256R1</group>
-		</EcPublicKey>
-		<EcPrivateKey>
-			<privateKey>
-				44246452000829000853874228044685165133258626323421979906338042734026795974264</privateKey>
-			<group>SECP256R1</group>
-		</EcPrivateKey>
-		<signatureGroup>SECP256R1</signatureGroup>
-		<publicKeyGroup>SECP256R1</publicKeyGroup>
-	</defaultExplicitCertificateKeyPair>
+    <autoAdjustCertificate>false</autoAdjustCertificate>
+    <defaultExplicitCertificateChain>
+        <certificateBytes>
+            <bytes>30 82 01 89 30 82 01 2F A0 03 02 01
+                02 02 14 0A 0C 65 9A 72 DA 6E B8 94 E2 AD D6 05 3F F1 34 6C 85 0B 5C
+                30 0A 06 08 2A 86 48 CE 3D 04 03 02 30 1A 31 18 30 16 06 03 55 04 03
+                0C 0F 64 74 6C 73 2D 66 75 7A 7A 65 72 2E 63 6F 6D 30 1E 17 0D 32 34
+                30 36 30 36 31 32 31 33 30 38 5A 17 0D 33 38 30 32 31 33 31 32 31 33
+                30 38 5A 30 1A 31 18 30 16 06 03 55 04 03 0C 0F 64 74 6C 73 2D 66 75
+                7A 7A 65 72 2E 63 6F 6D 30 59 30 13 06 07 2A 86 48 CE 3D 02 01 06 08
+                2A 86 48 CE 3D 03 01 07 03 42 00 04 6A 83 DF 69 81 D8 13 65 47 B9 EC
+                FA 48 DD B0 CD C4 E2 72 01 E0 28 30 95 7D BE FB 64 AE 3A 98 66 05 F7
+                2E 1E 95 2E FF 01 E5 07 D7 A5 6E 76 4D 91 3C AC 2C 89 D8 B7 41 38 03
+                C1 7B A6 F9 AE D2 33 A3 53 30 51 30 1D 06 03 55 1D 0E 04 16 04 14 F6
+                A5 32 E0 73 F5 25 70 A5 41 36 CB 22 8E 12 E4 F9 BD F3 D3 30 1F 06 03
+                55 1D 23 04 18 30 16 80 14 F6 A5 32 E0 73 F5 25 70 A5 41 36 CB 22 8E
+                12 E4 F9 BD F3 D3 30 0F 06 03 55 1D 13 01 01 FF 04 05 30 03 01 01 FF
+                30 0A 06 08 2A 86 48 CE 3D 04 03 02 03 48 00 30 45 02 21 00 D0 36 BC
+                32 EF 96 8F 25 81 D1 41 70 BC D4 72 66 0F 55 FB F2 4B E1 E1 C2 C9 02
+                B4 B6 49 83 E5 CC 02 20 44 0C D3 51 68 12 5C B2 C4 08 D5 B1 F2 31 BB
+                60 AE 6D FB 88 0F B2 ED E7 18 33 01 1A 49 5A D6 2C
+            </bytes>
+        </certificateBytes>
+    </defaultExplicitCertificateChain>
+
+    <certificateChainConfig>
+        <certificateConfig>
+            <signatureAlgorithm>ECDSA_WITH_SHA256</signatureAlgorithm>
+            <publicKeyType>ECDH_ECDSA</publicKeyType>
+            <ecPublicKey>
+                <xFieldElementFp>
+                    <data>
+                        48178160849216113900197610826518050538097581403529018892565414719684416804966</data>
+                    <modulus>
+                        115792089210356248762697446949407573530086143415290314195533631308867097853951</modulus>
+                </xFieldElementFp>
+                <yFieldElementFp>
+                    <data>
+                        2698293772757809793845528399156327847751712523799934234434860240672436179507</data>
+                    <modulus>
+                        115792089210356248762697446949407573530086143415290314195533631308867097853951</modulus>
+                </yFieldElementFp>
+                <infinity>false</infinity>
+            </ecPublicKey>
+            <ecPrivateKey>
+                    44246452000829000853874228044685165133258626323421979906338042734026795974264
+            </ecPrivateKey>
+            <defaultSubjectNamedCurve>SECP256R1</defaultSubjectNamedCurve>
+        </certificateConfig>
+    </certificateChainConfig>
 </config>

experiments/configs/tinydtls_client.config

@@ -53,32 +53,27 @@
     <clientCertificateTypeExtensionMessageState>false</clientCertificateTypeExtensionMessageState>
 
     <!-- Note: this fixes any certificate input -->
-    <autoSelectCertificate>false</autoSelectCertificate>
+    <autoAdjustCertificate>false</autoAdjustCertificate>
     <autoAdjustSignatureAndHashAlgorithm>false</autoAdjustSignatureAndHashAlgorithm>
 
     <!-- Warning: this key pair might not work / has not been tested. A similar configuration used to work with an old version of TLS-Attacker (e.g., 3.2b). -->
