2
0

sniffer-gen.sh 4.8 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798
  1. #!/bin/bash
  2. # Run this script from the wolfSSL root
  3. if [ ! -f wolfssl/ssl.h ]; then
  4. echo "Run from the wolfssl root"
  5. exit 1
  6. fi
  7. run_sequence() {
  8. if [ "$1" == "dh" ] || [ "$1" == "ecc" ]; then
  9. # TLS v1.3
  10. ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 &
  11. sleep 0.1
  12. ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256
  13. ./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 &
  14. sleep 0.1
  15. ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384
  16. ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 &
  17. sleep 0.1
  18. ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256
  19. fi
  20. if [ "$1" == "dh-resume" ] || [ "$1" == "ecc-resume" ]; then
  21. # TLS v1.3 Resumption
  22. ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 -r &
  23. sleep 0.1
  24. ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 -r
  25. ./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -r &
  26. sleep 0.1
  27. ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -r
  28. ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r &
  29. sleep 0.1
  30. ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r
  31. fi
  32. if [ "$1" == "x25519" ]; then
  33. # TLS v1.3
  34. ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
  35. sleep 0.1
  36. ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
  37. ./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
  38. sleep 0.1
  39. ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
  40. ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
  41. sleep 0.1
  42. ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
  43. fi
  44. # Run: with x25519_resume
  45. if [ "$1" == "x25519-resume" ]; then
  46. # TLS v1.3 Resumption
  47. ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
  48. sleep 0.1
  49. ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
  50. ./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
  51. sleep 0.1
  52. ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
  53. ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
  54. sleep 0.1
  55. ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
  56. fi
  57. # TLS v1.3 Hello Retry Request
  58. if [ "$1" == "hrr" ]; then
  59. # TLS v1.3 Hello Retry Request
  60. ./examples/server/server -v 4 -i -x -g &
  61. server_pid=$!
  62. sleep 0.1
  63. ./examples/client/client -v 4 -J
  64. kill $server_pid
  65. fi
  66. sleep 1
  67. }
  68. run_capture(){
  69. echo -e "\nconfiguring and building wolfssl..."
  70. ./configure --enable-sniffer $2 1>/dev/null || exit $?
  71. make 1>/dev/null || exit $?
  72. echo "starting capture"
  73. tcpdump -i lo0 -nn port 11111 -w ./scripts/sniffer-tls13-$1.pcap &
  74. tcpdump_pid=$!
  75. run_sequence $1
  76. kill $tcpdump_pid
  77. }
  78. run_capture "ecc" ""
  79. run_capture "ecc-resume" "--enable-session-ticket"
  80. run_capture "dh" "--disable-ecc"
  81. run_capture "dh-resume" "--disable-ecc --enable-session-ticket"
  82. run_capture "x25519" "--enable-curve25519 --disable-dh --disable-ecc"
  83. run_capture "x25519-resume" "--enable-curve25519 --disable-dh --disable-ecc --enable-session-ticket"
  84. run_capture "hrr" "--disable-dh CFLAGS=-DWOLFSSL_SNIFFER_WATCH"