2006-02-06 01:14:36 +00:00
|
|
|
/* packet-ssl-utils.h
|
2008-07-12 14:42:14 +00:00
|
|
|
* ssl manipulation functions
|
|
|
|
* By Paolo Abeni <paolo.abeni@email.com>
|
2006-02-04 23:44:05 +00:00
|
|
|
*
|
|
|
|
* $Id$
|
|
|
|
*
|
2008-07-12 14:42:14 +00:00
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
|
|
|
* Copyright 1998 Gerald Combs
|
2006-02-04 23:44:05 +00:00
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
2012-06-28 22:56:06 +00:00
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
2006-02-04 23:44:05 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef __SSL_UTILS_H_
|
|
|
|
#define __SSL_UTILS_H_
|
|
|
|
|
2011-12-16 00:54:45 +00:00
|
|
|
#include <stdio.h> /* some APIs we declare take a stdio stream as an argument */
|
2011-12-16 00:50:47 +00:00
|
|
|
|
2006-02-04 23:44:05 +00:00
|
|
|
#include <glib.h>
|
2006-08-02 13:23:57 +00:00
|
|
|
#include <epan/packet.h>
|
2007-04-10 15:12:48 +00:00
|
|
|
#include <epan/emem.h>
|
2006-02-04 23:44:05 +00:00
|
|
|
|
2010-04-04 02:25:32 +00:00
|
|
|
#ifdef HAVE_LIBGNUTLS
|
2006-02-04 23:44:05 +00:00
|
|
|
#include <gcrypt.h>
|
|
|
|
#include <gnutls/x509.h>
|
2008-01-03 08:24:33 +00:00
|
|
|
#include <gnutls/pkcs12.h>
|
2006-02-04 23:44:05 +00:00
|
|
|
|
2006-08-02 08:15:51 +00:00
|
|
|
#include <epan/conversation.h>
|
|
|
|
|
2006-02-04 23:44:05 +00:00
|
|
|
/* #define SSL_FAST 1 */
|
|
|
|
#define SSL_DECRYPT_DEBUG
|
|
|
|
|
|
|
|
#define SSL_CIPHER_CTX gcry_cipher_hd_t
|
2010-06-24 06:01:11 +00:00
|
|
|
#define SSL_PSK_KEY guchar
|
2006-02-04 23:44:05 +00:00
|
|
|
#ifdef SSL_FAST
|
|
|
|
#define SSL_PRIVATE_KEY gcry_mpi_t
|
2006-02-14 18:52:26 +00:00
|
|
|
#else /* SSL_FAST */
|
2006-02-04 23:44:05 +00:00
|
|
|
#define SSL_PRIVATE_KEY struct gcry_sexp
|
2006-02-14 18:52:26 +00:00
|
|
|
#endif /* SSL_FAST */
|
|
|
|
#else /* HAVE_LIBGNUTLS */
|
2006-02-04 23:44:05 +00:00
|
|
|
#define SSL_CIPHER_CTX void*
|
|
|
|
#define SSL_PRIVATE_KEY void
|
2010-06-24 06:01:11 +00:00
|
|
|
#define SSL_PSK_KEY void
|
2006-02-14 18:52:26 +00:00
|
|
|
#endif /* HAVE_LIBGNUTLS */
|
2006-02-04 23:44:05 +00:00
|
|
|
|
2006-06-27 13:36:10 +00:00
|
|
|
|
|
|
|
/* version state tables */
|
|
|
|
#define SSL_VER_UNKNOWN 0
|
|
|
|
#define SSL_VER_SSLv2 1
|
|
|
|
#define SSL_VER_SSLv3 2
|
|
|
|
#define SSL_VER_TLS 3
|
|
|
|
#define SSL_VER_TLSv1DOT1 4
|
2008-07-09 07:24:13 +00:00
|
|
|
#define SSL_VER_DTLS 5
|
2012-03-28 09:31:04 +00:00
|
|
|
#define SSL_VER_DTLS1DOT2 8
|
2006-06-27 13:36:10 +00:00
|
|
|
#define SSL_VER_PCT 6
|
2009-02-11 07:03:51 +00:00
|
|
|
#define SSL_VER_TLSv1DOT2 7
|
2006-06-27 13:36:10 +00:00
|
|
|
|
|
|
|
/* other defines */
|
|
|
|
#define SSL_ID_CHG_CIPHER_SPEC 0x14
|
|
|
|
#define SSL_ID_ALERT 0x15
|
|
|
|
#define SSL_ID_HANDSHAKE 0x16
