Skip to content

Commit

Permalink
tests: add JA4 pcap tests (#4714)
Browse files Browse the repository at this point in the history
  • Loading branch information
lrstewart authored Aug 22, 2024
1 parent f2c9f93 commit 2b40600
Show file tree
Hide file tree
Showing 4 changed files with 47 additions and 5 deletions.
8 changes: 5 additions & 3 deletions .github/workflows/ci_rust.yml
Original file line number Diff line number Diff line change
Expand Up @@ -272,7 +272,7 @@ jobs:
run: grep "rust-version = \"$(cat ${{env.ROOT_PATH}}/rust-toolchain)\"" ${{env.ROOT_PATH}}/s2n-tls-tokio/Cargo.toml

pcaps:
runs-on: ubuntu-latest
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v3
with:
Expand All @@ -285,7 +285,9 @@ jobs:
rustup override set stable
- name: Install tshark
run: sudo apt-get install -y tshark
run: |
sudo apt-get install -y tshark
tshark --version
- name: Generate bindings
working-directory: ${{env.ROOT_PATH}}
Expand All @@ -299,4 +301,4 @@ jobs:
- name: Run tests
working-directory: ${{env.PCAP_TEST_PATH}}
run: cargo test
run: cargo test --all-features
4 changes: 4 additions & 0 deletions tests/pcap/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@ version = "0.1.0"
edition = "2021"
publish = false

[features]
default = []
ja4 = [] # Older versions of tshark do not support JA4

[dependencies]
anyhow = "1.0.86"
hex = "0.4.3"
Expand Down
10 changes: 10 additions & 0 deletions tests/pcap/src/client_hello.rs
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,16 @@ impl ClientHello {
self.0.packet.metadata(Self::JA3_STR).map(str::to_owned)
}

const JA4_HASH: &'static str = "tls.handshake.ja4";
pub fn ja4_hash(&self) -> Option<String> {
self.0.packet.metadata(Self::JA4_HASH).map(str::to_owned)
}

const JA4_STR: &'static str = "tls.handshake.ja4_r";
pub fn ja4_string(&self) -> Option<String> {
self.0.packet.metadata(Self::JA4_STR).map(str::to_owned)
}

pub fn message(&self) -> &HandshakeMessage {
&self.0
}
Expand Down
30 changes: 28 additions & 2 deletions tests/pcap/tests/s2n_client_hellos.rs
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,9 @@ fn get_s2n_hello(pcap_hello: &PcapHello) -> Result<Box<S2NHello>> {
Ok(r?)
}

fn test_all_client_hellos<F>(test_fn: F) -> Result<()>
fn test_all_client_hellos<F>(mut test_fn: F) -> Result<()>
where
F: FnOnce(PcapHello, Box<S2NHello>) -> Result<()> + Copy,
F: FnMut(PcapHello, Box<S2NHello>) -> Result<()>,
{
let pcaps = all_pcaps();
for pcap in pcaps {
Expand Down Expand Up @@ -62,3 +62,29 @@ fn ja3_fingerprints() -> Result<()> {
Ok(())
})
}

#[cfg(feature = "ja4")]
#[test]
fn ja4_fingerprints() -> Result<()> {
use s2n_tls::fingerprint;

let mut builder = fingerprint::Builder::new(FingerprintType::JA4)?;

test_all_client_hellos(|pcap_hello, s2n_hello| {
let mut fingerprint = builder.build(&s2n_hello)?;

let s2n_ja4_hash = fingerprint
.hash()
.context("s2n failed to calculate ja4 hash")?
.to_owned();

let s2n_ja4_str = fingerprint
.raw()
.context("s2n failed to calculate ja4 string")?
.to_owned();

assert_eq!(pcap_hello.ja4_hash(), Some(s2n_ja4_hash));
assert_eq!(pcap_hello.ja4_string(), Some(s2n_ja4_str));
Ok(())
})
}

0 comments on commit 2b40600

Please sign in to comment.