2006-02-06 01:14:36 +00:00
|
|
|
/* packet-ssl-utils.h
|
2008-07-12 14:42:14 +00:00
|
|
|
* ssl manipulation functions
|
|
|
|
|
* By Paolo Abeni <paolo.abeni@email.com>
|
2006-02-04 23:44:05 +00:00
|
|
|
*
|
2008-07-12 14:42:14 +00:00
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
|
|
|
|
* Copyright 1998 Gerald Combs
|
2006-02-04 23:44:05 +00:00
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
2012-06-28 22:56:06 +00:00
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
2006-02-04 23:44:05 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifndef __SSL_UTILS_H_
|
|
|
|
|
#define __SSL_UTILS_H_
|
|
|
|
|
|
2013-12-12 23:11:04 +00:00
|
|
|
#include <stdio.h> /* some APIs we declare take a stdio stream as an argument */
|
2011-12-16 00:50:47 +00:00
|
|
|
|
2006-02-04 23:44:05 +00:00
|
|
|
#include <glib.h>
|
2006-08-02 13:23:57 +00:00
|
|
|
#include <epan/packet.h>
|
2013-12-06 23:55:08 +00:00
|
|
|
#include <epan/prefs.h>
|
2013-07-31 15:32:42 +00:00
|
|
|
#include <epan/wmem/wmem.h>
|
2013-12-23 20:42:28 +00:00
|
|
|
#include <epan/expert.h>
|
2015-02-05 18:54:52 +00:00
|
|
|
#include <epan/conversation.h>
|
2014-04-11 20:24:23 +00:00
|
|
|
#include <wsutil/wsgcrypt.h>
|
2006-02-04 23:44:05 +00:00
|
|
|
|
2010-04-04 02:25:32 +00:00
|
|
|
#ifdef HAVE_LIBGNUTLS
|
2006-02-04 23:44:05 +00:00
|
|
|
#include <gnutls/x509.h>
|
2008-01-03 08:24:33 +00:00
|
|
|
#include <gnutls/pkcs12.h>
|
2014-04-11 20:24:23 +00:00
|
|
|
#endif /* HAVE_LIBGNUTLS */
|
2006-02-04 23:44:05 +00:00
|
|
|
|
2014-04-11 13:20:00 +00:00
|
|
|
#ifdef HAVE_LIBGCRYPT
|
2006-02-04 23:44:05 +00:00
|
|
|
#define SSL_CIPHER_CTX gcry_cipher_hd_t
|
ssl-utils: allow gcrypt without GnuTLS, improve structure
Fix distinction between HAVE_LIBGNUTLS and HAVE_LIBGCRYPT. If GnuTLS is
unavailable, then the only missing feature is decryption using an RSA
private key file. Regardless of GnuTLS, allow SSL decryption (e.g. using
a SSL key log file or a PSK configured via preferences).
This change has no functional effect when GnuTLS and gcrypt are both
available (or not). Additionally, decryption is possible if only
libgcrypt is available.
Further changes to make ssl-utils more maintainable and documented:
- Group related functions, add markers and documentation. The following
functions are moved (with no further modifications):
- ssl_data_realloc, ssl_data_copy: related to StringInfo.
- ssl_change_cipher, ssl_create_flow: related to the decryption of a
session.
- ssl_decompress_record: related to Record Decompression.
- ssl_lib_init: moved to an arbitrary place.
- ssl_set_server: moved closer to ssl_packet_from_server.
- ssl_is_valid_content_type, ssl_is_valid_handshake_type: move closer
to dissection code.
- ssl_dissect_hnd_hello_ext_status_request,
ssl_dissect_hnd_hello_ext_status_request_v2,
ssl_dissect_hnd_hello_ext_elliptic_curves,
ssl_dissect_hnd_hello_ext_ec_point_formats: move to TLS extensions.
- Remove unused forward declaration of _gcry_rsa_decrypt.
- ssl-packet-utils.h:
- Remove ssl_equal, ssl_hash. These are only used in
packet-ssl-utils.c.
- ssl_private_key_equal, ssl_private_key_hash,
ssl_common_register_options: inline when decryption is not
possible.
- Remove ws_symbol_export.h, enable SSL debug log when libgcrypt is
compiled in (instead of depending on GnuTLS).
- Move/merge stub code when GnuTLS or libgcrypt are not available:
- ssl_find_cipher: move.
- ssl_cipher_setiv: move.
- ssl_generate_pre_master_secret, ssl_generate_keyring_material: move.
Compile-tested all combinations:
- no GnuTLS, no libgcrypt: CentOS 6.
- no GnuTLS, has libgcrypt: CentOS 6. Passes all decryption tests
except for the ones that need a RSA private key file.
- has GnuTLS, no libgcrypt: Arch Linux.
- has GnuTLS, has libgcrypt: Arch Linux. The decryption tests pass.
(GnuTLS support is useless without gcrypt, but included for completeness.)
Change-Id: I727248937331f8788de8ed78248bb33296206096
Reviewed-on: https://code.wireshark.org/review/11052
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2015-10-15 00:00:47 +00:00
|
|
|
#define SSL_DECRYPT_DEBUG
|
2014-04-11 13:20:00 +00:00
|
|
|
#else /* HAVE_LIBGCRYPT */
|
2006-02-04 23:44:05 +00:00
|
|
|
#define SSL_CIPHER_CTX void*
|
2014-04-11 13:20:00 +00:00
|
|
|
#endif /* HAVE_LIBGCRYPT */
|
2006-02-04 23:44:05 +00:00
|
|
|
|
2006-06-27 13:36:10 +00:00
|
|
|
|
|
|
|
|
/* other defines */
|
2014-07-10 09:50:23 +00:00
|
|
|
typedef enum {
|
|
|
|
|
SSL_ID_CHG_CIPHER_SPEC = 0x14,
|
|
|
|
|
SSL_ID_ALERT = 0x15,
|
|
|
|
|
SSL_ID_HANDSHAKE = 0x16,
|
|
|
|
|
SSL_ID_APP_DATA = 0x17,
|
|
|
|
|
SSL_ID_HEARTBEAT = 0x18
|
|
|
|
|
} ContentType;
|
|
|
|
|
|
|
|
|
|
typedef enum {
|
|
|
|
|
SSL_HND_HELLO_REQUEST = 0,
|
|
|
|
|
SSL_HND_CLIENT_HELLO = 1,
|
|
|
|
|
SSL_HND_SERVER_HELLO = 2,
|
|
|
|
|
SSL_HND_HELLO_VERIFY_REQUEST = 3,
|
|
|
|
|
SSL_HND_NEWSESSION_TICKET = 4,
|
2016-10-06 10:44:43 +00:00
|
|
|
SSL_HND_HELLO_RETRY_REQUEST = 6,
|
2014-07-10 09:50:23 +00:00
|
|
|
SSL_HND_CERTIFICATE = 11,
|
|
|
|
|
SSL_HND_SERVER_KEY_EXCHG = 12,
|
|
|
|
|
SSL_HND_CERT_REQUEST = 13,
|
|
|
|
|
SSL_HND_SVR_HELLO_DONE = 14,
|
|
|
|
|
SSL_HND_CERT_VERIFY = 15,
|
|
|
|
|
SSL_HND_CLIENT_KEY_EXCHG = 16,
|
|
|
|
|
SSL_HND_FINISHED = 20,
|
|
|
|
|
SSL_HND_CERT_URL = 21,
|
|
|
|
|
SSL_HND_CERT_STATUS = 22,
|
|
|
|
|
SSL_HND_SUPPLEMENTAL_DATA = 23,
|
|
|
|
|
/* Encrypted Extensions was NextProtocol in draft-agl-tls-nextprotoneg-03
|
|
|
|
|
* and changed in draft 04 */
|
|
|
|
|
SSL_HND_ENCRYPTED_EXTS = 67
|
|
|
|
|
} HandshakeType;
|
2006-06-27 13:36:10 +00:00
|
|
|
|
|
|
|
|
#define SSL2_HND_ERROR 0x00
|
|
|
|
|
#define SSL2_HND_CLIENT_HELLO 0x01
|
|
|
|
|
#define SSL2_HND_CLIENT_MASTER_KEY 0x02
|
|
|
|
|
#define SSL2_HND_CLIENT_FINISHED 0x03
|
|
|
|
|
#define SSL2_HND_SERVER_HELLO 0x04
|
|
|
|
|
#define SSL2_HND_SERVER_VERIFY 0x05
|
|
|
|
|
#define SSL2_HND_SERVER_FINISHED 0x06
|
|
|
|
|
#define SSL2_HND_REQUEST_CERTIFICATE 0x07
|
|
|
|
|
#define SSL2_HND_CLIENT_CERTIFICATE 0x08
|
|
|
|
|
|
2008-07-09 07:24:13 +00:00
|
|
|
#define PCT_VERSION_1 0x8001
|
|
|
|
|
|
|
|
|
|
#define PCT_MSG_CLIENT_HELLO 0x01
|
|
|
|
|
#define PCT_MSG_SERVER_HELLO 0x02
|
|
|
|
|
#define PCT_MSG_CLIENT_MASTER_KEY 0x03
|
|
|
|
|
#define PCT_MSG_SERVER_VERIFY 0x04
|
|
|
|
|
#define PCT_MSG_ERROR 0x05
|
|
|
|
|
|
|
|
|
|
#define PCT_CH_OFFSET_V1 0xa
|
|
|
|
|
|
|
|
|
|
#define PCT_CIPHER_DES 0x01
|
|
|
|
|
#define PCT_CIPHER_IDEA 0x02
|
|
|
|
|
#define PCT_CIPHER_RC2 0x03
|
|
|
|
|
#define PCT_CIPHER_RC4 0x04
|
|
|
|
|
#define PCT_CIPHER_DES_112 0x05
|
|
|
|
|
#define PCT_CIPHER_DES_168 0x06
|
|
|
|
|
|
|
|
|
|
#define PCT_HASH_MD5 0x0001
|
|
|
|
|
#define PCT_HASH_MD5_TRUNC_64 0x0002
|
|
|
|
|
#define PCT_HASH_SHA 0x0003
|
|
|
|
|
#define PCT_HASH_SHA_TRUNC_80 0x0004
|
|
|
|
|
#define PCT_HASH_DES_DM 0x0005
|
|
|
|
|
|
|
|
|
|
#define PCT_CERT_NONE 0x00
|
|
|
|
|
#define PCT_CERT_X509 0x01
|
|
|
|
|
#define PCT_CERT_PKCS7 0x02
|
|
|
|
|
|
|
|
|
|
#define PCT_SIG_NONE 0x0000
|
|
|
|
|
#define PCT_SIG_RSA_MD5 0x0001
|
|
|
|
|
#define PCT_SIG_RSA_SHA 0x0002
|
|
|
|
|
#define PCT_SIG_DSA_SHA 0x0003
|
|
|
|
|
|
|
|
|
|
#define PCT_EXCH_RSA_PKCS1 0x01
|
|
|
|
|
#define PCT_EXCH_RSA_PKCS1_TOKEN_DES 0x02
|
|
|
|
|
#define PCT_EXCH_RSA_PKCS1_TOKEN_DES3 0x03
|
|
|
|
|
#define PCT_EXCH_RSA_PKCS1_TOKEN_RC2 0x04
|
|
|
|
|
#define PCT_EXCH_RSA_PKCS1_TOKEN_RC4 0x05
|
|
|
|
|
#define PCT_EXCH_DH_PKCS3 0x06
|
|
|
|
|
#define PCT_EXCH_DH_PKCS3_TOKEN_DES 0x07
|
|
|
|
|
#define PCT_EXCH_DH_PKCS3_TOKEN_DES3 0x08
|
|
|
|
|
#define PCT_EXCH_FORTEZZA_TOKEN 0x09
|
|
|
|
|
|
|
|
|
|
#define PCT_ERR_BAD_CERTIFICATE 0x01
|
|
|
|
|
#define PCT_ERR_CLIENT_AUTH_FAILED 0x02
|
|
|
|
|
#define PCT_ERR_ILLEGAL_MESSAGE 0x03
|
|
|
|
|
#define PCT_ERR_INTEGRITY_CHECK_FAILED 0x04
|
|
|
|
|
#define PCT_ERR_SERVER_AUTH_FAILED 0x05
|
|
|
|
|
#define PCT_ERR_SPECS_MISMATCH 0x06
|
2006-06-27 13:36:10 +00:00
|
|
|
|
2016-09-23 06:07:42 +00:00
|
|
|
#define SSL_HND_HELLO_EXT_SERVER_NAME 0
|
|
|
|
|
#define SSL_HND_HELLO_EXT_MAX_FRAGMENT_LENGTH 1
|
|
|
|
|
#define SSL_HND_HELLO_EXT_CLIENT_CERTIFICATE_URL 2
|
|
|
|
|
#define SSL_HND_HELLO_EXT_TRUSTED_CA_KEYS 3
|
|
|
|
|
#define SSL_HND_HELLO_EXT_TRUNCATED_HMAC 4
|
|
|
|
|
#define SSL_HND_HELLO_EXT_STATUS_REQUEST 5
|
|
|
|
|
#define SSL_HND_HELLO_EXT_USER_MAPPING 6
|
|
|
|
|
#define SSL_HND_HELLO_EXT_CLIENT_AUTHZ 7
|
|
|
|
|
#define SSL_HND_HELLO_EXT_SERVER_AUTHZ 8
|
|
|
|
|
#define SSL_HND_HELLO_EXT_CERT_TYPE 9
|
|
|
|
|
#define SSL_HND_HELLO_EXT_SUPPORTED_GROUPS 10 /* renamed from "elliptic_curves (RFC7919)*/
|
|
|
|
|
#define SSL_HND_HELLO_EXT_EC_POINT_FORMATS 11
|
|
|
|
|
#define SSL_HND_HELLO_EXT_SRP 12
|
|
|
|
|
#define SSL_HND_HELLO_EXT_SIGNATURE_ALGORITHMS 13
|
|
|
|
|
#define SSL_HND_HELLO_EXT_USE_SRTP 14
|
|
|
|
|
#define SSL_HND_HELLO_EXT_HEARTBEAT 15
|
|
|
|
|
#define SSL_HND_HELLO_EXT_ALPN 16
|
|
|
|
|
#define SSL_HND_HELLO_EXT_STATUS_REQUEST_V2 17
|
|
|
|
|
#define SSL_HND_HELLO_EXT_SIGNED_CERTIFICATE_TIMESTAMP 18
|
|
|
|
|
#define SSL_HND_HELLO_EXT_CLIENT_CERT_TYPE 19
|
|
|
|
|
#define SSL_HND_HELLO_EXT_SERVER_CERT_TYPE 20
