diff options
author | Jack Lloyd <[email protected]> | 2017-09-01 07:42:09 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2017-09-02 05:18:11 -0400 |
commit | 6693454c7cfd40b733520b90f9fbb5737faab069 (patch) | |
tree | e70d700d06ae96f9c2f624493460d17cfd2aad45 /src/extra_tests/tls-attacker | |
parent | dc672bf97fb3ffa582fe66ba20ab483df05e01ae (diff) |
Add a script for running TLS-Attacker, remove old shell scripts
[ci skip]
Diffstat (limited to 'src/extra_tests/tls-attacker')
-rw-r--r-- | src/extra_tests/tls-attacker/README.md | 35 | ||||
-rw-r--r-- | src/extra_tests/tls-attacker/fuzzing/config.xml | 14 | ||||
-rwxr-xr-x | src/extra_tests/tls-attacker/fuzzing/server_fuzzer.sh | 8 | ||||
-rwxr-xr-x | src/extra_tests/tls-attacker/fuzzing/setup.sh | 31 | ||||
-rwxr-xr-x | src/extra_tests/tls-attacker/testsuite/server_policytest.sh | 17 | ||||
-rwxr-xr-x | src/extra_tests/tls-attacker/testsuite/server_testsuite.sh | 17 | ||||
-rwxr-xr-x | src/extra_tests/tls-attacker/testsuite/setup.sh | 21 |
7 files changed, 0 insertions, 143 deletions
diff --git a/src/extra_tests/tls-attacker/README.md b/src/extra_tests/tls-attacker/README.md deleted file mode 100644 index abff9b2c3..000000000 --- a/src/extra_tests/tls-attacker/README.md +++ /dev/null @@ -1,35 +0,0 @@ -# TLS-Attacker testsuite and fuzzing - -Extended Botan library tests with TLS-Attacker. https://github.com/RUB-NDS/TLS-Attacker - -## Testsuite -Contains a testsuite to validate correct TLS server behavior. - -Run -```bash -setup.sh -``` -to download and build the recent TLS-Attacker version, and generate RSA key pairs. - -Run -```bash -server_testsuite.sh -server_policytest.sh -``` -to run the tests. Testsuite executes specific TLS handshakes with the Botan server and verifies that the server correctly handles specific TLS versions and cipher suites. The policy test instantiates the Botan server with a specific policy and verifies that the server behaves according to this policy. - - -## Fuzzing -Starts the TLS-Attacker fuzzer against the Botan server. - -Run -```bash -setup.sh -``` -to download and build the recent TLS-Attacker version, generate RSA key pairs, and re-compile Botan with Address Sanitizer. - -Run -```bash -server_fuzzer.sh -``` -to start the fuzzer. The fuzzer config is located in `config.xml`. Per default, one Botan server is started on port 55020, with the generated RSA keys.`
\ No newline at end of file diff --git a/src/extra_tests/tls-attacker/fuzzing/config.xml b/src/extra_tests/tls-attacker/fuzzing/config.xml deleted file mode 100644 index 5ae1c829a..000000000 --- a/src/extra_tests/tls-attacker/fuzzing/config.xml +++ /dev/null @@ -1,14 +0,0 @@ -<startupCommandsHolder> - <serverCommand>../../../../botan </serverCommand> - <serverPort>55020</serverPort> - <workflowFolder>../TLS-Attacker/resources/fuzzing/workflows</workflowFolder> - <modifiedVariableTypes>TLS_CONSTANT,LENGTH,COUNT,PUBLIC_KEY,PADDING,SIGNATURE,PLAIN_PROTOCOL_MESSAGE</modifiedVariableTypes> - <outputFolder>output/</outputFolder> - <startupCommandsList> - <startupCommands> - <fuzzerCommand>simple_fuzzer -connect localhost:$PORT</fuzzerCommand> - <serverCommandParameters>tls_server ../rsa2048cert.pem ../rsa2048key.pem --port=$PORT </serverCommandParameters> - <shortName>botan-rsa</shortName> - </startupCommands> - </startupCommandsList> -</startupCommandsHolder>
\ No newline at end of file diff --git a/src/extra_tests/tls-attacker/fuzzing/server_fuzzer.sh b/src/extra_tests/tls-attacker/fuzzing/server_fuzzer.sh deleted file mode 100755 index 9e23aee89..000000000 --- a/src/extra_tests/tls-attacker/fuzzing/server_fuzzer.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh - -if [ -d tls-testsuite ] -then - cd tls-testsuite -fi - -java -jar ../TLS-Attacker/Runnable/target/TLS-Attacker-1.2.jar -loglevel ERROR multi_fuzzer -startup_command_file config.xml
