testing tls
play

Testing TLS Hubert Kario Quality Engineer 24-10-2015 2014 - PowerPoint PPT Presentation

Jan 25, 2023 •222 likes •774 views

Testing TLS Hubert Kario Quality Engineer 24-10-2015 2014 Heartbleed 24-10-2015 3/55 OpenSSL CCS bug 24-10-2015 4/55 gotofail 24-10-2015 5/55 Certifjcate handling 24-10-2015 6/55 CVE-2014-6321 in schannel a.k.a. Winshock

  1. Testing TLS Hubert Kario Quality Engineer 24-10-2015

  2. 2014

  3. Heartbleed 24-10-2015 3/55

  4. OpenSSL CCS bug 24-10-2015 4/55

  5. gotofail 24-10-2015 5/55

  6. Certifjcate handling 24-10-2015 6/55

  7. CVE-2014-6321 in schannel a.k.a. Winshock 24-10-2015 7/55

  8. POODLE 24-10-2015 8/55

  9. 2015

  10. FREAK 24-10-2015 10/55

  11. LOGJAM 24-10-2015 11/55

  12. State of testing

  13. OSS projects w/test plans <20% No testing No plan Source: Farooq & Quadri, 2011 24-10-2015 13/55

  14. OSS projects w/test tools 40% No testing No tooling Source: Farooq & Quadri, 2011 24-10-2015 14/55

  15. Code coverage tools No testing <50% No coverage Source: Farooq & Quadri, 2011 24-10-2015 15/55

  16. Bad error handling Incorrect 8% 92% Missing Source: Yan, Luo, Zhuang, Rodrigues, et al, 2014 24-10-2015 16/55

  17. Unit tests vs bugs No testing 77% Reproducible in unit testing Source: Yan, Luo, Zhuang, Rodrigues, et al, 2014 24-10-2015 17/55

  18. OSS TLS libraries OpenSSL NSS GnuTLS Framework N° tests 100-200 >7000 100-200 Negative tests 24-10-2015 18/55

  19. Test coverage 120 100 80 Tests/LOC 60 40 20 0 OpenSSL GnuTLS NSS “decent” sqlite 24-10-2015 19/55

  20. Test coverage 12 10 8 Tests/LOC 6 4 2 0 OpenSSL GnuTLS NSS “decent” sqlite 24-10-2015 20/55

  21. Test coverage 1.2 1 0.8 Tests/LOC 0.6 0.4 0.2 0 OpenSSL GnuTLS NSS “decent” sqlite 24-10-2015 21/55

  22. Why is that?

  23. Libraries and bad data 24-10-2015 23/55

  24. Invisible bugs 24-10-2015 24/55

  25. Fuzzy testing 24-10-2015 25/55

  26. Compatibility fears 24-10-2015 26/55

  27. Fears of untested code 24-10-2015 27/55

  28. Fixing the problem

  29. Duplication of effort 24-10-2015 29/55

  30. Full TLS handshake ClientHello --------> ServerHello Certificate ServerKeyExchange CertificateRequest <-------- ServerHelloDone Certificate ClientKeyExchange CertificateVerify ChangeCipherSpec Finished --------> ChangeCipherSpec <-------- Finished ApplicationData < --------> ApplicationData 24-10-2015 30/55

  31. Existing fuzzers 24-10-2015 31/55

  32. TLS testing (and fuzzing) 24-10-2015 32/55

  33. Timing information 24-10-2015 33/55

  34. Tlsfuzzer (and tlslite-ng)

  35. Use cases 1. Manual run (setup) 2. Automated run 24-10-2015 35/55

  36. Architecture generator tlslite-ng fuzzer OpenSSL NSS GnuTLS executor etc. 24-10-2015 36/55

  37. Generator architecture templates scanner generator conversation 24-10-2015 37/55

  38. Fuzzer architecture conversation fuzz verify conversation 24-10-2015 38/55

  39. Runner architecture expect conversation generate command 24-10-2015 39/55

  40. Architecture generator tlslite-ng fuzzer OpenSSL NSS GnuTLS executor etc. 24-10-2015 40/55

  41. Correct run $ openssl s_server -key /tmp/localhost.key -cert /tmp/localhost.crt -www >/dev/null 2>&1 $ PYTHONPATH=. python scripts/test-interleaved-application-data-and- fragmented-handshakes-in-renegotiation.py Application data inside Finished... OK Application data inside Client Key Exchange... OK Application data inside Client Hello... OK Test end successful: 3 failed: 0 24-10-2015 41/55