|
|
|
|
|
#define SSL_HND_HELLO_EXT_PADDING 21
|
|
|
|
|
#define SSL_HND_HELLO_EXT_ENCRYPT_THEN_MAC 22
|
|
|
|
|
#define SSL_HND_HELLO_EXT_EXTENDED_MASTER_SECRET 23
|
|
|
|
|
#define SSL_HND_HELLO_EXT_TOKEN_BINDING 24
|
|
|
|
|
#define SSL_HND_HELLO_EXT_CACHED_INFO 25
|
|
|
|
|
/* 26-34 Unassigned*/
|
|
|
|
|
#define SSL_HND_HELLO_EXT_SESSION_TICKET_TLS 35
|
|
|
|
|
/* TLS 1.3 draft */
|
|
|
|
|
#define SSL_HND_HELLO_EXT_KEY_SHARE 40
|
|
|
|
|
#define SSL_HND_HELLO_EXT_PRE_SHARED_KEY 41
|
|
|
|
|
#define SSL_HND_HELLO_EXT_EARLY_DATA 42
|
2016-10-07 10:35:41 +00:00
|
|
|
#define SSL_HND_HELLO_EXT_SUPPORTED_VERSIONS 43
|
2016-09-23 06:07:42 +00:00
|
|
|
#define SSL_HND_HELLO_EXT_COOKIE 44
|
|
|
|
|
#define SSL_HND_HELLO_EXT_NPN 13712 /* 0x3374 */
|
|
|
|
|
#define SSL_HND_HELLO_EXT_CHANNEL_ID_OLD 30031 /* 0x754f */
|
|
|
|
|
#define SSL_HND_HELLO_EXT_CHANNEL_ID 30032 /* 0x7550 */
|
|
|
|
|
#define SSL_HND_HELLO_EXT_RENEGOTIATION_INFO 65281 /* 0xFF01 */
|
|
|
|
|
#define SSL_HND_HELLO_EXT_DRAFT_VERSION_TLS13 65282 /* 0xFF02 */
|
|
|
|
|
|
2013-11-18 20:27:04 +00:00
|
|
|
#define SSL_HND_CERT_URL_TYPE_INDIVIDUAL_CERT 1
|
|
|
|
|
#define SSL_HND_CERT_URL_TYPE_PKIPATH 2
|
2013-11-18 20:26:55 +00:00
|
|
|
#define SSL_HND_CERT_STATUS_TYPE_OCSP 1
|
|
|
|
|
#define SSL_HND_CERT_STATUS_TYPE_OCSP_MULTI 2
|
2014-04-26 09:38:40 +00:00
|
|
|
#define SSL_HND_CERT_TYPE_RAW_PUBLIC_KEY 2
|
2011-01-26 08:49:06 +00:00
|
|
|
|
2006-06-27 13:36:10 +00:00
|
|
|
/*
|
|
|
|
|
* Lookup tables
|
|
|
|
|
*/
|
2010-02-19 07:43:26 +00:00
|
|
|
extern const value_string ssl_version_short_names[];
|
2007-04-16 06:41:56 +00:00
|
|
|
extern const value_string ssl_20_msg_types[];
|
2010-10-29 22:18:44 +00:00
|
|
|
extern value_string_ext ssl_20_cipher_suites_ext;
|
2007-04-16 06:41:56 +00:00
|
|
|
extern const value_string ssl_20_certificate_type[];
|
|
|
|
|
extern const value_string ssl_31_content_type[];
|
|
|
|
|
extern const value_string ssl_versions[];
|
|
|
|
|
extern const value_string ssl_31_change_cipher_spec[];
|
|
|
|
|
extern const value_string ssl_31_alert_level[];
|
|
|
|
|
extern const value_string ssl_31_alert_description[];
|
|
|
|
|
extern const value_string ssl_31_handshake_type[];
|
2012-02-26 13:50:52 +00:00
|
|
|
extern const value_string tls_heartbeat_type[];
|
|
|
|
|
extern const value_string tls_heartbeat_mode[];
|
2007-04-16 06:41:56 +00:00
|
|
|
extern const value_string ssl_31_compression_method[];
|
|
|
|
|
extern const value_string ssl_31_key_exchange_algorithm[];
|
|
|
|
|
extern const value_string ssl_31_signature_algorithm[];
|
|
|
|
|
extern const value_string ssl_31_client_certificate_type[];
|
|
|
|
|
extern const value_string ssl_31_public_value_encoding[];
|
2010-10-29 22:18:44 +00:00
|
|
|
extern value_string_ext ssl_31_ciphersuite_ext;
|
2007-04-16 06:41:56 +00:00
|
|
|
extern const value_string pct_msg_types[];
|
|
|
|
|
extern const value_string pct_cipher_type[];
|
|
|
|
|
extern const value_string pct_hash_type[];
|
|
|
|
|
extern const value_string pct_cert_type[];
|
|
|
|
|
extern const value_string pct_sig_type[];
|
|
|
|
|
extern const value_string pct_exch_type[];
|
|
|
|
|
extern const value_string pct_error_code[];
|
|
|
|
|
extern const value_string tls_hello_extension_types[];
|
2010-12-18 01:16:11 +00:00
|
|
|
extern const value_string tls_hash_algorithm[];
|
|
|
|
|
extern const value_string tls_signature_algorithm[];
|
2011-05-29 06:16:19 +00:00
|
|
|
extern const value_string tls_certificate_type[];
|
2013-11-18 20:27:04 +00:00
|
|
|
extern const value_string tls_cert_chain_type[];
|
2011-01-26 08:49:06 +00:00
|
|
|
extern const value_string tls_cert_status_type[];
|
2010-01-31 19:57:01 +00:00
|
|
|
extern const value_string ssl_extension_curves[];
|
|
|
|
|
extern const value_string ssl_extension_ec_point_formats[];
|
2012-01-28 15:50:59 +00:00
|
|
|
extern const value_string ssl_curve_types[];
|
2012-03-22 08:58:19 +00:00
|
|
|
extern const value_string tls_hello_ext_server_name_type_vs[];
|
2016-08-26 08:33:43 +00:00
|
|
|
extern const value_string tls_hello_ext_psk_ke_mode[];
|
|
|
|
|
extern const value_string tls_hello_ext_psk_auth_mode[];
|
2006-06-27 13:36:10 +00:00
|
|
|
|
2009-12-21 21:06:01 +00:00
|
|
|
/* XXX Should we use GByteArray instead? */
|
2006-02-04 23:44:05 +00:00
|
|
|
typedef struct _StringInfo {
|
2014-08-28 07:44:28 +00:00
|
|
|
guchar *data; /* Backing storage which may be larger than data_len */
|
|
|
|
|
guint data_len; /* Length of the meaningful part of data */
|
2006-02-04 23:44:05 +00:00
|
|
|
} StringInfo;
|
|
|
|
|
|
|
|
|
|
#define SSL_WRITE_KEY 1
|
|
|
|
|
|
2015-11-14 12:33:02 +00:00
|
|
|
#define SSL_VER_UNKNOWN 0
|
|
|
|
|
#define PCT_VERSION 0x8001 /* PCT_VERSION_1 from http://graphcomp.com/info/specs/ms/pct.htm */
|
|
|
|
|
#define SSLV2_VERSION 0x0002 /* not in record layer, SSL_CLIENT_SERVER from
|
|
|
|
|
http://www-archive.mozilla.org/projects/security/pki/nss/ssl/draft02.html */
|
2006-02-04 23:44:05 +00:00
|
|
|
#define SSLV3_VERSION 0x300
|
|
|
|
|
#define TLSV1_VERSION 0x301
|
2006-06-27 13:36:10 +00:00
|
|
|
#define TLSV1DOT1_VERSION 0x302
|
2009-02-11 07:03:51 +00:00
|
|
|
#define TLSV1DOT2_VERSION 0x303
|
2016-08-21 07:33:39 +00:00
|
|
|
#define TLSV1DOT3_VERSION 0x304
|
2007-11-05 23:05:20 +00:00
|
|
|
#define DTLSV1DOT0_VERSION 0xfeff
|
2015-11-14 12:33:02 +00:00
|
|
|
#define DTLSV1DOT0_OPENSSL_VERSION 0x100
|
2012-03-28 09:31:04 +00:00
|
|
|
#define DTLSV1DOT2_VERSION 0xfefd
|
2006-02-04 23:44:05 +00:00
|
|
|
|
2015-11-14 12:33:02 +00:00
|
|
|
|
2008-07-09 07:24:13 +00:00
|
|
|
#define SSL_CLIENT_RANDOM (1<<0)
|
|
|
|
|
#define SSL_SERVER_RANDOM (1<<1)
|
|
|
|
|
#define SSL_CIPHER (1<<2)
|
|
|
|
|
#define SSL_HAVE_SESSION_KEY (1<<3)
|
|
|
|
|
#define SSL_VERSION (1<<4)
|
|
|
|
|
#define SSL_MASTER_SECRET (1<<5)
|
|
|
|
|
#define SSL_PRE_MASTER_SECRET (1<<6)
|
2014-11-17 22:12:36 +00:00
|
|
|
#define SSL_CLIENT_EXTENDED_MASTER_SECRET (1<<7)
|
|
|
|
|
#define SSL_SERVER_EXTENDED_MASTER_SECRET (1<<8)
|
2016-02-18 17:24:29 +00:00
|
|
|
#define SSL_NEW_SESSION_TICKET (1<<10)
|
2014-11-17 22:12:36 +00:00
|
|
|
|
|
|
|
|
#define SSL_EXTENDED_MASTER_SECRET_MASK (SSL_CLIENT_EXTENDED_MASTER_SECRET|SSL_SERVER_EXTENDED_MASTER_SECRET)
|
2006-02-04 23:44:05 +00:00
|
|
|
|
From Peter Wu
ssl-utils: remove SIG, rename mode and formatting
The changes seem huge, but actually involve a few structural changes
that do not change functionality, but aim to make maintenance easier and
lines shorter. The following changes were made:
1. Remove the "sig" field and `SIG_*` constants as they are not used
anywhere.
2. Convert `SSL_CIPHER_MODE_*` macros to an enum, change the type in
SslCipherSuite, change the field terminator in cipher_suites and
drop the `SSL_CIPHER_` prefix to make it shorter.
3. Add whitespace to align the cipher suites and convert the numbers to
hex to match common usage (e.g. IANA docs). Done with the awk script
below.
AWK script that takes the lines with `,KEX_` and applies changes (3):
#!/usr/bin/gawk -f
BEGIN { FS="[, {]+" }
{
split($0, c, "}, *");
comment="";if(c[2])comment=" "c[2];
sub("}", "", $10); # comment }
printf(" {0x%04X,%-12s%-16s%2d,%3d,%3d,%-11s %-22s},%s\n",
strtonum($2),
$3 ",", # Key exchange
# $4 is SIG_ - remove
$5 ",", # Cipher
$6, # blocksize
$7, # keysize
$8, # export keysize
$9 ",", # Digest
$10, # mode
comment);
}
Signed-off-by: Peter Wu <lekensteyn@gmail.com>
svn path=/trunk/; revision=54039
2013-12-13 11:30:24 +00:00
|
|
|
/* SSL Cipher Suite modes */
|
|
|
|
|
typedef enum {
|
|
|
|
|
MODE_STREAM, /* GenericStreamCipher */
|
|
|
|
|
MODE_CBC, /* GenericBlockCipher */
|
|
|
|
|
MODE_GCM, /* GenericAEADCipher */
|
|
|
|
|
MODE_CCM, /* AEAD_AES_{128,256}_CCM with 16 byte auth tag */
|
|
|
|
|
MODE_CCM_8 /* AEAD_AES_{128,256}_CCM with 8 byte auth tag */
|
|
|
|
|
} ssl_cipher_mode_t;
|
2006-02-04 23:44:05 +00:00
|
|
|
|
2013-09-19 20:27:12 +00:00
|
|
|
/* Explicit nonce length */
|
|
|
|
|
#define SSL_EX_NONCE_LEN_GCM 8 /* RFC 5288 - section 3 */
|
|
|
|
|
|
2006-02-14 18:52:26 +00:00
|
|
|
#define SSL_DEBUG_USE_STDERR "-"
|
|
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
#define SSLV2_MAX_SESSION_ID_LENGTH_IN_BYTES 16
|
|
|
|
|
|
2006-02-04 23:44:05 +00:00
|
|
|
typedef struct _SslCipherSuite {
|
2011-12-16 00:33:03 +00:00
|
|
|
gint number;
|
|
|
|
|
gint kex;
|
|
|
|
|
gint enc;
|
|
|
|
|
gint dig;
|
From Peter Wu
ssl-utils: remove SIG, rename mode and formatting
The changes seem huge, but actually involve a few structural changes
that do not change functionality, but aim to make maintenance easier and
lines shorter. The following changes were made:
1. Remove the "sig" field and `SIG_*` constants as they are not used
anywhere.
2. Convert `SSL_CIPHER_MODE_*` macros to an enum, change the type in
SslCipherSuite, change the field terminator in cipher_suites and
drop the `SSL_CIPHER_` prefix to make it shorter.
3. Add whitespace to align the cipher suites and convert the numbers to
hex to match common usage (e.g. IANA docs). Done with the awk script
below.
