From e8f6986877fb7ac7d388917c63ca845194648f1f Mon Sep 17 00:00:00 2001 From: 刘学利 Date: Fri, 18 Mar 2022 08:41:51 +0000 Subject: TSG-10007: SSL解析层增加测试用例 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- test/CMakeLists.txt | 41 +++ test/conflist.inf | 8 + test/empty_array.json | 1 + ...com-90.143.182.94.55835-93.186.227.131.443.pcap | Bin 0 -> 4597 bytes ...esni-192.168.50.38.52391-104.16.123.96.443.pcap | Bin 0 -> 6566 bytes test/ssl_result.json | 28 +++ test/ssl_test_plug.cpp | 276 +++++++++++++++++++++ test/ssl_test_plug.inf | 9 + test/test_protocol_run.zip | Bin 0 -> 795325 bytes 9 files changed, 363 insertions(+) create mode 100644 test/CMakeLists.txt create mode 100644 test/conflist.inf create mode 100644 test/empty_array.json create mode 100644 test/pcap/ssl/1-ssl-sun9-20.userapi.com-90.143.182.94.55835-93.186.227.131.443.pcap create mode 100644 test/pcap/ssl/2-ssl-v1.3-esni-192.168.50.38.52391-104.16.123.96.443.pcap create mode 100644 test/ssl_result.json create mode 100644 test/ssl_test_plug.cpp create mode 100644 test/ssl_test_plug.inf create mode 100644 test/test_protocol_run.zip (limited to 'test') diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt new file mode 100644 index 0000000..d1c9597 --- /dev/null +++ b/test/CMakeLists.txt @@ -0,0 +1,41 @@ +cmake_minimum_required (VERSION 2.8) + +project(${lib_name}_test) + +include(ExternalProject) +#### Protoco_test_run + + +ExternalProject_Add(ProtoTest PREFIX ProtoTest + URL ${CMAKE_CURRENT_SOURCE_DIR}/test_protocol_run.zip + URL_MD5 71d8284b59af0286b5f31f0a3160bc44 + CMAKE_ARGS -DCMAKE_INSTALL_PREFIX= -DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE} + CONFIGURE_COMMAND "" + BUILD_COMMAND "" + INSTALL_COMMAND "" + COMMAND ${CMAKE_COMMAND} -E make_directory /conf/${lib_name}/ + COMMAND ${CMAKE_COMMAND} -E copy_if_different ${CMAKE_SOURCE_DIR}/bin/${lib_name}/${lib_name}.conf /conf/${lib_name}/ + COMMAND ${CMAKE_COMMAND} -E copy_if_different ${CMAKE_CURRENT_SOURCE_DIR}/conflist.inf /plug/ + COMMAND ${CMAKE_COMMAND} -E make_directory /plug/protocol/${lib_name}/ + COMMAND ${CMAKE_COMMAND} -E copy_if_different ${CMAKE_SOURCE_DIR}/bin/${lib_name}.inf /plug/protocol/${lib_name}/ + COMMAND ${CMAKE_COMMAND} -E make_directory /plug/business/${lib_name}_test_plug/ + COMMAND ${CMAKE_COMMAND} -E copy_if_different ${CMAKE_SOURCE_DIR}/test/${lib_name}_test_plug.inf /plug/business/${lib_name}_test_plug/) + +ExternalProject_Get_Property(ProtoTest INSTALL_DIR) +ExternalProject_Get_Property(ProtoTest SOURCE_DIR) +set(PROTO_TEST_RUN_DIR ${SOURCE_DIR}) + +add_executable(proto_test_main IMPORTED GLOBAL) +add_dependencies(proto_test_main ProtoTest) +set_property(TARGET proto_test_main PROPERTY IMPORTED_LOCATION ${SOURCE_DIR}/test_protocol_plug_main) + + +add_library(${lib_name}_test_plug SHARED ${lib_name}_test_plug.cpp) +target_link_libraries(${lib_name}_test_plug MESA_prof_load cjson) +set_target_properties(${lib_name}_test_plug PROPERTIES PREFIX "") + +add_test(NAME COPY_SO COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/${lib_name}.so ${PROTO_TEST_RUN_DIR}/plug/protocol/${lib_name}/${lib_name}.so") +add_test(NAME COPY_TEST_SO COMMAND sh -c "cp ${CMAKE_CURRENT_BINARY_DIR}/${lib_name}_test_plug.so ${PROTO_TEST_RUN_DIR}/plug/business/${lib_name}_test_plug/${lib_name}_test_plug.so") + +add_test(NAME RUN_SSL_TEST COMMAND proto_test_main ${CMAKE_CURRENT_SOURCE_DIR}/ssl_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/pcap/ssl -name *.pcap|sort -V" WORKING_DIRECTORY ${PROTO_TEST_RUN_DIR}) + diff --git a/test/conflist.inf b/test/conflist.inf new file mode 100644 index 0000000..a301de1 --- /dev/null +++ b/test/conflist.inf @@ -0,0 +1,8 @@ +[platform] + +[protocol] +./plug/protocol/ssl/ssl.inf + + +[business] +./plug/business/ssl_test_plug/ssl_test_plug.inf diff --git a/test/empty_array.json b/test/empty_array.