  42. Failing run $ openssl s_server -key /tmp/localhost.key -cert /tmp/localhost.crt -www >/dev/null 2>&1 $ PYTHONPATH=. python scripts/test-interleaved-application-data-and- fragmented-handshakes-in-renegotiation.py (...snip...) Application data inside Client Hello... Error encountered while processing node <tlsfuzzer.expect.ExpectServerHello object at 0x7f0ac61d3310> with last message being: <tlslite.messages.Message object at 0x7f0ac5f36a50> (...snip...) AssertionError: Unexpected message from peer: Alert(fatal, unexpected_message) Test end successful: 1 failed: 2 24-10-2015 42/55

  43. Example test case conversation = Connect("localhost", 4433) node = conversation ciphers = [CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA] node = node.add_child(ClientHelloGenerator(ciphers)) node = node.add_child(ExpectServerHello()) node = node.add_child(ExpectCertificate()) node = node.add_child(ExpectServerHelloDone()) node = node.add_child(ClientKeyExchangeGenerator()) node = node.add_child(ChangeCipherSpecGenerator()) node = node.add_child(FinishedGenerator()) node = node.add_child(ExpectChangeCipherSpec()) node = node.add_child(ExpectFinished()) node = node.add_child(ApplicationDataGenerator( bytearray(b"hello server!\n"))) node = node.add_child(AlertGenerator( AlertLevel.warning, AlertDescription.close_notify)) node = node.add_child(ExpectAlert()) node.next_sibling = ExpectClose() 24-10-2015 43/55

  44. Example test case conversation = Connect("localhost", 4433) node = conversation ciphers = [CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA] node = node.add_child(ClientHelloGenerator(ciphers)) node = node.add_child(ExpectServerHello()) node = node.add_child(ExpectCertificate()) node = node.add_child(ExpectServerHelloDone()) node = node.add_child(ClientKeyExchangeGenerator()) node = node.add_child(ChangeCipherSpecGenerator()) node = node.add_child(FinishedGenerator()) node = node.add_child(ExpectChangeCipherSpec()) node = node.add_child(ExpectFinished()) node = node.add_child(ApplicationDataGenerator( bytearray(b"hello server!\n"))) node = node.add_child(AlertGenerator( AlertLevel.warning, AlertDescription.close_notify)) node = node.add_child(ExpectAlert()) node.next_sibling = ExpectClose() 24-10-2015 44/55

  45. Decision tree Connect ClientHelloGenerator ExpectServerHello AlertGenerator ExpectAlert ExpectClose 24-10-2015 45/55

  46. Invalid extension test case conversation = Connect("localhost", 4433) node = conversation ciphers = [CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA] ext = {0 : # server_name extension ID lambda _: TLSExtension().create(0, bytearray(b'\xff'*4))} node = node.add_child(ClientHelloGenerator(ciphers, extensions=ext)) node = node.add_child(ExpectAlert(AlertLevel.fatal, AlertDescription.decode_error)) alert_node = node node = node.add_child(ExpectCose()) alert_node.next_sibling = ExpectClose() 24-10-2015 46/55

  47. Handshake message format Byte + 0 Byte + 1 Byte + 3 Byte + 4 Message Bytes 0..4 Message length type Bytes 5..8 Version Random (32 bytes) Session_ID ... Session_ID (0-32 bytes) length 24-10-2015 47/55

  48. Truncated message test case conversation = Connect("localhost", 4433) node = conversation ciphers = [CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA] node = node.add_child(truncate_handshake( ClientHelloGenerator(ciphers), 1)) node = node.add_child(ExpectAlert(AlertLevel.fatal, AlertDescription.decode_error)) alert_node = node node = node.add_child(ExpectCose()) alert_node.next_sibling = ExpectClose() 24-10-2015 48/55

