diff options
| author | Kevin Grigorenko <kevin.grigorenko@us.ibm.com> | 2015-06-03 14:42:51 -0500 |
|---|---|---|
| committer | Alexis La Goutte <alexis.lagoutte@gmail.com> | 2015-06-04 15:49:45 +0000 |
| commit | 5f9a52dc951b9358da9ea7a91a47b3c3f83461e8 (patch) | |
| tree | 389a0a113c47ae3b37a0316df945c4172e9a44db /test | |
| parent | fde38c099f062429dd501ab24efe4917f312b110 (diff) | |
SSL: Add support for private key password when decrypting
SSL traffic from tshark with -o ssl.keys_list.
For example, as used in a new test also added in this commit:
-o "ssl.keys_list: 127.0.0.1,9131,http,$TEST_KEYS_DIR/key.p12,WebAS"
Change-Id: Ia6960fa4ae88182277f6d22d84ec9170ea74d54e
Reviewed-on: https://code.wireshark.org/review/8746
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Diffstat (limited to 'test')
| -rwxr-xr-x | test/captures/dmgr.pcapng | bin | 0 -> 20452 bytes | |||
| -rwxr-xr-x | test/keys/key.p12 | bin | 0 -> 3842 bytes | |||
| -rwxr-xr-x | test/suite-decryption.sh | 15 |
3 files changed, 15 insertions, 0 deletions
diff --git a/test/captures/dmgr.pcapng b/test/captures/dmgr.pcapng Binary files differnew file mode 100755 index 0000000000..10eb29d4b8 --- /dev/null +++ b/test/captures/dmgr.pcapng diff --git a/test/keys/key.p12 b/test/keys/key.p12 Binary files differnew file mode 100755 index 0000000000..43a66ddf9e --- /dev/null +++ b/test/keys/key.p12 diff --git a/test/suite-decryption.sh b/test/suite-decryption.sh index 936dbef244..880899538b 100755 --- a/test/suite-decryption.sh +++ b/test/suite-decryption.sh @@ -119,6 +119,20 @@ decryption_step_ssl() { test_step_ok } +# SSL, using the server's private key with password +decryption_step_ssl_with_password() { + $TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS -Tfields -e http.request.uri \ + -o "ssl.keys_list: 127.0.0.1,9131,http,$TEST_KEYS_DIR/key.p12,WebAS" \ + -r "$CAPTURE_DIR/dmgr.pcapng" -Y http \ + | grep unsecureLogon.jsp > /dev/null 2>&1 + RETURNVALUE=$? + if [ ! $RETURNVALUE -eq $EXIT_OK ]; then + test_step_failed "Failed to decrypt SSL using the server's private key with password" + return + fi + test_step_ok +} + # SSL, using the master secret decryption_step_ssl_master_secret() { $TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS -Tfields -e http.request.uri \ @@ -233,6 +247,7 @@ tshark_decryption_suite() { test_step_add "IEEE 802.11 WPA EAP Decryption" decryption_step_80211_wpa_eap test_step_add "DTLS Decryption" decryption_step_dtls test_step_add "SSL Decryption (private key)" decryption_step_ssl + test_step_add "SSL Decryption (private key with password)" decryption_step_ssl_with_password test_step_add "SSL Decryption (master secret)" decryption_step_ssl_master_secret test_step_add "ZigBee Decryption" decryption_step_zigbee test_step_add "ANSI C12.22 Decryption" decryption_step_c1222 |