\ No newline at end of file diff --git a/src/extra_tests/tls-attacker/fuzzing/setup.sh b/src/extra_tests/tls-attacker/fuzzing/setup.sh deleted file mode 100755 index 8c83f6eff..000000000 --- a/src/extra_tests/tls-attacker/fuzzing/setup.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/sh - -if [ ! -d output ] -then - mkdir output -fi - -cd .. - -openssl genpkey -algorithm RSA -out rsa2048key.pem -pkeyopt rsa_keygen_bits:2048 -openssl req -key rsa2048key.pem -new -x509 -days 365 -out rsa2048cert.pem -subj "/C=DE/ST=NRW/L=Bochum/O=TLS-Attacker/CN=tls-attacker.de" - -if [ ! -d TLS-Attacker ] -then - git clone https://github.com/RUB-NDS/TLS-Attacker.git -fi - -cd TLS-Attacker -git checkout . -git pull -./mvnw clean package -DskipTests=true - -cd ../../../../ -make clean -export ASAN_OPTIONS=check_initialization_order=true -if [ -n "$CC" ] - then ./configure.py --with-sanitizers --disable-shared --with-debug-info --with-bzip2 --with-lzma --with-sqlite --with-zlib --cc="$CC" --cc-bin="$CXX" - else ./configure.py --with-sanitizers --disable-shared --with-debug-info --with-bzip2 --with-lzma --with-sqlite --with-zlib -fi - -make -j4
\ No newline at end of file diff --git a/src/extra_tests/tls-attacker/testsuite/server_policytest.sh b/src/extra_tests/tls-attacker/testsuite/server_policytest.sh deleted file mode 100755 index 1237a2c1e..000000000 --- a/src/extra_tests/tls-attacker/testsuite/server_policytest.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh - -../../../../botan tls_server ../rsa2048cert.pem ../rsa2048key.pem --port=4434 --policy=../../../tests/data/tls-policy/bsi.txt > output/server_policytest.log 2>&1 & -botan_pid=$! - -java -jar ../TLS-Attacker/Runnable/target/TLS-Attacker-1.2.jar -loglevel INFO testtls_server -policy ../../../tests/data/tls-policy/bsi.txt -connect localhost:4434 -tls_timeout 1000 -rc=$? - -if [ $rc -eq 0 ]; then - echo Policy tests finished without failures -else - echo '\n\nPolicy tests failed. See the recent error and the server log output.' -# cat output/server_policytest.log -fi - -kill $botan_pid -exit $rc
\ No newline at end of file diff --git a/src/extra_tests/tls-attacker/testsuite/server_testsuite.sh b/src/extra_tests/tls-attacker/testsuite/server_testsuite.sh deleted file mode 100755 index e26d71e1a..000000000 --- a/src/extra_tests/tls-attacker/testsuite/server_testsuite.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh - -../../../../botan tls_server ../rsa2048cert.pem ../rsa2048key.pem --port=4433 > output/server_testsuite.log 2>&1 & -botan_pid=$! - -java -jar ../TLS-Attacker/Runnable/target/TLS-Attacker-1.2.jar -loglevel INFO testsuite_server -folder ../TLS-Attacker/resources/testsuite -tls_timeout 1000 -rc=$? - -if [ $rc -eq 0 ]; then - echo Tests finished without failures -else - echo '\n\nTests failed. See the recent error and the server log output.' -# cat output/server_testsuite.log -fi - -kill $botan_pid -exit $rc
\ No newline at end of file diff --git a/src/extra_tests/tls-attacker/testsuite/setup.sh b/src/extra_tests/tls-attacker/testsuite/setup.sh deleted file mode 100755 index f528cd1da..000000000 --- a/src/extra_tests/tls-attacker/testsuite/setup.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/sh - -if [ ! -d output ] -then - mkdir output -fi - -cd .. - -openssl genpkey -algorithm RSA -out rsa2048key.pem -pkeyopt rsa_keygen_bits:2048 -openssl req -key rsa2048key.pem -new -x509 -days 365 -out rsa2048cert.pem -subj "/C=DE/ST=NRW/L=Bochum/O=TLS-Attacker/CN=tls-attacker.de" - -if [ ! -d TLS-Attacker ] -then - git clone https://github.com/RUB-NDS/TLS-Attacker.git -fi - -cd TLS-Attacker -git checkout . -git pull -./mvnw clean package -DskipTests=true |