cyassl-test: test ciphers supported by CyaSSL

author: Peter Wu <lekensteyn@gmail.com> 2013-12-06 12:41:31 +0100
committer: Peter Wu <lekensteyn@gmail.com> 2013-12-06 12:41:31 +0100
commit: 22acd0f9d1b8f7af840ba77a7ebdb927e56b7101 (patch)
tree: 35ecbe10c53e2504e208a276c5a69c7ed23ee3bb /notes.txt
parent: f10b17663bab369e8e88385c8c3406d3cc9f97e5 (diff)
download: wireshark-notes-22acd0f9d1b8f7af840ba77a7ebdb927e56b7101.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/notes.txt b/notes.txt
index 9e4d70f..330ed41 100644
--- a/notes.txt
+++ b/notes.txt
@@ -23,6 +23,14 @@ autoreconf -fiv
 make
 examples/server/server -p 4433
 SSLKEYLOGFILE=premaster.txt examples/client/client -l AES256-SHA -p 4433
+see also cyassl-test (in this repo) for testing all supported ciphers
+# Show a list of cipher suites from ClientHello and the HTTP version (or the
+# number of the ClientHello if decryption failed).
+/tmp/wsbuild/tshark -r cyassl-tcp.pcapng.gz -ohttp.ssl.port:4430 \
+ -ossl.keylog_file:premaster.txt -ossl.psk:1a2b3c4d -Tfields -e frame.number \
+ -e ssl.handshake.ciphersuite -e http.request.version \
+ -Y not\ ssl.handshake.type==2 |
+ awk '$2~/0x/{if(n)print n;printf("%s ",$2);n=$1}$2=="HTTP/1.0"{print $2;n=""}'
 
 # find which suites are not supported yet (unsupported.txt)
 awk -vsrc=/tmp/wireshark/epan/dissectors/packet-ssl-utils.c -F'[ {,]+' 'BEGIN{while(getline <src)if(/^ *\{.*,KEX_/)a[$2]=1}{if(!a[$1])print}' suites.txt
author	Peter Wu <lekensteyn@gmail.com>	2013-12-06 12:41:31 +0100
committer	Peter Wu <lekensteyn@gmail.com>	2013-12-06 12:41:31 +0100
commit	22acd0f9d1b8f7af840ba77a7ebdb927e56b7101 (patch)
tree	35ecbe10c53e2504e208a276c5a69c7ed23ee3bb /notes.txt
parent	f10b17663bab369e8e88385c8c3406d3cc9f97e5 (diff)
download	wireshark-notes-22acd0f9d1b8f7af840ba77a7ebdb927e56b7101.tar.gz