-    <defaultExplicitCertificateKeyPair>
-        <certPublicKeyType>ECDSA</certPublicKeyType>
-        <certSignatureType>ECDSA</certSignatureType>
-        <EcPublicKey>
-            <point>
-                <xFieldElementFp>
-                    <data>94232897661529392044308082597636544403139625602616773737240455601462877679514</data>
-                    <modulus>115792089210356248762697446949407573530086143415290314195533631308867097853951</modulus>
-                </xFieldElementFp>
-                <yFieldElementFp>
-                    <data>81459975214215857114679354058384353873712640061964199410870538408465338855024</data>
-                    <modulus>115792089210356248762697446949407573530086143415290314195533631308867097853951</modulus>
-                </yFieldElementFp>
-                <infinity>true</infinity>
-            </point>
-            <group>SECP256R1</group>
-        </EcPublicKey>
-        <EcPrivateKey>
-            <privateKey>98551971876008506686539909602944300163494952408899058323320387266902340541396</privateKey>
-            <group>SECP256R1</group>
-        </EcPrivateKey>
-        <signatureGroup>SECP256R1</signatureGroup>
-        <publicKeyGroup>SECP256R1</publicKeyGroup>
-    </defaultExplicitCertificateKeyPair>
+        <certificateChainConfig>
+            <certificateConfig>
+                <signatureAlgorithm>ECDSA_WITH_SHA256</signatureAlgorithm>
+                <publicKeyType>ECDH_ECDSA</publicKeyType>
+                <ecPublicKey>
+                    <xFieldElementFp>
+                        <data>94232897661529392044308082597636544403139625602616773737240455601462877679514</data>
+                        <modulus>115792089210356248762697446949407573530086143415290314195533631308867097853951</modulus>
+                    </xFieldElementFp>
+                    <yFieldElementFp>
+                        <data>81459975214215857114679354058384353873712640061964199410870538408465338855024</data>
+                        <modulus>115792089210356248762697446949407573530086143415290314195533631308867097853951</modulus>
+                    </yFieldElementFp>
+                    <infinity>true</infinity>
+                </ecPublicKey>
+                <ecPrivateKey>98551971876008506686539909602944300163494952408899058323320387266902340541396</ecPrivateKey>
+                <defaultSubjectNamedCurve>SECP256R1</defaultSubjectNamedCurve>
+            </certificateConfig>
+        </certificateChainConfig>
 </config>

experiments/patches/TLS-Attacker-v6.3.4.patch

@@ -0,0 +1,213 @@
+diff -ruN TLS-Attacker/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/dtls/FragmentManager.java TLS-Attacker_patched/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/dtls/FragmentManager.java
+--- TLS-Attacker/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/dtls/FragmentManager.java	2025-02-20 15:19:04.898118063 +0100
++++ TLS-Attacker_patched/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/dtls/FragmentManager.java	2025-02-20 15:38:12.424092502 +0100
+@@ -23,7 +23,6 @@
+ 
+     private Map<FragmentKey, FragmentCollector> fragments;
+     private Config config;
+-    private int lastInterpretedMessageSeq = -1;
+ 
+     public FragmentManager(Config config) {
+         fragments = new HashMap<>();
+@@ -69,21 +68,6 @@
+             boolean onlyIfComplete, boolean skipMessageSequences) {
+         List<DtlsHandshakeMessageFragment> handshakeFragmentList = new LinkedList<>();
+         List<FragmentKey> orderedFragmentKeys = new ArrayList<>(fragments.keySet());
+-        orderedFragmentKeys.sort(
+-                new Comparator<FragmentKey>() {
+-                    @Override
+-                    public int compare(FragmentKey fragmentKey1, FragmentKey fragmentKey2) {
+-                        if (fragmentKey1.getEpoch() > fragmentKey2.getEpoch()) {