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/test/empty_array.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/test/pcap/ssl/1-ssl-sun9-20.userapi.com-90.143.182.94.55835-93.186.227.131.443.pcap b/test/pcap/ssl/1-ssl-sun9-20.userapi.com-90.143.182.94.55835-93.186.227.131.443.pcap new file mode 100644 index 0000000..3969116 Binary files /dev/null and b/test/pcap/ssl/1-ssl-sun9-20.userapi.com-90.143.182.94.55835-93.186.227.131.443.pcap differ diff --git a/test/pcap/ssl/2-ssl-v1.3-esni-192.168.50.38.52391-104.16.123.96.443.pcap b/test/pcap/ssl/2-ssl-v1.3-esni-192.168.50.38.52391-104.16.123.96.443.pcap new file mode 100644 index 0000000..e5e20b5 Binary files /dev/null and b/test/pcap/ssl/2-ssl-v1.3-esni-192.168.50.38.52391-104.16.123.96.443.pcap differ diff --git a/test/ssl_result.json b/test/ssl_result.json new file mode 100644 index 0000000..3373a74 --- /dev/null +++ b/test/ssl_result.json @@ -0,0 +1,28 @@ +[{ + "Tuple4": "192.168.50.38.52391>104.16.123.96.443", + "ssl_sni": "ESNI", + "ssl_client_version": "TLS1.2", + "name": "SSL_RESULT_1" + }, { + "Tuple4": "90.143.182.94.55835>93.186.227.131.443", + "ssl_sni": "sun9-20.userapi.com", + "ssl_client_version": "TLS1.2", + "ssl_cert_version": "v3", + "ssl_cert_Issuer": "GlobalSign Organization Validation CA - SHA256 - G2;GlobalSign nv-sa;;;;;BE", + "ssl_cert_IssuerCN": "GlobalSign Organization Validation CA - SHA256 - G2", + "ssl_cert_IssuerO": "GlobalSign nv-sa", + "ssl_cert_IssuerC": "BE", + "ssl_cert_Sub": "*.userapi.com;V Kontakte LLC;;Saint-Petersburg;;Saint-Petersburg;RU", + "ssl_cert_SubCN": "*.userapi.com", + "ssl_cert_SubO": "V Kontakte LLC", + "ssl_cert_SubC": "RU", + "ssl_cert_SubP": "Saint-Petersburg", + "ssl_cert_SubL": "Saint-Petersburg", + "ssl_cert_SubCN": "*.userapi.com", + "ssl_cert_SubAltName": "*.userapi.com;vk.me;*.vk-cdn.net;*.vkuserlive.com;*.vkuserlive.net;*.vkuseraudio.net;*.vkuseraudio.com;*.vkuservideo.net;*.vkuservideo.com;*.vk.me;userapi.com", + "ssl_cert_SerialNum": "0x5afa3a189e6a5c11e1e18b0f", + "ssl_cert_AgID": "1.2.840.113549.1.1.11", + "ssl_cert_From": "180717083809Z", + "ssl_cert_To": "190714162604Z", + "name": "SSL_RESULT_2" +}] diff --git a/test/ssl_test_plug.cpp b/test/ssl_test_plug.cpp new file mode 100644 index 0000000..f6f6092 --- /dev/null +++ b/test/ssl_test_plug.cpp @@ -0,0 +1,276 @@ +/* + * author:yangwei + * create time:2021-8-21 + * + */ + + + +#include +#include +#include +#include +#include +#include +#include + +#include "SSL_Analyze.h" +#include "ssl.h" +#include "SSL_Message.h" +#include "SSL_Certificate.h" +#include "SSL_Proc.h" +#include "cJSON.h" +#include "MESA_prof_load.h" +#include + +extern "C" int commit_test_result_json(cJSON *node, const char *name); + +static int g_result_count = 1; + +static char *ssl_test_assemble_san(st_cert_t *cert) +{ + char *san_buf=NULL; + int total_buflen = 0; + for (int i = 0; i < cert->SSLSubAltName->count; i++) + { + int tmp_buflen = strlen(cert->SSLSubAltName->san_array[i].san); + char *tmp_buf = (char *)realloc(san_buf, total_buflen+tmp_buflen+1); + if(tmp_buf==NULL) + { + free(san_buf); + san_buf=NULL; + break; + } + + san_buf=tmp_buf; + san_buf[total_buflen + tmp_buflen] = ';'; + memcpy(san_buf+total_buflen, cert->SSLSubAltName->san_array[i].san, tmp_buflen); + total_buflen+=tmp_buflen+1; + } + + if(san_buf!