SSL Peach Pit User Guide. Peach Fuzzer, LLC. Version 3.7.64

SSL Peach Pit User Guide Peach Fuzzer, LLC Version 3.7.64

Copyright 2015 Peach Fuzzer, LLC. All rights reserved. This document may not be distributed or used for commercial purposes without the explicit consent of the copyright holders. Peach Fuzzer is a registered trademark of Peach Fuzzer, LLC. Peach Fuzzer contains Patent Pending technologies. While every precaution has been taken in the preparation of this book, the publisher and authors assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein. Peach Fuzzer, LLC 1122 E Pike St Suite 1064 Seattle, WA 98112 1

1. SSL Peach Pit: Data Sheet Peach Pit: SSL Target: Client (with and without certificate request), Server Supported Platforms: Windows, Linux, OS X The SSL/TLS protocol provides communications privacy over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. This pit supports versions 1.0, 1.1, and 1.2 of the protocol. Server RFC 2246 The TLS Protocol Version 1.0 RFC 4346 RFC 5246 RFC 6520 The Transport Layer Security (TLS) Protocol Version 1.1 The Transport Layer Security (TLS) Protocol Version 1.2 Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension 1.1. Specifications Specification Title RFC 2246 The TLS Protocol Version 1.0 RFC 4346 RFC 5246 RFC 6520 The Transport Layer Security (TLS) Protocol Version 1.1 The Transport Layer Security (TLS) Protocol Version 1.2 Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension 1.2. Use Cases Messages Specification Client Hello RFC 2246, RFC 4346, RFC 5246 2

Messages Specification Server Hello RFC 2246, RFC 4346, RFC 5246 Server Certificate RFC 2246, RFC 4346, RFC 5246 Server Key Exchange RFC 2246, RFC 4346, RFC 5246 Certificate Request RFC 2246, RFC 4346, RFC 5246 Server Hello Done RFC 2246, RFC 4346, RFC 5246 Client Certificate RFC 2246, RFC 4346, RFC 5246 Client Key Exchange RFC 2246, RFC 4346, RFC 5246 Change Cipher RFC 2246, RFC 4346, RFC 5246 Certificate Verify RFC 2246, RFC 4346, RFC 5246 Finished RFC 2246, RFC 4346, RFC 5246 Alert RFC 2246, RFC 4346, RFC 5246 Encrypted Data RFC 2246, RFC 4346, RFC 5246 Heartbeat Hello RFC 6520 Heartbeat Request RFC 6520 Heartbeat Response RFC 6520 1.3. Cipher Suites Cipher Suite RSA-SHA-AES128 3

2. TLS-1.0 Client Configuration This pit configuration enables the target to perform a TLS connection without client certificate verification. For TLS connections with client certificate verification, see the SSL TLS-1.0 Client Verify configuration. Only a single cipher suite is currently supported by the SSL TLS pits, RSA-SHA-AES128. The client target must be configured to accept this cipher suite. After the TLS connection is established, the Pit sends an Alert disconnect message and closes the connection. The SSL private key for the server must NOT be password protected. This file is specified using the Server Key parameter. In configuring this pit, the user might need to supply network-centric information for the test target or the local host that runs Peach, such as the following: Name of the network interface Machine address (MAC) of the communications channel IPv4 and/or IPv6 addresses of the communications channel The topic Retrieving Machine Information describes how to find these items in the Peach-supported operating systems. 2.1. Generating Keys and Certificates OpenSSL can be used to generate a working set of keys and certificates for use with this pit. 4

1. ca.conf: [ ca ] default_ca = ca_default [ ca_default ] dir =./ certs = $dir new_certs_dir = $dir database = ca-db-index serial = ca-db-serial RANDFILE = ca-db-rand certificate = ca-cert.pem private_key = ca-key.pem default_days = 365 default_crl_days = 365 default_md = md5 preserve = no policy = generic_policy [ generic_policy ] countryname = optional stateorprovincename = optional localityname = optional organizationname = optional organizationalunitname = optional commonname = supplied emailaddress = optional The following commands are given in the Unix/Linux style; but, can be performed also from Windows with minor adjustments. During the certificate generation process, OpenSSL prompts for some input. In almost all cases, the default values can be used. The only exception is the Common Name (CN). For the first certificate, the value of CN should be the server address. For the second certificate, the value of CN should be the client name. 5