AWK script that takes the lines with `,KEX_` and applies changes (3):
#!/usr/bin/gawk -f
BEGIN { FS="[, {]+" }
{
split($0, c, "}, *");
comment="";if(c[2])comment=" "c[2];
sub("}", "", $10); # comment }
printf(" {0x%04X,%-12s%-16s%2d,%3d,%3d,%-11s %-22s},%s\n",
strtonum($2),
$3 ",", # Key exchange
# $4 is SIG_ - remove
$5 ",", # Cipher
$6, # blocksize
$7, # keysize
$8, # export keysize
$9 ",", # Digest
$10, # mode
comment);
}
Signed-off-by: Peter Wu <lekensteyn@gmail.com>
svn path=/trunk/; revision=54039
2013-12-13 11:30:24 +00:00
|
|
|
ssl_cipher_mode_t mode;
|
2006-02-04 23:44:05 +00:00
|
|
|
} SslCipherSuite;
|
|
|
|
|
|
2007-04-10 15:12:48 +00:00
|
|
|
typedef struct _SslFlow {
|
|
|
|
|
guint32 byte_seq;
|
2008-07-09 07:24:13 +00:00
|
|
|
guint16 flags;
|
2013-07-31 01:26:05 +00:00
|
|
|
wmem_tree_t *multisegment_pdus;
|
2007-04-10 15:12:48 +00:00
|
|
|
} SslFlow;
|
|
|
|
|
|
2007-04-10 17:57:47 +00:00
|
|
|
typedef struct _SslDecompress SslDecompress;
|
2007-04-10 15:12:48 +00:00
|
|
|
|
2006-02-04 23:44:05 +00:00
|
|
|
typedef struct _SslDecoder {
|
2016-07-25 22:14:40 +00:00
|
|
|
const SslCipherSuite *cipher_suite;
|
2007-04-10 15:12:48 +00:00
|
|
|
gint compression;
|
2013-09-19 20:27:12 +00:00
|
|
|
guchar _mac_key_or_write_iv[48];
|
|
|
|
|
StringInfo mac_key; /* for block and stream ciphers */
|
|
|
|
|
StringInfo write_iv; /* for AEAD ciphers (at least GCM, CCM) */
|
2007-04-10 15:12:48 +00:00
|
|
|
SSL_CIPHER_CTX evp;
|
|
|
|
|
SslDecompress *decomp;
|
2006-02-04 23:44:05 +00:00
|
|
|
guint32 seq;
|
2006-06-27 13:36:10 +00:00
|
|
|
guint16 epoch;
|
2007-04-10 15:12:48 +00:00
|
|
|
SslFlow *flow;
|
2006-02-04 23:44:05 +00:00
|
|
|
} SslDecoder;
|
|
|
|
|
|
2015-07-31 20:30:16 +00:00
|
|
|
#define KEX_DHE_DSS 0x10
|
|
|
|
|
#define KEX_DHE_PSK 0x11
|
|
|
|
|
#define KEX_DHE_RSA 0x12
|
|
|
|
|
#define KEX_DH_ANON 0x13
|
|
|
|
|
#define KEX_DH_DSS 0x14
|
|
|
|
|
#define KEX_DH_RSA 0x15
|
|
|
|
|
#define KEX_ECDHE_ECDSA 0x16
|
|
|
|
|
#define KEX_ECDHE_PSK 0x17
|
|
|
|
|
#define KEX_ECDHE_RSA 0x18
|
|
|
|
|
#define KEX_ECDH_ANON 0x19
|
|
|
|
|
#define KEX_ECDH_ECDSA 0x1a
|
|
|
|
|
#define KEX_ECDH_RSA 0x1b
|
|
|
|
|
#define KEX_KRB5 0x1c
|
|
|
|
|
#define KEX_PSK 0x1d
|
|
|
|
|
#define KEX_RSA 0x1e
|
|
|
|
|
#define KEX_RSA_PSK 0x1f
|
|
|
|
|
#define KEX_SRP_SHA 0x20
|
|
|
|
|
#define KEX_SRP_SHA_DSS 0x21
|
|
|
|
|
#define KEX_SRP_SHA_RSA 0x22
|
2015-10-29 15:09:17 +00:00
|
|
|
#define KEX_IS_DH(n) ((n) >= KEX_DHE_DSS && (n) <= KEX_ECDH_RSA)
|
2006-02-04 23:44:05 +00:00
|
|
|
|
|
|
|
|
#define ENC_DES 0x30
|
|
|
|
|
#define ENC_3DES 0x31
|
|
|
|
|
#define ENC_RC4 0x32
|
|
|
|
|
#define ENC_RC2 0x33
|
|
|
|
|
#define ENC_IDEA 0x34
|
|
|
|
|
#define ENC_AES 0x35
|
|
|
|
|
#define ENC_AES256 0x36
|
2013-09-15 06:58:54 +00:00
|
|
|
#define ENC_CAMELLIA128 0x37
|
|
|
|
|
#define ENC_CAMELLIA256 0x38
|
2013-09-15 06:59:07 +00:00
|
|
|
#define ENC_SEED 0x39
|
|
|
|
|
#define ENC_NULL 0x3A
|
2006-02-04 23:44:05 +00:00
|
|
|
|
|
|
|
|
#define DIG_MD5 0x40
|
|
|
|
|
#define DIG_SHA 0x41
|
2011-12-22 07:03:42 +00:00
|
|
|
#define DIG_SHA256 0x42
|
|
|
|
|
#define DIG_SHA384 0x43
|
2013-12-08 00:58:06 +00:00
|
|
|
#define DIG_NA 0x44 /* Not Applicable */
|
2006-02-04 23:44:05 +00:00
|
|
|
|
2013-09-19 20:26:50 +00:00
|
|
|
typedef struct {
|
|
|
|
|
const gchar *name;
|
|
|
|
|
gint len;
|
|
|
|
|
} SslDigestAlgo;
|
|
|
|
|
|
2006-05-03 05:29:04 +00:00
|
|
|
typedef struct _SslRecordInfo {
|
2011-12-16 00:33:03 +00:00
|
|
|
guchar *real_data;
|
|
|
|
|
gint data_len;
|
2006-08-02 08:15:51 +00:00
|
|
|
gint id;
|
2006-05-03 05:29:04 +00:00
|
|
|
struct _SslRecordInfo* next;
|
|
|
|
|
} SslRecordInfo;
|
|
|
|
|
|
2007-01-12 10:25:03 +00:00
|
|
|
typedef struct _SslDataInfo {
|
|
|
|
|
gint key;
|
|
|
|
|
StringInfo plain_data;
|
|
|
|
|
guint32 seq;
|
|
|
|
|
guint32 nxtseq;
|
2007-04-10 15:12:48 +00:00
|
|
|
SslFlow *flow;
|
2007-01-12 10:25:03 +00:00
|
|
|
struct _SslDataInfo *next;
|
|
|
|
|
} SslDataInfo;
|
|
|
|
|
|
2006-05-03 05:29:04 +00:00
|
|
|
typedef struct {
|
2007-01-12 10:25:03 +00:00
|
|
|
SslDataInfo *appl_data;
|
2007-09-16 19:28:58 +00:00
|
|
|
SslRecordInfo* handshake_data;
|
2006-05-03 05:29:04 +00:00
|
|
|
} SslPacketInfo;
|
2006-02-04 23:44:05 +00:00
|
|
|
|
2014-05-22 08:45:40 +00:00
|
|
|
typedef struct _SslSession {
|
|
|
|
|
gint cipher;
|
|
|
|
|
gint compression;
|
2015-11-14 12:33:02 +00:00
|
|
|
guint16 version;
|
2014-04-26 08:45:41 +00:00
|
|
|
gint8 client_cert_type;
|
|
|
|
|
gint8 server_cert_type;
|
2015-02-05 18:54:52 +00:00
|
|
|
|
|
|
|
|
/* The address/proto/port of the server as determined from heuristics
|
|
|
|
|
* (e.g. ClientHello) or set externally (via ssl_set_master_secret()). */
|
|
|
|
|
address srv_addr;
|
|
|
|
|
port_type srv_ptype;
|
|
|
|
|
guint srv_port;
|
|
|
|
|
|
|
|
|
|
/* The Application layer protocol if known (for STARTTLS support) */
|
|
|
|
|
dissector_handle_t app_handle;
|
|
|
|
|
guint32 last_nontls_frame;
|
2015-11-05 10:14:21 +00:00
|
|
|
gboolean is_session_resumed;
|
2014-05-22 08:45:40 +00:00
|
|
|
} SslSession;
|
|
|
|
|
|
ssl: clarify meaning of StringInfo, cleanup PRFs, master_secret
It was not clear whether the data_len member of StringInfo refers to
the allocated memory (as was done for session_ticket) or the length
of the actual data. This is clarified in a comment. To keep the
invariant "data_len refers to the length of meaningful data", some
code has been moved just in case some intermediate code fails:
- Setting session_ticket.data_len vs tvb_memcpy to session_ticket.data.
- PRF functions would expect the data length as input to a paramter
named "out". This is highly confusing, so another parameter has been
added to signify the requested length, "out_len". This also helps
holding up the invariant.
- For prf() calls, out.data_len does not need to be initialized but
passed as parameter.
Other PRF-related changes:
- Change the PRF functions to return a boolean instead of an int.
- tls_hash: return void as it cannot fail and remove related error
handling from callers. Fix a memleak of label_seed if tls_hash was
successful.
- tls_hash: add comments to clarify its functionality, whitespace.
- ssl3_generate_export_iv could not fail, so make it void. Also added
an out_len param to pass the target length.
- In prf(), replaced if-conditions for SSL version by a switch.
- In ssl_generate_keyring_material, the scope of some variable has been
tightened.
- ssl_session_init: explicitly set data_len to 0. This is strictly not
necessary as the callers have already zeroed out the memory, but that
has not been documented.
Other changes related to master_secret (ssl_save_session[_ticket]):
- Initialize master_secret.data_len to 0 in ssl_session_init as the
master_secret is unusable at that point.
- Remove the hack that tests whether master_secret.data is non-empty.
- Replace hardcoded master_secret length (48) from wmem_alloc0().
- Introduce macro for master secret length, use this in
SslDecryptSession, for parsing from keyfile and converting pre-master
secret to master secret (prf).
- Use (master_secret + 1) to refer to the part after the struct rather
than adding the size manually to a gchar-casted master_secret.
Change-Id: Ie1ea448db54e828b904568224486147a3d962522
Reviewed-on: https://code.wireshark.org/review/3030
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
2014-07-13 21:12:03 +00:00
|
|
|
/* RFC 5246, section 8.1 says that the master secret is always 48 bytes */
|
|
|
|
|
#define SSL_MASTER_SECRET_LENGTH 48
|
|
|
|
|
|
2014-07-10 09:50:23 +00:00
|
|
|
/* This holds state information for a SSL conversation */
|
2006-02-04 23:44:05 +00:00
|
|
|
typedef struct _SslDecryptSession {
|
ssl: clarify meaning of StringInfo, cleanup PRFs, master_secret
It was not clear whether the data_len member of StringInfo refers to
the allocated memory (as was done for session_ticket) or the length
of the actual data. This is clarified in a comment. To keep the
invariant "data_len refers to the length of meaningful data", some
code has been moved just in case some intermediate code fails:
- Setting session_ticket.data_len vs tvb_memcpy to session_ticket.data.
- PRF functions would expect the data length as input to a paramter
named "out". This is highly confusing, so another parameter has been
added to signify the requested length, "out_len". This also helps
holding up the invariant.
- For prf() calls, out.data_len does not need to be initialized but
passed as parameter.
Other PRF-related changes:
- Change the PRF functions to return a boolean instead of an int.
- tls_hash: return void as it cannot fail and remove related error
handling from callers. Fix a memleak of label_seed if tls_hash was
successful.
- tls_hash: add comments to clarify its functionality, whitespace.
- ssl3_generate_export_iv could not fail, so make it void. Also added
an out_len param to pass the target length.
- In prf(), replaced if-conditions for SSL version by a switch.
- In ssl_generate_keyring_material, the scope of some variable has been
tightened.
- ssl_session_init: explicitly set data_len to 0. This is strictly not
necessary as the callers have already zeroed out the memory, but that
has not been documented.
Other changes related to master_secret (ssl_save_session[_ticket]):
- Initialize master_secret.data_len to 0 in ssl_session_init as the
master_secret is unusable at that point.
- Remove the hack that tests whether master_secret.data is non-empty.
- Replace hardcoded master_secret length (48) from wmem_alloc0().
- Introduce macro for master secret length, use this in
SslDecryptSession, for parsing from keyfile and converting pre-master
secret to master secret (prf).
- Use (master_secret + 1) to refer to the part after the struct rather
than adding the size manually to a gchar-casted master_secret.
Change-Id: Ie1ea448db54e828b904568224486147a3d962522
Reviewed-on: https://code.wireshark.org/review/3030
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
2014-07-13 21:12:03 +00:00
|
|
|
guchar _master_secret[SSL_MASTER_SECRET_LENGTH];
|
2006-08-02 08:15:51 +00:00
|
|
|
guchar _session_id[256];
|
|
|
|
|
guchar _client_random[32];
|
|
|
|
|
guchar _server_random[32];
|
2006-02-04 23:44:05 +00:00
|
|
|
StringInfo session_id;
|
2014-02-04 12:51:41 +00:00
|
|
|
StringInfo session_ticket;
|
2006-02-04 23:44:05 +00:00
|
|
|
StringInfo server_random;
|
|
|
|
|
StringInfo client_random;
|
|
|
|
|
StringInfo master_secret;
|
2014-11-17 22:12:36 +00:00
|
|
|
StringInfo handshake_data;
|
2008-07-09 07:24:13 +00:00
|
|
|
/* the data store for this StringInfo must be allocated explicitly with a capture lifetime scope */
|
2006-02-04 23:44:05 +00:00
|
|
|
StringInfo pre_master_secret;
|
2007-01-04 09:20:18 +00:00
|
|
|
guchar _server_data_for_iv[24];
|
|
|
|
|
StringInfo server_data_for_iv;
|
|
|
|
|
guchar _client_data_for_iv[24];
|
|
|
|
|
StringInfo client_data_for_iv;
|
2007-09-16 19:28:58 +00:00
|
|
|
|
2006-08-02 08:15:51 +00:00
|
|
|
gint state;
|
2016-07-25 22:14:40 +00:00
|
|
|
const SslCipherSuite *cipher_suite;
|
2007-04-10 15:12:48 +00:00
|
|
|
SslDecoder *server;
|
|
|
|
|
SslDecoder *client;
|
|
|
|
|
SslDecoder *server_new;
|
|
|
|
|
SslDecoder *client_new;
|
2015-07-09 13:48:09 +00:00
|
|
|
#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT)
|
|
|
|
|
gcry_sexp_t private_key;
|
|
|
|
|
#endif
|
2013-12-08 02:12:48 +00:00
|
|
|
StringInfo psk;
|
2007-09-16 19:28:58 +00:00
|
|
|
StringInfo app_data_segment;
|
2014-05-22 08:45:40 +00:00
|
|
|
SslSession session;
|
2007-09-16 19:28:58 +00:00
|
|
|
|
2006-02-04 23:44:05 +00:00
|
|
|
} SslDecryptSession;
|
|
|
|
|
|
2011-04-26 21:59:11 +00:00
|
|
|
/* User Access Table */
|
|
|
|
|
typedef struct _ssldecrypt_assoc_t {
|
|
|
|
|
char* ipaddr;
|
|
|
|
|
char* port;
|
|
|
|
|
char* protocol;
|
|
|
|
|
char* keyfile;
|
|
|
|
|
char* password;
|
|
|
|
|
} ssldecrypt_assoc_t;
|
|
|
|
|
|
2014-07-19 09:06:25 +00:00
|
|
|
typedef struct ssl_common_options {
|
|
|
|
|
const gchar *psk;
|
|
|
|
|
const gchar *keylog_filename;
|
|
|
|
|
} ssl_common_options_t;
|
|
|
|
|
|
|
|
|
|
/** Map from something to a (pre-)master secret */
|
|
|
|
|
typedef struct {
|
2016-02-18 17:24:29 +00:00
|
|
|
GHashTable *session; /* Session ID (1-32 bytes) to master secret. */
|
|
|
|
|
GHashTable *tickets; /* Session Ticket to master secret. */
|
2014-08-28 07:44:28 +00:00
|
|
|
GHashTable *crandom; /* Client Random to master secret */
|
|
|
|
|
GHashTable *pre_master; /* First 8 bytes of encrypted pre-master secret to
|
|
|
|
|
pre-master secret */
|
2015-06-07 06:17:50 +00:00
|
|
|
GHashTable *pms; /* Client Random to unencrypted pre-master secret */
|
2014-07-19 09:06:25 +00:00
|
|
|
} ssl_master_key_map_t;
|
|
|
|
|
|
2012-01-28 15:50:59 +00:00
|
|
|
gint ssl_get_keyex_alg(gint cipher);
|
|
|
|
|
|
2015-01-13 20:13:45 +00:00
|
|
|
gboolean ssldecrypt_uat_fld_ip_chk_cb(void*, const char*, unsigned, const void*, const void*, char** err);
|
|
|
|
|
gboolean ssldecrypt_uat_fld_port_chk_cb(void*, const char*, unsigned, const void*, const void*, char** err);
|
|
|
|
|
gboolean ssldecrypt_uat_fld_fileopen_chk_cb(void*, const char*, unsigned, const void*, const void*, char** err);
|
|
|
|
|
gboolean ssldecrypt_uat_fld_password_chk_cb(void*, const char*, unsigned, const void*, const void*, char** err);
|
2015-11-06 04:20:45 +00:00
|
|
|
gchar* ssl_association_info(const char* dissector_table_name, const char* table_protocol);
|
2011-04-26 21:59:11 +00:00
|
|
|
|
2015-02-05 18:54:52 +00:00
|
|
|
/** Retrieve a SslSession, creating it if it did not already exist.