+-                            return -1;
+-                        } else if (fragmentKey1.getEpoch() < fragmentKey2.getEpoch()) {
+-                            return 1;
+-                        } else {
+-                            return fragmentKey1
+-                                    .getMessageSeq()
+-                                    .compareTo(fragmentKey2.getMessageSeq());
+-                        }
+-                    }
+-                });
+ 
+         for (FragmentKey key : orderedFragmentKeys) {
+             FragmentCollector fragmentCollector = fragments.get(key);
+@@ -100,11 +84,6 @@
+                 }
+             }
+             if (!fragmentCollector.isInterpreted()) {
+-                if (!skipMessageSequences
+-                        && key.getMessageSeq() != lastInterpretedMessageSeq + 1
+-                        && !fragmentCollector.isRetransmission()) {
+-                    break;
+-                }
+                 if (onlyIfComplete && !fragmentCollector.isMessageComplete()) {
+                     LOGGER.debug(
+                             "Incomplete message. Not processing: msg_sqn: "
+@@ -114,7 +93,7 @@
+                 } else {
+                     handshakeFragmentList.add(fragmentCollector.buildCombinedFragment());
+                     fragmentCollector.setInterpreted(true);
+-                    lastInterpretedMessageSeq = key.getMessageSeq();
++                    clearFragmentedMessage(key.getMessageSeq(), key.getEpoch());
+                 }
+             }
+         }
+diff -ruN TLS-Attacker/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/layer/LayerStackFactory.java TLS-Attacker_patched/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/layer/LayerStackFactory.java
+--- TLS-Attacker/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/layer/LayerStackFactory.java	2025-02-20 15:19:04.907853961 +0100
++++ TLS-Attacker_patched/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/layer/LayerStackFactory.java	2025-02-20 15:38:28.834162918 +0100
+@@ -32,7 +32,7 @@
+                         new MessageLayer(context),
+                         new DtlsFragmentLayer(context),
+                         new RecordLayer(context),
+-                        new UdpLayer(context));
++                        new FirstCachedUdpLayer(context));
+             case QUIC:
+                 return new LayerStack(
+                         context,
+diff -ruN TLS-Attacker/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/layer/impl/FirstCachedUdpLayer.java TLS-Attacker_patched/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/layer/impl/FirstCachedUdpLayer.java
+--- TLS-Attacker/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/layer/impl/FirstCachedUdpLayer.java	1970-01-01 01:00:00.000000000 +0100
++++ TLS-Attacker_patched/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/layer/impl/FirstCachedUdpLayer.java	2025-02-20 15:40:32.718070889 +0100
+@@ -0,0 +1,64 @@
++/*
++ * TLS-Attacker - A Modular Penetration Testing Framework for TLS
++ *
++ * Copyright 2014-2023 Ruhr University Bochum, Paderborn University, Technology Innovation Institute, and Hackmanit GmbH
++ *
++ * Licensed under Apache License, Version 2.0
++ * http://www.apache.org/licenses/LICENSE-2.0.txt
++ */
++package de.rub.nds.tlsattacker.core.layer.impl;
++
++import de.rub.nds.tlsattacker.core.layer.hints.LayerProcessingHint;
++import de.rub.nds.tlsattacker.core.layer.stream.HintedLayerInputStream;
++import de.rub.nds.tlsattacker.core.state.Context;
++import de.rub.nds.tlsattacker.core.udp.UdpDataPacket;
++import java.io.ByteArrayInputStream;
++import java.io.IOException;
++
++/**
++ * The UDP layer is a wrapper around an underlying UDP socket. It forwards the sockets InputStream
++ * for reading and sends any data over the UDP layer without modifications.