2. Generate Keys and Certificates mkdir certs cd certs cp../ca.conf. echo 01 > ca-db-serial # Certificate Authority openssl req -nodes -x509 -newkey rsa:2048 -days 365 -keyout ca-key.pem -out ca-cert.pem # Server Certificate openssl req -nodes -new -newkey rsa:2048 -keyout server-key.pem -out server.csr # Sign Server Certificate openssl ca -config ca.conf -days 365 -in server.csr -out server-cert.pem # Client Certificate openssl req -nodes -new -newkey rsa:2048 -keyout client-key.pem -out client.csr # Sign Client Certificate openssl ca -config ca.conf -days 365 -in client.csr -out client-cert.pem 2.2. Required Pit Configuration Changes Server Certificate (ServerCert) Full path to the file containing SSL certificates for the server using PEM format. Server Key (ServerKey) Full path to the file containing the SSL private key for the server using PEM format. The key file must not be password protected. CA Certificate (CaCert) Full path to the file containing the CA certificate used to verify clients. 2.3. Optional Pit Configuration Changes Listen IPv4 Address (ListenIPv4) Interface on the local machine that Peach uses to listen for incoming connections. The default value 0.0.0.0 causes Peach to listen on all interfaces. Listen Port (ListenPort) Port on the local machine that Peach uses to listen for incoming connections. The default value is 6

443. Accept Timeout (AcceptTimeout) Duration, in milliseocnds, to wait for an incoming connection to complete. The value -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is 5000 ms. Receive Timeout (ReceiveTimeout) Duration, in milliseconds, to wait for incoming data. Timing starts by issuing a read request and ends when the client receives the requested data. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is 3000. Send Timeout (SendTimeout) Duration, in milliseconds, to wait for a send request to complete. Timing starts by issuing a send request and ends when the send operation occurs. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is -1. 7

3. TLS-1.0 Client Verify Configuration This pit configuration enables the target to perform a TLS connection with client certificate verification. For TLS connections without client certificate verification, see the SSL TLS-1.0 Client configuration. Only a single cipher suite is currently supported by the SSL TLS pits, RSA-SHA-AES128. The client target must be configured to accept this cipher suite. After the TLS connection is established, the Pit sends an Alert disconnect message and closes the connection. When requesting a certificate from the client, the server requests a certificate before finishing the hello dialog, then receives the certificate and verification of the certificate in subsequent packets. The SSL private key for the server must NOT be password protected. This file is specified using the Server Key parameter. In configuring this pit, the user might need to supply network-centric information for the test target or the local host that runs Peach, such as the following: Name of the network interface Machine address (MAC) of the communications channel IPv4 and/or IPv6 addresses of the communications channel The topic Retrieving Machine Information describes how to find these items in the Peach-supported operating systems. 3.1. Generating Keys and Certificates OpenSSL can be used to generate a working set of keys and certificates for use with this pit. 8

3. ca.conf: [ ca ] default_ca = ca_default [ ca_default ] dir =./ certs = $dir new_certs_dir = $dir database = ca-db-index serial = ca-db-serial RANDFILE = ca-db-rand certificate = ca-cert.pem private_key = ca-key.pem default_days = 365 default_crl_days = 365 default_md = md5 preserve = no policy = generic_policy [ generic_policy ] countryname = optional stateorprovincename = optional localityname = optional organizationname = optional organizationalunitname = optional commonname = supplied emailaddress = optional The following commands are given in the Unix/Linux style; but, can be performed also from Windows with minor adjustments. During the certificate generation process, OpenSSL prompts for some input. In almost all cases, the default values can be used. The only exception is the Common Name (CN). For the first certificate, the value of CN should be the server address. For the second certificate, the value of CN should be the client name. 9

4. Generate Keys and Certificates mkdir certs cd certs cp../ca.conf. echo 01 > ca-db-serial # Certificate Authority openssl req -nodes -x509 -newkey rsa:2048 -days 365 -keyout ca-key.pem -out ca-cert.pem # Server Certificate openssl req -nodes -new -newkey rsa:2048 -keyout server-key.pem -out server.csr # Sign Server Certificate openssl ca -config ca.conf -days 365 -in server.csr -out server-cert.pem # Client Certificate openssl req -nodes -new -newkey rsa:2048 -keyout client-key.pem -out client.csr # Sign Client Certificate openssl ca -config ca.conf -days 365 -in client.csr -out client-cert.pem 3.2. Required Pit Configuration Changes Server Certificate (ServerCert) Full path to the file containing SSL certificates for the server using PEM format. Server Key (ServerKey) Full path to the file containing the SSL private key for the server using PEM format. The key file must not be password protected. CA Certificate (CaCert) Full path to the file containing the CA certificate used to verify clients. 3.3. Optional Pit Configuration Changes Listen IPv4 Address (ListenIPv4) Interface on the local machine that Peach uses to listen for incoming connections. The default value 0.0.0.0 causes Peach to listen on all interfaces. Listen Port (ListenPort) Port on the local machine that Peach uses to listen for incoming connections. The default value is 10

443. Accept Timeout (AcceptTimeout) Duration, in milliseocnds, to wait for an incoming connection to complete. The value -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is 5000 ms. Receive Timeout (ReceiveTimeout) Duration, in milliseconds, to wait for incoming data. Timing starts by issuing a read request and ends when the client receives the requested data. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is 3000. Send Timeout (SendTimeout) Duration, in milliseconds, to wait for a send request to complete. Timing starts by issuing a send request and ends when the send operation occurs. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is -1. 11