|
|
|
|
|
* @param conversation The SSL conversation.
|
|
|
|
|
* @param ssl_handle The dissector handle for SSL or DTLS.
|
|
|
|
|
*/
|
|
|
|
|
extern SslDecryptSession *
|
|
|
|
|
ssl_get_session(conversation_t *conversation, dissector_handle_t ssl_handle);
|
2006-02-06 01:01:09 +00:00
|
|
|
|
2009-08-13 09:07:03 +00:00
|
|
|
/** Set server address and port */
|
|
|
|
|
extern void
|
2015-02-05 18:54:52 +00:00
|
|
|
ssl_set_server(SslSession *session, address *addr, port_type ptype, guint32 port);
|
|
|
|
|
|
|
|
|
|
/** Marks this packet as the last one before switching to SSL that is supposed
|
|
|
|
|
* to encapsulate this protocol.
|
|
|
|
|
* @param ssl_handle The dissector handle for SSL or DTLS.
|
|
|
|
|
* @param pinfo Packet Info.
|
|
|
|
|
* @param app_handle Dissector handle for the protocol inside the decrypted
|
|
|
|
|
* Application Data record.
|
|
|
|
|
* @return 0 for the first STARTTLS acknowledgement (success) or if ssl_handle
|
|
|
|
|
* is NULL. >0 if STARTTLS was started before.
|
|
|
|
|
*/
|
2016-05-31 15:58:57 +00:00
|
|
|
WS_DLL_PUBLIC guint32
|
2015-02-05 18:54:52 +00:00
|
|
|
ssl_starttls_ack(dissector_handle_t ssl_handle, packet_info *pinfo,
|
|
|
|
|
dissector_handle_t app_handle);
|
2009-08-13 09:07:03 +00:00
|
|
|
|
2016-01-28 02:08:06 +00:00
|
|
|
/** Marks this packet as belonging to an SSL conversation started with STARTTLS.
|
|
|
|
|
* @param ssl_handle The dissector handle for SSL or DTLS.
|
|
|
|
|
* @param pinfo Packet Info.
|
|
|
|
|
* @param app_handle Dissector handle for the protocol inside the decrypted
|
|
|
|
|
* Application Data record.
|
|
|
|
|
* @return 0 for the first STARTTLS acknowledgement (success) or if ssl_handle
|
|
|
|
|
* is NULL. >0 if STARTTLS was started before.
|
|
|
|
|
*/
|
2016-05-31 15:58:57 +00:00
|
|
|
WS_DLL_PUBLIC guint32
|
2016-01-28 02:08:06 +00:00
|
|
|
ssl_starttls_post_ack(dissector_handle_t ssl_handle, packet_info *pinfo,
|
|
|
|
|
dissector_handle_t app_handle);
|
|
|
|
|
|
2016-09-04 11:40:20 +00:00
|
|
|
extern dissector_handle_t
|
|
|
|
|
ssl_find_appdata_dissector(const char *name);
|
|
|
|
|
|
2006-02-06 01:01:09 +00:00
|
|
|
/** set the data and len for the stringInfo buffer. buf should be big enough to
|
|
|
|
|
* contain the provided data
|
|
|
|
|
@param buf the buffer to update
|
2007-09-16 19:28:58 +00:00
|
|
|
@param src the data source
|
2006-02-06 01:01:09 +00:00
|
|
|
@param len the source data len */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2007-01-04 09:20:18 +00:00
|
|
|
ssl_data_set(StringInfo* buf, const guchar* src, guint len);
|
|
|
|
|
|
|
|
|
|
extern gint
|
2007-01-04 13:26:45 +00:00
|
|
|
ssl_cipher_setiv(SSL_CIPHER_CTX *cipher, guchar* iv, gint iv_len);
|
2006-02-06 01:01:09 +00:00
|
|
|
|
2011-12-16 00:33:03 +00:00
|
|
|
/** Search for the specified cipher suite id
|
2007-09-16 19:28:58 +00:00
|
|
|
@param num the id of the cipher suite to be searched
|
2016-07-25 22:14:40 +00:00
|
|
|
@return pointer to the cipher suite struct (or NULL if not found). */
|
|
|
|
|
extern const SslCipherSuite *
|
|
|
|
|
ssl_find_cipher(int num);
|
2006-02-06 01:01:09 +00:00
|
|
|
|
2016-09-15 21:57:15 +00:00
|
|
|
/** Obtains the block size for a CBC block cipher.
|
|
|
|
|
* @param cipher_suite a cipher suite as returned by ssl_find_cipher().
|
|
|
|
|
* @return the block size of a cipher or 0 if unavailable.
|
|
|
|
|
*/
|
|
|
|
|
guint
|
|
|
|
|
ssl_get_cipher_blocksize(const SslCipherSuite *cipher_suite);
|
|
|
|
|
|
2014-07-19 09:06:25 +00:00
|
|
|
gboolean
|
2013-12-08 00:58:06 +00:00
|
|
|
ssl_generate_pre_master_secret(SslDecryptSession *ssl_session,
|
|
|
|
|
guint32 length, tvbuff_t *tvb, guint32 offset,
|
2014-07-19 09:06:25 +00:00
|
|
|
const gchar *ssl_psk,
|
|
|
|
|
const ssl_master_key_map_t *mk_map);
|
2013-12-08 00:58:06 +00:00
|
|
|
|
2010-02-19 07:43:26 +00:00
|
|
|
/** Expand the pre_master_secret to generate all the session information
|
2006-02-06 01:01:09 +00:00
|
|
|
* (master secret, session keys, ivs)
|
|
|
|
|
@param ssl_session the store for all the session data
|
|
|
|
|
@return 0 on success */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern gint
|
2006-02-06 01:01:09 +00:00
|
|
|
ssl_generate_keyring_material(SslDecryptSession*ssl_session);
|
|
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2007-04-10 15:12:48 +00:00
|
|
|
ssl_change_cipher(SslDecryptSession *ssl_session, gboolean server);
|
|
|
|
|
|
2010-02-19 07:43:26 +00:00
|
|
|
/** Try to decrypt an ssl record
|
2010-08-26 15:24:49 +00:00
|
|
|
@param ssl ssl_session the store all the session data
|
2006-02-06 01:01:09 +00:00
|
|
|
@param decoder the stream decoder to be used
|
|
|
|
|
@param ct the content type of this ssl record
|
2013-08-10 21:29:33 +00:00
|
|
|
@param in a pointer to the ssl record to be decrypted
|
2007-10-16 23:42:33 +00:00
|
|
|
@param inl the record length
|
2013-08-10 21:29:33 +00:00
|
|
|
@param comp_str a pointer to the store the compression data
|
2010-08-26 15:24:49 +00:00
|
|
|
@param out_str a pointer to the store for the decrypted data
|
2007-09-16 19:28:58 +00:00
|
|
|
@param outl the decrypted data len
|
2006-02-06 01:01:09 +00:00
|
|
|
@return 0 on success */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern gint
|
2010-08-26 15:24:49 +00:00
|
|
|
ssl_decrypt_record(SslDecryptSession* ssl,SslDecoder* decoder, gint ct,
|
2007-04-10 15:12:48 +00:00
|
|
|
const guchar* in, guint inl, StringInfo* comp_str, StringInfo* out_str, guint* outl);
|
2006-08-02 08:15:51 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Common part bitween SSL and DTLS dissectors */
|
ssl-utils: allow gcrypt without GnuTLS, improve structure
Fix distinction between HAVE_LIBGNUTLS and HAVE_LIBGCRYPT. If GnuTLS is
unavailable, then the only missing feature is decryption using an RSA
private key file. Regardless of GnuTLS, allow SSL decryption (e.g. using
a SSL key log file or a PSK configured via preferences).
This change has no functional effect when GnuTLS and gcrypt are both
available (or not). Additionally, decryption is possible if only
libgcrypt is available.
Further changes to make ssl-utils more maintainable and documented:
- Group related functions, add markers and documentation. The following
functions are moved (with no further modifications):
- ssl_data_realloc, ssl_data_copy: related to StringInfo.
- ssl_change_cipher, ssl_create_flow: related to the decryption of a
session.
- ssl_decompress_record: related to Record Decompression.
- ssl_lib_init: moved to an arbitrary place.
- ssl_set_server: moved closer to ssl_packet_from_server.
- ssl_is_valid_content_type, ssl_is_valid_handshake_type: move closer
to dissection code.
- ssl_dissect_hnd_hello_ext_status_request,
ssl_dissect_hnd_hello_ext_status_request_v2,
ssl_dissect_hnd_hello_ext_elliptic_curves,
ssl_dissect_hnd_hello_ext_ec_point_formats: move to TLS extensions.
- Remove unused forward declaration of _gcry_rsa_decrypt.
- ssl-packet-utils.h:
- Remove ssl_equal, ssl_hash. These are only used in
packet-ssl-utils.c.
- ssl_private_key_equal, ssl_private_key_hash,
ssl_common_register_options: inline when decryption is not
possible.
- Remove ws_symbol_export.h, enable SSL debug log when libgcrypt is
compiled in (instead of depending on GnuTLS).
- Move/merge stub code when GnuTLS or libgcrypt are not available:
- ssl_find_cipher: move.
- ssl_cipher_setiv: move.
- ssl_generate_pre_master_secret, ssl_generate_keyring_material: move.
Compile-tested all combinations:
- no GnuTLS, no libgcrypt: CentOS 6.
- no GnuTLS, has libgcrypt: CentOS 6. Passes all decryption tests
except for the ones that need a RSA private key file.
- has GnuTLS, no libgcrypt: Arch Linux.
- has GnuTLS, has libgcrypt: Arch Linux. The decryption tests pass.
(GnuTLS support is useless without gcrypt, but included for completeness.)
Change-Id: I727248937331f8788de8ed78248bb33296206096
Reviewed-on: https://code.wireshark.org/review/11052
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2015-10-15 00:00:47 +00:00
|
|
|
/* Hash Functions for RSA private keys table */
|
2006-08-02 08:15:51 +00:00
|
|
|
|
2015-10-04 09:22:41 +00:00
|
|
|
extern gboolean
|
2006-08-02 08:15:51 +00:00
|
|
|
ssl_private_key_equal (gconstpointer v, gconstpointer v2);
|
|
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
extern guint
|
2006-08-02 08:15:51 +00:00
|
|
|
ssl_private_key_hash (gconstpointer v);
|
|
|
|
|
|
|
|
|
|
/* private key table entries have a scope 'larger' then packet capture,
|
2015-01-12 00:48:54 +00:00
|
|
|
* so we can't rely on wmem_file_scope function */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2015-10-03 17:23:55 +00:00
|
|
|
ssl_private_key_free(gpointer key);
|
2006-08-02 08:15:51 +00:00
|
|
|
|
ssl-utils: allow gcrypt without GnuTLS, improve structure
Fix distinction between HAVE_LIBGNUTLS and HAVE_LIBGCRYPT. If GnuTLS is
unavailable, then the only missing feature is decryption using an RSA
private key file. Regardless of GnuTLS, allow SSL decryption (e.g. using
a SSL key log file or a PSK configured via preferences).
This change has no functional effect when GnuTLS and gcrypt are both
available (or not). Additionally, decryption is possible if only
libgcrypt is available.
Further changes to make ssl-utils more maintainable and documented:
- Group related functions, add markers and documentation. The following
functions are moved (with no further modifications):
- ssl_data_realloc, ssl_data_copy: related to StringInfo.
- ssl_change_cipher, ssl_create_flow: related to the decryption of a
session.
- ssl_decompress_record: related to Record Decompression.
- ssl_lib_init: moved to an arbitrary place.
- ssl_set_server: moved closer to ssl_packet_from_server.
- ssl_is_valid_content_type, ssl_is_valid_handshake_type: move closer
to dissection code.
- ssl_dissect_hnd_hello_ext_status_request,
ssl_dissect_hnd_hello_ext_status_request_v2,
ssl_dissect_hnd_hello_ext_elliptic_curves,
ssl_dissect_hnd_hello_ext_ec_point_formats: move to TLS extensions.
- Remove unused forward declaration of _gcry_rsa_decrypt.
- ssl-packet-utils.h:
- Remove ssl_equal, ssl_hash. These are only used in
packet-ssl-utils.c.
- ssl_private_key_equal, ssl_private_key_hash,
ssl_common_register_options: inline when decryption is not
possible.
- Remove ws_symbol_export.h, enable SSL debug log when libgcrypt is
compiled in (instead of depending on GnuTLS).
- Move/merge stub code when GnuTLS or libgcrypt are not available:
- ssl_find_cipher: move.
- ssl_cipher_setiv: move.
- ssl_generate_pre_master_secret, ssl_generate_keyring_material: move.
Compile-tested all combinations:
- no GnuTLS, no libgcrypt: CentOS 6.
- no GnuTLS, has libgcrypt: CentOS 6. Passes all decryption tests
except for the ones that need a RSA private key file.
- has GnuTLS, no libgcrypt: Arch Linux.
- has GnuTLS, has libgcrypt: Arch Linux. The decryption tests pass.
(GnuTLS support is useless without gcrypt, but included for completeness.)
Change-Id: I727248937331f8788de8ed78248bb33296206096
Reviewed-on: https://code.wireshark.org/review/11052
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2015-10-15 00:00:47 +00:00
|
|
|
|
2006-08-02 08:15:51 +00:00
|
|
|
/* handling of association between tls/dtls ports and clear text protocol */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2015-11-06 04:20:45 +00:00
|
|
|
ssl_association_add(const char* dissector_table_name, dissector_handle_t main_handle, dissector_handle_t subdissector_handle, guint port, gboolean tcp);
|
2006-08-25 08:07:26 +00:00
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2015-11-06 04:20:45 +00:00
|
|
|
ssl_association_remove(const char* dissector_table_name, dissector_handle_t main_handle, dissector_handle_t subdissector_handle, guint port, gboolean tcp);
|
2006-08-02 08:15:51 +00:00
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
extern gint
|
2015-11-06 04:20:45 +00:00
|
|
|
ssl_packet_from_server(SslSession *session, dissector_table_t table, packet_info *pinfo);
|
2006-08-02 08:15:51 +00:00
|
|
|
|
2011-12-16 00:33:03 +00:00
|
|
|
/* add to packet data a copy of the specified real data */
|
2006-08-02 08:15:51 +00:00
|
|
|
extern void
|
|
|
|
|
ssl_add_record_info(gint proto, packet_info *pinfo, guchar* data, gint data_len, gint record_id);
|
|
|
|
|
|
2011-12-16 00:33:03 +00:00
|
|
|
/* search in packet data for the specified id; return a newly created tvb for the associated data */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern tvbuff_t*
|
2011-12-16 00:33:03 +00:00
|
|
|
ssl_get_record_info(tvbuff_t *parent_tvb, gint proto, packet_info *pinfo, gint record_id);
|
2006-08-02 08:15:51 +00:00
|
|
|
|
2007-01-12 10:25:03 +00:00
|
|
|
void
|
2007-04-10 15:12:48 +00:00
|
|
|
ssl_add_data_info(gint proto, packet_info *pinfo, guchar* data, gint data_len, gint key, SslFlow *flow);
|
2007-01-12 10:25:03 +00:00
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
SslDataInfo*
|
2007-01-12 10:25:03 +00:00
|
|
|
ssl_get_data_info(int proto, packet_info *pinfo, gint key);
|
|
|
|
|
|
2006-08-02 08:15:51 +00:00
|
|
|
/* initialize/reset per capture state data (ssl sessions cache) */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2015-06-28 14:31:18 +00:00
|
|
|
ssl_common_init(ssl_master_key_map_t *master_key_map,
|
2014-07-25 11:19:14 +00:00
|
|
|
StringInfo *decrypted_data, StringInfo *compressed_data);
|
2015-06-28 14:31:18 +00:00
|
|
|
extern void
|
|
|
|
|
ssl_common_cleanup(ssl_master_key_map_t *master_key_map, FILE **ssl_keylog_file,
|
|
|
|
|
StringInfo *decrypted_data, StringInfo *compressed_data);
|
2014-07-25 11:19:14 +00:00
|
|
|
|
|
|
|
|
/* tries to update the secrets cache from the given filename */
|
|
|
|
|
extern void
|
|
|
|
|
ssl_load_keyfile(const gchar *ssl_keylog_filename, FILE **keylog_file,
|
|
|
|
|
const ssl_master_key_map_t *mk_map);
|
2006-08-02 08:15:51 +00:00
|
|
|
|
|
|
|
|
/* parse ssl related preferences (private keys and ports association strings) */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2015-11-06 04:20:45 +00:00
|
|
|
ssl_parse_key_list(const ssldecrypt_assoc_t * uats, GHashTable *key_hash, const char* dissector_table_name, dissector_handle_t main_handle, gboolean tcp);
|
2006-08-02 08:15:51 +00:00
|
|
|
|
|
|
|
|
/* store master secret into session data cache */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2006-08-02 08:15:51 +00:00
|
|
|
ssl_save_session(SslDecryptSession* ssl, GHashTable *session_hash);
|
|
|
|
|
|
ssl-utils: allow gcrypt without GnuTLS, improve structure
Fix distinction between HAVE_LIBGNUTLS and HAVE_LIBGCRYPT. If GnuTLS is
unavailable, then the only missing feature is decryption using an RSA
private key file. Regardless of GnuTLS, allow SSL decryption (e.g. using
a SSL key log file or a PSK configured via preferences).
