add a test for SSL/TLS decryption using the master secret
rename the existing SSL test to clarify that it uses the server's private key for decryption Change-Id: I13598fc4cf724b144a8f27bfa7a3316acfc78728 Reviewed-on: https://code.wireshark.org/review/640 Reviewed-by: Martin Kaiser <wireshark@kaiser.cx> Tested-by: Martin Kaiser <wireshark@kaiser.cx>
This commit is contained in:
parent
c9956e35f2
commit
ba32257cb6
Binary file not shown.
|
@ -0,0 +1,2 @@
|
|||
# the client's random number and the master secret for test/captures/dhe1.pcapng.gz
|
||||
CLIENT_RANDOM 531f88d114fcf9ce9729b5458f73e1807324459029ee4bea43f8ee4ce06c77c0 3CC9E5068E674393C10E540430F60AB794C028B277CAD9C708758400B803AD4FC81D6796AFD14D8952F7CD9E4268B4DB
|
|
@ -90,7 +90,7 @@ decryption_step_dtls() {
|
|||
test_step_ok
|
||||
}
|
||||
|
||||
# SSL
|
||||
# SSL, using the server's private key
|
||||
# http://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=view&target=snakeoil2_070531.tgz
|
||||
decryption_step_ssl() {
|
||||
env $TS_DC_ENV $TSHARK $TS_DC_ARGS -Tfields -e http.request.uri \
|
||||
|
@ -98,7 +98,23 @@ decryption_step_ssl() {
|
|||
| grep favicon.ico > /dev/null 2>&1
|
||||
RETURNVALUE=$?
|
||||
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
|
||||
test_step_failed "Failed to decrypt SSL"
|
||||
test_step_failed "Failed to decrypt SSL using the server's private key"
|
||||
return
|
||||
fi
|
||||
test_step_ok
|
||||
}
|
||||
|
||||
# SSL, using the master secret
|
||||
decryption_step_ssl_master_secret() {
|
||||
env $TS_DC_ENV $TSHARK $TS_DC_ARGS -Tfields -e http.request.uri \
|
||||
-o "ssl.keylog_file: $TEST_KEYS_DIR/dhe1_keylog.dat" \
|
||||
-o "ssl.desegment_ssl_application_data: FALSE" \
|
||||
-o "http.ssl.port: 443" \
|
||||
-r "$CAPTURE_DIR/dhe1.pcapng.gz" -Y http \
|
||||
| grep test > /dev/null 2>&1
|
||||
RETURNVALUE=$?
|
||||
if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
|
||||
test_step_failed "Failed to decrypt SSL using the master secret"
|
||||
return
|
||||
fi
|
||||
test_step_ok
|
||||
|
@ -159,7 +175,8 @@ decryption_step_dvb_ci() {
|
|||
tshark_decryption_suite() {
|
||||
test_step_add "IEEE 802.11 WPA PSK Decryption" decryption_step_80211_wpa_psk
|
||||
test_step_add "DTLS Decryption" decryption_step_dtls
|
||||
test_step_add "SSL Decryption" decryption_step_ssl
|
||||
test_step_add "SSL Decryption (private key)" decryption_step_ssl
|
||||
test_step_add "SSL Decryption (master secret)" decryption_step_ssl_master_secret
|
||||
test_step_add "ZigBee Decryption" decryption_step_zigbee
|
||||
test_step_add "ANSI C12.22 Decryption" decryption_step_c1222
|
||||
test_step_add "DVB-CI Decryption" decryption_step_dvb_ci
|
||||
|
|
Loading…
Reference in New Issue