4. TLS-1.0 Server Configuration This pit configuration enables the target to accept a TLS connection with or without client certificate verification. Our recommendation is to test both configurations. Only a single cipher suite is currently supported by the SSL TLS pits, RSA-SHA-AES128. The server target must be configured to accept this cipher suite. After the TLS connection is established, the Pit sends an Alert disconnect message and closes the connection. The SSL private key for the client must NOT be password protected. This file is specified using the Client Key parameter. In configuring this pit, the user might need to supply network-centric information for the test target or the local host that runs Peach, such as the following: Name of the network interface Machine address (MAC) of the communications channel IPv4 and/or IPv6 addresses of the communications channel The topic Retrieving Machine Information describes how to find these items in the Peach-supported operating systems. 4.1. Generating Keys and Certificates OpenSSL can be used to generate a working set of keys and certificates for use with this pit. 12

5. ca.conf: [ ca ] default_ca = ca_default [ ca_default ] dir =./ certs = $dir new_certs_dir = $dir database = ca-db-index serial = ca-db-serial RANDFILE = ca-db-rand certificate = ca-cert.pem private_key = ca-key.pem default_days = 365 default_crl_days = 365 default_md = md5 preserve = no policy = generic_policy [ generic_policy ] countryname = optional stateorprovincename = optional localityname = optional organizationname = optional organizationalunitname = optional commonname = supplied emailaddress = optional The following commands are given in the Unix/Linux style; but, can be performed also from Windows with minor adjustments. During the certificate generation process, OpenSSL prompts for some input. In almost all cases, the default values can be used. The only exception is the Common Name (CN). For the first certificate, the value of CN should be the server address. For the second certificate, the value of CN should be the client name. 13

6. Generate Keys and Certificates mkdir certs cd certs cp../ca.conf. echo 01 > ca-db-serial # Certificate Authority openssl req -nodes -x509 -newkey rsa:2048 -days 365 -keyout ca-key.pem -out ca-cert.pem # Server Certificate openssl req -nodes -new -newkey rsa:2048 -keyout server-key.pem -out server.csr # Sign Server Certificate openssl ca -config ca.conf -days 365 -in server.csr -out server-cert.pem # Client Certificate openssl req -nodes -new -newkey rsa:2048 -keyout client-key.pem -out client.csr # Sign Client Certificate openssl ca -config ca.conf -days 365 -in client.csr -out client-cert.pem 4.2. Required Pit Configuration Changes Target IPv4 Address (TargetIPv4) IPv4 address of the target machine. Client Certificate (ClientCert) Full path to the file containing the SSL certificate for the client using PEM format. Client Key(TLS_ClientKey) Full path to the file containing the SSL private key for the client using PEM format. The key must not be password protected. 4.3. Optional Pit Configuration Changes Target Port (TargetPort) Port number the target machine uses to receive messages. The default value is 443. Connect Timeout (ConnectTimeout) Duration, in milliseconds, for an outgoing connection to complete. Timing starts when the client requests a connection and ends when the client receives the server s response. A value of -1 extends 14

the duration to infinity. During fuzzing a timeout failure causes the fuzzer to skip to the next test case. The default value is 10000. Receive Timeout (ReceiveTimeout) Duration, in milliseconds, to wait for incoming data. Timing starts by issuing a read request and ends when the client receives the requested data. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is 3000. Send Timeout (SendTimeout) Duration, in milliseconds, to wait for a send request to complete. Timing starts by issuing a send request and ends when the send operation occurs. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is -1. 15

5. TLS-1.1 Client Configuration This pit configuration enables the target to perform a TLS connection without client certificate verification. For TLS connections with client certificate verification see the SSL TLS-1.1 Client Verify pit. Only a single cipher suite is currently supported by the SSL TLS pits, RSA-SHA-AES128. The client target must be configured to accept this cipher suite. After the TLS connection is established the PIT will sent an Alert disconnect message and close the connection. The SSL private key for the server must NOT be password protected. This file is specified using the Server Key parameter. In configuring this pit, the user might need to supply network-centric information for the test target or the local host that runs Peach, such as the following: Name of the network interface Machine address (MAC) of the communications channel IPv4 and/or IPv6 addresses of the communications channel The topic Retrieving Machine Information describes how to find these items in the Peach-supported operating systems. 5.1. Generating Keys and Certificates OpenSSL can be used to generate a working set of keys and certificates for use with this pit. 16

