From d208779974da4a1401cb544c4b3efcd9cdb807f3 Mon Sep 17 00:00:00 2001 From: David Garske Date: Fri, 6 Nov 2020 14:55:00 -0800 Subject: [PATCH] Added test case for TLS v1.3 with HRR (hello_retry_request) --- scripts/include.am | 1 + scripts/sniffer-testsuite.test | 10 ++++++++++ scripts/sniffer-tls13-gen.sh | 5 +++++ scripts/sniffer-tls13-hrr.pcap | Bin 0 -> 8789 bytes wolfssl/sniffer_error.rc | 3 +-- 5 files changed, 17 insertions(+), 2 deletions(-) create mode 100644 scripts/sniffer-tls13-hrr.pcap diff --git a/scripts/include.am b/scripts/include.am index 23eaadf2f..fafdb43ab 100644 --- a/scripts/include.am +++ b/scripts/include.am @@ -91,6 +91,7 @@ EXTRA_DIST += scripts/testsuite.pcap \ scripts/sniffer-tls13-dh.pcap \ scripts/sniffer-tls13-ecc.pcap \ scripts/sniffer-tls13-gen.sh \ + scripts/sniffer-tls13-hrr.pcap \ scripts/ping.test \ scripts/benchmark.test \ scripts/memtest.sh diff --git a/scripts/sniffer-testsuite.test b/scripts/sniffer-testsuite.test index 69bfa50df..083974bcf 100755 --- a/scripts/sniffer-testsuite.test +++ b/scripts/sniffer-testsuite.test @@ -39,6 +39,16 @@ then [ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 DH\n" && exit 1 fi +# TLS v1.3 sniffer test hello_retry_request (HRR) with ECDHE +if test $# -ne 0 +then + ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-tls13-hrr.pcap ./certs/statickeys/ecc-secp256r1.pem 127.0.0.1 11111 + + RESULT=$? + [ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 HRR\n" && exit 1 +fi + + # IPv6 if test $# -ne 0 && test "x$1" = "x-6"; then diff --git a/scripts/sniffer-tls13-gen.sh b/scripts/sniffer-tls13-gen.sh index 7f7f537c9..a98e7b4d4 100755 --- a/scripts/sniffer-tls13-gen.sh +++ b/scripts/sniffer-tls13-gen.sh @@ -22,3 +22,8 @@ ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -r ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r & ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r + +# TLS