github.com/gopacket/gopacket@v1.1.0/layers/tls_test.go (about) 1 // Copyright 2020 The GoPacket Authors. All rights reserved. 2 // 3 // Use of this source code is governed by a BSD-style license that can be found 4 // in the LICENSE file in the root of the source tree. 5 package layers 6 7 import ( 8 "reflect" 9 "testing" 10 11 "github.com/gopacket/gopacket" 12 ) 13 14 // https://github.com/tintinweb/scapy-ssl_tls/blob/master/tests/files/RSA_WITH_AES_128_CBC_SHA.pcap 15 // WARNING! Tests are specific for each packet. If you change a packet, please review their tests. 16 17 // Packet 4 - Client Hello (full packet, from Ethernet to TLS layers) 18 var testClientHello = []byte{ 19 0x00, 0x0c, 0x29, 0x1f, 0xab, 0x17, 0x00, 0x50, 0x56, 0xc0, 0x00, 0x08, 0x08, 0x00, 0x45, 0x00, 20 0x00, 0xfe, 0x71, 0x42, 0x40, 0x00, 0x80, 0x06, 0x4e, 0xe1, 0xc0, 0xa8, 0xdc, 0x01, 0xc0, 0xa8, 21 0xdc, 0x83, 0x2f, 0x0e, 0x01, 0xbb, 0x25, 0x6c, 0xbd, 0x3d, 0xcc, 0xce, 0xe1, 0xf7, 0x50, 0x18, 22 0xff, 0xff, 0x7c, 0xaf, 0x00, 0x00, 0x16, 0x03, 0x01, 0x00, 0xd1, 0x01, 0x00, 0x00, 0xcd, 0x03, 23 0x01, 0xff, 0xa2, 0x88, 0x97, 0x7c, 0x41, 0xa1, 0x08, 0x34, 0x2c, 0x98, 0xc2, 0x70, 0x04, 0xa0, 24 0x5d, 0x5f, 0x39, 0xef, 0xe0, 0x70, 0xd5, 0x12, 0xf1, 0x35, 0x17, 0xb6, 0x0d, 0xc4, 0xd3, 0x09, 25 0x85, 0x00, 0x00, 0x5a, 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0x00, 0x38, 0x00, 0x88, 0x00, 0x87, 26 0xc0, 0x0f, 0xc0, 0x05, 0x00, 0x35, 0x00, 0x84, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x32, 27 0x00, 0x9a, 0x00, 0x99, 0x00, 0x45, 0x00, 0x44, 0xc0, 0x0e, 0xc0, 0x04, 0x00, 0x2f, 0x00, 0x96, 28 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0xc0, 0x0c, 0xc0, 0x02, 0x00, 0x05, 0x00, 0x04, 0xc0, 0x12, 29 0xc0, 0x08, 0x00, 0x16, 0x00, 0x13, 0xc0, 0x0d, 0xc0, 0x03, 0x00, 0x0a, 0x00, 0x15, 0x00, 0x12, 30 0x00, 0x09, 0x00, 0x14, 0x00, 0x11, 0x00, 0x08, 0x00, 0x06, 0x00, 0x03, 0x00, 0xff, 0x02, 0x01, 31 0x00, 0x00, 0x49, 0x00, 0x0b, 0x00, 0x04, 0x03, 0x00, 0x01, 0x02, 0x00, 0x0a, 0x00, 0x34, 0x00, 32 0x32, 0x00, 0x0e, 0x00, 0x0d, 0x00, 0x19, 0x00, 0x0b, 0x00, 0x0c, 0x00, 0x18, 0x00, 0x09, 0x00, 33 0x0a, 0x00, 0x16, 0x00, 0x17, 0x00, 0x08, 0x00, 0x06, 0x00, 0x07, 0x00, 0x14, 0x00, 0x15, 0x00, 34 0x04, 0x00, 0x05, 0x00, 0x12, 0x00, 0x13, 0x00, 0x01, 0x00, 0x02, 0x00, 0x03, 0x00, 0x0f, 0x00, 