This change has no functional effect when GnuTLS and gcrypt are both
available (or not). Additionally, decryption is possible if only
libgcrypt is available.
Further changes to make ssl-utils more maintainable and documented:
- Group related functions, add markers and documentation. The following
functions are moved (with no further modifications):
- ssl_data_realloc, ssl_data_copy: related to StringInfo.
- ssl_change_cipher, ssl_create_flow: related to the decryption of a
session.
- ssl_decompress_record: related to Record Decompression.
- ssl_lib_init: moved to an arbitrary place.
- ssl_set_server: moved closer to ssl_packet_from_server.
- ssl_is_valid_content_type, ssl_is_valid_handshake_type: move closer
to dissection code.
- ssl_dissect_hnd_hello_ext_status_request,
ssl_dissect_hnd_hello_ext_status_request_v2,
ssl_dissect_hnd_hello_ext_elliptic_curves,
ssl_dissect_hnd_hello_ext_ec_point_formats: move to TLS extensions.
- Remove unused forward declaration of _gcry_rsa_decrypt.
- ssl-packet-utils.h:
- Remove ssl_equal, ssl_hash. These are only used in
packet-ssl-utils.c.
- ssl_private_key_equal, ssl_private_key_hash,
ssl_common_register_options: inline when decryption is not
possible.
- Remove ws_symbol_export.h, enable SSL debug log when libgcrypt is
compiled in (instead of depending on GnuTLS).
- Move/merge stub code when GnuTLS or libgcrypt are not available:
- ssl_find_cipher: move.
- ssl_cipher_setiv: move.
- ssl_generate_pre_master_secret, ssl_generate_keyring_material: move.
Compile-tested all combinations:
- no GnuTLS, no libgcrypt: CentOS 6.
- no GnuTLS, has libgcrypt: CentOS 6. Passes all decryption tests
except for the ones that need a RSA private key file.
- has GnuTLS, no libgcrypt: Arch Linux.
- has GnuTLS, has libgcrypt: Arch Linux. The decryption tests pass.
(GnuTLS support is useless without gcrypt, but included for completeness.)
Change-Id: I727248937331f8788de8ed78248bb33296206096
Reviewed-on: https://code.wireshark.org/review/11052
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2015-10-15 00:00:47 +00:00
|
|
|
#ifdef HAVE_LIBGCRYPT
|
2014-07-11 22:30:12 +00:00
|
|
|
extern void
|
2014-07-19 09:06:25 +00:00
|
|
|
ssl_finalize_decryption(SslDecryptSession *ssl, ssl_master_key_map_t *mk_map);
|
ssl-utils: allow gcrypt without GnuTLS, improve structure
Fix distinction between HAVE_LIBGNUTLS and HAVE_LIBGCRYPT. If GnuTLS is
unavailable, then the only missing feature is decryption using an RSA
private key file. Regardless of GnuTLS, allow SSL decryption (e.g. using
a SSL key log file or a PSK configured via preferences).
This change has no functional effect when GnuTLS and gcrypt are both
available (or not). Additionally, decryption is possible if only
libgcrypt is available.
Further changes to make ssl-utils more maintainable and documented:
- Group related functions, add markers and documentation. The following
functions are moved (with no further modifications):
- ssl_data_realloc, ssl_data_copy: related to StringInfo.
- ssl_change_cipher, ssl_create_flow: related to the decryption of a
session.
- ssl_decompress_record: related to Record Decompression.
- ssl_lib_init: moved to an arbitrary place.
- ssl_set_server: moved closer to ssl_packet_from_server.
- ssl_is_valid_content_type, ssl_is_valid_handshake_type: move closer
to dissection code.
- ssl_dissect_hnd_hello_ext_status_request,
ssl_dissect_hnd_hello_ext_status_request_v2,
ssl_dissect_hnd_hello_ext_elliptic_curves,
ssl_dissect_hnd_hello_ext_ec_point_formats: move to TLS extensions.
- Remove unused forward declaration of _gcry_rsa_decrypt.
- ssl-packet-utils.h:
- Remove ssl_equal, ssl_hash. These are only used in
packet-ssl-utils.c.
- ssl_private_key_equal, ssl_private_key_hash,
ssl_common_register_options: inline when decryption is not
possible.
- Remove ws_symbol_export.h, enable SSL debug log when libgcrypt is
compiled in (instead of depending on GnuTLS).
- Move/merge stub code when GnuTLS or libgcrypt are not available:
- ssl_find_cipher: move.
- ssl_cipher_setiv: move.
- ssl_generate_pre_master_secret, ssl_generate_keyring_material: move.
Compile-tested all combinations:
- no GnuTLS, no libgcrypt: CentOS 6.
- no GnuTLS, has libgcrypt: CentOS 6. Passes all decryption tests
except for the ones that need a RSA private key file.
- has GnuTLS, no libgcrypt: Arch Linux.
- has GnuTLS, has libgcrypt: Arch Linux. The decryption tests pass.
(GnuTLS support is useless without gcrypt, but included for completeness.)
Change-Id: I727248937331f8788de8ed78248bb33296206096
Reviewed-on: https://code.wireshark.org/review/11052
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2015-10-15 00:00:47 +00:00
|
|
|
#else /* ! HAVE_LIBGCRYPT */
|
|
|
|
|
static inline void
|
|
|
|
|
ssl_finalize_decryption(SslDecryptSession *ssl _U_, ssl_master_key_map_t *mk_map _U_)
|
|
|
|
|
{
|
|
|
|
|
}
|
|
|
|
|
#endif /* ! HAVE_LIBGCRYPT */
|
2014-07-11 22:30:12 +00:00
|
|
|
|
2014-07-10 09:50:23 +00:00
|
|
|
extern gboolean
|
2006-08-02 08:15:51 +00:00
|
|
|
ssl_is_valid_content_type(guint8 type);
|
2006-02-04 23:44:05 +00:00
|
|
|
|
2014-07-10 09:50:23 +00:00
|
|
|
extern gboolean
|
|
|
|
|
ssl_is_valid_handshake_type(guint8 hs_type, gboolean is_dtls);
|
|
|
|
|
|
2015-11-14 11:47:28 +00:00
|
|
|
extern void
|
|
|
|
|
ssl_try_set_version(SslSession *session, SslDecryptSession *ssl,
|
|
|
|
|
guint8 content_type, guint8 handshake_type,
|
|
|
|
|
gboolean is_dtls, guint16 version);
|
|
|
|
|
|
2014-11-17 22:12:36 +00:00
|
|
|
extern void
|
|
|
|
|
ssl_calculate_handshake_hash(SslDecryptSession *ssl_session, tvbuff_t *tvb, guint32 offset, guint32 length);
|
|
|
|
|
|
2014-06-25 08:54:57 +00:00
|
|
|
/* common header fields, subtrees and expert info for SSL and DTLS dissectors */
|
2013-12-23 20:42:28 +00:00
|
|
|
typedef struct ssl_common_dissect {
|
|
|
|
|
struct {
|
2015-11-05 10:14:21 +00:00
|
|
|
gint change_cipher_spec;
|
2013-12-23 20:42:28 +00:00
|
|
|
gint hs_exts_len;
|
|
|
|
|
gint hs_ext_alpn_len;
|
|
|
|
|
gint hs_ext_alpn_list;
|
|
|
|
|
gint hs_ext_alpn_str;
|
|
|
|
|
gint hs_ext_alpn_str_len;
|
|
|
|
|
gint hs_ext_cert_status_request_extensions_len;
|
|
|
|
|
gint hs_ext_cert_status_request_len;
|
|
|
|
|
gint hs_ext_cert_status_responder_id_list_len;
|
|
|
|
|
gint hs_ext_cert_status_type;
|
|
|
|
|
gint hs_ext_cert_url_item;
|
|
|
|
|
gint hs_ext_cert_url_padding;
|
|
|
|
|
gint hs_ext_cert_url_sha1;
|
|
|
|
|
gint hs_ext_cert_url_type;
|
|
|
|
|
gint hs_ext_cert_url_url;
|
|
|
|
|
gint hs_ext_cert_url_url_hash_list_len;
|
|
|
|
|
gint hs_ext_cert_url_url_len;
|
2014-04-26 08:45:41 +00:00
|
|
|
gint hs_ext_cert_type;
|
|
|
|
|
gint hs_ext_cert_types;
|
|
|
|
|
gint hs_ext_cert_types_len;
|
2013-12-23 20:42:28 +00:00
|
|
|
gint hs_ext_data;
|
|
|
|
|
gint hs_ext_ec_point_format;
|
|
|
|
|
gint hs_ext_ec_point_formats_len;
|
|
|
|
|
gint hs_ext_elliptic_curve;
|
|
|
|
|
gint hs_ext_elliptic_curves;
|
|
|
|
|
gint hs_ext_elliptic_curves_len;
|
|
|
|
|
gint hs_ext_heartbeat_mode;
|
|
|
|
|
gint hs_ext_len;
|
|
|
|
|
gint hs_ext_npn_str;
|
|
|
|
|
gint hs_ext_npn_str_len;
|
|
|
|
|
gint hs_ext_reneg_info_len;
|
2015-05-25 17:10:59 +00:00
|
|
|
gint hs_ext_reneg_info;
|
2016-08-23 16:14:03 +00:00
|
|
|
gint hs_ext_key_share_client_length;
|
|
|
|
|
gint hs_ext_key_share_group;
|
|
|
|
|
gint hs_ext_key_share_key_exchange_length;
|
|
|
|
|
gint hs_ext_key_share_key_exchange;
|
2016-10-06 10:44:43 +00:00
|
|
|
gint hs_ext_key_share_selected_group;
|
2016-08-26 08:33:43 +00:00
|
|
|
gint hs_ext_psk_identities_length;
|
|
|
|
|
gint hs_ext_psk_identity_ke_modes_length;
|
|
|
|
|
gint hs_ext_psk_identity_ke_mode;
|
|
|
|
|
gint hs_ext_psk_identity_auth_modes_length;
|
|
|
|
|
gint hs_ext_psk_identity_auth_mode;
|
|
|
|
|
gint hs_ext_psk_identity_length;
|
|
|
|
|
gint hs_ext_psk_identity;
|
|
|
|
|
gint hs_ext_psk_identity_selected;
|
2016-09-22 11:46:42 +00:00
|
|
|
gint hs_ext_early_data_obfuscated_ticket_age;
|
2016-10-07 10:35:41 +00:00
|
|
|
gint hs_ext_supported_versions_len;
|
|
|
|
|
gint hs_ext_supported_versions;
|
2016-09-29 08:17:07 +00:00
|
|
|
gint hs_ext_cookie_len;
|
|
|
|
|
gint hs_ext_cookie;
|
2013-12-23 20:42:28 +00:00
|
|
|
gint hs_ext_server_name;
|
|
|
|
|
gint hs_ext_server_name_len;
|
|
|
|
|
gint hs_ext_server_name_list_len;
|
|
|
|
|
gint hs_ext_server_name_type;
|
2014-05-20 16:54:17 +00:00
|
|
|
gint hs_ext_padding_data;
|
2013-12-23 20:42:28 +00:00
|
|
|
gint hs_ext_type;
|
|
|
|
|
gint hs_sig_hash_alg;
|
|
|
|
|
gint hs_sig_hash_alg_len;
|
|
|
|
|
gint hs_sig_hash_algs;
|
|
|
|
|
gint hs_sig_hash_hash;
|
|
|
|
|
gint hs_sig_hash_sig;
|
2014-06-23 21:14:06 +00:00
|
|
|
gint hs_client_keyex_epms_len;
|
|
|
|
|
gint hs_client_keyex_epms;
|
|
|
|
|
gint hs_server_keyex_modulus_len;
|
|
|
|
|
gint hs_server_keyex_exponent_len;
|
|
|
|
|
gint hs_server_keyex_sig_len;
|
|
|
|
|
gint hs_server_keyex_p_len;
|
|
|
|
|
gint hs_server_keyex_g_len;
|
|
|
|
|
gint hs_server_keyex_ys_len;
|
|
|
|
|
gint hs_client_keyex_yc_len;
|
|
|
|
|
gint hs_client_keyex_point_len;
|
|
|
|
|
gint hs_server_keyex_point_len;
|
|
|
|
|
gint hs_server_keyex_p;
|
|
|
|
|
gint hs_server_keyex_g;
|
|
|
|
|
gint hs_server_keyex_curve_type;
|
|
|
|
|
gint hs_server_keyex_named_curve;
|
|
|
|
|
gint hs_server_keyex_ys;
|
|
|
|
|
gint hs_client_keyex_yc;
|
|
|
|
|
gint hs_server_keyex_point;
|
|
|
|
|
gint hs_client_keyex_point;
|
|
|
|
|
gint hs_server_keyex_modulus;
|
|
|
|
|
gint hs_server_keyex_exponent;
|
|
|
|
|
gint hs_server_keyex_sig;
|
|
|
|
|
gint hs_server_keyex_hint_len;
|
|
|
|
|
gint hs_server_keyex_hint;
|
|
|
|
|
gint hs_client_keyex_identity_len;
|
|
|
|
|
gint hs_client_keyex_identity;
|
2014-07-10 22:35:04 +00:00
|
|
|
gint hs_certificates_len;
|
|
|
|
|
gint hs_certificates;
|
|
|
|
|
gint hs_certificate_len;
|
|
|
|
|
gint hs_certificate;
|
2014-07-10 22:58:35 +00:00
|
|
|
gint hs_cert_types_count;
|
|
|
|
|
gint hs_cert_types;
|
|
|
|
|
gint hs_cert_type;
|
|
|
|
|
gint hs_dnames_len;
|
|
|
|
|
gint hs_dnames;
|
|
|
|
|
gint hs_dname_len;
|
|
|
|
|
gint hs_dname;
|
2016-08-22 08:08:00 +00:00
|
|
|
gint hs_random;
|
2014-07-13 11:21:41 +00:00
|
|
|
gint hs_random_time;
|
|
|
|
|
gint hs_random_bytes;
|
|
|
|
|
gint hs_session_id;
|
|
|
|
|
gint hs_session_id_len;
|
2014-07-19 08:54:19 +00:00
|
|
|
gint hs_client_version;
|
2014-07-19 09:12:49 +00:00
|
|
|
gint hs_server_version;
|
2014-07-19 08:54:19 +00:00
|
|
|
gint hs_cipher_suites_len;
|
|
|
|
|
gint hs_cipher_suites;
|
2014-07-19 09:12:49 +00:00
|
|
|
gint hs_cipher_suite;
|
2014-07-19 08:54:19 +00:00
|
|
|
gint hs_comp_methods_len;
|
|
|
|
|
gint hs_comp_methods;
|
2014-07-19 09:12:49 +00:00
|
|
|
gint hs_comp_method;
|
2014-07-13 09:37:08 +00:00
|
|
|
gint hs_session_ticket_lifetime_hint;
|
|
|
|
|
gint hs_session_ticket_len;
|
|
|
|
|
gint hs_session_ticket;
|
2014-07-13 22:04:18 +00:00
|
|
|
gint hs_finished;
|
2015-03-12 02:01:37 +00:00
|
|
|
gint hs_client_cert_vrfy_sig_len;
|
|
|
|
|
gint hs_client_cert_vrfy_sig;
|
2014-06-25 08:54:57 +00:00
|
|
|
|
2016-08-22 09:01:59 +00:00
|
|
|
/* TLS 1.3 */
|
|
|
|
|
gint hs_ext_draft_version_tls13;
|
|
|
|
|
|
2014-06-25 08:54:57 +00:00
|
|
|
/* do not forget to update SSL_COMMON_LIST_T and SSL_COMMON_HF_LIST! */
|
2013-12-23 20:42:28 +00:00
|
|
|
} hf;
|
|
|
|
|
struct {
|
|
|
|
|
gint hs_ext;
|
|
|
|
|
gint hs_ext_alpn;
|
2014-04-26 08:45:41 +00:00
|
|
|
gint hs_ext_cert_types;
|
2013-12-23 20:42:28 +00:00
|
|
|
gint hs_ext_curves;
|
|
|
|
|
gint hs_ext_curves_point_formats;
|
|
|
|
|
gint hs_ext_npn;
|
|
|
|
|
gint hs_ext_reneg_info;
|
2016-08-23 16:14:03 +00:00
|
|
|
gint hs_ext_key_share;
|
|
|
|
|
gint hs_ext_key_share_ks;
|
2016-08-26 08:33:43 +00:00
|
|
|
gint hs_ext_pre_shared_key;
|
|
|
|
|
gint hs_ext_psk_identity;
|
2013-12-23 20:42:28 +00:00
|
|
|
gint hs_ext_server_name;
|
|
|
|
|
gint hs_sig_hash_alg;
|
|
|
|
|
gint hs_sig_hash_algs;
|
|
|
|
|
gint urlhash;
|
2014-06-23 21:14:06 +00:00
|
|
|
gint keyex_params;
|
2014-07-10 22:35:04 +00:00
|
|
|
gint certificates;
|
2014-07-10 22:58:35 +00:00
|
|
|
gint cert_types;
|
|
|
|
|
gint dnames;
|
2014-07-13 11:21:41 +00:00
|
|
|
gint hs_random;
|
2014-07-19 08:54:19 +00:00
|
|
|
gint cipher_suites;
|
|
|
|
|
gint comp_methods;
|
2014-07-13 09:37:08 +00:00
|
|
|
gint session_ticket;
|
2014-06-25 08:54:57 +00:00
|
|
|
|
|
|
|
|
/* do not forget to update SSL_COMMON_LIST_T and SSL_COMMON_ETT_LIST! */
|
2013-12-23 20:42:28 +00:00
|
|
|
} ett;
|
|
|
|
|
struct {
|
|
|
|
|
expert_field hs_ext_cert_status_undecoded;
|
2014-07-10 22:58:35 +00:00
|
|
|
expert_field hs_sig_hash_alg_len_bad;