v1.3 Hello Retry Request (save this as sniffer-tls13-hrr.pcap) +# ./configure --enable-sniffer CFLAGS="-DWOLFSSL_SNIFFER_WATCH" --disable-dh && make +./examples/server/server -v 4 -i -x -g & +./examples/client/client -v 4 -J diff --git a/scripts/sniffer-tls13-hrr.pcap b/scripts/sniffer-tls13-hrr.pcap new file mode 100644 index 0000000000000000000000000000000000000000..c9b0789672b0663ebad9eff017cf62d1aa8d494d GIT binary patch literal 8789 zcmca|c+)~A1{MYcfUxr}Esal2XJT++U;tw#1_lOK1_lQZa$sX%sAphc1mOo4wbQRe zb}Rzv-@x?$|34E31|}B!8;s1%Y>bQ?T;<)2+8{X=CI$wOnH`yg&D2hRaM6>cYtEI( zj>Q{Yt`1Q?7NKz>$+ME9af!cl_=($2I70f`q#Q3DDJeNfaiRWmV^GBAKK z$aq%EvIlpxgy1*ruS1A_@O^LfR!B~NE13htBbVUkPTG4aqML9wdc zJ#p;wI3Jx@VLXQc6b?LKuZS~fGcYl;fE>|NP1rM#{Lq=^$EVy63gX7}6qQFD-+g9Cv8#u$wX>IwOuE6D=zxTbnmgC&Ex{7PAcbI*N;qDiiR0Fl$gaEw0f{F_@d64@BT)R#YiDBE!N35)C9h{>lifY9u!C`;*p@R)5?f`@?6P^wa&pBab3{5_)lN7(AnB_s&y%G)3N6#Y!-I7a z6GI3C0~kZYBLI7NbVq^16%-yW@bEA#?`AX-XJ%#)-y^@vjWdPy_JYqrf=u=G@|&+e zjkd5~1qyS)NhGHBsht@r@HLT=jPOU9W28{H;p`Smb-}zpMNjDo%a9n^PK%{rs>5Ufj10u z1OLrv*l%E3{mxc0X4WgMgxj36=cHCT70h$_!)dr!uahCq?pmwXH=cxJ@vf6^wS;%S zHjvT&GvDFH_Mi|}!6;AJ4h=D(Z!;e#q)%KNaA)cnTVrSO1Dno@rM!{;zWMCUguL3_ zY4U6Cc-yX9?zJm=!}RZ|Q{p9-3w>d)x;D>gW81tXcl{bd7A^hZqPKAUIitSA{G8JY z)_tAbQ!lsGTISDxL4oSf6)xg}?KhP7zRF}i!u9qSU(bCX>w_Qk{8_D|?%iH3Ut`bx z!yzKzZ0P2a+>H;f7RIj4=HvM*>@@BD%qNpyo;j53_ISOoptnQB-45pMZ^W2;9WCT< zD+GV}Ie&qQp!;2Afoq@TR(%!S{k`+R;ZrgxdtD~J&JGBOh)us8^j70?InUoW%BR+F zemFNXzVPBs#r~&{KG~*8xv74uZayiXw$^q(%dhP+1=$5_kDJxDl<^$Q&2bZ(#@HZh zsePm6u4cvloLLtR&OLkefSzFOo%%#SHFg)xgE3!w%AWXmRPHKSp6tdu<8m#O5s@KGa8b|ln7x5lCv;V7v{OO#C^&44rb8{U2*3N$G zn_y?=|AoJd@5I{ahxtCrx=s1>-XR}U+#4{ zUWn3`bg$Vp_u*p3@;Ng-Unp89=e=*wP86NO|0qFf3LEpg)1je-0nRx^r3JGC-1c&C z9m`f(qWrFSwz!Hs=e8&A@7i~kDKlEUE@seR;Z0!qqGqLbYxlRB4~tiIRlk*C{krM* z#@X{zN_Rf%nfc?^@#;xxn#cER)$iK)cbjec_KqL#m)`c&+p%HZMT3oBZCDlyIy3Gs z37nWC$&)cxWyePZ3knmW z54WEEHoV3)gji_1v~1Y!-Jr!