  49. Padded message test case conversation = Connect("localhost", 4433) node = conversation ciphers = [CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA] node = node.add_child(pad_handshake(ClientHelloGenerator(ciphers), pad=bytearay(b'\xff\xff')) node = node.add_child(ExpectAlert(AlertLevel.fatal, AlertDescription.decode_error)) alert_node = node node = node.add_child(ExpectCose()) alert_node.next_sibling = ExpectClose() 24-10-2015 49/55

  50. Features ● SSLv3, TLSv1.0, TLSv1.1 and TLSv1.2 ● AES-CBC, AES-GCM, 3DES, RC4 and NULL ciphers ● MD5, SHA1, SHA256 and SHA384 HMAC ● RSA, SRP, SRP_RSA, DHE and DH_anon key exchange ● Encrypt-then-MAC ● TACK certifjcate pinning ● Client certifjcates ● Secure renegotiation ● TLS_FALLBACK_SCSV ● Next Protocol Negotiation ● ChaCha20/Poly1305 (soon™) ● ECDHE (soon™) 24-10-2015 50/55

  51. Missing stuff ● Drafts of TLSv1.3 ● Extended master secret ● PSK key exchange ● ALPN ● AES-CCM ● CAMELLIA (CBC and GCM) ● ECDSA, DSA certifjcates ● Drafts of Curve25519 ● Raw keys, GPG keys ● Heartbeat protocol ● Kerberos 24-10-2015 51/55

  52. Missing stuff ● Test cases! 24-10-2015 52/55

  53. Results 24-10-2015 53/55

  54. Contributing ● https://github.com/tomato42/tlsfuzzer ● https://github.com/tomato42/tlslite-ng ● GPLv2 for tlsfuzzer ● LGPLv2 for tlslite-ng ● Tags review request and help wanted 24-10-2015 54/55

  55. Questions? Contact: hkario@redhat.com Project: https://github.com/tomato42/tlsfuzzer

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Testing Terminology System testing Types of errors Function testing Structure

Testing Terminology System testing Types of errors Function testing Structure

Outline Testing Terminology System testing Types of errors Function testing Structure Testing Dealing with errors Performance testing Quality assurance vs Acceptance testing Testing Installation testing

396 views • 11 slides
Chapter 1 Fundamentals of testing 1. Why is testing necessary? 2. What is testing? 3. Test

Chapter 1 Fundamentals of testing 1. Why is testing necessary? 2. What is testing? 3. Test

Chapter 1 Fundamentals of testing 1. Why is testing necessary? 2. What is testing? 3. Test principles 4. Fundamental test process 5. The psychology of testing 1. Why is testing necessary 1.1 Software system context 1.2 Causes of

567 views • 36 slides
Levels of Testing Chapter 12 Beyond unit testing Developer Testing stages Unit testing

Levels of Testing Chapter 12 Beyond unit testing Developer Testing stages Unit testing

Levels of Testing Chapter 12 Beyond unit testing Developer Testing stages Unit testing Testing of individual components Integration testing Testing to expose problems arising from the combination of components System

173 views • 15 slides
Software Testing Software testing 1 V model Software testing 2 Program testing goals To

Software Testing Software testing 1 V model Software testing 2 Program testing goals To

Software Testing Software testing 1 V model Software testing 2 Program testing goals To demonstrate to the developer and the customer that the software meets its requirements. =&gt; leads to validation testing To discover situations

264 views • 11 slides
Lecture 8 Purpose of testing Kinds of testing Testing Heuristics for good test

Lecture 8 Purpose of testing Kinds of testing Testing Heuristics for good test

CSE 331 Outline Software Design and Implementation Why correct software matters Motivates testing and more than testing, but now seems like a fine time for the discussion Testing principles and strategies Lecture 8 Purpose

506 views • 13 slides
Testing Overview Introduction (Proving and Testing) Types of Testing Unit,

