Add an ESP decryption test.

Add an ESP decryption test using the capture+keys from bug 12671. Change-Id: I5f7ce477ec74d59c1043345728a1444842912b96 Ping-Bug: 12671 Reviewed-on: https://code.wireshark.org/review/16733 Reviewed-by: Gerald Combs <gerald@wireshark.org> Tested-by: Gerald Combs <gerald@wireshark.org>
2016-07-27 14:48:18 -07:00 · 2016-07-27 14:48:18 -07:00 · 3aedb1e256
parent 12b859f453
commit 3aedb1e256
3 changed files with 20 additions and 1 deletions
--- a/test/captures/esp-bug-12671.pcapng.gz
+++ b/test/captures/esp-bug-12671.pcapng.gz
--- a/test/config/esp_sa.tmpl
+++ b/test/config/esp_sa.tmpl
@ -0,0 +1,2 @@
+"IPv4","192.168.0.1","192.168.0.100","0x070883c2","AES-CBC [RFC3602]","0x5de1a4c2c72662c9fda7a7c78cd25623","HMAC-SHA-1-96 [RFC2404]","0x51c9213c18232f8f26c70c4dee6e0e6d56e31e8a"
+"IPv4","192.168.0.100","192.168.0.1","0xc254fe64","AES-CBC [RFC3602]","0x88e1dad7140af03b8d4f3d734d21be4b","HMAC-SHA-1-96 [RFC2404]","0x3e00d517c1220d4b7d2950fcc02edd4b6023d278"
--- a/test/suite-decryption.sh
+++ b/test/suite-decryption.sh
@ -23,7 +23,6 @@

 # To do:
 #   IEEE 802.15.4
-#   IPsec / ESP
 #   ISAKMP / IKEv2
 #   PKCS#12
 #   SNMP
@ -42,6 +41,7 @@ EXIT_ERROR=2
 UAT_FILES="
 	80211_keys
 	dtlsdecrypttablefile
+	esp_sa
 	ssl_keys
 	c1222_decryption_table
 	ikev1_decryption_table
@ -162,6 +162,22 @@ decryption_step_dtls() {
 	test_step_ok
 }

+# IPsec ESP
+# https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12671
+decryption_step_ipsec_esp() {
+	$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
+		-o "esp.enable_encryption_decode: TRUE" \
+		-Tfields -e data.data \
+		-r "$CAPTURE_DIR/esp-bug-12671.pcapng.gz" -Y data \
+		| grep "08:09:0a:0b:0c:0d:0e:0f:10:11:12:13:14:15:16:17" > /dev/null 2>&1
+	RETURNVALUE=$?
+	if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
+		test_step_failed "Failed to decrypt DTLS"
+		return
+	fi
+	test_step_ok
+}
+
 # SSL, using the server's private key
 # https://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=view&target=snakeoil2_070531.tgz
 decryption_step_ssl() {
@ -328,6 +344,7 @@ tshark_decryption_suite() {
 	test_step_add "IEEE 802.11 WPA EAP Decryption" decryption_step_80211_wpa_eap
 	test_step_add "IEEE 802.11 WPA TDLS Decryption" decryption_step_80211_wpa_tdls
 	test_step_add "DTLS Decryption" decryption_step_dtls
+	test_step_add "IPsec ESP Decryption" decryption_step_ipsec_esp
 	test_step_add "SSL Decryption (private key)" decryption_step_ssl
 	test_step_add "SSL Decryption (RSA private key with p smaller than q)" decryption_step_ssl_rsa_pq
 	test_step_add "SSL Decryption (private key with password)" decryption_step_ssl_with_password