7. ca.conf: [ ca ] default_ca = ca_default [ ca_default ] dir =./ certs = $dir new_certs_dir = $dir database = ca-db-index serial = ca-db-serial RANDFILE = ca-db-rand certificate = ca-cert.pem private_key = ca-key.pem default_days = 365 default_crl_days = 365 default_md = md5 preserve = no policy = generic_policy [ generic_policy ] countryname = optional stateorprovincename = optional localityname = optional organizationname = optional organizationalunitname = optional commonname = supplied emailaddress = optional The following commands are given in the Unix/Linux style; but, can be performed also from Windows with minor adjustments. During the certificate generation process, OpenSSL prompts for some input. In almost all cases, the default values can be used. The only exception is the Common Name (CN). For the first certificate, the value of CN should be the server address. For the second certificate, the value of CN should be the client name. 17

8. Generate Keys and Certificates mkdir certs cd certs cp../ca.conf. echo 01 > ca-db-serial # Certificate Authority openssl req -nodes -x509 -newkey rsa:2048 -days 365 -keyout ca-key.pem -out ca-cert.pem # Server Certificate openssl req -nodes -new -newkey rsa:2048 -keyout server-key.pem -out server.csr # Sign Server Certificate openssl ca -config ca.conf -days 365 -in server.csr -out server-cert.pem # Client Certificate openssl req -nodes -new -newkey rsa:2048 -keyout client-key.pem -out client.csr # Sign Client Certificate openssl ca -config ca.conf -days 365 -in client.csr -out client-cert.pem 5.2. Required Pit Configuration Changes Server Certificate (ServerCert) Full path to the file containing SSL certificates for the server using PEM format. Server Key (ServerKey) Full path to the file containing the SSL private key for the server using PEM format. The key file must not be password protected. CA Certificate (CaCert) Full path to the file containing the CA certificate used to verify clients. 5.3. Optional Pit Configuration Changes Listen IPv4 Address (ListenIPv4) Interface on the local machine that Peach uses to listen for incoming connections. The default value 0.0.0.0 causes Peach to listen on all interfaces. Listen Port (ListenPort) Port on the local machine that Peach uses to listen for incoming connections. The default value is 18

443. Accept Timeout (AcceptTimeout) Duration, in milliseocnds, to wait for an incoming connection to complete. The value -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is 5000 ms. Receive Timeout (ReceiveTimeout) Duration, in milliseconds, to wait for incoming data. Timing starts by issuing a read request and ends when the client receives the requested data. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is 3000. Send Timeout (SendTimeout) Duration, in milliseconds, to wait for a send request to complete. Timing starts by issuing a send request and ends when the send operation occurs. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is -1. 19

6. TLS-1.1 Client Verify Configuration This pit configuration enables the target to perform a TLS connection with client certificate verification. For TLS connections without client certificate verification, see the SSL TLS-1.1 Client pit. Only a single cipher suite is currently supported by the SSL TLS pits, RSA-SHA-AES128. The client target must be configured to accept this cipher suite. After the TLS connection is established, the Pit sends an Alert disconnect message and closes the connection. When requesting a certificate from the client, the server requests a certificate before finishing the hello dialog, then receives the certificate and verification of the certificate in subsequent packets. The SSL private key for the server must NOT be password protected. This file is specified using the Server Key parameter. In configuring this pit, the user might need to supply network-centric information for the test target or the local host that runs Peach, such as the following: Name of the network interface Machine address (MAC) of the communications channel IPv4 and/or IPv6 addresses of the communications channel The topic Retrieving Machine Information describes how to find these items in the Peach-supported operating systems. 6.1. Generating Keys and Certificates OpenSSL can be used to generate a working set of keys and certificates for use with this pit. 20

9. ca.conf: [ ca ] default_ca = ca_default [ ca_default ] dir =./ certs = $dir new_certs_dir = $dir database = ca-db-index serial = ca-db-serial RANDFILE = ca-db-rand certificate = ca-cert.pem private_key = ca-key.pem default_days = 365 default_crl_days = 365 default_md = md5 preserve = no policy = generic_policy [ generic_policy ] countryname = optional stateorprovincename = optional localityname = optional organizationname = optional organizationalunitname = optional commonname = supplied emailaddress = optional The following commands are given in the Unix/Linux style; but, can be performed also from Windows with minor adjustments. During the certificate generation process, OpenSSL prompts for some input. In almost all cases, the default values can be used. The only exception is the Common Name (CN). For the first certificate, the value of CN should be the server address. For the second certificate, the value of CN should be the client name. 21