Testing Overview Introduction (Proving and Testing) Types of Testing Unit,

CPSC 310 Software Engineering Testing Overview Introduction (Proving and Testing) Types of Testing Unit, Integration, Regression, System, Acceptance Testing Tactics Functional (Black Box), Structural (White Box)

982 views • 61 slides
Testing 5 March 2020 OSU CSE 1 Importance of Testing Testing is a ubiquitous and expensive

Testing 5 March 2020 OSU CSE 1 Importance of Testing Testing is a ubiquitous and expensive

Testing 5 March 2020 OSU CSE 1 Importance of Testing Testing is a ubiquitous and expensive software engineering activity It is not unusual to spend 30-40% of total project effort on testing For big and/or life-critical systems

701 views • 47 slides
Overview Objective Types of testing ECE 553: TESTING AND Verification testing

Overview Objective Types of testing ECE 553: TESTING AND Verification testing

9/1/2014 Overview Objective Types of testing ECE 553: TESTING AND Verification testing TESTABLE DESIGN OF Characterization testing Manufacturing testing DIGITAL SYSTES DIGITAL SYSTES Acceptance testing

368 views • 7 slides
Chapter 11, Testing ! Function testing Types of errors ! Structure Testing Dealing with

Chapter 11, Testing ! Function testing Types of errors ! Structure Testing Dealing with

Outline Object-Oriented Software Engineering Terminology System testing Chapter 11, Testing ! Function testing Types of errors ! Structure Testing Dealing with errors ! Performance testing Using UML, Patterns, and Java Quality

425 views • 7 slides
Functional Testing Review Chapter 8 Functional Testing We saw three types of functional

Functional Testing Review Chapter 8 Functional Testing We saw three types of functional

Functional Testing Review Chapter 8 Functional Testing We saw three types of functional testing Boundary Value Testing Equivalence Class Testing Decision Table-Based Testing What is the common thread among the above methods?

685 views • 33 slides
Page 1 Unit Testing Informal -- Incremental coding Static Analysis: Hand execution:

Page 1 Unit Testing Informal -- Incremental coding Static Analysis: Hand execution:

Podcast Ch11-02 Title : Types of Testing Description : Unit Testing, Black Box Testing, White Box Testing, Using Flow Diagrams Participants : Barry Kurtz (instructor); Brandon Winters, Sara Hyde, Cheng Vue, Dan Baehr (students)

792 views • 8 slides
Testing 6.1 Specification testing Michel Bierlaire A short reminder on hypothesis testing

Testing 6.1 Specification testing Michel Bierlaire A short reminder on hypothesis testing

Testing 6.1 Specification testing Michel Bierlaire A short reminder on hypothesis testing Hypothesis testing is a method to contradict a theoretical assumption using data. In his seminal book on design of experiments, Fisher (1937) uses

526 views • 3 slides
Property-Based Testing Matt Bachmann @mattbachmann Testing is Important Testing is Important

Property-Based Testing Matt Bachmann @mattbachmann Testing is Important Testing is Important

Property-Based Testing Matt Bachmann @mattbachmann Testing is Important Testing is Important Testing is Important Testing is Hard Testing is Hard Testing is Hard Capture the Important Cases Minimize The Coding Overhead Sorting a list of

1.66k views • 118 slides
Testing a URL Class http://www.askigor.org/status.php?id=sample Query Protocol Host Path 31

Testing a URL Class http://www.askigor.org/status.php?id=sample Query Protocol Host Path 31

Making Programs Fail Andreas Zeller 1 Two Views of Testing Testing means to execute a program with the intent to make it fail. Testing for validation: Finding unknown failures (classical view) Testing for debugging: Finding a

459 views • 17 slides
Structural Testing Also known as glass/white/open box testing Structural testing is based

Structural Testing Also known as glass/white/open box testing Structural testing is based

Path Testing and Test Coverage Chapter 9 Structural Testing Also known as glass/white/open box testing Structural testing is based on using specific knowledge of the program source text to define test cases Contrast with functional

