osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

TLS13: add Key Update dissection 

Actual decryption support will be added later.

Ping-Bug: 12779
Change-Id: I3ff1f243fd0bd1467e84d8a6a5433c1fe71bbebf
Reviewed-on: https://code.wireshark.org/review/20012
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This commit is contained in:
Peter Wu 2017-02-08 02:04:18 +01:00
parent 746bbe7abf
commit eb1a63f3bc
4 changed files with 43 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
epan/dissectors/packet-dtls.c
View File

@ -1334,6 +1334,7 @@ dissect_dtls_handshake(tvbuff_t *tvb, packet_info *pinfo,
case SSL_HND_CERT_URL:
case SSL_HND_CERT_STATUS:
case SSL_HND_SUPPLEMENTAL_DATA:
case SSL_HND_KEY_UPDATE:
case SSL_HND_ENCRYPTED_EXTS:
case SSL_HND_ENCRYPTED_EXTENSIONS: /* TLS 1.3 */
/* TODO: does this need further dissection? */

24
epan/dissectors/packet-ssl-utils.c
View File

@ -569,6 +569,7 @@ const value_string ssl_31_handshake_type[] = {
{ SSL_HND_CERT_URL, "Client Certificate URL" },
{ SSL_HND_CERT_STATUS, "Certificate Status" },
{ SSL_HND_SUPPLEMENTAL_DATA, "Supplemental Data" },
{ SSL_HND_KEY_UPDATE, "Key Update" },
{ SSL_HND_ENCRYPTED_EXTS, "Encrypted Extensions" },
{ 0x00, NULL }
};
@ -1205,6 +1206,12 @@ const value_string tls_hello_ext_psk_ke_mode[] = {
{ 0, NULL }
};
const value_string tls13_key_update_request[] = {
{ 0, "update_not_requested" },
{ 1, "update_requested" },
{ 0, NULL }
};
/* RFC 5246 7.4.1.4.1 */
const value_string tls_hash_algorithm[] = {
{ 0, "None" },
@ -6630,6 +6637,7 @@ ssl_is_valid_handshake_type(guint8 hs_type, gboolean is_dtls)
case SSL_HND_CERT_URL:
case SSL_HND_CERT_STATUS:
case SSL_HND_SUPPLEMENTAL_DATA:
case SSL_HND_KEY_UPDATE:
case SSL_HND_ENCRYPTED_EXTS:
return TRUE;
}
@ -8063,6 +8071,22 @@ ssl_dissect_hnd_srv_keyex(ssl_common_dissect_t *hf, tvbuff_t *tvb,
}
/* Client Key Exchange and Server Key Exchange handshake dissections. }}} */
void
tls13_dissect_hnd_key_update(ssl_common_dissect_t *hf, tvbuff_t *tvb,
proto_tree *tree, guint32 offset)
{
/* https://tools.ietf.org/html/draft-ietf-tls-tls13-18#section-4.5.3
* enum {
* update_not_requested(0), update_requested(1), (255)
* } KeyUpdateRequest;
*
* struct {
* KeyUpdateRequest request_update;
* } KeyUpdate;
*/
proto_tree_add_item(tree, hf->hf.hs_key_update_request_update, tvb, offset, 1, ENC_NA);
}
#ifdef HAVE_LIBGCRYPT
void
ssl_common_register_options(module_t *module, ssl_common_options_t *options)

16
epan/dissectors/packet-ssl-utils.h
View File

@ -74,6 +74,7 @@ typedef enum {
SSL_HND_CERT_URL = 21,
SSL_HND_CERT_STATUS = 22,
SSL_HND_SUPPLEMENTAL_DATA = 23,
SSL_HND_KEY_UPDATE = 24,
/* Encrypted Extensions was NextProtocol in draft-agl-tls-nextprotoneg-03
* and changed in draft 04. Not to be confused with TLS 1.3 EE. */
SSL_HND_ENCRYPTED_EXTS = 67
@ -224,6 +225,7 @@ extern const value_string ssl_extension_ec_point_formats[];
extern const value_string ssl_curve_types[];
extern const value_string tls_hello_ext_server_name_type_vs[];
extern const value_string tls_hello_ext_psk_ke_mode[];
extern const value_string tls13_key_update_request[];
/* XXX Should we use GByteArray instead? */
typedef struct _StringInfo {
@ -782,8 +784,9 @@ typedef struct ssl_common_dissect {
gint hs_ext_draft_version_tls13;
gint hs_ext_psk_ke_modes_len;
gint hs_ext_psk_ke_mode;
gint hs_certificate_request_context;
gint hs_certificate_request_context_length;
gint hs_certificate_request_context;
gint hs_key_update_request_update;
/* do not forget to update SSL_COMMON_LIST_T and SSL_COMMON_HF_LIST! */
} hf;
@ -952,6 +955,10 @@ ssl_dissect_hnd_srv_keyex(ssl_common_dissect_t *hf, tvbuff_t *tvb,
proto_tree *tree, guint32 offset, guint32 length,
const SslSession *session);
extern void
tls13_dissect_hnd_key_update(ssl_common_dissect_t *hf, tvbuff_t *tvb,
proto_tree *tree, guint32 offset);
/* {{{ */
#define SSL_COMMON_LIST_T(name) \
ssl_common_dissect_t name = { \
@ -963,7 +970,7 @@ ssl_common_dissect_t name = { \
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
}, \
/* ett */ { \
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
@ -1588,6 +1595,11 @@ ssl_common_dissect_t name = { \
{ "Certificate Request Context", prefix ".handshake.certificate_request_context", \
FT_BYTES, BASE_NONE, NULL, 0x0, \
"Value from CertificateRequest or empty for server auth", HFILL } \
}, \
{ & name .hf.hs_key_update_request_update, \
{ "Key Update Request", prefix ".handshake.key_update.request_update", \
FT_UINT8, BASE_DEC, VALS(tls13_key_update_request), 0x00, \
"Whether the receiver should also update its keys", HFILL } \
}
/* }}} */

4
epan/dissectors/packet-ssl.c
View File

@ -2188,6 +2188,10 @@ dissect_ssl3_handshake(tvbuff_t *tvb, packet_info *pinfo,
/* TODO: dissect this? */
break;
case SSL_HND_KEY_UPDATE:
tls13_dissect_hnd_key_update(&dissect_ssl3_hf, tvb, tree, offset);
break;
case SSL_HND_ENCRYPTED_EXTS:
dissect_ssl3_hnd_encrypted_exts(tvb, ssl_hand_tree, offset);
break;