|
2014-07-19 08:54:19 +00:00
|
|
|
expert_field hs_cipher_suites_len_bad;
|
2015-05-25 17:10:59 +00:00
|
|
|
expert_field hs_sig_hash_algs_bad;
|
2015-11-05 10:14:21 +00:00
|
|
|
expert_field resumed;
|
2014-06-25 08:54:57 +00:00
|
|
|
|
|
|
|
|
/* do not forget to update SSL_COMMON_LIST_T and SSL_COMMON_EI_LIST! */
|
2013-12-23 20:42:28 +00:00
|
|
|
} ei;
|
|
|
|
|
} ssl_common_dissect_t;
|
|
|
|
|
|
2014-07-19 08:54:19 +00:00
|
|
|
/* Header fields specific to DTLS. See packet-dtls.c */
|
|
|
|
|
typedef struct {
|
|
|
|
|
gint hf_dtls_handshake_cookie_len;
|
|
|
|
|
gint hf_dtls_handshake_cookie;
|
|
|
|
|
|
|
|
|
|
/* Do not forget to initialize dtls_hfs to -1 in packet-dtls.c! */
|
|
|
|
|
} dtls_hfs_t;
|
|
|
|
|
|
2014-07-13 22:04:18 +00:00
|
|
|
/* Header fields specific to SSL. See packet-ssl.c */
|
|
|
|
|
typedef struct {
|
|
|
|
|
gint hs_md5_hash;
|
|
|
|
|
gint hs_sha_hash;
|
|
|
|
|
|
|
|
|
|
/* Do not forget to initialize ssl_hfs to -1 in packet-ssl.c! */
|
|
|
|
|
} ssl_hfs_t;
|
|
|
|
|
|
2015-11-05 10:14:21 +00:00
|
|
|
void
|
|
|
|
|
ssl_dissect_change_cipher_spec(ssl_common_dissect_t *hf, tvbuff_t *tvb,
|
|
|
|
|
packet_info *pinfo, proto_tree *tree,
|
|
|
|
|
guint32 offset, SslSession *session,
|
|
|
|
|
gboolean is_from_server,
|
|
|
|
|
const SslDecryptSession *ssl);
|
|
|
|
|
|
2014-07-19 08:54:19 +00:00
|
|
|
extern void
|
|
|
|
|
ssl_dissect_hnd_cli_hello(ssl_common_dissect_t *hf, tvbuff_t *tvb,
|
|
|
|
|
packet_info *pinfo, proto_tree *tree, guint32 offset,
|
|
|
|
|
guint32 length, SslSession *session,
|
|
|
|
|
SslDecryptSession *ssl,
|
|
|
|
|
dtls_hfs_t *dtls_hfs);
|
|
|
|
|
|
2014-07-19 09:12:49 +00:00
|
|
|
extern void
|
2015-05-25 17:10:59 +00:00
|
|
|
ssl_dissect_hnd_srv_hello(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info* pinfo,
|
2014-07-19 09:12:49 +00:00
|
|
|
proto_tree *tree, guint32 offset, guint32 length,
|
2015-11-14 11:47:28 +00:00
|
|
|
SslSession *session, SslDecryptSession *ssl,
|
|
|
|
|
gboolean is_dtls);
|
2014-07-19 09:12:49 +00:00
|
|
|
|
2016-10-06 10:44:43 +00:00
|
|
|
extern void
|
|
|
|
|
ssl_dissect_hnd_hello_retry_request(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info* pinfo,
|
|
|
|
|
proto_tree *tree, guint32 offset, guint32 length,
|
|
|
|
|
SslSession *session, SslDecryptSession *ssl);
|
|
|
|
|
|
2014-07-13 09:37:08 +00:00
|
|
|
extern void
|
|
|
|
|
ssl_dissect_hnd_new_ses_ticket(ssl_common_dissect_t *hf, tvbuff_t *tvb,
|
|
|
|
|
proto_tree *tree, guint32 offset,
|
|
|
|
|
SslDecryptSession *ssl,
|
|
|
|
|
GHashTable *session_hash);
|
|
|
|
|
|
2014-07-10 22:35:04 +00:00
|
|
|
extern void
|
|
|
|
|
ssl_dissect_hnd_cert(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree,
|
|
|
|
|
guint32 offset, packet_info *pinfo,
|
2015-10-04 09:22:41 +00:00
|
|
|
const SslSession *session, SslDecryptSession *ssl,
|
|
|
|
|
GHashTable *key_hash, gint is_from_server);
|
2014-07-10 22:35:04 +00:00
|
|
|
|
2014-07-10 22:58:35 +00:00
|
|
|
extern void
|
|
|
|
|
ssl_dissect_hnd_cert_req(ssl_common_dissect_t *hf, tvbuff_t *tvb,
|
|
|
|
|
proto_tree *tree, guint32 offset, packet_info *pinfo,
|
|
|
|
|
const SslSession *session);
|
|
|
|
|
|
2015-03-12 02:01:37 +00:00
|
|
|
extern void
|
|
|
|
|
ssl_dissect_hnd_cli_cert_verify(ssl_common_dissect_t *hf, tvbuff_t *tvb,
|
|
|
|
|
proto_tree *tree, guint32 offset,
|
|
|
|
|
const SslSession *session);
|
|
|
|
|
|
2014-07-13 22:04:18 +00:00
|
|
|
extern void
|
|
|
|
|
ssl_dissect_hnd_finished(ssl_common_dissect_t *hf, tvbuff_t *tvb,
|
|
|
|
|
proto_tree *tree, guint32 offset,
|
|
|
|
|
const SslSession *session, ssl_hfs_t *ssl_hfs);
|
|
|
|
|
|
2013-12-23 20:42:28 +00:00
|
|
|
extern void
|
|
|
|
|
ssl_dissect_hnd_cert_url(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree, guint32 offset);
|
|
|
|
|
|
2014-06-23 21:14:06 +00:00
|
|
|
extern void
|
|
|
|
|
ssl_dissect_hnd_cli_keyex(ssl_common_dissect_t *hf, tvbuff_t *tvb,
|
|
|
|
|
proto_tree *tree, guint32 offset, guint32 length,
|
|
|
|
|
const SslSession *session);
|
|
|
|
|
|
|
|
|
|
extern void
|
|
|
|
|
ssl_dissect_hnd_srv_keyex(ssl_common_dissect_t *hf, tvbuff_t *tvb,
|
|
|
|
|
proto_tree *tree, guint32 offset, guint32 length,
|
|
|
|
|
const SslSession *session);
|
|
|
|
|
|
2014-06-25 08:54:57 +00:00
|
|
|
/* {{{ */
|
2013-12-23 21:30:44 +00:00
|
|
|
#define SSL_COMMON_LIST_T(name) \
|
|
|
|
|
ssl_common_dissect_t name = { \
|
|
|
|
|
/* hf */ { \
|
|
|
|
|
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
|
|
|
|
|
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
|
2014-06-23 21:14:06 +00:00
|
|
|
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
|
|
|
|
|
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
|
2014-07-10 22:58:35 +00:00
|
|
|
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
|
2014-07-13 22:04:18 +00:00
|
|
|
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
|
2016-08-26 08:33:43 +00:00
|
|
|
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
|
2016-10-07 10:35:41 +00:00
|
|
|
-1, -1, -1, -1, -1, -1, \
|
2013-12-23 21:30:44 +00:00
|
|
|
}, \
|
|
|
|
|
/* ett */ { \
|
2014-07-10 22:58:35 +00:00
|
|
|
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
|
2016-09-20 12:14:38 +00:00
|
|
|
-1, -1, -1, -1, -1, -1, -1, \
|
2013-12-23 21:30:44 +00:00
|
|
|
}, \
|
|
|
|
|
/* ei */ { \
|
2015-11-05 10:14:21 +00:00
|
|
|
EI_INIT, EI_INIT, EI_INIT, EI_INIT, EI_INIT, \
|
2013-12-23 21:30:44 +00:00
|
|
|
}, \
|
2013-12-23 20:42:28 +00:00
|
|
|
}
|
2014-06-25 08:54:57 +00:00
|
|
|
/* }}} */
|
2013-12-23 20:42:28 +00:00
|
|
|
|
2014-06-25 08:54:57 +00:00
|
|
|
/* {{{ */
|
2013-12-23 20:42:28 +00:00
|
|
|
#define SSL_COMMON_HF_LIST(name, prefix) \
|
2015-11-05 10:14:21 +00:00
|
|
|
{ & name .hf.change_cipher_spec, \
|
|
|
|
|
{ "Change Cipher Spec Message", prefix ".change_cipher_spec", \
|
|
|
|
|
FT_NONE, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"Signals a change in cipher specifications", HFILL } \
|
|
|
|
|
}, \
|
2013-12-23 20:42:28 +00:00
|
|
|
{ & name .hf.hs_exts_len, \
|
|
|
|
|
{ "Extensions Length", prefix ".handshake.extensions_length", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of hello extensions", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_type, \
|
|
|
|
|
{ "Type", prefix ".handshake.extension.type", \
|
2016-10-07 09:03:39 +00:00
|
|
|
FT_UINT16, BASE_DEC, VALS(tls_hello_extension_types), 0x0, \
|
2013-12-23 20:42:28 +00:00
|
|
|
"Hello extension type", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_len, \
|
|
|
|
|
{ "Length", prefix ".handshake.extension.len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of a hello extension", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_data, \
|
|
|
|
|
{ "Data", prefix ".handshake.extension.data", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"Hello Extension data", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_elliptic_curves_len, \
|
|
|
|
|
{ "Elliptic Curves Length", prefix ".handshake.extensions_elliptic_curves_length", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of elliptic curves field", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_elliptic_curves, \
|
|
|
|
|
{ "Elliptic Curves List", prefix ".handshake.extensions_elliptic_curves", \
|
|
|
|
|
FT_NONE, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"List of elliptic curves supported", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_elliptic_curve, \
|
|
|
|
|
{ "Elliptic curve", prefix ".handshake.extensions_elliptic_curve",\
|
|
|
|
|
FT_UINT16, BASE_HEX, VALS(ssl_extension_curves), 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_ec_point_formats_len, \
|
|
|
|
|
{ "EC point formats Length", prefix ".handshake.extensions_ec_point_formats_length", \
|
|
|
|
|
FT_UINT8, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of elliptic curves point formats field", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_ec_point_format, \
|
|
|
|
|
{ "EC point format", prefix ".handshake.extensions_ec_point_format", \
|
|
|
|
|
FT_UINT8, BASE_DEC, VALS(ssl_extension_ec_point_formats), 0x0, \
|
|
|
|
|
"Elliptic curves point format", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_alpn_len, \
|
|
|
|
|
{ "ALPN Extension Length", prefix ".handshake.extensions_alpn_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of the ALPN Extension", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_alpn_list, \
|
|
|
|
|
{ "ALPN Protocol", prefix ".handshake.extensions_alpn_list", \
|
|
|
|
|
FT_NONE, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_alpn_str_len, \
|
|
|
|
|
{ "ALPN string length", prefix ".handshake.extensions_alpn_str_len", \
|
|
|
|
|
FT_UINT8, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of ALPN string", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_alpn_str, \
|
|
|
|
|
{ "ALPN Next Protocol", prefix ".handshake.extensions_alpn_str", \
|
|
|
|
|
FT_STRING, BASE_NONE, NULL, 0x00, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_npn_str_len, \
|
|
|
|
|
{ "Protocol string length", prefix ".handshake.extensions_npn_str_len", \
|
|
|
|
|
FT_UINT8, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of next protocol string", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_npn_str, \
|
|
|
|
|
{ "Next Protocol", prefix ".handshake.extensions_npn", \
|
|
|
|
|
FT_STRING, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_reneg_info_len, \
|
|
|
|
|
{ "Renegotiation info extension length", prefix ".handshake.extensions_reneg_info_len", \
|
|
|
|
|
FT_UINT8, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
2015-05-25 17:10:59 +00:00
|
|
|
{ & name .hf.hs_ext_reneg_info, \
|
|
|
|
|
{ "Renegotiation info", prefix ".handshake.extensions_reneg_info",\
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
2016-08-23 16:14:03 +00:00
|
|
|
{ & name .hf.hs_ext_key_share_client_length, \
|
|
|
|
|
{ "Client Key Share Length", prefix ".handshake.extensions_key_share_client_length", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x00, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_key_share_group, \
|
|
|
|
|
{ "Group", prefix ".handshake.extensions_key_share_group", \
|
|
|
|
|
FT_UINT16, BASE_DEC, VALS(ssl_extension_curves), 0x00, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_key_share_key_exchange_length, \
|
|
|
|
|
{ "Key Exchange Length", prefix ".handshake.extensions_key_share_key_exchange_length", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x00, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_key_share_key_exchange, \
|
|
|
|
|
{ "Key Exchange", prefix ".handshake.extensions_key_share_key_exchange", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
2016-10-06 10:44:43 +00:00
|
|
|
{ & name .hf.hs_ext_key_share_selected_group, \
|
|
|
|
|
{ "Selected Group", prefix ".handshake.extensions_key_share_selected_group", \
|
|
|
|
|
FT_UINT16, BASE_DEC, VALS(ssl_extension_curves), 0x00, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
2016-08-26 08:33:43 +00:00
|
|
|
{ & name .hf.hs_ext_psk_identities_length, \
|
|
|
|
|
{ "Identities Length", prefix ".handshake.extensions.psk.identities.length", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_psk_identity_ke_modes_length, \
|
|
|
|
|
{ "Key Exchange Modes length", prefix ".handshake.extensions.psk.identity.ke_modes_length", \
|
|
|
|
|
FT_UINT8, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_psk_identity_ke_mode, \
|
|
|
|
|
{ "Key Exchange Mode", prefix ".handshake.extensions.psk.identity.ke_mode", \
|
|
|
|
|
FT_UINT8, BASE_DEC, VALS(tls_hello_ext_psk_ke_mode), 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_psk_identity_auth_modes_length, \
|
2016-10-27 15:58:39 +00:00
|
|
|
{ "Authentication Modes length", prefix ".handshake.extensions.psk.identity.auth_modes_length", \
|
2016-08-26 08:33:43 +00:00
|
|
|
FT_UINT8, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_psk_identity_auth_mode, \
|
2016-10-27 15:58:39 +00:00
|
|
|
{ "Authentication Mode", prefix ".handshake.extensions.psk.identity.auth_mode", \
|
2016-08-26 08:33:43 +00:00
|
|
|
FT_UINT8, BASE_DEC, VALS(tls_hello_ext_psk_auth_mode), 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_psk_identity_length, \
|
|
|
|
|
{ "Identity Length", prefix ".handshake.extensions.psk.identity.length", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_psk_identity, \
|
|
|
|
|
{ "Identity", prefix ".handshake.extensions.psk.identity", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_psk_identity_selected, \
|
|
|
|
|
{ "Selected Identity", prefix ".handshake.extensions.psk.identity.selected", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