|
|
|
|
#define SSL_ID_APP_DATA 0x17
|
2012-02-26 13:50:52 +00:00
|
|
|
#define SSL_ID_HEARTBEAT 0x18
|
2006-06-27 13:36:10 +00:00
|
|
|
|
|
|
|
#define SSL_HND_HELLO_REQUEST 0
|
|
|
|
#define SSL_HND_CLIENT_HELLO 1
|
|
|
|
#define SSL_HND_SERVER_HELLO 2
|
|
|
|
#define SSL_HND_HELLO_VERIFY_REQUEST 3
|
2012-03-08 09:25:13 +00:00
|
|
|
#define SSL_HND_NEWSESSION_TICKET 4
|
2006-06-27 13:36:10 +00:00
|
|
|
#define SSL_HND_CERTIFICATE 11
|
|
|
|
#define SSL_HND_SERVER_KEY_EXCHG 12
|
|
|
|
#define SSL_HND_CERT_REQUEST 13
|
|
|
|
#define SSL_HND_SVR_HELLO_DONE 14
|
|
|
|
#define SSL_HND_CERT_VERIFY 15
|
|
|
|
#define SSL_HND_CLIENT_KEY_EXCHG 16
|
|
|
|
#define SSL_HND_FINISHED 20
|
2011-01-26 08:49:06 +00:00
|
|
|
#define SSL_HND_CERT_STATUS 22
|
2006-06-27 13:36:10 +00:00
|
|
|
|
|
|
|
#define SSL2_HND_ERROR 0x00
|
|
|
|
#define SSL2_HND_CLIENT_HELLO 0x01
|
|
|
|
#define SSL2_HND_CLIENT_MASTER_KEY 0x02
|
|
|
|
#define SSL2_HND_CLIENT_FINISHED 0x03
|
|
|
|
#define SSL2_HND_SERVER_HELLO 0x04
|
|
|
|
#define SSL2_HND_SERVER_VERIFY 0x05
|
|
|
|
#define SSL2_HND_SERVER_FINISHED 0x06
|
|
|
|
#define SSL2_HND_REQUEST_CERTIFICATE 0x07
|
|
|
|
#define SSL2_HND_CLIENT_CERTIFICATE 0x08
|
|
|
|
|
2008-07-09 07:24:13 +00:00
|
|
|
#define PCT_VERSION_1 0x8001
|
|
|
|
|
|
|
|
#define PCT_MSG_CLIENT_HELLO 0x01
|
|
|
|
#define PCT_MSG_SERVER_HELLO 0x02
|
|
|
|
#define PCT_MSG_CLIENT_MASTER_KEY 0x03
|
|
|
|
#define PCT_MSG_SERVER_VERIFY 0x04
|
|
|
|
#define PCT_MSG_ERROR 0x05
|
|
|
|
|
|
|
|
#define PCT_CH_OFFSET_V1 0xa
|
|
|
|
|
|
|
|
#define PCT_CIPHER_DES 0x01
|
|
|
|
#define PCT_CIPHER_IDEA 0x02
|
|
|
|
#define PCT_CIPHER_RC2 0x03
|
|
|
|
#define PCT_CIPHER_RC4 0x04
|
|
|
|
#define PCT_CIPHER_DES_112 0x05
|
|
|
|
#define PCT_CIPHER_DES_168 0x06
|
|
|
|
|
|
|
|
#define PCT_HASH_MD5 0x0001
|
|
|
|
#define PCT_HASH_MD5_TRUNC_64 0x0002
|
|
|
|
#define PCT_HASH_SHA 0x0003
|
|
|
|
#define PCT_HASH_SHA_TRUNC_80 0x0004
|
|
|
|
#define PCT_HASH_DES_DM 0x0005
|
|
|
|
|
|
|
|
#define PCT_CERT_NONE 0x00
|
|
|
|
#define PCT_CERT_X509 0x01
|
|
|
|
#define PCT_CERT_PKCS7 0x02
|
|
|
|
|
|
|
|
#define PCT_SIG_NONE 0x0000
|
|
|
|
#define PCT_SIG_RSA_MD5 0x0001
|
|
|
|
#define PCT_SIG_RSA_SHA 0x0002
|
|
|
|
#define PCT_SIG_DSA_SHA 0x0003
|
|
|
|
|
|
|
|
#define PCT_EXCH_RSA_PKCS1 0x01
|
|
|
|
#define PCT_EXCH_RSA_PKCS1_TOKEN_DES 0x02
|
|
|
|
#define PCT_EXCH_RSA_PKCS1_TOKEN_DES3 0x03
|
|
|
|
#define PCT_EXCH_RSA_PKCS1_TOKEN_RC2 0x04
|
|
|
|
#define PCT_EXCH_RSA_PKCS1_TOKEN_RC4 0x05
|
|
|
|
#define PCT_EXCH_DH_PKCS3 0x06
|
|
|
|
#define PCT_EXCH_DH_PKCS3_TOKEN_DES 0x07
|
|
|
|
#define PCT_EXCH_DH_PKCS3_TOKEN_DES3 0x08
|
|
|
|
#define PCT_EXCH_FORTEZZA_TOKEN 0x09
|
|
|
|
|
|
|
|
#define PCT_ERR_BAD_CERTIFICATE 0x01
|
|
|
|
#define PCT_ERR_CLIENT_AUTH_FAILED 0x02
|
|
|
|
#define PCT_ERR_ILLEGAL_MESSAGE 0x03
|
|
|
|
#define PCT_ERR_INTEGRITY_CHECK_FAILED 0x04
|
|
|
|
#define PCT_ERR_SERVER_AUTH_FAILED 0x05
|
|
|
|
#define PCT_ERR_SPECS_MISMATCH 0x06
|
2006-06-27 13:36:10 +00:00
|
|
|
|
2012-03-22 08:58:19 +00:00
|
|
|
#define SSL_HND_HELLO_EXT_SERVER_NAME 0x0
|
2010-01-31 19:57:01 +00:00
|
|
|
#define SSL_HND_HELLO_EXT_ELLIPTIC_CURVES 0x000a
|
|
|
|
#define SSL_HND_HELLO_EXT_EC_POINT_FORMATS 0x000b
|
2012-02-26 13:50:52 +00:00
|
|
|
#define SSL_HND_HELLO_EXT_HEARTBEAT 0x000f
|
2012-03-22 08:58:19 +00:00
|
|
|
#define SSL_HND_HELLO_EXT_RENEG_INFO 0xff01
|
|
|
|
#define SSL_HND_HELLO_EXT_NPN 0x3374
|
2011-01-26 08:49:06 +00:00
|
|
|
#define SSL_HND_CERT_STATUS_TYPE_OCSP 1
|
|
|
|
|
2006-06-27 13:36:10 +00:00
|
|
|
/*
|
|
|
|
* Lookup tables
|
|
|
|
*/
|
2010-02-19 07:43:26 +00:00
|
|
|
extern const value_string ssl_version_short_names[];
|
2007-04-16 06:41:56 +00:00
|
|
|
extern const value_string ssl_20_msg_types[];
|
2010-10-29 22:18:44 +00:00
|
|
|
extern value_string_ext ssl_20_cipher_suites_ext;
|
2007-04-16 06:41:56 +00:00
|
|
|
extern const value_string ssl_20_certificate_type[];
|
|
|
|
extern const value_string ssl_31_content_type[];
|
|
|
|
extern const value_string ssl_versions[];
|
|
|
|
extern const value_string ssl_31_change_cipher_spec[];
|
|
|
|
extern const value_string ssl_31_alert_level[];
|
|
|
|
extern const value_string ssl_31_alert_description[];
|
|
|
|
extern const value_string ssl_31_handshake_type[];
|
2012-02-26 13:50:52 +00:00
|
|
|
extern const value_string tls_heartbeat_type[];
|
|
|
|
extern const value_string tls_heartbeat_mode[];
|
2007-04-16 06:41:56 +00:00
|
|
|
extern const value_string ssl_31_compression_method[];
|
|
|
|
extern const value_string ssl_31_key_exchange_algorithm[];
|
|
|
|
extern const value_string ssl_31_signature_algorithm[];
|
|
|
|
extern const value_string ssl_31_client_certificate_type[];
|
|
|
|
extern const value_string ssl_31_public_value_encoding[];
|
2010-10-29 22:18:44 +00:00
|
|
|
extern value_string_ext ssl_31_ciphersuite_ext;
|
2007-04-16 06:41:56 +00:00
|
|
|
extern const value_string pct_msg_types[];
|
|
|
|
extern const value_string pct_cipher_type[];
|
|
|
|
extern const value_string pct_hash_type[];
|
|
|
|
extern const value_string pct_cert_type[];
|
|
|
|
extern const value_string pct_sig_type[];
|
|
|
|
extern const value_string pct_exch_type[];
|
|
|
|
extern const value_string pct_error_code[];
|
|
|
|
extern const value_string tls_hello_extension_types[];
|
2010-12-18 01:16:11 +00:00
|
|
|
extern const value_string tls_hash_algorithm[];
|
|
|
|
extern const value_string tls_signature_algorithm[];
|
2011-05-29 06:16:19 +00:00
|
|
|
extern const value_string tls_certificate_type[];
