3 # Test decryption capabilities of the Wireshark tools
7 # Wireshark - Network traffic analyzer
8 # By Gerald Combs <gerald@wireshark.org>
9 # Copyright 2005 Ulf Lamping
11 # This program is free software; you can redistribute it and/or
12 # modify it under the terms of the GNU General Public License
13 # as published by the Free Software Foundation; either version 2
14 # of the License, or (at your option) any later version.
16 # This program is distributed in the hope that it will be useful,
17 # but WITHOUT ANY WARRANTY; without even the implied warranty of
18 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 # GNU General Public License for more details.
21 # You should have received a copy of the GNU General Public License
22 # along with this program; if not, write to the Free Software
23 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
41 # common exit status values
52 TEST_KEYS_DIR="$PWD/keys/"
53 if [ "$WS_SYSTEM" == "Windows" ] ; then
54 TEST_KEYS_DIR="`cygpath -w $TEST_KEYS_DIR`"
57 #TS_ARGS="-Tfields -e frame.number -e frame.time_epoch -e frame.time_delta"
59 TS_DC_ENV="${HOME_ENV}=${TEST_HOME}"
61 DIFF_OUT=./diff-output.txt
63 # We create UATs in the source directory. Add a unique ID so we can avoid
64 # deleting files we shouldn't.
65 DC_ID="suite-decryption.sh-$$"
69 # http://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=view&target=wpa-Induction.pcap
70 decryption_step_80211_wpa_psk() {
71 env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
72 -o "wlan.enable_decryption: TRUE" \
73 -Tfields -e http.request.uri \
74 -r captures/wpa-Induction.pcap.gz \
76 | grep favicon.ico > /dev/null 2>&1
78 if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
79 test_step_failed "Failed to decrypt IEEE 802.11 WPA PSK"
86 # http://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=view&target=snakeoil.tgz
87 decryption_step_dtls() {
88 env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
89 -Tfields -e data.data \
90 -r captures/snakeoil-dtls.pcap -R http \
91 | grep "69:74:20:77:6f:72:6b:20:21:0a" > /dev/null 2>&1
93 if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
94 test_step_failed "Failed to decrypt DTLS"
101 # http://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=view&target=snakeoil2_070531.tgz
102 decryption_step_ssl() {
103 env $TS_DC_ENV $TSHARK $TS_DC_ARGS -Tfields -e http.request.uri -r captures/rsasnakeoil2.pcap -R http | grep favicon.ico > /dev/null 2>&1
105 if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
106 test_step_failed "Failed to decrypt SSL"
113 # https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7022
114 decryption_step_zigbee() {
115 env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
116 -r captures/sample_control4_2012-03-24.pcap \
117 -Tfields -e data.data \
119 | grep "30:67:63:63:38:65:20:63:34:2e:64:6d:2e:74:76:20" > /dev/null 2>&1
121 if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
122 test_step_failed "Failed to decrypt ZigBee"
128 tshark_decryption_suite() {
129 test_step_add "IEEE 802.11 WPA PSK Decryption" decryption_step_80211_wpa_psk
130 test_step_add "DTLS Decryption" decryption_step_dtls
131 test_step_add "SSL Decryption" decryption_step_ssl
132 test_step_add "ZigBee Decryption" decryption_step_zigbee
135 decryption_cleanup_step() {
136 for UAT in $UAT_FILES ; do
137 grep $DC_ID $WS_BIN_PATH/$UAT > /dev/null 2>&1
139 if [ $RETURNVALUE -eq $EXIT_OK ]; then
140 rm -f $WS_BIN_PATH/$UAT
146 decryption_prep_step() {
147 decryption_cleanup_step
150 for UAT in $UAT_FILES ; do
151 if [ -f $WS_BIN_PATH/$UAT ] ; then
152 test_remark_add "$WS_BIN_PATH/$UAT exists. One or more tests may fail."
154 echo "# Created by $DC_ID" > $WS_BIN_PATH/$UAT
155 sed -e "s|TEST_KEYS_DIR|${TEST_KEYS_DIR//\\/\\\\x5c}|" < ./config/$UAT.tmpl >> $WS_BIN_PATH/$UAT
161 test_step_set_pre decryption_prep_step
162 test_step_set_post decryption_cleanup_step
163 test_suite_add "TShark decryption" tshark_decryption_suite
171 # indent-tabs-mode: t
174 # ex: set shiftwidth=8 tabstop=8 noexpandtab:
175 # :indentSize=8:tabSize=8:noTabs=false: