Add DTLS 1.2 wolfSSL Client/Server Cert Req / NReq arg files

[c-southwest]

Currently, I added wolfSSL DTLS 1.2 Client Cert Req / NReq arg files

I don't know how to name these files, so I use 'x' as a placeholder.

Also, wolfSSL 5.7.6 is the default version, so we don't need to specify version number manually.

And I tested that we can complete handshake with the following tests:

to test wolfSSL 5.7.6 client cert req

java -jar target/dtls-fuzzer.jar args/wolfssl/learn_wolfssl_client_x_cert_req -test examples/tests/clients/x_cert_req

to test wolfSSL 5.7.6 client cert nreq

java -jar target/dtls-fuzzer.jar args/wolfssl/learn_wolfssl_client_x_cert_nreq -test examples/tests/clients/x_cert_nreq

[c-southwest]

I added DTLS 1.2 server cert req / nreq arg files.
And I can complete handshake with the follow tests:

to test wolfSSL 5.7.6 server cert req

java -jar target/dtls-fuzzer.jar args/wolfssl/learn_wolfssl_server_x_cert_req -test examples/tests/servers/x_cert_req

to test wolfSSL 5.7.6 server cert nreq

java -jar target/dtls-fuzzer.jar args/wolfssl/learn_wolfssl_server_x_cert_nreq -test examples/tests/servers/x_cert_nreq

[c-southwest]

I use the following command:
java -jar target/dtls-fuzzer.jar args/wolfssl/learn_wolfssl_client_x_cert_req -eqvThreads 8

and I get the following output (about 10 hours for the full learning):
wolfssl-5.7.6_client_x_cert_req.zip

And it costs about 78 minutes to get the last hypothesis.

=== STATISTICS ===
Learning finished: true
Size of the input alphabet: 12
Number of states: 47
Number of hypotheses: 36
Number of inputs: 751261
Number of tests: 49972
Number of learning inputs: 9266
Number of learning tests: 1653
Number of inputs up to last hypothesis: 242769
Number of tests up to last hypothesis: 13437
Time (ms) to learn model: 35502624
Number of inputs when hypothesis was generated: [12, 497, 1268, 1631, 2225, 3104, 3934, 5578, 6378, 7625, 8614, 9868, 10715, 11630, 12379, 13116, 14334, 15403, 16740, 17403, 19294, 21763, 23221, 29284, 30930, 32839, 34081, 41006, 41873, 46228, 51121, 52959, 66478, 108000, 116229, 242769]
Number of tests when hypothesis was generated: [12, 87, 183, 245, 326, 412, 497, 655, 730, 901, 986, 1067, 1143, 1224, 1293, 1358, 1466, 1546, 1666, 1727, 1849, 2004, 2109, 2439, 2541, 2659, 2741, 3119, 3207, 3482, 3768, 3914, 4623, 6700, 7192, 13437]
Time (ms) when hypothesis was generated: [6711, 56981, 116246, 160536, 213025, 263318, 308501, 422415, 476937, 650835, 742950, 809055, 867696, 924122, 978778, 1030479, 1137082, 1198519, 1322278, 1373445, 1457353, 1532807, 1597871, 1709083, 1775579, 1835308, 1897245, 2030633, 2091572, 2192820, 2301088, 2462500, 2646524, 3115076, 3352673, 4702966]
Number of inputs when counterexample was found: [393, 1102, 1481, 2058, 2936, 3787, 5177, 6206, 6920, 8239, 9627, 10493, 11429, 12191, 12943, 13919, 15189, 16239, 17212, 19054, 21553, 23035, 29072, 30715, 32660, 33885, 40739, 41656, 46014, 50892, 52340, 66274, 107777, 115535, 242521]
Number of tests when counterexample was found: [41, 135, 201, 273, 370, 460, 577, 694, 763, 933, 1035, 1102, 1185, 1257, 1326, 1401, 1511, 1592, 1696, 1814, 1969, 2073, 2408, 2513, 2630, 2715, 3088, 3158, 3432, 3726, 3827, 4585, 6675, 7083, 13407]
Time (ms) when counterexample was found: [28253, 71712, 120862, 168848, 221741, 273474, 324997, 435607, 484761, 660820, 755835, 815680, 877139, 934348, 990383, 1042375, 1150063, 1210806, 1329680, 1403392, 1484690, 1555031, 1661010, 1726956, 1794920, 1853143, 1972067, 2040434, 2141386, 2248650, 2323627, 2598955, 3066710, 3194837, 4648763]

Also, after generating PDF I didn't see happy path, so I also added the happy path.

For your convenience, the happy path looks like this:
I checked the DOT file, and only State 15 and State 34 can transition to State 34.

[c-southwest]

I got different number of states and hypotheses that you mentioned in email:

FYI: After running for more than 14 hours, I got numbers for DTLS~1.2
client CERT_OPT

They are 35 hypotheses, 32 states, 43761 tests in 493.44 minutes.

I use command:
java -jar target/dtls-fuzzer.jar args/wolfssl/learn_wolfssl_client_x_cert_nreq -eqvThreads 8

I get the following output (about 4.44 hours for the full learning):
wolfssl-5.7.6_client_x_cert_nreq.zip

And it costs about 24.65 minutes to get the last hypothesis.

=== STATISTICS ===
Learning finished: true
Size of the input alphabet: 11
Number of states: 28
Number of hypotheses: 22
Number of inputs: 465296
Number of tests: 29902
Number of learning inputs: 4244
Number of learning tests: 850
Number of inputs up to last hypothesis: 37618
Number of tests up to last hypothesis: 2648
Time (ms) to learn model: 15991458
Number of inputs when hypothesis was generated: [11, 541, 1308, 1909, 2409, 3308, 4282, 4899, 6064, 6830, 7868, 8940, 9903, 10632, 11302, 12655, 13747, 17280, 18363, 23184, 24517, 37618]
Number of tests when hypothesis was generated: [11, 86, 170, 241, 314, 434, 531, 600, 698, 759, 834, 946, 1021, 1082, 1143, 1234, 1310, 1525, 1606, 1891, 1983, 2648]
Time (ms) when hypothesis was generated: [6166, 46191, 108364, 152450, 201212, 310347, 397570, 442777, 526289, 572045, 638965, 747883, 807223, 846191, 887486, 954183, 1005389, 1075793, 1122631, 1260788, 1312237, 1479298]
Number of inputs when counterexample was found: [446, 1160, 1768, 2261, 2898, 3959, 4738, 5764, 6672, 7679, 8540, 9737, 10504, 11164, 12441, 13570, 17151, 18214, 22836, 24374, 37450]
Number of tests when counterexample was found: [44, 127, 200, 267, 348, 470, 562, 649, 734, 807, 869, 984, 1057, 1115, 1206, 1287, 1494, 1577, 1837, 1956, 2627]
Time (ms) when counterexample was found: [19384, 66988, 114871, 160223, 210076, 320637, 403222, 456795, 535295, 596634, 649552, 766584, 816214, 854035, 905591, 965842, 1044299, 1087235, 1180199, 1278101, 1442251]

I also added the happy path, and it looks like:

[kostis]

Thanks for these results. Indeed, I also get different results (for some configurations) depending on the machine I use, so there seems to be some non-determinism (and sometimes some warnings/crashes) either due to the timeout values used, due to the DTLS 1.2 SUT, or some other unknown issue.

Before we investigate this further, I suggest we first check the files in this PR. I've requested a review from @pfg666 once he finds some time or is back from vacations.

[pfg666]

Here are my findings so far:

• there is a slight chance that you will not complete a DTLS 1.2 handshake using a DHE ciphersuite (about 7 in 1000), this can be addressed by running queries multiple times, but it may reflect that either there is something wrong in DTLS-Fuzzer/TLS-Attacker or there is something wrong in wolfSSL (which I believe is more likely)
• completing a handshake using PSK is completely deterministic (1000 out of 1000 times), I suspect the learning is as well
• the older versions of wolfSSL did not even support DHE handshakes
• in order to check if the problem was on our side, I tried to learn/test the latest version of wolfSSL using an older version of DTLS-Fuzzer (the one used in the NDSS artifact), unfortunately, after half a day spent, I was unable to get it to work. wolfSSL seems to get stuck processing my ServerKeyExchange, producing no error messages at all. It may be the fault of TLS-Attacker, as it was an old version not properly supporting everything.

I suspect the cause of non-determinism lies in wolfSSL, as its support for completing a handshake with certificates via the client utility is recent. Of course, more investigation is needed. For now, I will try learning using the multi-query oracle, and check whether I get consistent results (two experiments for the same configuration result in the same results). If that's the case, then it might be worth changing all experiments in the paper to use multi-query oracle.