{29L zSG4r~;6HHu-|aJro0(&dv%b~+sqkWUa#OqPY?qJm8k1O8W`!lP?4B<9UoUCB)agLY zC&peWpAN27)@}~_%QQ)JW4c|MPNiB}cr&*~ce(Mh*KN=Jc^@2|Tlnmm7QZN8EaMKvzFODv(ptwl|D1P!+wEn+s-+!QZQj+`PMUus z?yProu;A0&V>O&XlUCMq=WkF?UwbJ3Zw}AD2e+=zU=^RSw90J-Yb4K^Al}qRA16w_ zoxjRvd(Mrk%YIf!{OpZ=b%)f74zqocu zhiXO6$$7FnHnf^E*2~|#eAB(TXTyScO&#C%#CWHRGtX?*XN=f+)GbfWP5)d_T6u~@ zMaa}6;>-E4 z4ELV8SjFA2xRe&~e?r22cR_8DC#N5n|C-)EKXvEJ#cNlH=0{$<>&w09)4!$00rg%N z=WRPZadz-|d!AR3+3%Fj?eVsh)fN!mXnCVt{hE-xA3NJF*)NYKJ^532Sduwu-ZC}& zORe_zHt(rDcA;&C<&@3AoZ%@S6wmyuP%hb5d~>RIbn z`X?9eb%}W()aAfZ6=xx4R1!LeO)vAB8(4^{1%*`%Hn8#~2(A z=qjr?+r0a+bpCVo4_i$OY91E0Yi~1qx8KEU{^_Ku$_>*B{4O5-SE2Fs$e}Gf!S?zB z5>F?0-IjKJQ~T<7_r^4)kC`1G@0B{=aeF+$`n#|0-ddg$ZmhY@>R~7LiynVB_tO4S zuFH~Dp3k=&cF54^zZ7npvGD4nxX^IV&QI3AHedYls$qNU`#lpy-!$IzeKT4659=}i z+6Tf6wM&j{x_oB0|6Z$xm%=4_b`Mup8>}gco48xx=e$j9Iao><$k*2X%CbcT&!*`ZxjlKhLvwbQ zRq3q2HTw#gC)vNf%cc?(6o<*wI)0HK%cz zR<-B97Nd}|HMK03!90KFN4#c!!?@acU9;Uv6WM#c(Vq{z?V2HU=4n;X{)MfE){b%v zUF;{;{d1arU|X>M#0d)CzBBJ$uH0XjW)y#rH=A{eQmc8$<%H|85AS^HmQUIsq1F;w z7E$CwM)*ja}5F#`;eNcpys6&$Q;`jOblU+3}6gtrZNU$ zZ>CN?2WzJOcY`-my~?{8t;Cs`86|z=87KHX`^ThneZOwNQH?%V&gJY&o!a;{y*GZ6 z@H9QWTRLJEm){JB65-!oofAVvzdRQ9X4ZSS$Nz%BtL{}%Ngsc9O!MjAY%urIG_l#v zhge_Txa8PiC#m-KpM%=p%zg>$!#1-wsQ=0Qv&*(+zL?;h3poW->Teu+`6FwQc8=b8 zmQ!n5|2b-f{rNvj|Hj6BiR$~SR(7OXbw&Pi?QZg$ch>aU35QA7S;BKK6!vahW4CRl zeudq6;YI9f>(7L?9p8Tb{9o&kgsTfbZ#uZoG`V>is|{bJvx8*A*%M}`PqMt{*76F9SU7q2 zx0)rtwskOVxX3wcXCKG~g6~N2$#k^_0g0VRJ^{JF8)VK#eP)IlRt7MJ_=L3r-6x1X z?sT;V35lJ|xp1FEm3K3Gi!(E`+8dwPa;s#XrYF;$%k0{F^O#o!uk>x)60X;>%va>u zl|IeH(~jy-E}2Fe%y$mk=cqJs6H`VX&v*$4<|9kZ?^~9=Y!E^R6k2JX@#TL_F8Ox~kdsoM) zotj7fdq@5#U8N!yAjw&%Z|Jvcchi-V$93CR+FzI=v#QxYJ|oIlDf&g!tDJp>k#(9~ z-cL=|Ry_01{`#Kb-`m@7j&1!}`g`$(jt?G}AW zdFb|wW#_!D|pD8Z%4}=ik)%DCl4PQSy?4XPeMmMca?_ zo0R*W{eLq*vi;4Xy5uPvTo%5yJ9JVp!*Qj{zD;(4T!A|_nBf=w|zU2rk*Vn#Mv^OZ)Lqz)b%stzb+;mHW*xH7-T% zLWZ?_l(!b>KQ7be%KYZ~?7;iG7nV0Cy9&tO*t~R&_9827pY4-h{?Zh5YV6O@Rywer zt$*X**_TEC+}!7}v~|8^Oy@`csx6J?