From 62874e37789272afdcf97d25339428b60b2c84b0 Mon Sep 17 00:00:00 2001 From: Peter Wu Date: Fri, 17 Aug 2018 00:36:55 +0200 Subject: [PATCH] TLS13: add final tests for RFC 8446 Add TLS 1.3 tests that verify decryption of handshake, application and early data. Add another test that shows that early data is properly skipped. This completes TLS 1.3 (RFC 8446) decryption support. The trace was created using boringssl c4131a4a23a1. Bug: 12779 Change-Id: Iddd266ecd3f428c95aa3f69616ce55e75d4ccca0 Reviewed-on: https://code.wireshark.org/review/29170 Petri-Dish: Peter Wu Tested-by: Petri Dish Buildbot Reviewed-by: Alexis La Goutte --- test/captures/tls13-rfc8446.pcap | Bin 0 -> 4158 bytes test/keys/tls13-rfc8446-noearly.keys | 8 +++++ test/keys/tls13-rfc8446.keys | 9 +++++ test/suite_decryption.py | 52 +++++++++++++++++++++++++++ 4 files changed, 69 insertions(+) create mode 100644 test/captures/tls13-rfc8446.pcap create mode 100644 test/keys/tls13-rfc8446-noearly.keys create mode 100644 test/keys/tls13-rfc8446.keys diff --git a/test/captures/tls13-rfc8446.pcap b/test/captures/tls13-rfc8446.pcap new file mode 100644 index 0000000000000000000000000000000000000000..4500f5931fb66e4264616ef75dad695eb1f565c7 GIT binary patch literal 4158 zcmbuB2{hDeAIG0rY=a6jB1=NZp0Z4Cw#g--uDwJmE~T;*LKsWNI+jRDD!XXxTNI-( z_BH#G^{Q+sOA_z@-@Wy|+;iUdJ?}f`eCM41nK{q%`+lF#@Be$cUgbYQ0yOyN2MrL= zgMGD&`Sbe>Ko)v{743?DN%al!QcE=8VFa2;gkYnk8c?G@a~{J45Rj0uk%)3Gx@V$1 zXo*fD7nsBy004nt#E{uGhGI+_nmJJj@D5sO5`_|xUt8yV9j|iVdjAx;_$%`%!UKHm9!$Yl3feFcdCAk2Z_Kysj} zB&uYpB&%ebGMh50n5sCcFjZKP03HGvAP+FmW;Ztxu$|qIBOyqv01MdBC`L3IL5E_b zqeC##(<6`wzzm=-a0rM1VZa9j7&zw|?z%s`N%;M<=2`m7Xgkh1&_Su64;UhtO%)Hw z11aeL2p|DiSx{&nUZ3446bcF1!vID=4=u18aKZVZQy4%r63PzJpUM51BAg#GK<_D> zUv~kV9h@PeJT?-}j*E_hgYx^p8Tw~_P`kub|>>Hkhsu!Z7B83i1Cme4K3^w7*_{{AM zw9*B*US(4fxYML`3l?U+VQhIxX9kk2RQg(n_su$yI_U=Rr*F(?sYbDCXE;R$DZjOL zP`N^lXEk~rQ0s9?*>!l%u^)HmvaGg3Tv&|GRnH5r;(dc4;3Q&25L*m>*T+Ln-6%e0}F{V7k zk`MWe7Br9Z3)(s4Oce(UX&o{CusZ6~S@M9M`6X&UM#Pfw0bxFAw2tG_rjiQ(HFAN~z$AbSn(} z$XT`4Pc?UWIS#6~MhF)SowBhRO|Nl!%pcCkO%+=U(@EfdJDj{2(o-SBroKW*3C-QG z`9Nc$7ZeON{|pnVOJM+hP+!2>-r?XzqZLf3IqTLAr{H+d(n1iSb6C%x9XtqWV@OF`?c3i3A|^|EGFG?G#uYuV81Lzh*ZD2huQ16 z^_T7o)KyebDe-h$se{GPa^4X4MvP0@kgut=$(tr(?DBN_9MQN}qVJBZN9Zn$T(!`S z-#j!D@{&%)FYo&p8M`X=zPa;d)w+dX{c~lK_EDhR8{V09CD!khoS^~3SqD|FCutM+ zbP^b@cngg(DMjrYee)YFHVNHHw?x>qK162gII%#iR!AHtsbPa|545#WT1A^?HK*!K z2N4WhIocW>E9Db$*9qD|4}ZC~z-1VezYpQQwvois=xjALGm{m6exlXo_Qd*3(vz=# z$qR&qrwh_Gx#GD-R|jf&2jw|w2lBJ8dhbYjqAbUU{Yqcq5m5ppBIR!2IGDpH>x9J> z_ywH&)v5)~m#ZnnAs;n$`BEM$kLlN2NsFkj@;!&o*Z?|X2Z%UWf1~bvpAncS4;Tv2Z0LRTkUy@{LMPM zd^f8I?C|!}(Do1~-?bevP^p&>6)~A22r)kxF>LKm#Jc`M3+MX>E&*Kf7W0LrpZ8V~sqtt0X zEoa0EGB?So_E)y-%&%fhdh(%}jfCbWVjYDlcGv2EsB%JbI(swIWgL?}AGtEaiXXl? zfR|A!%S_=DsN|fej{RzWd+oX=R{>t@lm10Z)0%o~73K1MnwEiGrPPh z_@k^z%tv8Mf>?}QGJ@^>FS&+l7vhEdOJwR30_YCa+_7cKtn?U!qA|(jAGqJ{Yv%D7in{ z|IKZy`qQ{YC#iF^z5Z!AcH?BP3xW|*8X8r@&ymAVRmFW%-qUA#*V3A8xNZ9^QoNm5 zDB~HGG1=7HaW|gSy34uL=N%y{8J<_0aq$ny@}8f}trnKZ@fXx-mNYY4+8^)CPaBMV z)~&r;WiCsndl~E#h$zcYzrz+A-YC02VXolhAKAWsVguwC`jtH>#TWPjH5jW)iY&kd zN(I(-tbi?