|
2011-01-26 08:49:06 +00:00
|
|
|
extern const value_string tls_cert_status_type[];
|
2010-01-31 19:57:01 +00:00
|
|
|
extern const value_string ssl_extension_curves[];
|
|
|
|
extern const value_string ssl_extension_ec_point_formats[];
|
2012-01-28 15:50:59 +00:00
|
|
|
extern const value_string ssl_curve_types[];
|
2012-03-22 08:58:19 +00:00
|
|
|
extern const value_string tls_hello_ext_server_name_type_vs[];
|
2006-06-27 13:36:10 +00:00
|
|
|
|
2009-12-21 21:06:01 +00:00
|
|
|
/* XXX Should we use GByteArray instead? */
|
2006-02-04 23:44:05 +00:00
|
|
|
typedef struct _StringInfo {
|
2006-08-02 08:15:51 +00:00
|
|
|
guchar* data;
|
|
|
|
guint data_len;
|
2006-02-04 23:44:05 +00:00
|
|
|
} StringInfo;
|
|
|
|
|
|
|
|
#define SSL_WRITE_KEY 1
|
|
|
|
|
|
|
|
#define SSLV3_VERSION 0x300
|
|
|
|
#define TLSV1_VERSION 0x301
|
2006-06-27 13:36:10 +00:00
|
|
|
#define TLSV1DOT1_VERSION 0x302
|
2009-02-11 07:03:51 +00:00
|
|
|
#define TLSV1DOT2_VERSION 0x303
|
2007-11-05 23:05:20 +00:00
|
|
|
#define DTLSV1DOT0_VERSION 0xfeff
|
|
|
|
#define DTLSV1DOT0_VERSION_NOT 0x100
|
2012-03-28 09:31:04 +00:00
|
|
|
#define DTLSV1DOT2_VERSION 0xfefd
|
2006-02-04 23:44:05 +00:00
|
|
|
|
2008-07-09 07:24:13 +00:00
|
|
|
#define SSL_CLIENT_RANDOM (1<<0)
|
|
|
|
#define SSL_SERVER_RANDOM (1<<1)
|
|
|
|
#define SSL_CIPHER (1<<2)
|
|
|
|
#define SSL_HAVE_SESSION_KEY (1<<3)
|
|
|
|
#define SSL_VERSION (1<<4)
|
|
|
|
#define SSL_MASTER_SECRET (1<<5)
|
|
|
|
#define SSL_PRE_MASTER_SECRET (1<<6)
|
2006-02-04 23:44:05 +00:00
|
|
|
|
|
|
|
#define SSL_CIPHER_MODE_STREAM 0
|
|
|
|
#define SSL_CIPHER_MODE_CBC 1
|
|
|
|
|
2006-02-14 18:52:26 +00:00
|
|
|
#define SSL_DEBUG_USE_STDERR "-"
|
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
#define SSLV2_MAX_SESSION_ID_LENGTH_IN_BYTES 16
|
|
|
|
|
2006-02-04 23:44:05 +00:00
|
|
|
typedef struct _SslCipherSuite {
|
2011-12-16 00:33:03 +00:00
|
|
|
gint number;
|
|
|
|
gint kex;
|
|
|
|
gint sig;
|
|
|
|
gint enc;
|
|
|
|
gint block;
|
|
|
|
gint bits;
|
|
|
|
gint eff_bits;
|
|
|
|
gint dig;
|
|
|
|
gint dig_len;
|
|
|
|
gint export;
|
|
|
|
gint mode;
|
2006-02-04 23:44:05 +00:00
|
|
|
} SslCipherSuite;
|
|
|
|
|
2007-04-10 15:12:48 +00:00
|
|
|
typedef struct _SslFlow {
|
|
|
|
guint32 byte_seq;
|
2008-07-09 07:24:13 +00:00
|
|
|
guint16 flags;
|
|
|
|
emem_tree_t *multisegment_pdus;
|
2007-04-10 15:12:48 +00:00
|
|
|
} SslFlow;
|
|
|
|
|
2007-04-10 17:57:47 +00:00
|
|
|
typedef struct _SslDecompress SslDecompress;
|
2007-04-10 15:12:48 +00:00
|
|
|
|
2006-02-04 23:44:05 +00:00
|
|
|
typedef struct _SslDecoder {
|
|
|
|
SslCipherSuite* cipher_suite;
|
2007-04-10 15:12:48 +00:00
|
|
|
gint compression;
|
2011-12-22 07:03:42 +00:00
|
|
|
guchar _mac_key[48];
|
2006-02-04 23:44:05 +00:00
|
|
|
StringInfo mac_key;
|
2007-04-10 15:12:48 +00:00
|
|
|
SSL_CIPHER_CTX evp;
|
|
|
|
SslDecompress *decomp;
|
2006-02-04 23:44:05 +00:00
|
|
|
guint32 seq;
|
2006-06-27 13:36:10 +00:00
|
|
|
guint16 epoch;
|
2007-04-10 15:12:48 +00:00
|
|
|
SslFlow *flow;
|
2006-02-04 23:44:05 +00:00
|
|
|
} SslDecoder;
|
|
|
|
|
|
|
|
#define KEX_RSA 0x10
|
|
|
|
#define KEX_DH 0x11
|
2010-06-24 06:01:11 +00:00
|
|
|
#define KEX_PSK 0x12
|
2012-01-28 15:50:59 +00:00
|
|
|
#define KEX_ECDH 0x13
|
2006-02-04 23:44:05 +00:00
|
|
|
|
|
|
|
#define SIG_RSA 0x20
|
|
|
|
#define SIG_DSS 0x21
|
|
|
|
#define SIG_NONE 0x22
|
|
|
|
|
|
|
|
#define ENC_DES 0x30
|
|
|
|
#define ENC_3DES 0x31
|
|
|
|
#define ENC_RC4 0x32
|
|
|
|
#define ENC_RC2 0x33
|
|
|
|
#define ENC_IDEA 0x34
|
|
|
|
#define ENC_AES 0x35
|
|
|
|
#define ENC_AES256 0x36
|
|
|
|
#define ENC_NULL 0x37
|
|
|
|
|
|
|
|
#define DIG_MD5 0x40
|
|
|
|
#define DIG_SHA 0x41
|
2011-12-22 07:03:42 +00:00
|
|
|
#define DIG_SHA256 0x42
|
|
|
|
#define DIG_SHA384 0x43
|
2006-02-04 23:44:05 +00:00
|
|
|
|
2006-05-03 05:29:04 +00:00
|
|
|
typedef struct _SslRecordInfo {
|
2011-12-16 00:33:03 +00:00
|
|
|
guchar *real_data;
|
|
|
|
gint data_len;
|
2006-08-02 08:15:51 +00:00
|
|
|
gint id;
|
2006-05-03 05:29:04 +00:00
|
|
|
struct _SslRecordInfo* next;
|
|
|
|
} SslRecordInfo;
|
|
|
|
|
2007-01-12 10:25:03 +00:00
|
|
|
typedef struct _SslDataInfo {
|
|
|
|
gint key;
|
|
|
|
StringInfo plain_data;
|
|
|
|
guint32 seq;
|
|
|
|
guint32 nxtseq;
|
2007-04-10 15:12:48 +00:00
|
|
|
SslFlow *flow;
|
2007-01-12 10:25:03 +00:00
|
|
|
struct _SslDataInfo *next;
|
|
|
|
} SslDataInfo;
|
|
|
|
|
2006-05-03 05:29:04 +00:00
|
|
|
typedef struct {
|
2007-01-12 10:25:03 +00:00
|
|
|
SslDataInfo *appl_data;
|
2007-09-16 19:28:58 +00:00
|
|
|
SslRecordInfo* handshake_data;
|
2006-05-03 05:29:04 +00:00
|
|
|
} SslPacketInfo;
|
2006-02-04 23:44:05 +00:00
|
|
|
|
|
|
|
typedef struct _SslDecryptSession {
|
2006-08-02 08:15:51 +00:00
|
|
|
guchar _master_secret[48];
|
|
|
|
guchar _session_id[256];
|
|
|
|
guchar _client_random[32];
|
|
|
|
guchar _server_random[32];
|
2006-02-04 23:44:05 +00:00
|
|
|
StringInfo session_id;
|
|
|
|
StringInfo server_random;
|
|
|
|
StringInfo client_random;
|
|
|
|
StringInfo master_secret;
|
2008-07-09 07:24:13 +00:00
|
|
|
/* the data store for this StringInfo must be allocated explicitly with a capture lifetime scope */
|
2006-02-04 23:44:05 +00:00
|
|
|
StringInfo pre_master_secret;
|
2007-01-04 09:20:18 +00:00
|
|
|
guchar _server_data_for_iv[24];
|
|
|
|
StringInfo server_data_for_iv;
|
|
|
|
guchar _client_data_for_iv[24];
|
|
|
|
StringInfo client_data_for_iv;
|
2007-09-16 19:28:58 +00:00
|
|
|
|
2006-08-02 08:15:51 +00:00
|
|
|
gint cipher;
