diff options
author | Peter Wu <peter@lekensteyn.nl> | 2015-07-09 16:36:49 +0200 |
---|---|---|
committer | Peter Wu <peter@lekensteyn.nl> | 2015-07-15 21:31:44 +0000 |
commit | 85f8a99f354850d5fbf774b04e9721195614d7d8 (patch) | |
tree | 46b79058b029ab5bb3ba90af143e2fbf37e55fb8 /test/suite-decryption.sh | |
parent | 79be8312da5f572664e8a56d6e98d92dc34fdc95 (diff) |
ssl-utils: fix failing decryption for some RSA keys
Reported at
https://ask.wireshark.org/questions/43788/struggling-to-decrypt-ssl
"u" requirement is documented at
https://www.gnupg.org/documentation/manuals/gcrypt/RSA-key-parameters.html#RSA-key-parameters
Add regression test (key is generated manually with p and q swapped and
qInv recalculated).
Change-Id: I5505ddcdb54bb47d7a58867b8c3e53fcc0f66dde
Reviewed-on: https://code.wireshark.org/review/9573
Tested-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Diffstat (limited to 'test/suite-decryption.sh')
-rwxr-xr-x | test/suite-decryption.sh | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/test/suite-decryption.sh b/test/suite-decryption.sh index 3a494c97db..a6c5857c1d 100755 --- a/test/suite-decryption.sh +++ b/test/suite-decryption.sh @@ -119,6 +119,21 @@ decryption_step_ssl() { test_step_ok } +# SSL, using the server's private key with p < q +# (test whether libgcrypt is correctly called) +decryption_step_ssl_rsa_pq() { + $TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS -Tfields -e http.request.uri \ + -o ssl.keys_list:"0.0.0.0,443,http,${TEST_KEYS_DIR//\\/\\\\x5c}/rsa-p-lt-q.key" \ + -r "$CAPTURE_DIR/rsa-p-lt-q.pcap" -Y http \ + | grep / > /dev/null 2>&1 + RETURNVALUE=$? + if [ ! $RETURNVALUE -eq $EXIT_OK ]; then + test_step_failed "Failed to decrypt SSL using the server's RSA private key" + return + fi + test_step_ok +} + # SSL, using the server's private key with password decryption_step_ssl_with_password() { $TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS -Tfields -e http.request.uri \ @@ -246,6 +261,7 @@ tshark_decryption_suite() { test_step_add "IEEE 802.11 WPA EAP Decryption" decryption_step_80211_wpa_eap test_step_add "DTLS Decryption" decryption_step_dtls test_step_add "SSL Decryption (private key)" decryption_step_ssl + test_step_add "SSL Decryption (RSA private key with p smaller than q)" decryption_step_ssl_rsa_pq test_step_add "SSL Decryption (private key with password)" decryption_step_ssl_with_password test_step_add "SSL Decryption (master secret)" decryption_step_ssl_master_secret test_step_add "ZigBee Decryption" decryption_step_zigbee |