2016-09-22 11:46:42 +00:00
|
|
|
{ & name .hf.hs_ext_early_data_obfuscated_ticket_age, \
|
|
|
|
|
{ "Obfuscated ticket age", prefix ".handshake.extensions.early_data.obfuscated_ticket_age", \
|
|
|
|
|
FT_UINT32, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"The time since the client learned about the server configuration that it is using, in milliseconds", HFILL } \
|
|
|
|
|
}, \
|
2016-10-07 10:35:41 +00:00
|
|
|
{ & name .hf.hs_ext_supported_versions_len, \
|
|
|
|
|
{ "Supported Versions length", prefix ".handshake.extensions.supported_versions_len", \
|
|
|
|
|
FT_UINT8, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_supported_versions, \
|
|
|
|
|
{ "Supported Versions", prefix ".handshake.extensions.supported_versions", \
|
|
|
|
|
FT_UINT16, BASE_HEX, VALS(ssl_versions), 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
2016-09-29 08:17:07 +00:00
|
|
|
{ & name .hf.hs_ext_cookie_len, \
|
|
|
|
|
{ "Cookie length", prefix ".handshake.extensions.cookie_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_cookie, \
|
|
|
|
|
{ "Cookie", prefix ".handshake.extensions.cookie", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
2013-12-23 20:42:28 +00:00
|
|
|
{ & name .hf.hs_ext_server_name_list_len, \
|
|
|
|
|
{ "Server Name list length", prefix ".handshake.extensions_server_name_list_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of server name list", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_server_name_len, \
|
|
|
|
|
{ "Server Name length", prefix ".handshake.extensions_server_name_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of server name string", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_server_name_type, \
|
|
|
|
|
{ "Server Name Type", prefix ".handshake.extensions_server_name_type", \
|
|
|
|
|
FT_UINT8, BASE_DEC, VALS(tls_hello_ext_server_name_type_vs), 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_server_name, \
|
|
|
|
|
{ "Server Name", prefix ".handshake.extensions_server_name", \
|
|
|
|
|
FT_STRING, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
2014-05-20 16:54:17 +00:00
|
|
|
{ & name .hf.hs_ext_padding_data, \
|
|
|
|
|
{ "Padding Data", prefix ".handshake.extensions_padding_data", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"Must be zero", HFILL } \
|
|
|
|
|
}, \
|
2013-12-23 20:42:28 +00:00
|
|
|
{ & name .hf.hs_ext_cert_url_type, \
|
|
|
|
|
{ "Certificate Chain Type", prefix ".handshake.cert_url_type", \
|
|
|
|
|
FT_UINT8, BASE_DEC, VALS(tls_cert_chain_type), 0x0, \
|
|
|
|
|
"Certificate Chain Type for Client Certificate URL", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_cert_url_url_hash_list_len, \
|
|
|
|
|
{ "URL and Hash list Length", prefix ".handshake.cert_url.url_hash_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_cert_url_item, \
|
|
|
|
|
{ "URL and Hash", prefix ".handshake.cert_url.url_hash", \
|
|
|
|
|
FT_NONE, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_cert_url_url_len, \
|
|
|
|
|
{ "URL Length", prefix ".handshake.cert_url.url_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
2014-04-26 08:45:41 +00:00
|
|
|
{ & name .hf.hs_ext_cert_type, \
|
|
|
|
|
{ "Certificate Type", prefix ".handshake.cert_type.type", \
|
|
|
|
|
FT_UINT8, BASE_HEX, VALS(tls_certificate_type), 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_cert_types, \
|
|
|
|
|
{ "Certificate Type List", prefix ".handshake.cert_type.types", \
|
|
|
|
|
FT_NONE, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_cert_types_len, \
|
|
|
|
|
{ "Certificate Type List Length", prefix ".handshake.cert_type.types_len", \
|
|
|
|
|
FT_UINT8, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
2013-12-23 20:42:28 +00:00
|
|
|
{ & name .hf.hs_ext_cert_url_url, \
|
2016-02-22 01:19:02 +00:00
|
|
|
{ "URL", prefix ".handshake.cert_url.url", \
|
2013-12-23 20:42:28 +00:00
|
|
|
FT_STRING, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"URL used to fetch the certificate(s)", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_cert_url_padding, \
|
|
|
|
|
{ "Padding", prefix ".handshake.cert_url.padding", \
|
|
|
|
|
FT_NONE, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"Padding that MUST be 0x01 for backwards compatibility", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_cert_url_sha1, \
|
|
|
|
|
{ "SHA1 Hash", prefix ".handshake.cert_url.sha1", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"SHA1 Hash of the certificate", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_cert_status_type, \
|
|
|
|
|
{ "Certificate Status Type", prefix ".handshake.extensions_status_request_type", \
|
|
|
|
|
FT_UINT8, BASE_DEC, VALS(tls_cert_status_type), 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_cert_status_request_len, \
|
|
|
|
|
{ "Certificate Status Length", prefix ".handshake.extensions_status_request_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_cert_status_responder_id_list_len, \
|
|
|
|
|
{ "Responder ID list Length", prefix ".handshake.extensions_status_request_responder_ids_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_cert_status_request_extensions_len, \
|
|
|
|
|
{ "Request Extensions Length", prefix ".handshake.extensions_status_request_exts_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_sig_hash_alg_len, \
|
|
|
|
|
{ "Signature Hash Algorithms Length", prefix ".handshake.sig_hash_alg_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of Signature Hash Algorithms", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_sig_hash_algs, \
|
|
|
|
|
{ "Signature Hash Algorithms", prefix ".handshake.sig_hash_algs", \
|
|
|
|
|
FT_NONE, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"List of Signature Hash Algorithms", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_sig_hash_alg, \
|
|
|
|
|
{ "Signature Hash Algorithm", prefix ".handshake.sig_hash_alg", \
|
|
|
|
|
FT_UINT16, BASE_HEX, NULL, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_sig_hash_hash, \
|
|
|
|
|
{ "Signature Hash Algorithm Hash", prefix ".handshake.sig_hash_hash", \
|
|
|
|
|
FT_UINT8, BASE_DEC, VALS(tls_hash_algorithm), 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_sig_hash_sig, \
|
|
|
|
|
{ "Signature Hash Algorithm Signature", prefix ".handshake.sig_hash_sig", \
|
|
|
|
|
FT_UINT8, BASE_DEC, VALS(tls_signature_algorithm), 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
2014-06-23 21:14:06 +00:00
|
|
|
{ & name .hf.hs_client_keyex_epms_len, \
|
|
|
|
|
{ "Encrypted PreMaster length", prefix ".handshake.epms_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of encrypted PreMaster secret", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_client_keyex_epms, \
|
|
|
|
|
{ "Encrypted PreMaster", prefix ".handshake.epms", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"Encrypted PreMaster secret", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_modulus_len, \
|
|
|
|
|
{ "Modulus Length", prefix ".handshake.modulus_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of RSA-EXPORT modulus", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_exponent_len, \
|
|
|
|
|
{ "Exponent Length", prefix ".handshake.exponent_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of RSA-EXPORT exponent", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_sig_len, \
|
|
|
|
|
{ "Signature Length", prefix ".handshake.sig_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of Signature", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_p_len, \
|
|
|
|
|
{ "p Length", prefix ".handshake.p_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of p", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_g_len, \
|
|
|
|
|
{ "g Length", prefix ".handshake.g_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of g", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_ys_len, \
|
|
|
|
|
{ "Pubkey Length", prefix ".handshake.ys_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of server's Diffie-Hellman public key", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_client_keyex_yc_len, \
|
|
|
|
|
{ "Pubkey Length", prefix ".handshake.yc_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of client's Diffie-Hellman public key", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_client_keyex_point_len, \
|
|
|
|
|
{ "Pubkey Length", prefix ".handshake.client_point_len", \
|
|
|
|
|
FT_UINT8, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of client's EC Diffie-Hellman public key", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_point_len, \
|
|
|
|
|
{ "Pubkey Length", prefix ".handshake.server_point_len", \
|
|
|
|
|
FT_UINT8, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of server's EC Diffie-Hellman public key", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_p, \
|
|
|
|
|
{ "p", prefix ".handshake.p", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"Diffie-Hellman p", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_g, \
|
|
|
|
|
{ "g", prefix ".handshake.g", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"Diffie-Hellman g", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_curve_type, \
|
2014-06-25 08:54:57 +00:00
|
|
|
{ "Curve Type", prefix ".handshake.server_curve_type", \
|
|
|
|
|
FT_UINT8, BASE_HEX, VALS(ssl_curve_types), 0x0, \
|
|
|
|
|
"Server curve_type", HFILL } \
|
2014-06-23 21:14:06 +00:00
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_named_curve, \
|
2014-06-25 08:54:57 +00:00
|
|
|
{ "Named Curve", prefix ".handshake.server_named_curve", \
|
|
|
|
|
FT_UINT16, BASE_HEX, VALS(ssl_extension_curves), 0x0, \
|
|
|
|
|
"Server named_curve", HFILL } \
|
2014-06-23 21:14:06 +00:00
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_ys, \
|
|
|
|
|
{ "Pubkey", prefix ".handshake.ys", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"Diffie-Hellman server pubkey", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_client_keyex_yc, \
|
|
|
|
|
{ "Pubkey", prefix ".handshake.yc", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"Diffie-Hellman client pubkey", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_point, \
|
|
|
|
|
{ "Pubkey", prefix ".handshake.server_point", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"EC Diffie-Hellman server pubkey", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_client_keyex_point, \
|
|
|
|
|
{ "Pubkey", prefix ".handshake.client_point", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"EC Diffie-Hellman client pubkey", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_modulus, \
|
|
|
|
|
{ "Modulus", prefix ".handshake.modulus", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"RSA-EXPORT modulus", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_exponent, \
|
|
|
|
|
{ "Exponent", prefix ".handshake.exponent", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"RSA-EXPORT exponent", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_sig, \
|
|
|
|
|
{ "Signature", prefix ".handshake.sig", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"Diffie-Hellman server signature", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_hint_len, \
|
|
|
|
|
{ "Hint Length", prefix ".handshake.hint_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of PSK Hint", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_server_keyex_hint, \
|
|
|
|
|
{ "Hint", prefix ".handshake.hint", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"PSK Hint", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_client_keyex_identity_len, \
|
|
|
|
|
{ "Identity Length", prefix ".handshake.identity_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of PSK Identity", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_client_keyex_identity, \
|
|
|
|
|
{ "Identity", prefix ".handshake.identity", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"PSK Identity", HFILL } \
|
|
|
|
|
}, \
|
2013-12-23 20:42:28 +00:00
|
|
|
{ & name .hf.hs_ext_heartbeat_mode, \
|
|
|
|
|
{ "Mode", prefix ".handshake.extension.heartbeat.mode", \
|
|
|
|
|
FT_UINT8, BASE_DEC, VALS(tls_heartbeat_mode), 0x0, \
|
|
|
|
|
"Heartbeat extension mode", HFILL } \
|
2014-07-10 22:35:04 +00:00
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_certificates_len, \
|
|
|
|
|
{ "Certificates Length", prefix ".handshake.certificates_length", \
|
|
|
|
|
FT_UINT24, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of certificates field", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_certificates, \
|
|
|
|
|
{ "Certificates", prefix ".handshake.certificates", \
|
|
|
|
|