|
2007-04-10 15:12:48 +00:00
|
|
|
gint compression;
|
2006-08-02 08:15:51 +00:00
|
|
|
gint state;
|
2006-02-04 23:44:05 +00:00
|
|
|
SslCipherSuite cipher_suite;
|
2007-04-10 15:12:48 +00:00
|
|
|
SslDecoder *server;
|
|
|
|
SslDecoder *client;
|
|
|
|
SslDecoder *server_new;
|
|
|
|
SslDecoder *client_new;
|
2006-02-04 23:44:05 +00:00
|
|
|
SSL_PRIVATE_KEY* private_key;
|
2010-06-24 06:01:11 +00:00
|
|
|
SSL_PSK_KEY* psk;
|
2006-02-04 23:44:05 +00:00
|
|
|
guint32 version;
|
2007-09-16 19:28:58 +00:00
|
|
|
guint16 version_netorder;
|
|
|
|
StringInfo app_data_segment;
|
|
|
|
|
2009-08-13 09:07:03 +00:00
|
|
|
address srv_addr;
|
|
|
|
port_type srv_ptype;
|
|
|
|
guint srv_port;
|
|
|
|
|
2006-02-04 23:44:05 +00:00
|
|
|
} SslDecryptSession;
|
|
|
|
|
2006-08-02 08:15:51 +00:00
|
|
|
typedef struct _SslAssociation {
|
2011-12-16 00:33:03 +00:00
|
|
|
gboolean tcp;
|
|
|
|
guint ssl_port;
|
|
|
|
dissector_handle_t handle;
|
|
|
|
gchar* info;
|
|
|
|
gboolean from_key_list;
|
2006-08-02 08:15:51 +00:00
|
|
|
} SslAssociation;
|
|
|
|
|
|
|
|
typedef struct _SslService {
|
2011-12-16 00:33:03 +00:00
|
|
|
address addr;
|
|
|
|
guint port;
|
2006-08-02 08:15:51 +00:00
|
|
|
} SslService;
|
|
|
|
|
2008-01-03 08:24:33 +00:00
|
|
|
typedef struct _Ssl_private_key {
|
2008-01-03 09:32:12 +00:00
|
|
|
#ifdef HAVE_LIBGNUTLS
|
2011-12-16 00:33:03 +00:00
|
|
|
gnutls_x509_crt_t x509_cert;
|
|
|
|
gnutls_x509_privkey_t x509_pkey;
|
2008-01-03 09:32:12 +00:00
|
|
|
#endif
|
2011-12-16 00:33:03 +00:00
|
|
|
SSL_PRIVATE_KEY *sexp_pkey;
|
2008-01-03 08:24:33 +00:00
|
|
|
} Ssl_private_key_t;
|
2006-08-02 08:15:51 +00:00
|
|
|
|
2011-04-26 21:59:11 +00:00
|
|
|
/* User Access Table */
|
|
|
|
typedef struct _ssldecrypt_assoc_t {
|
|
|
|
char* ipaddr;
|
|
|
|
char* port;
|
|
|
|
char* protocol;
|
|
|
|
char* keyfile;
|
|
|
|
char* password;
|
|
|
|
} ssldecrypt_assoc_t;
|
|
|
|
|
2012-01-28 15:50:59 +00:00
|
|
|
gint ssl_get_keyex_alg(gint cipher);
|
|
|
|
|
2011-04-26 21:59:11 +00:00
|
|
|
gboolean ssldecrypt_uat_fld_ip_chk_cb(void*, const char*, unsigned, const void*, const void*, const char** err);
|
|
|
|
gboolean ssldecrypt_uat_fld_port_chk_cb(void*, const char*, unsigned, const void*, const void*, const char** err);
|
|
|
|
gboolean ssldecrypt_uat_fld_protocol_chk_cb(void*, const char*, unsigned, const void*, const void*, const char** err);
|
|
|
|
gboolean ssldecrypt_uat_fld_fileopen_chk_cb(void*, const char*, unsigned, const void*, const void*, const char** err);
|
|
|
|
gboolean ssldecrypt_uat_fld_password_chk_cb(void*, const char*, unsigned, const void*, const void*, const char** err);
|
|
|
|
|
2006-02-06 01:01:09 +00:00
|
|
|
/** Initialize decryption engine/ssl layer. To be called once per execution */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2006-02-06 01:01:09 +00:00