35 0x10, 0x00, 0x11, 0x00, 0x23, 0x00, 0x00, 0x00, 0x0f, 0x00, 0x01, 0x01, 36 } 37 var testClientHelloDecoded = &TLS{ 38 BaseLayer: BaseLayer{ 39 Contents: testClientHello[54:], 40 Payload: nil, 41 }, 42 ChangeCipherSpec: nil, 43 Handshake: []TLSHandshakeRecord{ 44 { 45 TLSRecordHeader: TLSRecordHeader{ 46 ContentType: 22, 47 Version: 0x0301, 48 Length: 209, 49 }, 50 ClientHello: TLSHandshakeRecordClientHello{ 51 HandshakeType: 0x1, 52 Length: 0xcd, 53 ProtocolVersion: 0x301, 54 Random: []uint8{0xff, 0xa2, 0x88, 0x97, 0x7c, 0x41, 0xa1, 0x8, 0x34, 0x2c, 0x98, 0xc2, 0x70, 0x4, 0xa0, 0x5d, 0x5f, 0x39, 0xef, 0xe0, 0x70, 0xd5, 0x12, 0xf1, 0x35, 0x17, 0xb6, 0xd, 0xc4, 0xd3, 0x9, 0x85}, 55 SessionIDLength: 0x0, 56 SessionID: []uint8{}, 57 CipherSuitsLength: 0x5a, 58 CipherSuits: []uint8{0xc0, 0x14, 0xc0, 0xa, 0x0, 0x39, 0x0, 0x38, 0x0, 0x88, 0x0, 0x87, 0xc0, 0xf, 0xc0, 0x5, 0x0, 0x35, 0x0, 0x84, 0xc0, 0x13, 0xc0, 0x9, 0x0, 0x33, 0x0, 0x32, 0x0, 0x9a, 0x0, 0x99, 0x0, 0x45, 0x0, 0x44, 0xc0, 0xe, 0xc0, 0x4, 0x0, 0x2f, 0x0, 0x96, 0x0, 0x41, 0xc0, 0x11, 0xc0, 0x7, 0xc0, 0xc, 0xc0, 0x2, 0x0, 0x5, 0x0, 0x4, 0xc0, 0x12, 0xc0, 0x8, 0x0, 0x16, 0x0, 0x13, 0xc0, 0xd, 0xc0, 0x3, 0x0, 0xa, 0x0, 0x15, 0x0, 0x12, 0x0, 0x9, 0x0, 0x14, 0x0, 0x11, 0x0, 0x8, 0x0, 0x6, 0x0, 0x3, 0x0, 0xff}, 59 CompressionMethodsLength: 0x2, 60 CompressionMethods: []uint8{0x1, 0x0}, 61 ExtensionsLength: 0x49, 62 Extensions: []uint8{0x0, 0xb, 0x0, 0x4, 0x3, 0x0, 0x1, 0x2, 0x0, 0xa, 0x0, 0x34, 0x0, 0x32, 0x0, 0xe, 0x0, 0xd, 0x0, 0x19, 0x0, 0xb, 0x0, 0xc, 0x0, 0x18, 0x0, 0x9, 0x0, 0xa, 0x0, 0x16, 0x0, 0x17, 0x0, 0x8, 0x0, 0x6, 0x0, 0x7, 0x0, 0x14, 0x0, 0x15, 0x0, 0x4, 0x0, 0x5, 0x0, 0x12, 0x0, 0x13, 0x0, 0x1, 0x0, 0x2, 0x0, 0x3, 0x0, 0xf, 0x0, 0x10, 0x0, 0x11, 0x0, 0x23, 0x0, 0x0, 0x0, 0xf, 0x0, 0x1, 0x1}, 63 }, 64 }, 65 }, 66 AppData: nil, 67 Alert: nil, 68 } 69 70 // Packet 6 - Server Hello, Certificate, Server Hello Done 71 var testServerHello = []byte{ 72 0x16, 0x03, 0x01, 0x00, 0x3a, 0x02, 0x00, 0x00, 0x36, 0x03, 0x01, 0x55, 0x5c, 0xd6, 0x97, 0xa3, 73 0x97, 0xe9, 0xf4, 0x0c, 0xf4, 0x56, 0x14, 0x9f, 0xe4, 0x24, 0xf9, 0xeb, 0x49, 0xd4, 0xd1, 0x5f, 74 0xfc, 0x12, 0xb4, 0xfd, 0x45, 0x4e, 0x3d, 0xeb, 0x6a, 0xad, 0xcf, 0x00, 0x00, 0x2f, 0x01, 0x00, 75 0x0e, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x0f, 0x00, 