FT_NONE, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"List of certificates", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_certificate, \
|
|
|
|
|
{ "Certificate", prefix ".handshake.certificate", \
|
2014-11-04 22:38:07 +00:00
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
2014-07-10 22:35:04 +00:00
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_certificate_len, \
|
|
|
|
|
{ "Certificate Length", prefix ".handshake.certificate_length", \
|
|
|
|
|
FT_UINT24, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of certificate", HFILL } \
|
2014-07-10 22:58:35 +00:00
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_cert_types_count, \
|
|
|
|
|
{ "Certificate types count", prefix ".handshake.cert_types_count",\
|
|
|
|
|
FT_UINT8, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Count of certificate types", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_cert_types, \
|
|
|
|
|
{ "Certificate types", prefix ".handshake.cert_types", \
|
|
|
|
|
FT_NONE, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"List of certificate types", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_cert_type, \
|
|
|
|
|
{ "Certificate type", prefix ".handshake.cert_type", \
|
|
|
|
|
FT_UINT8, BASE_DEC, VALS(ssl_31_client_certificate_type), 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_dnames_len, \
|
|
|
|
|
{ "Distinguished Names Length", prefix ".handshake.dnames_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of list of CAs that server trusts", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_dnames, \
|
|
|
|
|
{ "Distinguished Names", prefix ".handshake.dnames", \
|
|
|
|
|
FT_NONE, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"List of CAs that server trusts", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_dname_len, \
|
|
|
|
|
{ "Distinguished Name Length", prefix ".handshake.dname_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of distinguished name", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_dname, \
|
|
|
|
|
{ "Distinguished Name", prefix ".handshake.dname", \
|
|
|
|
|
FT_NONE, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"Distinguished name of a CA that server trusts", HFILL } \
|
2014-07-13 11:21:41 +00:00
|
|
|
}, \
|
2016-08-22 08:08:00 +00:00
|
|
|
{ & name .hf.hs_random, \
|
|
|
|
|
{ "Random", prefix ".handshake.random", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"Random values used for deriving keys", HFILL } \
|
|
|
|
|
}, \
|
2014-07-13 11:21:41 +00:00
|
|
|
{ & name .hf.hs_random_time, \
|
|
|
|
|
{ "GMT Unix Time", prefix ".handshake.random_time", \
|
|
|
|
|
FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x0, \
|
|
|
|
|
"Unix time field of random structure", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_random_bytes, \
|
2016-08-22 08:08:00 +00:00
|
|
|
{ "Random Bytes", prefix ".handshake.random_bytes", \
|
2014-07-13 11:21:41 +00:00
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"Random values used for deriving keys", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_session_id, \
|
|
|
|
|
{ "Session ID", prefix ".handshake.session_id", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"Identifies the SSL session, allowing later resumption", HFILL }\
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_session_id_len, \
|
|
|
|
|
{ "Session ID Length", prefix ".handshake.session_id_length", \
|
|
|
|
|
FT_UINT8, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of Session ID field", HFILL } \
|
2014-07-19 09:12:49 +00:00
|
|
|
}, \
|
2014-07-19 08:54:19 +00:00
|
|
|
{ & name .hf.hs_client_version, \
|
|
|
|
|
{ "Version", prefix ".handshake.version", \
|
|
|
|
|
FT_UINT16, BASE_HEX, VALS(ssl_versions), 0x0, \
|
|
|
|
|
"Maximum version supported by client", HFILL } \
|
|
|
|
|
}, \
|
2014-07-19 09:12:49 +00:00
|
|
|
{ & name .hf.hs_server_version, \
|
|
|
|
|
{ "Version", prefix ".handshake.version", \
|
|
|
|
|
FT_UINT16, BASE_HEX, VALS(ssl_versions), 0x0, \
|
|
|
|
|
"Version selected by server", HFILL } \
|
|
|
|
|
}, \
|
2014-07-19 08:54:19 +00:00
|
|
|
{ & name .hf.hs_cipher_suites_len, \
|
|
|
|
|
{ "Cipher Suites Length", prefix ".handshake.cipher_suites_length", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of cipher suites field", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_cipher_suites, \
|
|
|
|
|
{ "Cipher Suites", prefix ".handshake.ciphersuites", \
|
|
|
|
|
FT_NONE, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"List of cipher suites supported by client", HFILL } \
|
|
|
|
|
}, \
|
2014-07-19 09:12:49 +00:00
|
|
|
{ & name .hf.hs_cipher_suite, \
|
|
|
|
|
{ "Cipher Suite", prefix ".handshake.ciphersuite", \
|
|
|
|
|
FT_UINT16, BASE_HEX|BASE_EXT_STRING, &ssl_31_ciphersuite_ext, 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
|
|
|
|
}, \
|
2014-07-19 08:54:19 +00:00
|
|
|
{ & name .hf.hs_comp_methods_len, \
|
|
|
|
|
{ "Compression Methods Length", prefix ".handshake.comp_methods_length", \
|
|
|
|
|
FT_UINT8, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of compression methods field", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_comp_methods, \
|
|
|
|
|
{ "Compression Methods", prefix ".handshake.comp_methods", \
|
|
|
|
|
FT_NONE, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"List of compression methods supported by client", HFILL } \
|
|
|
|
|
}, \
|
2014-07-19 09:12:49 +00:00
|
|
|
{ & name .hf.hs_comp_method, \
|
|
|
|
|
{ "Compression Method", prefix ".handshake.comp_method", \
|
|
|
|
|
FT_UINT8, BASE_DEC, VALS(ssl_31_compression_method), 0x0, \
|
|
|
|
|
NULL, HFILL } \
|
2014-07-13 09:37:08 +00:00
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_session_ticket_lifetime_hint, \
|
|
|
|
|
{ "Session Ticket Lifetime Hint", \
|
|
|
|
|
prefix ".handshake.session_ticket_lifetime_hint", \
|
|
|
|
|
FT_UINT32, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"New Session Ticket Lifetime Hint", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_session_ticket_len, \
|
|
|
|
|
{ "Session Ticket Length", prefix ".handshake.session_ticket_length", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"New Session Ticket Length", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_session_ticket, \
|
|
|
|
|
{ "Session Ticket", prefix ".handshake.session_ticket", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"New Session Ticket", HFILL } \
|
2014-07-13 22:04:18 +00:00
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_finished, \
|
|
|
|
|
{ "Verify Data", prefix ".handshake.verify_data", \
|
|
|
|
|
FT_NONE, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"Opaque verification data", HFILL } \
|
2015-03-12 02:01:37 +00:00
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_client_cert_vrfy_sig_len, \
|
|
|
|
|
{ "Signature length", prefix ".handshake.client_cert_vrfy.sig_len", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Length of CertificateVerify's signature", HFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_client_cert_vrfy_sig, \
|
|
|
|
|
{ "Signature", prefix ".handshake.client_cert_vrfy.sig", \
|
|
|
|
|
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
|
|
|
|
"CertificateVerify's signature", HFILL } \
|
2016-08-22 09:01:59 +00:00
|
|
|
}, \
|
|
|
|
|
{ & name .hf.hs_ext_draft_version_tls13, \
|
|
|
|
|
{ "Draft version of TLS 1.3", prefix ".extension.draft_version_tls13", \
|
|
|
|
|
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
|
|
|
|
"Indicate the version of draft supported by client", HFILL } \
|
2013-12-23 20:42:28 +00:00
|
|
|
}
|
2014-06-25 08:54:57 +00:00
|
|
|
/* }}} */
|
2013-12-23 20:42:28 +00:00
|
|
|
|
2014-06-25 08:54:57 +00:00
|
|
|
/* {{{ */
|
2013-12-23 20:42:28 +00:00
|
|
|
#define SSL_COMMON_ETT_LIST(name) \
|
|
|
|
|
& name .ett.hs_ext, \
|
|
|
|
|
& name .ett.hs_ext_alpn, \
|
2014-04-26 08:45:41 +00:00
|
|
|
& name .ett.hs_ext_cert_types, \
|
2013-12-23 20:42:28 +00:00
|
|
|
& name .ett.hs_ext_curves, \
|
|
|
|
|
& name .ett.hs_ext_curves_point_formats, \
|
|
|
|
|
& name .ett.hs_ext_npn, \
|
|
|
|
|
& name .ett.hs_ext_reneg_info, \
|
2016-08-23 16:14:03 +00:00
|
|
|
& name .ett.hs_ext_key_share, \
|
|
|
|
|
& name .ett.hs_ext_key_share_ks, \
|
2016-08-26 08:33:43 +00:00
|
|
|
& name .ett.hs_ext_pre_shared_key, \
|
|
|
|
|
& name .ett.hs_ext_psk_identity, \
|
2013-12-23 20:42:28 +00:00
|
|
|
& name .ett.hs_ext_server_name, \
|
|
|
|
|
& name .ett.hs_sig_hash_alg, \
|
|
|
|
|
& name .ett.hs_sig_hash_algs, \
|
2014-06-23 21:14:06 +00:00
|
|
|
& name .ett.urlhash, \
|
2014-07-10 22:35:04 +00:00
|
|
|
& name .ett.keyex_params, \
|
|
|
|
|
& name .ett.certificates, \
|
2014-07-10 22:58:35 +00:00
|
|
|
& name .ett.cert_types, \
|
|
|
|
|
& name .ett.dnames, \
|
2014-07-13 11:21:41 +00:00
|
|
|
& name .ett.hs_random, \
|
2014-07-19 08:54:19 +00:00
|
|
|
& name .ett.cipher_suites, \
|
|
|
|
|
& name .ett.comp_methods, \
|
2014-07-13 09:37:08 +00:00
|
|
|
& name .ett.session_ticket, \
|
2014-06-25 08:54:57 +00:00
|
|
|
/* }}} */
|
2013-12-23 20:42:28 +00:00
|
|
|
|
2014-06-25 08:54:57 +00:00
|
|
|
/* {{{ */
|
2013-12-23 20:42:28 +00:00
|
|
|
#define SSL_COMMON_EI_LIST(name, prefix) \
|
2014-07-10 22:58:35 +00:00
|
|
|
{ & name .ei.hs_ext_cert_status_undecoded, \
|
|
|
|
|
{ prefix ".handshake.status_request.undecoded", PI_UNDECODED, PI_NOTE, \
|
|
|
|
|
"Responder ID list or Request Extensions are not implemented, contact Wireshark developers if you want this to be supported", EXPFILL } \
|
|
|
|
|
}, \
|
|
|
|
|
{ & name .ei.hs_sig_hash_alg_len_bad, \
|
|
|
|
|
{ prefix ".handshake.sig_hash_alg_len.mult2", PI_MALFORMED, PI_ERROR, \
|
|
|
|
|
"Signature Hash Algorithm length must be a multiple of 2", EXPFILL } \
|
|
|
|
|
}, \
|
2014-07-19 08:54:19 +00:00
|
|
|
{ & name .ei.hs_cipher_suites_len_bad, \
|
|
|
|
|
{ prefix ".handshake.cipher_suites_length.mult2", PI_MALFORMED, PI_ERROR, \
|
|
|
|
|
"Cipher suite length must be a multiple of 2", EXPFILL } \
|
2015-05-25 17:10:59 +00:00
|
|
|
}, \
|
|
|
|
|
{ & name .ei.hs_sig_hash_algs_bad, \
|
|
|
|
|
{ prefix ".handshake.sig_hash_algs.mult2", PI_MALFORMED, PI_ERROR, \
|
|
|
|
|
"Hash Algorithm length must be a multiple of 2", EXPFILL } \
|
2015-11-05 10:14:21 +00:00
|
|
|
}, \
|
|
|
|
|
{ & name .ei.resumed, \
|
|
|
|
|
{ prefix ".resumed", PI_SEQUENCE, PI_NOTE, \
|
|
|
|
|
"This session reuses previously negotiated keys (Session resumption)", EXPFILL } \
|
2014-07-19 08:54:19 +00:00
|
|
|
}
|
2014-06-25 08:54:57 +00:00
|
|
|
/* }}} */
|
2013-12-23 20:42:28 +00:00
|
|
|
|
2013-12-06 23:55:08 +00:00
|
|
|
extern void
|
|
|
|
|
ssl_common_register_options(module_t *module, ssl_common_options_t *options);
|
2013-12-23 20:42:28 +00:00
|
|
|
|
2006-02-04 23:44:05 +00:00
|
|
|
#ifdef SSL_DECRYPT_DEBUG
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2010-01-25 13:20:53 +00:00
|
|
|
ssl_debug_printf(const gchar* fmt,...) G_GNUC_PRINTF(1,2);
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2009-12-21 21:06:01 +00:00
|
|
|
ssl_print_data(const gchar* name, const guchar* data, size_t len);
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2006-08-02 08:15:51 +00:00
|
|
|
ssl_print_string(const gchar* name, const StringInfo* data);
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2012-04-30 19:14:14 +00:00
|
|
|
ssl_set_debug(const gchar* name);
|
2007-11-30 11:12:55 +00:00
|
|
|
extern void
|
|
|
|
|
ssl_debug_flush(void);
|
2006-02-04 23:44:05 +00:00
|
|
|
#else
|
2006-02-06 01:01:09 +00:00
|
|
|
|
|
|
|
|
/* No debug: nullify debug operation*/
|
2010-01-25 13:20:53 +00:00
|
|
|
static inline void G_GNUC_PRINTF(1,2)
|
2006-08-02 08:15:51 +00:00
|
|
|
ssl_debug_printf(const gchar* fmt _U_,...)
|
2007-09-16 19:28:58 +00:00
|
|
|
{
|
2006-02-06 01:01:09 +00:00
|
|
|
}
|
2006-02-04 23:44:05 +00:00
|
|
|
#define ssl_print_data(a, b, c)
|
|
|
|
|
#define ssl_print_string(a, b)
|
2006-02-11 13:41:17 +00:00
|
|
|
#define ssl_set_debug(name)
|
2007-11-30 12:41:23 +00:00
|
|
|
#define ssl_debug_flush()
|
2006-02-11 13:41:17 +00:00
|
|
|
|
2011-04-26 21:59:11 +00:00
|
|
|
#endif /* SSL_DECRYPT_DEBUG */
|
2006-02-04 23:44:05 +00:00
|
|
|
|
2011-04-26 21:59:11 +00:00
|
|
|
#endif /* SSL_UTILS_H */
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Editor modelines - http://www.wireshark.org/tools/modelines.html
|
|
|
|
|
*
|
|
|
|
|
* Local variables:
|
|
|
|
|
* c-basic-offset: 4
|
|
|
|
|
* tab-width: 8
|
|
|
|
|
* indent-tabs-mode: nil
|
|
|
|
|
* End:
|
|
|
|
|
*
|
2011-09-21 16:28:53 +00:00
|
|
|
* vi: set shiftwidth=4 tabstop=8 expandtab:
|
2011-04-26 21:59:11 +00:00
|
|
|
* :indentSize=4:tabSize=8:noTabs=true:
|
|
|
|
|
*/
|