10. Generate Keys and Certificates mkdir certs cd certs cp../ca.conf. echo 01 > ca-db-serial # Certificate Authority openssl req -nodes -x509 -newkey rsa:2048 -days 365 -keyout ca-key.pem -out ca-cert.pem # Server Certificate openssl req -nodes -new -newkey rsa:2048 -keyout server-key.pem -out server.csr # Sign Server Certificate openssl ca -config ca.conf -days 365 -in server.csr -out server-cert.pem # Client Certificate openssl req -nodes -new -newkey rsa:2048 -keyout client-key.pem -out client.csr # Sign Client Certificate openssl ca -config ca.conf -days 365 -in client.csr -out client-cert.pem 6.2. Required Pit Configuration Changes Server Certificate (ServerCert) Full path to the file containing SSL certificates for the server using PEM format. Server Key (ServerKey) Full path to the file containing the SSL private key for the server using PEM format. The key file must not be password protected. CA Certificate (CaCert) Full path to the file containing the CA certificate used to verify clients. 6.3. Optional Pit Configuration Changes Listen IPv4 Address (ListenIPv4) Interface on the local machine that Peach uses to listen for incoming connections. The default value 0.0.0.0 causes Peach to listen on all interfaces. Listen Port (ListenPort) Port on the local machine that Peach uses to listen for incoming connections. The default value is 22

443. Accept Timeout (AcceptTimeout) Duration, in milliseocnds, to wait for an incoming connection to complete. The value -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is 5000 ms. Receive Timeout (ReceiveTimeout) Duration, in milliseconds, to wait for incoming data. Timing starts by issuing a read request and ends when the client receives the requested data. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is 3000. Send Timeout (SendTimeout) Duration, in milliseconds, to wait for a send request to complete. Timing starts by issuing a send request and ends when the send operation occurs. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is -1. 23

7. TLS-1.1 Server Configuration This pit configuration enables the target to accept a TLS connection with or without client certificate verification. Our recommendation is to test both configurations. Only a single cipher suite is currently supported by the SSL TLS pits, RSA-SHA-AES128. The server target must be configured to accept this cipher suite. After the TLS connection is established, the Pit sends an Alert disconnect message and closes the connection. The SSL private key for the client must NOT be password protected. This file is specified using the Client Key parameter. In configuring this pit, the user might need to supply network-centric information for the test target or the local host that runs Peach, such as the following: Name of the network interface Machine address (MAC) of the communications channel IPv4 and/or IPv6 addresses of the communications channel The topic Retrieving Machine Information describes how to find these items in the Peach-supported operating systems. 7.1. Generating Keys and Certificates OpenSSL can be used to generate a working set of keys and certificates for use with this pit. 24

11. ca.conf: [ ca ] default_ca = ca_default [ ca_default ] dir =./ certs = $dir new_certs_dir = $dir database = ca-db-index serial = ca-db-serial RANDFILE = ca-db-rand certificate = ca-cert.pem private_key = ca-key.pem default_days = 365 default_crl_days = 365 default_md = md5 preserve = no policy = generic_policy [ generic_policy ] countryname = optional stateorprovincename = optional localityname = optional organizationname = optional organizationalunitname = optional commonname = supplied emailaddress = optional The following commands are given in the Unix/Linux style; but, can be performed also from Windows with minor adjustments. During the certificate generation process, OpenSSL prompts for some input. In almost all cases, the default values can be used. The only exception is the Common Name (CN). For the first certificate, the value of CN should be the server address. For the second certificate, the value of CN should be the client name. 25

12. Generate Keys and Certificates mkdir certs cd certs cp../ca.conf. echo 01 > ca-db-serial # Certificate Authority openssl req -nodes -x509 -newkey rsa:2048 -days 365 -keyout ca-key.pem -out ca-cert.pem # Server Certificate openssl req -nodes -new -newkey rsa:2048 -keyout server-key.pem -out server.csr # Sign Server Certificate openssl ca -config ca.conf -days 365 -in server.csr -out server-cert.pem # Client Certificate openssl req -nodes -new -newkey rsa:2048 -keyout client-key.pem -out client.csr # Sign Client Certificate openssl ca -config ca.conf -days 365 -in client.csr -out client-cert.pem 7.2. Required Pit Configuration Changes Target IPv4 Address (TargetIPv4) IPv4 address of the target machine. Client Certificate (ClientCert) Full path to the file containing the SSL certificate for the client using PEM format. Client Key(TLS_ClientKey) Full path to the file containing the SSL private key for the client using PEM format. The key must not be password protected. 7.3. Optional Pit Configuration Changes Target Port (TargetPort) Port number the target machine uses to receive messages. The default value is 443. Connect Timeout (ConnectTimeout) Duration, in milliseconds, for an outgoing connection to complete. Timing starts when the client requests a connection and ends when the client receives the server s response. A value of -1 extends 26

the duration to infinity. During fuzzing a timeout failure causes the fuzzer to skip to the next test case. The default value is 10000. Receive Timeout (ReceiveTimeout) Duration, in milliseconds, to wait for incoming data. Timing starts by issuing a read request and ends when the client receives the requested data. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is 3000. Send Timeout (SendTimeout) Duration, in milliseconds, to wait for a send request to complete. Timing starts by issuing a send request and ends when the send operation occurs. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is -1. 27