999 views • 60 slides
Black Box Testing (A&amp;O Ch. 4) (2 nd Ed. Ch. 6) Course Software Testing &amp; Verification

Black Box Testing (A&amp;O Ch. 4) (2 nd Ed. Ch. 6) Course Software Testing &amp; Verification

Black Box Testing (A&amp;O Ch. 4) (2 nd Ed. Ch. 6) Course Software Testing &amp; Verification 2019/20 Wishnu Prasetya &amp; Gabriele Keller Plan Partitioning based testing (A&amp;O Ch 4/2 nd Ed Ch. 6). Model based testing Note: black

772 views • 39 slides
Variables CS105 : Saelee puts &quot;Hello, Michael&quot; puts &quot;Pleased to meet

Variables CS105 : Saelee puts &quot;Hello, Michael&quot; puts &quot;Pleased to meet

Variables CS105 : Saelee puts &quot;Hello, Michael&quot; puts &quot;Pleased to meet you, Michael.&quot; puts &quot;Michael, welcome to CS 105!&quot; puts &quot;The name of your instructor is Michael

677 views • 26 slides
SQL Injection Last Few Lectures XSS - Cross-site scripting XSRF/CSRF - Cross-site request

SQL Injection Last Few Lectures XSS - Cross-site scripting XSRF/CSRF - Cross-site request

SQL Injection Last Few Lectures XSS - Cross-site scripting XSRF/CSRF - Cross-site request forgery Code Injection Attacks Attacker executes arbitrary code on server Programming the program Not sanitizing user

287 views • 11 slides
Combining objects A class can use another class as a

Combining objects A class can use another class as a

Combining objects A class can use another class as a member variable (a field). This called object composi&lt;on. Use this when you would

390 views • 10 slides
Stetho: using Dev Tools for native app debugging Maksim Lin Freelance Android Developer

Stetho: using Dev Tools for native app debugging Maksim Lin Freelance Android Developer

Stetho: using Dev Tools for native app debugging Maksim Lin Freelance Android Developer www.manichord.com Chrome Dev Tools ( aka F12 ) ? What is Stetho ? Android library project from Facebook Implements Chrome DevTools Protocol

500 views • 14 slides
Comparatives Katy Carlson Morehead State University k.carlson@moreheadstate.edu Virtual ECBAE3,

Comparatives Katy Carlson Morehead State University k.carlson@moreheadstate.edu Virtual ECBAE3,

Parallelism and Ellipsis in Comparatives Katy Carlson Morehead State University k.carlson@moreheadstate.edu Virtual ECBAE3, July 2020 The Project in a Nutshell Comparative constructions can have a range of syntactic continuations, from

519 views • 35 slides
Here's where we are with open source security and here's what we need to do about it Nicko

Here's where we are with open source security and here's what we need to do about it Nicko

Here's where we are with open source security and here's what we need to do about it Nicko van Someren, Core Infrastructure Initiative 2014 was a bad year for FOSS security The Linux Foundation created the Core Infrastructure Initiative

931 views • 25 slides
Securely Implementing Network Protocols: Detecting and Preventing Logical Flaws Mathy Vanhoef

Securely Implementing Network Protocols: Detecting and Preventing Logical Flaws Mathy Vanhoef

Securely Implementing Network Protocols: Detecting and Preventing Logical Flaws Mathy Vanhoef (KU Leuven) Black Hat Webcast, 24 August 2017 @vanhoefm Introduction Many protocols have been affected by logical bugs Design flaws Implementation

692 views • 31 slides
Kirkwood at Westheimer Kirkwood at Overbrook Kirkwood at Southlake Kirkwood at Poplar Creek

Kirkwood at Westheimer Kirkwood at Overbrook Kirkwood at Southlake Kirkwood at Poplar Creek

Kirkwood at Westheimer Kirkwood at Overbrook Kirkwood at Southlake Kirkwood at Poplar Creek Kirkwood at Waldemar Kirkwood at The Steeples Kirkwood at The Abbey Kirkwood at Briar Forest Kirkwood at Kirkwood Plaza Kirkwood at Highgrove

447 views • 18 slides

More recommend