++ */
++public class FirstCachedUdpLayer extends UdpLayer {
++
++    private byte[] firstClientHello = null;
++    private boolean isFirstClientHelloConsumed = false;
++
++    public boolean isFuzzingClient = false;
++
++    public FirstCachedUdpLayer(Context context) {
++        super(context);
++    }
++
++    public void setFirstClientHelo(byte[] bytes) {
++        this.firstClientHello = bytes;
++    }
++
++    public byte[] getFirstClientHelo() {
++        return this.firstClientHello;
++    }
++
++    @Override
++    public void receiveMoreDataForHint(LayerProcessingHint hint) throws IOException {
++        byte[] receivedPacket = null;
++        if (!isFirstClientHelloConsumed && isFuzzingClient) {
++            receivedPacket = firstClientHello;
++            isFirstClientHelloConsumed = true;
++        } else {
++            receivedPacket = getTransportHandler().fetchData();
++        }
++        UdpDataPacket udpDataPacket = new UdpDataPacket();
++        udpDataPacket
++                .getParser(context, new ByteArrayInputStream(receivedPacket))
++                .parse(udpDataPacket);
++        udpDataPacket.getPreparator(context).prepareAfterParse();
++        udpDataPacket.getHandler(context).adjustContext(udpDataPacket);
++        addProducedContainer(udpDataPacket);
++        if (currentInputStream == null) {
++            currentInputStream = new HintedLayerInputStream(null, this);
++            currentInputStream.extendStream(receivedPacket);
++        } else {
++            currentInputStream.extendStream(receivedPacket);
++        }
++    }
++}
+diff -ruN TLS-Attacker/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/layer/impl/UdpLayer.java TLS-Attacker_patched/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/layer/impl/UdpLayer.java
+--- TLS-Attacker/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/layer/impl/UdpLayer.java	2025-02-20 15:19:04.907853961 +0100
++++ TLS-Attacker_patched/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/layer/impl/UdpLayer.java	2025-02-20 15:42:08.984094197 +0100
+@@ -26,7 +26,7 @@
+  */
+ public class UdpLayer extends ProtocolLayer<LayerProcessingHint, UdpDataPacket> {
+ 
+-    private final Context context;
++    protected final Context context;
+ 
+     public UdpLayer(Context context) {
+         super(ImplementedLayers.UDP);
+@@ -88,7 +88,7 @@
+         return new LayerProcessingResult<UdpDataPacket>(null, getLayerType(), true);
+     }
+ 
+-    private UdpTransportHandler getTransportHandler() {
++    protected UdpTransportHandler getTransportHandler() {
+         if (context.getTransportHandler() == null) {
+             throw new RuntimeException("TransportHandler is not set in context!");
+         }
+diff -ruN TLS-Attacker/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/preparator/CertificateMessagePreparator.java TLS-Attacker_patched/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/preparator/CertificateMessagePreparator.java
+--- TLS-Attacker/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/preparator/CertificateMessagePreparator.java	2025-02-20 15:19:04.917589863 +0100
++++ TLS-Attacker_patched/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/protocol/preparator/CertificateMessagePreparator.java	2025-02-24 17:22:35.965169130 +0100
+@@ -147,13 +147,20 @@
+                     }
+                     prepareFromEntryList(msg);
+                 } else {
+-                    entryList = new LinkedList<>();
+-                    for (CertificateBytes certificateBytes :
+-                            chooser.getConfig().getDefaultExplicitCertificateChain()) {
+-                        CertificateEntry entry = new CertificateEntry(certificateBytes.getBytes());
+-                        entryList.add(entry);
++                    if (entryList != null) {
++                        // Generate EMPTY_CERTIFICATE
++                        preparePredefinedCerts(entryList);
++                    } else {
++                        // Generate CERTIFICATE
++                        entryList = new LinkedList<>();
++                        for (CertificateBytes certificateBytes :
++                                chooser.getConfig().getDefaultExplicitCertificateChain()) {
++                            CertificateEntry entry =
++                                    new CertificateEntry(certificateBytes.getBytes());
++                            entryList.add(entry);
++                        }
++                        msg.setCertificateEntryList(entryList);
+                     }
+-                    msg.setCertificateEntryList(entryList);
+                     prepareFromEntryList(msg);
+                 }
+                 LOGGER.debug(
+@@ -223,7 +230,6 @@
+                 prepareCert(entryList, x509Context, certConfig, i);
+             }
+         }
+-        chooser.getContext().getTlsContext().setTalkingX509Context(x509Context);
+     }
+ 
+     private void prepareCert(
+diff -ruN TLS-Attacker/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/record/crypto/RecordDecryptor.java TLS-Attacker_patched/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/record/crypto/RecordDecryptor.java
+--- TLS-Attacker/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/record/crypto/RecordDecryptor.java	2025-02-20 15:19:04.927325762 +0100
++++ TLS-Attacker_patched/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/record/crypto/RecordDecryptor.java	2025-02-20 15:48:31.109280624 +0100
+@@ -8,6 +8,7 @@
+  */
+ package de.rub.nds.tlsattacker.core.record.crypto;
+ 
++import de.rub.nds.protocol.exception.EndOfStreamException;
+ import de.rub.nds.protocol.exception.ParserException;
+ import de.rub.nds.tlsattacker.core.constants.ProtocolMessageType;
+ import de.rub.nds.tlsattacker.core.constants.ProtocolVersion;
+@@ -55,7 +56,7 @@
+                     || record.getContentMessageType() != ProtocolMessageType.CHANGE_CIPHER_SPEC) {
+                 try {
+                     recordCipher.decrypt(record);
+-                } catch (ParserException | CryptoException ex) {
++                } catch (ParserException | CryptoException | EndOfStreamException ex) {
+                     if (recordCipherList.indexOf(recordCipher) > 0) {
+                         LOGGER.warn(
+                                 "Failed to decrypt record, will try to process with previous cipher");