#4~!LNeJfVi#eZOhy|x9b!ha45F$88rj$w!xRXmnzDmm9=_(_U8+s3&> zo>9xAp|dG@GPFpYS?hOzhl>zB$^w!hu3>F&Tx4v~5x58k_J3*IXt)55((4v*<8mha zXxyG+GQ>B0pCUpl-9n+7xU0uf@7yxj5F)Mc@;tE~D$`;@w&3nkE>uC&+V!;8gmD$llC6;NGr6pvo9 z2N4|6N=kWbhaBHxjLVy2p};ZzGA}Y#aqPFft0uD*++pqd zACK|Ms}101EZ?*mL0crkL!IsH!kuqRk%LTUg2EM&1+2{ z4>e>Gp`^HBj0-1t23~$y!M7OF(X>o+6e3GMutvB}gqYyE=L)z)ROFn2x z-YK?32bM>eRlX~~M2ZCZOlR(NDZzL@Lk$WDzSFkyRxl~vR86@rleb}fc(xcub`nCi z1%d+Bc4R?Skur>|>wgw(`q@eVeNGgI&=8xe|_&8xw-jdP|SGj}- zr*7pd3TFkT^=S$7O=%Ys#Pn%W8W-G@z(V1Feh1a%vzgueVe_VXdCRQ?+*VWpUQ|1mqri0HQ$*)EkRl+?yH@R=O0NzmN=cI z7irE&7j?-U6Y{etlQ3E(OSAcvnchX_q`_6HbL|934U4GlT8E1KqV8GUKcjxRyxG^4?1UIF85s@ryyPOO+9PC% zCX#8|f_)pAMJ35Gm_)8RpM%Kd(wL{;-2IspH;5heRLOUtOHvWJb40p*_j;@vrS?A< aIa2JM#4%{vO^~~yVVyF7KilvzVE7+Svs@kk literal 0 HcmV?d00001 diff --git a/test/keys/tls13-rfc8446-noearly.keys b/test/keys/tls13-rfc8446-noearly.keys new file mode 100644 index 0000000000..15e7e4c113 --- /dev/null +++ b/test/keys/tls13-rfc8446-noearly.keys @@ -0,0 +1,8 @@ +CLIENT_HANDSHAKE_TRAFFIC_SECRET 2635fafc16c49a3e997ef714c303806dc8dbf634a2005b0e0186521c4ad6f9df 3a497c91f6e130fbc18fc9f773b92bb0d538dfedc30e964cde0676396f24d0df +SERVER_HANDSHAKE_TRAFFIC_SECRET 2635fafc16c49a3e997ef714c303806dc8dbf634a2005b0e0186521c4ad6f9df 1a63b313c605f90e0b3c5717ebbbc62e1da3fe8e2aa66e499409a06b89040783 +CLIENT_TRAFFIC_SECRET_0 2635fafc16c49a3e997ef714c303806dc8dbf634a2005b0e0186521c4ad6f9df 1ce3e54d6b980d838f79564fd33d43a7664df24ead913c316c379ca3dd349b74 +SERVER_TRAFFIC_SECRET_0 2635fafc16c49a3e997ef714c303806dc8dbf634a2005b0e0186521c4ad6f9df befa80156bd5cb23899c23afadd8deb87c4117323b3e184085b57c8f4dc56760 +CLIENT_HANDSHAKE_TRAFFIC_SECRET b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d f4b31725da386891edbf521b96547be8b166487ca56ac197ac8df728c303ee80 +SERVER_HANDSHAKE_TRAFFIC_SECRET b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d ee3a6c64336e7f22214ab8f4b1aba29b0e7c72c84890a240d5c0c451ffceee9a +CLIENT_TRAFFIC_SECRET_0 b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d ceca66e29c1452990be5d1a439805adb9e582931051e847d8ad676147fd63b13 +SERVER_TRAFFIC_SECRET_0 b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d bf428b9e2e4853bab9c442f23d0dc45a9d552ab31ec96c7b9633ed16694924d0 diff --git a/test/keys/tls13-rfc8446.keys b/test/keys/tls13-rfc8446.keys new file mode 100644 index 0000000000..9195e25cda --- /dev/null +++ b/test/keys/tls13-rfc8446.keys @@ -0,0 +1,9 @@ +CLIENT_HANDSHAKE_TRAFFIC_SECRET 2635fafc16c49a3e997ef714c303806dc8dbf634a2005b0e0186521c4ad6f9df 3a497c91f6e130fbc18fc9f773b92bb0d538dfedc30e964cde0676396f24d0df +SERVER_HANDSHAKE_TRAFFIC_SECRET 2635fafc16c49a3e997ef714c303806dc8dbf634a2005b0e0186521c4ad6f9df 1a63b313c605f90e0b3c5717ebbbc62e1da3fe8e2aa66e499409a06b89040783 +CLIENT_TRAFFIC_SECRET_0 2635fafc16c49a3e997ef714c303806dc8dbf634a2005b0e0186521c4ad6f9df 1ce3e54d6b980d838f79564fd33d43a7664df24ead913c316c379ca3dd349b74 +SERVER_TRAFFIC_SECRET_0 2635fafc16c49a3e997ef714c303806dc8dbf634a2005b0e0186521c4ad6f9df