8. TLS-1.2 Client Configuration This pit configuration enables the target to perform a TLS connection without client certificate verification. For TLS connections with client certificate verification, see the SSL TLS-1.2 Client Verify pit. Only a single cipher suite is currently supported by the SSL TLS pits, RSA-SHA-AES128. The client target must be configured to accept this cipher suite. After the TLS connection is established, the Pit sends an Alert disconnect message and closes the connection. The SSL private key for the server must NOT be password protected. This file is specified using the Server Key parameter. In configuring this pit, the user might need to supply network-centric information for the test target or the local host that runs Peach, such as the following: Name of the network interface Machine address (MAC) of the communications channel IPv4 and/or IPv6 addresses of the communications channel The topic Retrieving Machine Information describes how to find these items in the Peach-supported operating systems. 8.1. Generating Keys and Certificates OpenSSL can be used to generate a working set of keys and certificates for use with this pit. 28

13. ca.conf: [ ca ] default_ca = ca_default [ ca_default ] dir =./ certs = $dir new_certs_dir = $dir database = ca-db-index serial = ca-db-serial RANDFILE = ca-db-rand certificate = ca-cert.pem private_key = ca-key.pem default_days = 365 default_crl_days = 365 default_md = md5 preserve = no policy = generic_policy [ generic_policy ] countryname = optional stateorprovincename = optional localityname = optional organizationname = optional organizationalunitname = optional commonname = supplied emailaddress = optional The following commands are given in the Unix/Linux style; but, can be performed also from Windows with minor adjustments. During the certificate generation process, OpenSSL prompts for some input. In almost all cases, the default values can be used. The only exception is the Common Name (CN). For the first certificate, the value of CN should be the server address. For the second certificate, the value of CN should be the client name. 29

14. Generate Keys and Certificates mkdir certs cd certs cp../ca.conf. echo 01 > ca-db-serial # Certificate Authority openssl req -nodes -x509 -newkey rsa:2048 -days 365 -keyout ca-key.pem -out ca-cert.pem # Server Certificate openssl req -nodes -new -newkey rsa:2048 -keyout server-key.pem -out server.csr # Sign Server Certificate openssl ca -config ca.conf -days 365 -in server.csr -out server-cert.pem # Client Certificate openssl req -nodes -new -newkey rsa:2048 -keyout client-key.pem -out client.csr # Sign Client Certificate openssl ca -config ca.conf -days 365 -in client.csr -out client-cert.pem 8.2. Required Pit Configuration Changes Server Certificate (ServerCert) Full path to the file containing SSL certificates for the server using PEM format. Server Key (ServerKey) Full path to the file containing the SSL private key for the server using PEM format. The key file must not be password protected. CA Certificate (CaCert) Full path to the file containing the CA certificate used to verify clients. 8.3. Optional Pit Configuration Changes Listen IPv4 Address (ListenIPv4) Interface on the local machine that Peach uses to listen for incoming connections. The default value 0.0.0.0 causes Peach to listen on all interfaces. Listen Port (ListenPort) Port on the local machine that Peach uses to listen for incoming connections. The default value is 30

443. Accept Timeout (AcceptTimeout) Duration, in milliseocnds, to wait for an incoming connection to complete. The value -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is 5000 ms. Receive Timeout (ReceiveTimeout) Duration, in milliseconds, to wait for incoming data. Timing starts by issuing a read request and ends when the client receives the requested data. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is 3000. Send Timeout (SendTimeout) Duration, in milliseconds, to wait for a send request to complete. Timing starts by issuing a send request and ends when the send operation occurs. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is -1. 31

9. TLS-1.2 Client Verify Configuration This pit configuration enables the target to perform a TLS connection with client certificate verification. For TLS connections without client certificate verification see the SSL TLS-1.2 Client pit. Only a single cipher suite is currently supported by the SSL TLS pits, RSA-SHA-AES128. The client target must be configured to accept this cipher suite. After the TLS connection is established, the Pit sends an Alert disconnect message and closes the connection. When requesting a certificate from the client, the server requests a certificate before finishing the hello dialog, then receives the certificate and verification of the certificate in subsequent packets. The SSL private key for the server must NOT be password protected. This file is specified using the Server Key parameter. In configuring this pit, the user might need to supply network-centric information for the test target or the local host that runs Peach, such as the following: Name of the network interface Machine address (MAC) of the communications channel IPv4 and/or IPv6 addresses of the communications channel The topic Retrieving Machine Information describes how to find these items in the Peach-supported operating systems. 9.1. Generating Keys and Certificates OpenSSL can be used to generate a working set of keys and certificates for use with this pit. 32