|
|
|
ssl_lib_init(void);
|
|
|
|
|
|
|
|
/** Initialize an ssl session struct
|
|
|
|
@param ssl pointer to ssl session struct to be initialized */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2006-02-06 01:01:09 +00:00
|
|
|
ssl_session_init(SslDecryptSession* ssl);
|
|
|
|
|
2009-08-13 09:07:03 +00:00
|
|
|
/** Set server address and port */
|
|
|
|
extern void
|
|
|
|
ssl_set_server(SslDecryptSession* ssl, address *addr, port_type ptype, guint32 port);
|
|
|
|
|
2006-02-06 01:01:09 +00:00
|
|
|
/** set the data and len for the stringInfo buffer. buf should be big enough to
|
|
|
|
* contain the provided data
|
|
|
|
@param buf the buffer to update
|
2007-09-16 19:28:58 +00:00
|
|
|
@param src the data source
|
2006-02-06 01:01:09 +00:00
|
|
|
@param len the source data len */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2007-01-04 09:20:18 +00:00
|
|
|
ssl_data_set(StringInfo* buf, const guchar* src, guint len);
|
|
|
|
|
|
|
|
extern gint
|
2007-01-04 13:26:45 +00:00
|
|
|
ssl_cipher_setiv(SSL_CIPHER_CTX *cipher, guchar* iv, gint iv_len);
|
2006-02-06 01:01:09 +00:00
|
|
|
|
|
|
|
/** Load an RSA private key from specified file
|
|
|
|
@param fp the file that contain the key data
|
|
|
|
@return a pointer to the loaded key on success, or NULL */
|
2008-01-03 08:24:33 +00:00
|
|
|
extern Ssl_private_key_t *
|
2006-02-06 01:01:09 +00:00
|
|
|
ssl_load_key(FILE* fp);
|
|
|
|
|
2009-12-21 21:06:01 +00:00
|
|
|
extern Ssl_private_key_t *
|
2008-01-03 08:24:33 +00:00
|
|
|
ssl_load_pkcs12(FILE* fp, const gchar *cert_passwd);
|
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
/** Deallocate the memory used for specified key
|
2010-08-26 15:24:49 +00:00
|
|
|
@param key pointer to the key to be freed */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2008-01-03 08:24:33 +00:00
|
|
|
ssl_free_key(Ssl_private_key_t* key);
|
2006-02-06 01:01:09 +00:00
|
|
|
|
2009-08-13 09:07:03 +00:00
|
|
|
/* Find private key in associations */
|
|
|
|
extern gint
|
|
|
|
ssl_find_private_key(SslDecryptSession *ssl_session, GHashTable *key_hash, GTree* associations, packet_info *pinfo);
|
|
|
|
|
2011-12-16 00:33:03 +00:00
|
|
|
/** Search for the specified cipher suite id
|
2007-09-16 19:28:58 +00:00
|
|
|
@param num the id of the cipher suite to be searched
|
|
|
|
@param cs pointer to the cipher suite struct to be filled
|
2006-02-06 01:01:09 +00:00
|
|
|
@return 0 if the cipher suite is found, -1 elsewhere */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern gint
|
2006-02-06 01:01:09 +00:00
|
|
|
ssl_find_cipher(int num,SslCipherSuite* cs);
|
|
|
|
|
2010-02-19 07:43:26 +00:00
|
|
|