0x01, 0x01, 0x16, 76 0x03, 0x01, 0x01, 0x90, 0x0b, 0x00, 0x01, 0x8c, 0x00, 0x01, 0x89, 0x00, 0x01, 0x86, 0x30, 0x82, 77 0x01, 0x82, 0x30, 0x82, 0x01, 0x2c, 0x02, 0x01, 0x04, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 78 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x04, 0x05, 0x00, 0x30, 0x38, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 79 0x55, 0x04, 0x06, 0x13, 0x02, 0x41, 0x55, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x08, 80 0x13, 0x03, 0x51, 0x4c, 0x44, 0x31, 0x1b, 0x30, 0x19, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x12, 81 0x53, 0x53, 0x4c, 0x65, 0x61, 0x79, 0x2f, 0x72, 0x73, 0x61, 0x20, 0x74, 0x65, 0x73, 0x74, 0x20, 82 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x39, 0x35, 0x31, 0x30, 0x30, 0x39, 0x32, 0x33, 0x33, 0x32, 83 0x30, 0x35, 0x5a, 0x17, 0x0d, 0x39, 0x38, 0x30, 0x37, 0x30, 0x35, 0x32, 0x33, 0x33, 0x32, 0x30, 84 0x35, 0x5a, 0x30, 0x60, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x41, 85 0x55, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x03, 0x51, 0x4c, 0x44, 0x31, 86 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x10, 0x4d, 0x69, 0x6e, 0x63, 0x6f, 0x6d, 87 0x20, 0x50, 0x74, 0x79, 0x2e, 0x20, 0x4c, 0x74, 0x64, 0x2e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 88 0x55, 0x04, 0x0b, 0x13, 0x02, 0x43, 0x53, 0x31, 0x1b, 0x30, 0x19, 0x06, 0x03, 0x55, 0x04, 0x03, 89 0x13, 0x12, 0x53, 0x53, 0x4c, 0x65, 0x61, 0x79, 0x20, 0x64, 0x65, 0x6d, 0x6f, 0x20, 0x73, 0x65, 90 0x72, 0x76, 0x65, 0x72, 0x30, 0x5c, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 91 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x4b, 0x00, 0x30, 0x48, 0x02, 0x41, 0x00, 0xb7, 0x2c, 0x25, 92 0xdc, 0x49, 0xc5, 0xae, 0x6b, 0x43, 0xc5, 0x2e, 0x41, 0xc1, 0x2e, 0x6d, 0x95, 0x7a, 0x3a, 0xa9, 93 0x03, 0x51, 0x78, 0x45, 0x0f, 0x2a, 0xd1, 0x58, 0xd1, 0x88, 0xf6, 0x9f, 0x8f, 0x1f, 0xd9, 0xfd, 94 0xa5, 0x87, 0xde, 0x2a, 0x5d, 0x31, 0x5b, 0xee, 0x24, 0x66, 0xbf, 0xc0, 0x55, 0xdb, 0xfe, 0x70, 95 0xc5, 0x2c, 0x39, 0x5f, 0x5a, 0x9f, 0xa8, 0x08, 0xfc, 0x21, 0x06, 0xd5, 0x4f, 0x02, 0x03, 0x01, 96 0x00, 0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x04, 0x05, 97 0x00, 0x03, 0x41, 0x00, 0x2b, 0x34, 0x5b, 0x22, 0x85, 0x62, 0x23, 0x07, 0x36, 0xf4, 0x0c, 0x2b, 98 0x14, 0xd0, 0x1b, 0xcb, 0xd9, 0xbb, 0xd2, 0xc0, 0x9a, 0xcf, 0x12, 0xa1, 0x65, 0x90, 0x3a, 0xb7, 99 0x17, 0x83, 0x3a, 0x10, 0x6b, 0xad, 0x2f, 0xd6, 0xb1, 0x11, 0xc0, 0x0d, 0x5a, 0x06, 0xdb, 0x11, 100 0xd0, 0x2f, 0x34, 0x90, 0xf5, 0x76, 0x61, 0x26, 0xa1, 0x69, 0xf2, 0xdb, 0xb3, 0xe7, 0x20, 0xcb, 101 0x3a, 0x64, 0xe6, 0x41, 0x16, 0x03, 0x01, 0x00, 0x04, 0x0e, 0x00, 0x00, 0x00, 102 } 103 104 // Packet 7 - Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message 105 var testClientKeyExchange = []byte{ 106 0x16, 0x03, 0x01, 0x00, 0x46, 0x10, 0x00, 0x00, 0x42, 0x00, 0x40, 0x9e, 0x73, 0xdf, 0xe0, 0xf2, 107 0xd0, 0x40, 0x32, 0x44, 0x9a, 0x34, 0x7f, 0x57, 0x86, 0x10, 0xea, 0x3d, 0xc5, 0xe2, 0xf9, 0xa5, 108 0x69, 0x43, 0xc9, 0x0b, 0x00, 0x7e, 0x91, 0x31, 0x57, 0xfc, 0xc5, 0x65, 0x18, 0x0d, 0x44, 0xfd, 109 0x51, 0xf8, 0xda, 0x8a, 0x7a, 0xab, 0x16, 0x03, 0xeb, 0xac, 0x23, 0x6e, 0x8d, 0xdd, 0xbb, 0xf4, 110 0x75, 0xe7, 0xb7, 0xa3, 0xce, 0xdb, 0x67, 0x6b, 0x7d, 0x30, 0x2a, 0x14, 0x03, 0x01, 0x00, 0x01, 111 0x01, 0x16, 0x03, 0x01, 0x00, 0x30, 0x15, 0xcb, 0x7a, 0x5b, 0x2d, 0xc0, 0x27, 0x09, 0x28, 0x62, 112 0x95, 0x44, 0x9f, 0xa1, 0x1e, 0x4e, 0x6a, 0xfb, 0x49, 0x9d, 0x6a, 0x24, 0x44, 0xc6, 0x8e, 0x26, 113 0xbc, 0xc1, 0x28, 0x8c, 0x27, 0xcc, 0xa2, 0xba, 0xec, 0x38, 0x63, 0x6e, 0x64, 0xd8, 0x52, 0x94, 114 0x17, 0x96, 0x61, 0xfd, 0x9c, 0x54, 115 } 116 var testClientKeyExchangeDecoded = &TLS{ 117 BaseLayer: BaseLayer{ 118 Contents: testClientKeyExchange[81:], 119 Payload: nil, 120 }, 121 ChangeCipherSpec: []TLSChangeCipherSpecRecord{ 122 { 123 TLSRecordHeader{ 124 ContentType: 20, 125 Version: 0x0301, 126 Length: 1, 127 }, 128 1, 129 }, 130 }, 131 Handshake: []TLSHandshakeRecord{ 132 { 133 TLSRecordHeader: TLSRecordHeader{ 134 ContentType: 22, 135 Version: 0x0301, 136 Length: 70, 137 }, 138 }, 139 { 140 TLSRecordHeader: TLSRecordHeader{ 141 ContentType: 22, 142 Version: 0x0301, 143 Length: 48, 144 }, 145 }, 146 }, 147 AppData: nil, 148 Alert: nil, 149 } 150 151 // Packet 9 - New Session Ticket, Change Cipher Spec, Encryption Handshake Message 152 var testNewSessionTicket = []byte{ 153 0x16, 0x03, 0x01, 0x00, 0xaa, 0x04, 0x00, 0x00, 0xa6, 0x00, 0x00, 0x1c, 0x20, 0x00, 0xa0, 0xd4, 154 0xee, 0xb0, 0x9b, 0xb5, 0xa2, 0xd3, 0x00, 0x57, 0x84, 0x59, 0xec, 0x0d, 0xbf, 0x05, 0x0c, 0xd5, 155 0xb9, 0xe2, 0xf8, 0x32, 0xb5, 0xec, 0xce, 0xe2, 0x9c, 0x25, 0x25, 0xd9, 0x3e, 0x4a, 0x94, 0x5b, 156 0xca, 0x18, 0x2b, 0x0f, 0x5f, 0xf6, 0x73, 0x38, 0x62, 0xcd, 0xcc, 0xf1, 0x32, 0x39, 0xe4, 0x5e, 157 0x30, 0xf3, 0x94, 0xf5, 0xc5, 0x94, 0x3a, 0x8c, 0x8e, 0xe5, 0x12, 0x4a, 0x1e, 0xd8, 0x31, 0xb5, 158 0x17, 0x09, 0xa6, 0x4c, 0x69, 0xca, 0xae, 0xfb, 0x04, 0x17, 0x64, 0x54, 0x9e, 0xc2, 0xfa, 0xf3, 159 0x6d, 0xe9, 0xa5, 0xed, 0xa6, 0x65, 0xfe, 0x2f, 0xf3, 0xc6, 0xce, 0x78, 0x40, 0xf7, 0x65, 0xe0, 160 0x13, 0xd3, 0x77, 0xc7, 0xc5, 0x79, 0x16, 0x56, 0x4c, 0x30, 0x94, 0xcf, 0xb0, 0x3c, 0x00, 0x91, 161 0xbd, 0x86, 0x08, 0x9f, 0x2f, 0x05, 0x67, 0x03, 0x6f, 0xa7, 0x3b, 0xb9, 0x36, 0xf2, 0x80, 0x4f, 162 0x60, 0x5d, 0x4c, 0xc4, 0x42, 0x5d, 0x02, 0x44, 0xba, 0x31, 0x8f, 0x39, 0x8e, 0x0c, 0x1e, 0xa8, 163 0x26, 0x4f, 0x3e, 0x01, 0x96, 0xb3, 0x6f, 0xc6, 0x25, 0xe4, 0x30, 0x03, 0xd6, 0x3a, 0x7d, 0x14, 164 0x03, 0x01, 0x00, 0x01, 0x01, 0x16, 0x03, 0x01, 0x00, 0x30, 0x25, 0xb8, 0x58, 0xc1, 0xa6, 0x3f, 165 0xf8, 0xbd, 0xe6, 0xae, 0xbd, 0x98, 0xd4, 0x75, 0xa5, 0x45, 0x1b, 0xd8, 0x6a, 0x70, 0x79, 0x86, 166 0x29, 0x4e, 0x4f, 0x64, 0xba, 0xe7, 0x1f, 0xca, 0x4b, 0x96, 0x9b, 0xf7, 0x0b, 0x50, 0xf5, 0x4f, 167 0xfd, 0xda, 0xda, 0xcd, 0xcd, 0x4b, 0x12, 0x2e, 0xdf, 0xd5, 168 } 169 170 // Packet 13 - Two Application Data Records 171 var testDoubleAppData = []byte{ 172 0x17, 0x03, 0x01, 0x00, 0x20, 0x77, 0x3a, 0x94, 0x7d, 0xb4, 0x47, 0x4a, 0x1d, 0xd4, 0x6c, 0x5a, 173 0x69, 0x74, 0x03, 0x93, 0x32, 0xca, 0x54, 0x5e, 0xa5, 0x81, 0x99, 0x6a, 0x73, 0x66, 0xbf, 0x06, 174 0xa0, 0xdc, 0x6a, 0x9c, 0xb1, 0x17, 0x03, 0x01, 0x00, 0x20, 0x44, 0x64, 0xc8, 0xc2, 0x5a, 0xfc, 175 0x4a, 0x82, 0xdd, 0x53, 0x6d, 0x30, 0x82, 0x4d, 0x35, 0x22, 0xf1, 0x5f, 0x3b, 0x96, 0x66, 0x79, 176 0x61, 0x9f, 0x51, 0x93, 0x1b, 0xbf, 0x53, 0x3b, 0xf8, 0x26, 177 } 178 var testDoubleAppDataDecoded = &TLS{ 179 BaseLayer: BaseLayer{ 180 Contents: testDoubleAppData[37:], 181 Payload: nil, 182 }, 183 ChangeCipherSpec: nil, 184 Handshake: nil, 185 AppData: []TLSAppDataRecord{ 186 { 187 TLSRecordHeader{ 188 ContentType: 23, 189 Version: 0x0301, 190 Length: 32, 191 }, 192 testDoubleAppData[5 : 5+32], 193 }, 194 { 195 TLSRecordHeader{ 196 ContentType: 23, 197 Version: 0x0301, 198 Length: 32, 199 }, 200 testDoubleAppData[42 : 42+32], 201 }, 202 }, 203 Alert: nil, 204 } 205 206 var testAlertEncrypted = []byte{ 207 