15. ca.conf: [ ca ] default_ca = ca_default [ ca_default ] dir =./ certs = $dir new_certs_dir = $dir database = ca-db-index serial = ca-db-serial RANDFILE = ca-db-rand certificate = ca-cert.pem private_key = ca-key.pem default_days = 365 default_crl_days = 365 default_md = md5 preserve = no policy = generic_policy [ generic_policy ] countryname = optional stateorprovincename = optional localityname = optional organizationname = optional organizationalunitname = optional commonname = supplied emailaddress = optional The following commands are given in the Unix/Linux style; but, can be performed also from Windows with minor adjustments. During the certificate generation process, OpenSSL prompts for some input. In almost all cases, the default values can be used. The only exception is the Common Name (CN). For the first certificate, the value of CN should be the server address. For the second certificate, the value of CN should be the client name. 33

16. Generate Keys and Certificates mkdir certs cd certs cp../ca.conf. echo 01 > ca-db-serial # Certificate Authority openssl req -nodes -x509 -newkey rsa:2048 -days 365 -keyout ca-key.pem -out ca-cert.pem # Server Certificate openssl req -nodes -new -newkey rsa:2048 -keyout server-key.pem -out server.csr # Sign Server Certificate openssl ca -config ca.conf -days 365 -in server.csr -out server-cert.pem # Client Certificate openssl req -nodes -new -newkey rsa:2048 -keyout client-key.pem -out client.csr # Sign Client Certificate openssl ca -config ca.conf -days 365 -in client.csr -out client-cert.pem 9.2. Required Pit Configuration Changes Server Certificate (ServerCert) Full path to the file containing SSL certificates for the server using PEM format. Server Key (ServerKey) Full path to the file containing the SSL private key for the server using PEM format. The key file must not be password protected. CA Certificate (CaCert) Full path to the file containing the CA certificate used to verify clients. 9.3. Optional Pit Configuration Changes Listen IPv4 Address (ListenIPv4) Interface on the local machine that Peach uses to listen for incoming connections. The default value 0.0.0.0 causes Peach to listen on all interfaces. Listen Port (ListenPort) Port on the local machine that Peach uses to listen for incoming connections. The default value is 34

443. Accept Timeout (AcceptTimeout) Duration, in milliseocnds, to wait for an incoming connection to complete. The value -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is 5000 ms. Receive Timeout (ReceiveTimeout) Duration, in milliseconds, to wait for incoming data. Timing starts by issuing a read request and ends when the client receives the requested data. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is 3000. Send Timeout (SendTimeout) Duration, in milliseconds, to wait for a send request to complete. Timing starts by issuing a send request and ends when the send operation occurs. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is -1." 35

10. TLS-1.2 Server Configuration This pit configuration enables the target to accept a TLS connection with or without client certificate verification. Our recommendation is to test both configurations. Only a single cipher suite is currently supported by the SSL TLS pits, RSA-SHA-AES128. The server target must be configured to accept this cipher suite. After the TLS connection is established, the Pit sends an Alert disconnect message and closes the connection. The SSL private key for the client must NOT be password protected. This file is specified using the Client Key parameter. In configuring this pit, the user might need to supply network-centric information for the test target or the local host that runs Peach, such as the following: Name of the network interface Machine address (MAC) of the communications channel IPv4 and/or IPv6 addresses of the communications channel The topic Retrieving Machine Information describes how to find these items in the Peach-supported operating systems. 10.1. Generating Keys and Certificates OpenSSL can be used to generate a working set of keys and certificates for use with this pit. 36

17. ca.conf: [ ca ] default_ca = ca_default [ ca_default ] dir =./ certs = $dir new_certs_dir = $dir database = ca-db-index serial = ca-db-serial RANDFILE = ca-db-rand certificate = ca-cert.pem private_key = ca-key.pem default_days = 365 default_crl_days = 365 default_md = md5 preserve = no policy = generic_policy [ generic_policy ] countryname = optional stateorprovincename = optional localityname = optional organizationname = optional organizationalunitname = optional commonname = supplied emailaddress = optional The following commands are given in the Unix/Linux style; but, can be performed also from Windows with minor adjustments. During the certificate generation process, OpenSSL prompts for some input. In almost all cases, the default values can be used. The only exception is the Common Name (CN). For the first certificate, the value of CN should be the server address. For the second certificate, the value of CN should be the client name. 37

18. Generate Keys and Certificates mkdir certs cd certs cp../ca.conf. echo 01 > ca-db-serial # Certificate Authority openssl req -nodes -x509 -newkey rsa:2048 -days 365 -keyout ca-key.pem -out ca-cert.pem # Server Certificate openssl req -nodes -new -newkey rsa:2048 -keyout server-key.pem -out server.csr # Sign Server Certificate openssl ca -config ca.conf -days 365 -in server.csr -out server-cert.pem # Client Certificate openssl req -nodes -new -newkey rsa:2048 -keyout client-key.pem -out client.csr # Sign Client Certificate openssl ca -config ca.conf -days 365 -in client.csr -out client-cert.pem 10.2. Required Pit Configuration Changes Target IPv4 Address (TargetIPv4) IPv4 address of the target machine. Client Certificate (ClientCert) Full path to the file containing the SSL certificate for the client using PEM format. Client Key(TLS_ClientKey) Full path to the file containing the SSL private key for the client using PEM format. The key must not be password protected. 10.3. Optional Pit Configuration Changes Target Port (TargetPort) Port number the target machine uses to receive messages. The default value is 443. Connect Timeout (ConnectTimeout) Duration, in milliseconds, for an outgoing connection to complete. Timing starts when the client requests a connection and ends when the client receives the server s response. A value of -1 extends 38

