Trex astf support for TLS1.3 simulation for https payload
243 views
Skip to first unread message
siva prasad
Sep 26, 2023, 6:57:39 AM9/26/23
to TRex Traffic Generator
Hi,
I am currently using the latest TRex version, v3.04, which includes Scapy version 2.4.3. In our specific scenario, we are testing Deep Packet Inspection (DPI) functionality with a 5G User Plane Function (UPF) in a real-time environment using TRex.
Now, I need to send a GTP-U encapsulated packet with TLS 1.3 payload (encrypted HTTPS application data). It seems that this requires performing a complete TLS handshake with the encryption of HTTPS application data, which typically involves using OpenSSL.
As I go through the documentation, it mentions that TRex can handle TLS traffic, but I have a few questions regarding the specifics
Now, I need to send a GTP-U encapsulated packet with TLS 1.3 payload (encrypted HTTPS application data). It seems that this requires performing a complete TLS handshake with the encryption of HTTPS application data, which typically involves using OpenSSL.
As I go through the documentation, it mentions that TRex can handle TLS traffic, but I have a few questions regarding the specifics
Emulate L7 application, e.g. HTTP/HTTPS/Citrix- there is no need to implement the exact application.
Simulate L7 application on top of TLS using OpenSSL
On radar
TLS support
I'm unsure which version of TRex the above statements are applicable to. Are these features available in version 3.04, or is there a different version that provides better TLS support?
While exploring the "astf" (Advanced Stateful Traffic Feature) folder, I noticed a file named "http_https.py." It seems like this profile is primarily used for replaying a pcap file. Could you confirm if my understanding is correct? Are there any profiles available that demonstrate a complete TLS handshake?
Does Scapy version 2.4.3 support TLS 1.3?
I would greatly appreciate it if someone could provide guidance or pointers on where to look for generating TLS 1.3 traffic for HTTPS application data within the TRex environment.
While exploring the "astf" (Advanced Stateful Traffic Feature) folder, I noticed a file named "http_https.py." It seems like this profile is primarily used for replaying a pcap file. Could you confirm if my understanding is correct? Are there any profiles available that demonstrate a complete TLS handshake?
Does Scapy version 2.4.3 support TLS 1.3?
I would greatly appreciate it if someone could provide guidance or pointers on where to look for generating TLS 1.3 traffic for HTTPS application data within the TRex environment.
siva prasad
Sep 27, 2023, 9:01:46 AM9/27/23
to TRex Traffic Generator
Hi ,
TLS is supported natively in ASTF?
Trex supports encryption & decryption ?
Does it handle complete handshake of tlsv1.3 ?
Best Regards,
Siva
hanoh haim
Sep 28, 2023, 6:27:10 AM9/28/23
to siva prasad, TRex Traffic Generator
Hi Siva,
TLS (openSSL integration) are not supported
Thanks
Hanoh
--
You received this message because you are subscribed to the Google Groups "TRex Traffic Generator" group.
To unsubscribe from this group and stop receiving emails from it, send an email to trex-tgn+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/trex-tgn/d3fc05da-8cd8-44bc-aa24-7b2b3f25b832n%40googlegroups.com.
Hanoh
Sent from my iPhoneReply all
Reply to author
Forward
0 new messages