path: root/notes.txt

/tmp/wireshark/configure --prefix=/tmp/wsroot --with-ssl --with-gtk2 --without-gtk3
# CMake rocks!
cmake -DCMAKE_INSTALL_PREFIX=/tmp/wsroot -DENABLE_GTK3=0 -DENABLE_PORTAUDIO=0 -DENABLE_QT5=0 -DENABLE_GEOIP=0 -DENABLE_KERBEROS=0 -DENABLE_SMI=0

# libgcrypt RC2 fixing (accepted in git
# http://lists.gnupg.org/pipermail/gcrypt-devel/2013-October/002428.html)
# Fix compile issue (missing fig2dev in doc, Makefile.in in tests is not
# generated (Makefile/autotools of the repo too old?))
sed '/^tests\/Makefile$/d' -i configure.ac &&
sed '/SUBDIRS/s/ doc tests//' -i Makefile.am && ./autogen.sh
mkdir build && cd build
../configure --disable-static --disable-padlock-support --prefix=/tmp/libgcrypt/prefix
make install
# for libgcrypt-config test in wireshark ./configure
PATH=/tmp/libgcrypt/prefix/bin:$PATH
# for cmake add:
-DGCRYPT_INCLUDE_DIR=/tmp/libgcrypt/prefix/include -DGCRYPT_LIBRARY=/tmp/libgcrypt/prefix/lib/libgcrypt.so

# Build cyassl for AES-CCM testing
patch -p1 < cyassl-Implement-SSLKEYLOGFILE-support-for-ClientRandom.patch
autoreconf -fiv
./configure --enable-{opensslextra,dtls,ipv6,sniffer,aes{c,g}cm,camellia,md2,dsa,ecc,psk,webserver,sni}
make
examples/server/server -p 4433
SSLKEYLOGFILE=premaster.txt examples/client/client -l AES256-SHA -p 4433

# find which suites are not supported yet (unsupported.txt)
awk -vsrc=/tmp/wireshark/epan/dissectors/packet-ssl-utils.c -F'[ {,]+' 'BEGIN{while(getline <src)if(/^ *\{.*,KEX_/)a[$2]=1}{if(!a[$1])print}' suites.txt
# find which ciphers openssl supports
openssl ciphers -V | awk -F'[, ]+' '{print $2, $3, $5}' | while read n1 n2 name; do echo $(($n1*0x100 + $n2)) $name;done|sort -n > openssl-supported-ciphers.txt
# find which ciphers are not yet supported (unsupported-new is from above)
grep -E "$(cut -d' ' -f1 unsuppported-new.txt  openssl-supported-ciphers.txt | sort | uniq -d | tr '\n' '|' | sed 's/|$//')" unsuppported-new.txt -w


# Get keys from NSS applications:
SSLKEYLOGFILE=premaster.txt firefox

# command to use key file from NSS
/tmp/wsroot/bin/wireshark -o ssl.keylog_file:$PWD/s_client-keys.txt s_client.capng -o http.ssl.port:4433 -o ssl.debug_file:s_client-debug.txt

# Command to look for relation between cipher and mode (stream vs cbc)
grep epan/dissectors/packet-ssl-utils.c -e '^ *{.*,KEX' | column -s, -t | sort -k 4,4 -k 11,11

# pipe openssl
stdbuf -oL openssl s_server -CAfile server.crt -cert server.crt -key server.pem -www -cipher ALL 2>&1 | awk '/ACCEPT/{print (++n) " " $0}!/ACCEPT/{print}{fflush()}'
openssl ciphers | tr : '\n' > ciphers.txt
# trigger tests:
openssl ciphers|tr : '\n' | while read i;do echo;echo $i;curl --cacert /tmp/snif/pki/server.crt https://localhost:4433 -o /dev/null --ciphers $i -v;done
# "fail" file is above output
awk 'BEGIN{while(getline<"fail"){if(/ACCEPT/){n=$1}else if(/error/){fails[n]=1}}} {if(!fails[NR])print}' ciphers.txt


# convert CipherSuite from RFC to code
xsel | ./generate-wireshark-cs | sed s/{/,/ | sort -t, -n -k2,2 | sed s/,/{/
# check for differences between existing ciphers and new ones from X clipboard
ssort(){ sed s/{/,/ | sort -n -t, -k2,2 | sed s/,/{/; }
grep ,KEX_ packet-ssl-utils.c | ssort > 1;(cat 1; xsel) | sort -k1,1 -t} -u | ssort > 2; colordiff -u 1 2

# command to sort by Au(th) and show official TLS names
openssl ciphers -V | sort -k6,6 |
gawk '{split($1,a,",");$1=strtonum(a[1])*256+strtonum(a[2])}{print}' |
sort -k6,6 | ./number-to-name.awk -vcmd='cat suites.txt' | column -t | less


