Saved searches

Use saved searches to filter your results more quickly

Cancel Create saved search Sign up Reseting focus

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

SSL and TLS protocol test suite and fuzzer

License

Notifications You must be signed in to change notification settings

tlsfuzzer/tlsfuzzer

This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Go to file

Folders and files

Last commit message Last commit date

Latest commit

History

View all files

Repository files navigation

tlsfuzzer

tlsfuzzer is a test suite for SSLv2, SSLv3, TLS 1.0, TLS 1.1, TLS 1.2, and TLS 1.3 implementations. It's in early stages of development, so there are no API stability guarantees. While it uses fuzzing techniques for testing (randomisation of passed in inputs), the scripts are generally written in a way that verifies correct error handling: unlike typical fuzzers it doesn't check only that the system under test didn't crash, it checks that it returned correct error messages. You can find ready-to-use scripts testing for many vulnerabilities ( ROBOT, DROWN, etc.) and general standards conformity (RFC 5246, RFC 7627, RFC 7905, etc.) in the scripts/ directory.

Dependencies

Optionally, to make cryptographic calculations significantly faster, you may want to install the following libraries (see tlslite-ng and python-ecdsa README files for details):

To get pip (if your python installation doesn't already have it) download get-pip.py and run (or see USAGE.md for alternative configuration that does not require installation of packages):

python get-pip.py 

Then install tlslite-ng:

pip install --pre tlslite-ng 

(Use --upgrade --pre if you did install it before)

Download the tlsfuzzer:

git clone https://github.com/tlsfuzzer/tlsfuzzer.git 

Usage

After all dependencies are installed, make sure:

Then you can run one of the tests in scripts directory, like so:

PYTHONPATH=. python scripts/test-invalid-compression-methods.py 

If test has additional requirements, it will output them to console. No errors printed means that all expecations were met (so for tests with bad data the server rejected our messages).

All scripts also accept --help to print the help message (specification of all the options given script supports), -h to specify the hostname or IP address of the server-to-be-tested and -p to specify the port of the service to be tested.

See USAGE.md for more info and how to interpret errors and failures reported by scripts.

You can find mode detailed documentation for the project at tlsfuzzer.readthedocs.io.

Using tlsfuzzer to test for timing side-channel attacks (Lucky13, padding oracle attacks and timing-based Bleichenbacher oracle) is described in the TIMING.md document.

Server under test configuration

In general, the server under test requires just a RSA certificate, you can create it using the following OpenSSL command:

openssl req -x509 -newkey rsa -keyout localhost.key -out localhost.crt -subj \ /CN=localhost -nodes -batch 

Note: tlsfuzzer verifies only TLS level behaviour, it does not perform any checks on the certificate (like hostname validation, CA signatures or key usage). It does however verify if the signatures made on TLS message by the server (like in Server Key Exchange or Certificiate Verify message) match the certificate sent by the server.

More detailed instructions, including how to build the different frameworks from source, are available in the Server setup wiki page.

Example server configurations:

OpenSSL

To test OpenSSL, it's sufficient to pass an extra -www option to a typical s_server command line:

openssl s_server -key localhost.key -cert localhost.crt -www 

GnuTLS

To test GnuTLS server, you need to tell it to behave as an HTTP server and additionally, to not ask for client certificates:

gnutls-serv --http -p 4433 --x509keyfile localhost.key --x509certfile \ localhost.crt --disable-client-cert 

NSS

To test the Mozilla NSS library server, you first need to create a database with server certificate:

mkdir nssdb certutil -N -d sql:nssdb --empty-password openssl pkcs12 -export -passout pass: -out localhost.p12 -inkey localhost.key \ -in localhost.crt -name localhost pk12util -i localhost.p12 -d sql:nssdb -W '' 

Finally, start the server with support for TLSv1.0 and later protocols, DHE ciphers and with the above certificate:

selfserv -d sql:./nssdb -p 4433 -V tls1.0: -H 1 -n localhost 

Advanced configuration

More advanced and complex configurations as well as description how to compile the above servers from source is available on the wiki page Server setup.

Contributing

See the CONTRIBUTING.md document for description how to set up your development environment, sanity check the changes and requirements the changes need to follow.

You may also want to read the VISION.md to learn more about the planned scope of the project.

Contributors are expected to follow the project's CODE OF CONDUCT when interacting with other members of the community.