=NULL) + { + san_buf[total_buflen-1] = '\0'; + } + return san_buf; +} + +extern "C" unsigned char SSL_TEST_PLUG_ENTRY(stSessionInfo *session_info, void **pme, int thread_seq, struct streaminfo *a_tcp, void *a_packet) +{ + assert(NULL != session_info || pme != NULL); + + cJSON *ctx = (cJSON *)*pme; + st_cert_t *cert=NULL; + ssl_stream *a_ssl = (ssl_stream *)(session_info->app_info); + + if (session_info->session_state & SESSION_STATE_PENDING) + { + if (*pme == NULL) + { + ctx = cJSON_CreateObject(); + *pme = (void *)ctx; + cJSON_AddStringToObject(ctx, "Tuple4", printaddr(&a_tcp->addr, a_tcp->threadnum)); + } + } + + switch (session_info->prot_flag) + { + case SSL_CLIENT_HELLO: + if (a_ssl== NULL || a_ssl->stClientHello==NULL) + { + break; + } + + if(a_ssl->stClientHello->server_name!=NULL && strlen((char *)(a_ssl->stClientHello->server_name))>0) + { + cJSON_AddStringToObject(ctx, (const char*)"ssl_sni", (const char*)(a_ssl->stClientHello->server_name)); + } + + if(a_ssl->stClientHello->encrypted_server_name.esni!=NULL) + { + cJSON_AddStringToObject(ctx, (const char*)"ssl_sni", "ESNI"); + } + + if(ssl_get_version_name(a_ssl->stClientHello->client_ver)) + { + cJSON_AddStringToObject(ctx, "ssl_client_version", ssl_get_version_name(a_ssl->stClientHello->client_ver)); + } + break; + case SSL_CERTIFICATE_DETAIL: + if (a_ssl==NULL || a_ssl->stSSLCert==NULL || a_tcp->curdir==DIR_C2S) + { + break; + } + + cert = a_ssl->stSSLCert; + if (cert->cert_type != CERT_TYPE_INDIVIDUAL) + { + break; + } + + if (strlen(cert->SSLVersion) > 0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_version", cert->SSLVersion); + } + + if(strlen(cert->SSLIssuer)>0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_Issuer", cert->SSLIssuer); + + if (cert->SSLIssuerCN != NULL && strlen(cert->SSLIssuerCN) > 0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_IssuerCN", cert->SSLIssuerCN); + } + + if (cert->SSLIssuerO != NULL && strlen(cert->SSLIssuerO) > 0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_IssuerO", cert->SSLIssuerO); + } + + if (cert->SSLIssuerC != NULL && strlen(cert->SSLIssuerC) > 0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_IssuerC", cert->SSLIssuerC); + } + + if (cert->SSLIssuerP != NULL && strlen(cert->SSLIssuerP) > 0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_IssuerP", cert->SSLIssuerP); + } + + if (cert->SSLIssuerL != NULL && strlen(cert->SSLIssuerL) > 0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_IssuerL", cert->SSLIssuerL); + } + + if (cert->SSLIssuerS != NULL && strlen(cert->SSLIssuerS) > 0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_IssuerS", cert->SSLIssuerS); + } + + if (cert->SSLIssuerU != NULL && strlen(cert->SSLIssuerU) > 0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_IssuerU", cert->SSLIssuerU); + } + } + + if(strlen(cert->SSLSub)>0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_Sub", cert->SSLSub); + + if (cert->SSLSubCN != NULL && strlen(cert->SSLSubCN) > 0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_SubCN", cert->SSLSubCN); + } + + if (cert->SSLSubO != NULL && strlen(cert->SSLSubO) > 0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_SubO", cert->SSLSubO); + } + + if (cert->SSLSubC != NULL && strlen(cert->SSLSubC) > 0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_SubC", cert->SSLSubC); + } + + if (cert->SSLSubP != NULL && strlen(cert->SSLSubP) > 0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_SubP", cert->SSLSubP); + } + + if (cert->SSLSubL != NULL && strlen(cert->SSLSubL) > 0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_SubL", cert->SSLSubL); + } + + if (cert->SSLSubS != NULL && strlen(cert->SSLSubS) > 0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_SubS", cert->SSLSubS); + } + + if (cert->SSLSubU != NULL && strlen(cert->SSLSubU) > 0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_SubU", cert->SSLSubU); + } + } + + if (cert->SSLSubCN!=NULL) + { + cJSON_AddStringToObject(ctx, "ssl_cert_SubCN", cert->SSLSubCN); + } + + if (cert->SSLSubAltName != NULL && cert->SSLSubAltName->count > 0) + { + char *san_buf = ssl_test_assemble_san(cert); + cJSON_AddStringToObject(ctx, "ssl_cert_SubAltName", san_buf); + free(san_buf); + san_buf=NULL; + } + + if(cert->SSLSerialNumLen>0) + { + char *serialBuf=(char *)calloc(1, cert->SSLSerialNumLen*2+1+2); + int offset=snprintf(serialBuf, 3, "0x"); + for(int i=0; iSSLSerialNumLen; i++) + { + offset+=snprintf(serialBuf+offset, cert->SSLSerialNumLen*2+1+2-offset, "%02hhx", (unsigned char )(cert->SSLSerialNum[i])); + } + + cJSON_AddStringToObject(ctx, "ssl_cert_SerialNum", serialBuf); + free(serialBuf); + serialBuf=NULL; + } + + if(strlen(cert->SSLAgID)>0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_AgID", cert->SSLAgID); + } + + if(strlen(cert->SSLFPAg)>0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_FPAg", cert->SSLFPAg); + } + + if(strlen(cert->SSLFrom)>0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_From", cert->SSLFrom); + } + + if(strlen(cert->SSLTo)>0) + { + cJSON_AddStringToObject(ctx, "ssl_cert_To", cert->SSLTo); + } + break; + default: + break; + } + + if(session_info->session_state&SESSION_STATE_CLOSE) + { + if(ctx) + { + char result_name[16]=""; + sprintf(result_name,"SSL_RESULT_%d", g_result_count); + commit_test_result_json(ctx, result_name); + g_result_count+=1; + } + *pme = NULL; + return PROT_STATE_DROPME; + + } + + return PROT_STATE_GIVEME; + +} + +extern "C" int SSL_TEST_PLUG_INIT() +{ + return 0; +} + +extern "C" void SSL_TEST_PLUG_DESTROY(void) +{ + return ; +}/*CHAR_DESTRORY*/ + + + diff --git a/test/ssl_test_plug.inf b/test/ssl_test_plug.inf new file mode 100644 index 0000000..fda596d --- /dev/null +++ b/test/ssl_test_plug.inf @@ -0,0 +1,9 @@ +[PLUGINFO] +PLUGNAME=SSL_TEST_PLUG +SO_PATH=./plug/business/ssl_test_plug/ssl_test_plug.so +INIT_FUNC=SSL_TEST_PLUG_INIT +DESTROY_FUNC=SSL_TEST_PLUG_DESTROY + +[SSL] +FUNC_FLAG=SSL_CLIENT_HELLO,SSL_SERVER_HELLO,SSL_APPLICATION_DATA,SSL_CERTIFICATE_DETAIL +FUNC_NAME=SSL_TEST_PLUG_ENTRY diff --git a/test/test_protocol_run.zip b/test/test_protocol_run.zip new file mode 100644 index 0000000..996f3fa Binary files /dev/null and b/test/test_protocol_run.zip differ -- cgit v1.2.3