_k@kg_3LCN@G+RLvWa>%J(5HD@oi>~u)TJZ zWUp8J+x@rFa^-dlY5oi+SxLsX9&2CCo6&tDKXh-x=`Fp%7ym|Gi8>w`wex7Lx_c}K z^B3demNRZ!FZjlHao~QcWtnSzX-Cc1J2lUQF2?fZOV8RjS8d0~@9kyR z>a-0Dq)vQq*}V0%x69#$`n~@jU5e9wR{GmB$C0(#TAm@ zSJv}~?`x=uZ!AkQyep|LT(?mGuZ4%rb z_B%YZC*PU-TblR8Fy{W;`+JtScPM`l7Fg)F1P9(a&*hDYw}JS5ej-L8SAX`C63hpwd7;>kJ?aTz5nA(QRc=S zbG%=QJn}nL-E&0w^xwSK(ZyQN{?2TSv%0z@=ls_XHFLIH)o9*3YquF=>y(Q8-@&qx z-<5^F{#ec4t*k%&NA7qUO;m&kg}Ko zWBvs)ZaQ7J@3#3f{k7!Gz zmUlBof!h*mTr*Z5TAbCUzRj)Wg2>kSLE9VKpFD9jRXlypbJG_8Wv!v17pjELFxYSR zpBU*W8@lqK;raGO`_fBDeX%&87R^FkjeZLW;} z6yT<9p4ZRidA#bC9obj*lGFhsUSzO!PkSp@sXMgLHY6acGpP3PJ%XkZxPP0FL z@c#NQ8*P$$g}|Tx#)~wJc;E zt9$!&=Yt1?e*8%e*X!9fyO!ZO$HLGTyi?}vYB;v()n?5I{Wojfzs6hxg|b}?DX}%- zLW6+BDWuo}g>ov$oWNLSa61Cjo`A#_W?KRhTN5t8VhgD)0X7HRmWT;omENMN!*u4L z43FmNXAA6EM1ORzVc)2J`?I!5_3_m7WAU3*%f5Te(3@GmkNeNf6xMJtN019*VoCAI zL@r!Dc^Ajb5W~O##!#O`U~fxI z+1C8)eV7ubI#uno`K7m)udP)H|Mz~9^dhI_-<#ZjUN?DTTJc&?fE^Tyq8)@o5t8;M z>UpwEztbQfu?;B{LB7uine(HInL(eC0gNG`2%4>SU_hSXhKAyuE0Ghyq4-}OB^2{P zq4+7p;_#8cobKTL=fXMK9=&>zy1ige?xx);V%p{6H@!T{OHy`(F0T(;-WIW_udKyh zwzvEDmn_58x36{b?atc&z_R*!;>jqok(4;b=kAl7{le4u{HW@!ciPnU1NU zCpQXqH4Ci~oBG$=Q-7)J`GB1Ueb47k$=N^uuf1Zt%B59ob=JT3nR?0Fs~1?Gh;J}X zxnEPY$Lr_v>3#<;yf|l_{v|Q?bMm#CRgBTUJ?$QE<+Ik--LgB?i#zW}+$}qy1W@oP zb(0beGcGp>NNmCu4cEGv83Gs>z!(w@3_jQs^Nh=|X!wVi>nJGiW&}rr@XIMCO53A8 z+!QQZdh>|yS1qe70gyW%k><|VXzm1=UjQ;^We;KhLXyjj*I;)FqGVpUIa`P@2a$Yd zfVy+Y;RZM7TMyxILor7}ViQ`p6@Zej@Kn#$*3+2;%C;q*lr>u*+?k>33Gy#*FEfJ< a0|OXC<3$5Uyu1M|@(5sIVE8A)zyJWxNT107 literal 0 HcmV?d00001 diff --git a/wolfssl/sniffer_error.rc b/wolfssl/sniffer_error.rc index 59d8f5c9e..27bfdfe1c 100644 --- a/wolfssl/sniffer_error.rc +++ b/wolfssl/sniffer_error.rc @@ -113,6 +113,5 @@ STRINGTABLE 92, "Store Data callback failed" 93, "Loading chain input" 94, "Got encrypted extension" - 95, "Hello retry request" + 95, "Got Hello Retry Request" } -