befa80156bd5cb23899c23afadd8deb87c4117323b3e184085b57c8f4dc56760 +CLIENT_EARLY_TRAFFIC_SECRET b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d 42c0101fad261571cb8799c86a1eb4afe6dcef4a5f88664ac63e4c77452a77ef +CLIENT_HANDSHAKE_TRAFFIC_SECRET b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d f4b31725da386891edbf521b96547be8b166487ca56ac197ac8df728c303ee80 +SERVER_HANDSHAKE_TRAFFIC_SECRET b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d ee3a6c64336e7f22214ab8f4b1aba29b0e7c72c84890a240d5c0c451ffceee9a +CLIENT_TRAFFIC_SECRET_0 b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d ceca66e29c1452990be5d1a439805adb9e582931051e847d8ad676147fd63b13 +SERVER_TRAFFIC_SECRET_0 b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d bf428b9e2e4853bab9c442f23d0dc45a9d552ab31ec96c7b9633ed16694924d0 diff --git a/test/suite_decryption.py b/test/suite_decryption.py index 33a3eb197f..875a1cc02a 100644 --- a/test/suite_decryption.py +++ b/test/suite_decryption.py @@ -259,6 +259,58 @@ class case_decrypt_tls(subprocesstest.SubprocessTestCase): env=config.test_env) self.assertTrue(self.grepOutput('TLS13-CHACHA20-POLY1305-SHA256')) + def test_tls13_rfc8446(self): + '''TLS 1.3 (normal session, then early data followed by normal data).''' + if not config.have_libgcrypt16: + self.skipTest('Requires GCrypt 1.6 or later.') + capture_file = os.path.join(config.capture_dir, 'tls13-rfc8446.pcap') + key_file = os.path.join(config.key_dir, 'tls13-rfc8446.keys') + proc = self.runProcess((config.cmd_tshark, + '-r', capture_file, + '-ossl.keylog_file:{}'.format(key_file), + '-Y', 'http', + '-Tfields', + '-e', 'frame.number', + '-e', 'http.request.uri', + '-e', 'http.file_data', + '-E', 'separator=|', + ), + env=config.test_env) + self.assertEqual([ + r'5|/first|', + r'6||Request for /first, version TLSv1.3, Early data: no\n', + r'8|/early|', + r'10||Request for /early, version TLSv1.3, Early data: yes\n', + r'12|/second|', + r'13||Request for /second, version TLSv1.3, Early data: yes\n', + ], proc.stdout_str.splitlines()) + + def test_tls13_rfc8446_noearly(self): + '''TLS 1.3 (with undecryptable early data).''' + if not config.have_libgcrypt16: + self.skipTest('Requires GCrypt 1.6 or later.') + capture_file = os.path.join(config.capture_dir, 'tls13-rfc8446.pcap') + key_file = os.path.join(config.key_dir, 'tls13-rfc8446-noearly.keys') + proc = self.runProcess((config.cmd_tshark, + '-r', capture_file, + '-ossl.keylog_file:{}'.format(key_file), + '-Y', 'http', + '-Tfields', + '-e', 'frame.number', + '-e', 'http.request.uri', + '-e', 'http.file_data', + '-E', 'separator=|', + ), + env=config.test_env) + self.assertEqual([ + r'5|/first|', + r'6||Request for /first, version TLSv1.3, Early data: no\n', + r'10||Request for /early, version TLSv1.3, Early data: yes\n', + r'12|/second|', + r'13||Request for /second, version TLSv1.3, Early data: yes\n', + ], proc.stdout_str.splitlines()) + + class case_decrypt_zigbee(subprocesstest.SubprocessTestCase): def test_zigbee(self): '''ZigBee'''