0x15, 0x03, 0x03, 0x00, 0x20, 0x44, 0xb9, 0x9c, 0x2c, 0x6e, 0xab, 0xa3, 0xdf, 0xb1, 0x77, 0x04, 208 0xa2, 0xa4, 0x3a, 0x9a, 0x08, 0x1d, 0xe6, 0x51, 0xac, 0xa0, 0x5f, 0xab, 0x74, 0xa7, 0x96, 0x24, 209 0xfe, 0x62, 0xfe, 0xe8, 0x5e, 210 } 211 var testAlertEncryptedDecoded = &TLS{ 212 BaseLayer: BaseLayer{ 213 Contents: testAlertEncrypted, 214 Payload: nil, 215 }, 216 ChangeCipherSpec: nil, 217 Handshake: nil, 218 AppData: nil, 219 Alert: []TLSAlertRecord{ 220 { 221 TLSRecordHeader{ 222 ContentType: 21, 223 Version: 0x0303, 224 Length: 32, 225 }, 226 0xFF, 227 0xFF, 228 testAlertEncrypted[5:], 229 }, 230 }, 231 } 232 233 // Malformed TLS records 234 var testMalformed = []byte{ 235 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 236 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, 237 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 238 } 239 240 var testTLSDecodeOptions = gopacket.DecodeOptions{ 241 SkipDecodeRecovery: true, 242 DecodeStreamsAsDatagrams: true, 243 } 244 245 func TestParseTLSClientHello(t *testing.T) { 246 p := gopacket.NewPacket(testClientHello, LinkTypeEthernet, testTLSDecodeOptions) 247 if p.ErrorLayer() != nil { 248 t.Error("Failed to decode packet:", p.ErrorLayer().Error()) 249 } 250 checkLayers(p, []gopacket.LayerType{LayerTypeEthernet, LayerTypeIPv4, LayerTypeTCP, LayerTypeTLS}, t) 251 252 if got, ok := p.Layer(LayerTypeTLS).(*TLS); ok { 253 want := testClientHelloDecoded 254 if !reflect.DeepEqual(got, want) { 255 t.Errorf("TLS ClientHello packet processing failed:\ngot:\n%#v\n\nwant:\n%#v\n\n", got, want) 256 } 257 } else { 258 t.Error("No TLS layer type found in packet") 259 } 260 } 261 262 func TestTLSClientHelloDecodeFromBytes(t *testing.T) { 263 var got TLS 264 want := *testClientKeyExchangeDecoded 265 266 if err := got.DecodeFromBytes(testClientKeyExchange, gopacket.NilDecodeFeedback); err != nil { 267 t.Errorf("TLS DecodeFromBytes first decode failed:\ngot:\n%#v\n\nwant:\n%#v\n\n", got, want) 268 } 269 270 if !reflect.DeepEqual(got, want) { 271 t.Errorf("TLS DecodeFromBytes first decode doesn't match:\ngot:\n%#v\n\nwant:\n%#v\n\n", got, want) 272 } 273 274 if err := got.DecodeFromBytes(testClientKeyExchange, gopacket.NilDecodeFeedback); err != nil { 275 t.Errorf("TLS DecodeFromBytes second decode failed:\ngot:\n%#v\n\nwant:\n%#v\n\n", got, want) 