# dump CLIENT_RANDOM for every cipher
openssl ciphers|tr : '\n' | grep -vE '^(PSK|SRP|ECDHE-ECDSA|ECDH)-|-DSS-' | while read cipher; do (echo 'GET / HTTP/1.0';sleep .1) | openssl s_client -connect localhost:4433 -cipher $cipher -msg 2>&1 | awk '/Master-Key:/{key=$2} {b=1;e=16;if(l==3)b=7;if(l==1)e=6;for(i=b;i<=e;i++)s=s$i;if(l--==1)r[s]=1}/ ClientHello|ServerHello$/{l=3;s=""} END{for(rnd in r)print "CLIENT_RANDOM",rnd,key}';done > all/s_client-keys.txt
# dump CLIENT_RANDOM for every cipher for *.local.al.lekensteyn.nl with TLS disabled
for url in $(grep -E '/(IDEA-CBC-SHA|EXP-RC2-CBC-MD5)\.' -i ssl3/ok.txt); do host="${url##*/}"; (printf "GET / HTTP/1.1\r\nHost: $host\r\n\r\n";sleep .2) | openssl s_client -connect "$host" -CApath /etc/nginx/certs -no_tls1 -msg 2>&1 | awk '/Master-Key:/{key=$2} {b=1;e=16;if(l==3)b=7;if(l==1)e=6;for(i=b;i<=e;i++)s=s$i;if(l--==1)r[s]=1}/ ClientHello|ServerHello$/{l=3;s=""} END{for(rnd in r)print "CLIENT_RANDOM",rnd,key}'; done >> /tmp/snif/ssl3/premaster.txt

# fetch a list of hosts to visit
</etc/nginx/sites/ciphertest.conf awk -F '[:; ]+' '/listen/{port=$4}/server_name/&&$5{print "https://"$5":"port}' > urls.txt
# Get good and bad cipher suites wrt web server certs
rm ok.txt nok.txt;time while read url; do curl -ks "$url" -o /dev/null && echo $url >> ok.txt || echo $url >> nok.txt;done < urls.txt
# same as above, but restrict to OpenSSL ciphers during request
rm ok.txt nok.txt;time while read url; do cipher="${url%%.*}";cipher="${cipher##*/}";curl -ks "$url" -o /dev/null --ciphers "${cipher^^}" && echo $url >> ok.txt || echo $url >> nok.txt;done < urls.txt
# same test, but using openssl instead of curl
for url in $(cat res/ok.txt); do host="${url##*/}"; echo;echo;echo _____ $host;(printf "GET / HTTP/1.1\r\nHost: $host\r\n\r\n";sleep .2) | openssl s_client -connect "$host" -CApath /etc/nginx/certs; done 2>&1 | tee s_client-all-res-ok.txt


The following OpenSSL cipher suites do not connect to nginx (obsolete):
EXP-EDH-DSS-DES-CBC-SHA
EXP-EDH-RSA-DES-CBC-SHA
PSK-RC4-SHA
PSK-3DES-EDE-CBC-SHA
PSK-AES128-CBC-SHA
PSK-AES256-CBC-SHA
ECDH-RSA-RC4-SHA
ECDH-RSA-DES-CBC3-SHA
ECDH-RSA-AES128-SHA
ECDH-RSA-AES256-SHA
SRP-RSA-3DES-EDE-CBC-SHA
SRP-DSS-3DES-EDE-CBC-SHA
SRP-RSA-AES-128-CBC-SHA
SRP-DSS-AES-128-CBC-SHA
SRP-RSA-AES-256-CBC-SHA
SRP-DSS-AES-256-CBC-SHA
ECDH-RSA-AES128-SHA256
ECDH-RSA-AES256-SHA384
ECDH-RSA-AES128-GCM-SHA256
ECDH-RSA-AES256-GCM-SHA384

Groupable to:
- EXP-EDH-{DSS,RSA}
- PSK
- ECDH-RSA (obsolete, it is supported with correct cert)
- SRP

Not supported by GnuTLS (source:
http://backreference.org/2009/11/18/openssl-vs-gnutls-cipher-names/)
- TLS-SRP (Secure Remote Password)
- PSK (Pre-Shared Key)
- ECDH-{RSA,ECDSA} (not ECDHE-RSA) (source: wikipedia)

Missing cipher suite support (from
http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4):
- SRP
- KRB5
- PSK
- ARIA
- mode CCM

libgcrypt RC2 (40-bit keys) implementation is named "RFC2268_40". This does not
seem to work with TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 though. I think that the
unimplemented RFC2268_128 algo should be used. As mentioned in RFC 2246 (TLS
1.0), section 6.3.1. Export key generation example, this RC2 cipher suite has a
final_client_write_key length of 128 bits.

# Generate RSA stuff
openssl genrsa -out server.pem
openssl req -new -x509 -key server.pem -out server.crt -days 3650 -subj "/CN=*.local.al.lekensteyn.nl"
# Generate dsa params, privkey and signed pubkey
openssl dsaparam 1024 -out dsaparam.pem
openssl gendsa dsaparam.pem -out dsa.pem
openssl req -new -key dsa.pem -x509 -days 3650 -out dsa.crt -subj "/CN=*.local.al.lekensteyn.nl"
# Generete EC params (secp112r1 cert does not work, "no shared cipher" error)
# secp256r1 is supported by chromium (and secp{384,521}r1 too)
openssl ecparam -name prime192v1 -out ec.pem -genkey
openssl req -new -key ec.pem -x509 -days 3650 -out ec.crt -subj "/CN=*.local.al.lekensteyn.nl/OU=EC"