the duration to infinity. During fuzzing a timeout failure causes the fuzzer to skip to the next test case. The default value is 10000. Receive Timeout (ReceiveTimeout) Duration, in milliseconds, to wait for incoming data. Timing starts by issuing a read request and ends when the client receives the requested data. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is 3000. Send Timeout (SendTimeout) Duration, in milliseconds, to wait for a send request to complete. Timing starts by issuing a send request and ends when the send operation occurs. A value of -1 extends the duration to infinity. During fuzzing, a timeout failure causes the fuzzer to skip to the next test case. The default value is -1. 39

11. Retrieving Machine Information Interface names, hardware addresses, and IP addresses are used when fuzzing network protocols. Windows, Linux, and OS X each have their idiosynchrasies in reporting machine configuration details. This appendix provides an example of retrieving the machine information Interface name, MAC address, and IP v4 and v6 addresses from each of the operating systems. 11.1. Windows In Windows, ipconfig runs from the command line interface. Using the all parameter, ipconfig /all, displays the pieces of information. The following illustration calls out instances of the Interface name, MAC address, and IP addresses. 40

Figure 1. ipconfig //all command Interface Name The interface name is part of the main entry on the line not indented and immediately follows the word "adapter". The previous illustration identifies two interfaces "Local Area Conection 2" and "Ethernet". The Interface name does not include the asterisk (*). You need to remove the asterisk, if present, when specifying the interface name to Peach. MAC Address The MAC address, labeled the "Physical Address" by ipconfig, is the address of the hardware interface. The entry is just a few lines into the detail, as shown in the previous illustration. 41

IPv4 Address The IP v4 address is the value labeled "IPv4 Address". The previous illustration calls out the IP v4 Address of the Ethernet interface. IPv6 Address The IP v6 address is the value labeled "Link-local IPv6 Address". The previous illustration calls out the IP v6 Address of the Ethernet interface. You can confirm the correctness of an IP v4 or IP v6 address by using ping or ping -6 followed by the appropriate IP address. For IP v6, the value fe80 in the leftmost block of hex digits indicates a link local address (i.e. a local network). 11.2. Linux In Linux, ifconfig provides all of the needed information. The main entries reported by ifconfig identify each addapter by name, type, and other attributes. The following illustration calls out instances of the Interface name, MAC address, and IP addresses. 42

Figure 2. Linux ifconfig command Interface Name The interface name is in leftmost column. Additional details are provided on indented lines. The previous illustration calls out the "eth0" and "lo" interfaces. The MAC address The MAC address is labeled with "HWaddr", and is located on the first line of the interface entry. The previous illustration calls out the MAC address of the "eth0" interface. IPv4 Address The IP v4 address is labeled with "inet addr", and is located in one of the first detail lines. The previous illustration calls out the IP v4 address of the "eth0" interface. 43

IPv6 Address The IP v6 address is labeled with "inet6 addr", and is follows the IP v4 address in the listing detail. The previous illustration calls out the IP v6 address of the "eth0" interface. You can confirm the correctness of an IP v4 or IP v6 address by using ping or ping6 followed by the appropriate IP address. For IP v6, the value fe80 in the leftmost block of hex digits indicates a link local address (i.e. a local network). 11.3. OS X In OS X, ifconfig provides all of the needed information. The main entries reported by ifconfig identify each addapter by name, type, and other attributes. The following illustration calls out instances of the Interface name, MAC address, and IP addresses. Figure 3. OS X ifconfig command Interface Name The interface name is in leftmost column. Additional details are provided on indented lines. The previous illustration calls out the "en0" and "en1" interfaces. MAC Address The MAC address is labeled with "ether", and is located on the first line of the interface entry. The 44

previous illustration calls out the MAC address of the "en0" and "en1" interfaces. IPv4 Address The IP v4 address is labeled with "inet ", and is located further down in the interface details. The previous illustration calls out the IP v4 address of the "en1" interface. IPv6 Address The IP v6 address is labeled with "inet6 ", and is located further down in the interface details. The previous illustration calls out the IP v4 address of the "en1" interface. You can confirm the correctness of an IP v4 or IP v6 address by using ping or ping6 followed by the appropriate IP address. For IP v6, the value fe80 in the leftmost block of hex digits indicates a link local address (i.e. a local network). 45