276 } 277 278 if !reflect.DeepEqual(got, want) { 279 t.Errorf("TLS DecodeFromBytes second decode doesn't match:\ngot:\n%#v\n\nwant:\n%#v\n\n", got, want) 280 } 281 } 282 283 func TestParseTLSChangeCipherSpec(t *testing.T) { 284 p := gopacket.NewPacket(testClientKeyExchange, LayerTypeTLS, testTLSDecodeOptions) 285 if p.ErrorLayer() != nil { 286 t.Error("Failed to decode packet:", p.ErrorLayer().Error()) 287 } 288 checkLayers(p, []gopacket.LayerType{LayerTypeTLS}, t) 289 290 if got, ok := p.Layer(LayerTypeTLS).(*TLS); ok { 291 want := testClientKeyExchangeDecoded 292 if !reflect.DeepEqual(got, want) { 293 t.Errorf("TLS ChangeCipherSpec packet processing failed:\ngot:\n%#v\n\nwant:\n%#v\n\n", got, want) 294 } 295 } else { 296 t.Error("No TLS layer type found in packet") 297 } 298 } 299 300 func TestParseTLSAppData(t *testing.T) { 301 p := gopacket.NewPacket(testDoubleAppData, LayerTypeTLS, testTLSDecodeOptions) 302 if p.ErrorLayer() != nil { 303 t.Error("Failed to decode packet:", p.ErrorLayer().Error()) 304 } 305 checkLayers(p, []gopacket.LayerType{LayerTypeTLS}, t) 306 307 if got, ok := p.Layer(LayerTypeTLS).(*TLS); ok { 308 want := testDoubleAppDataDecoded 309 if !reflect.DeepEqual(got, want) { 310 t.Errorf("TLS TLSAppData packet processing failed:\ngot:\n%#v\n\nwant:\n%#v\n\n", got, want) 311 } 312 } else { 313 t.Error("No TLS layer type found in packet") 314 } 315 } 316 317 func TestSerializeTLSAppData(t *testing.T) { 318 buf := gopacket.NewSerializeBuffer() 319 opts := gopacket.SerializeOptions{FixLengths: true} 320 err := gopacket.SerializeLayers(buf, opts, testDoubleAppDataDecoded) 321 if err != nil { 322 t.Fatal(err) 323 } 324 325 p2 := gopacket.NewPacket(buf.Bytes(), LayerTypeTLS, testTLSDecodeOptions) 326 if p2.ErrorLayer() != nil { 327 t.Error("Failed to decode packet:", p2.ErrorLayer().Error()) 328 } 329 checkLayers(p2, []gopacket.LayerType{LayerTypeTLS}, t) 330 331 if got, ok := p2.Layer(LayerTypeTLS).(*TLS); ok { 332 want := testDoubleAppDataDecoded 333 if !reflect.DeepEqual(got, want) { 334 t.Errorf("Reconstructed TLSAppData packet processing failed:\ngot:\n%#v\n\nwant:\n%#v\n\n", got, want) 335 } 336 } else { 337 t.Error("No TLS layer type found in reconstructed packet") 338 } 339 } 340 341 func TestParseTLSMalformed(t *testing.T) { 342 p := gopacket.NewPacket(testMalformed, LayerTypeTLS, testTLSDecodeOptions) 343 if p.ErrorLayer() == nil { 344 t.Error("No Decoding Error when parsing a malformed data") 345 } 346 } 347 348 func TestParseTLSTooShort(t *testing.T) { 349 p := gopacket.NewPacket(testMalformed[0:2], LayerTypeTLS, testTLSDecodeOptions) 350 if p.ErrorLayer() == nil { 351 t.Error("No Decoding Error when parsing a malformed data") 352 } 353 } 354 355 func TestParseTLSLengthMismatch(t *testing.T) { 356 var testLengthMismatch = make([]byte, len(testDoubleAppData)) 357 copy(testLengthMismatch, testDoubleAppData) 358 testLengthMismatch[3] = 0xFF 359 testLengthMismatch[4] = 0xFF 360 p := gopacket.NewPacket(testLengthMismatch, LayerTypeTLS, testTLSDecodeOptions) 361 if p.ErrorLayer() == nil { 362 t.Error("No Decoding Error when parsing a malformed data") 363 } 364 } 365 366 func TestParseTLSAlertEncrypted(t *testing.T) { 367 p := gopacket.NewPacket(testAlertEncrypted, LayerTypeTLS, testTLSDecodeOptions) 368 if p.ErrorLayer() != nil { 369 t.Error("Failed to decode packet:", p.ErrorLayer().Error()) 370 } 371 checkLayers(p, []gopacket.LayerType{LayerTypeTLS}, t) 372 373 if got, ok := p.Layer(LayerTypeTLS).(*TLS); ok { 374 want := testAlertEncryptedDecoded 375 if !reflect.DeepEqual(got, want) { 376 t.Errorf("TLS TLSAlert packet processing failed:\ngot:\n%#v\n\nwant:\n%#v\n\n", got, want) 377 } 378 } else { 379 t.Error("No TLS layer type found in packet") 380 } 381 } 382 383 func TestSerializeTLSAlertEncrypted(t *testing.T) { 384 buf := gopacket.NewSerializeBuffer() 385 opts := gopacket.SerializeOptions{FixLengths: true} 386 err := gopacket.SerializeLayers(buf, opts, testAlertEncryptedDecoded) 387 if err != nil { 388 t.Fatal(err) 389 } 390 391 p2 := gopacket.NewPacket(buf.Bytes(), LayerTypeTLS, testTLSDecodeOptions) 392 if p2.ErrorLayer() != nil { 393 t.Error("Failed to decode packet:", p2.ErrorLayer().Error()) 394 } 395 checkLayers(p2, []gopacket.LayerType{LayerTypeTLS}, t) 396 397 if got, ok := p2.Layer(LayerTypeTLS).(*TLS); ok { 398 want := testAlertEncryptedDecoded 399 if !reflect.DeepEqual(got, want) { 400 t.Errorf("Reconstructed TLSAlertEncrypted packet processing failed:\ngot:\n%#v\n\nwant:\n%#v\n\n", got, want) 401 } 402 } else { 403 t.Error("No TLS layer type found in reconstructed packet") 404 } 405 }