/** Expand the pre_master_secret to generate all the session information
|
2006-02-06 01:01:09 +00:00
|
|
|
* (master secret, session keys, ivs)
|
|
|
|
@param ssl_session the store for all the session data
|
|
|
|
@return 0 on success */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern gint
|
2006-02-06 01:01:09 +00:00
|
|
|
ssl_generate_keyring_material(SslDecryptSession*ssl_session);
|
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2007-04-10 15:12:48 +00:00
|
|
|
ssl_change_cipher(SslDecryptSession *ssl_session, gboolean server);
|
|
|
|
|
2011-04-26 22:51:35 +00:00
|
|
|
/** Try to find the pre-master secret for the given encrypted pre-master secret
|
|
|
|
from a log of secrets.
|
|
|
|
@param ssl_session the store for the decrypted pre_master_secret
|
2012-06-24 15:24:59 +00:00
|
|
|
@param ssl_keylog_filename a file that contains a log of secrets (may be NULL)
|
|
|
|
@param encrypted_pre_master the rsa encrypted pre_master_secret (may be NULL)
|
2011-04-26 22:51:35 +00:00
|
|
|
@return 0 on success */
|
|
|
|
int
|
|
|
|
ssl_keylog_lookup(SslDecryptSession* ssl_session,
|
|
|
|
const gchar* ssl_keylog_filename,
|
|
|
|
StringInfo* encrypted_pre_master);
|
|
|
|
|
2010-02-19 07:43:26 +00:00
|
|
|
/** Try to decrypt in place the encrypted pre_master_secret
|
2006-02-06 01:01:09 +00:00
|
|
|
@param ssl_session the store for the decrypted pre_master_secret
|
2010-01-22 23:09:19 +00:00
|
|
|
@param encrypted_pre_master the rsa encrypted pre_master_secret
|
2006-02-06 01:01:09 +00:00
|
|
|
@param pk the private key to be used for decryption
|
|
|
|
@return 0 on success */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern gint
|
|
|
|
ssl_decrypt_pre_master_secret(SslDecryptSession*ssl_session,
|
2010-01-22 23:09:19 +00:00
|
|
|
StringInfo* encrypted_pre_master, SSL_PRIVATE_KEY *pk);
|
2006-02-04 23:44:05 +00:00
|
|
|
|
2010-02-19 07:43:26 +00:00
|
|
|
/** Try to decrypt an ssl record
|
2010-08-26 15:24:49 +00:00
|
|
|
@param ssl ssl_session the store all the session data
|
2006-02-06 01:01:09 +00:00
|
|
|
@param decoder the stream decoder to be used
|
|
|
|
@param ct the content type of this ssl record
|
|
|
|
@param in a pinter to the ssl record to be decrypted
|
2007-10-16 23:42:33 +00:00
|
|
|
@param inl the record length
|
2010-08-26 15:24:49 +00:00
|
|
|
@param comp_str
|
|
|
|
@param out_str a pointer to the store for the decrypted data
|
2007-09-16 19:28:58 +00:00
|
|
|
@param outl the decrypted data len
|
2006-02-06 01:01:09 +00:00
|
|
|
@return 0 on success */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern gint
|
2010-08-26 15:24:49 +00:00
|
|
|
ssl_decrypt_record(SslDecryptSession* ssl,SslDecoder* decoder, gint ct,
|
2007-04-10 15:12:48 +00:00
|
|
|
const guchar* in, guint inl, StringInfo* comp_str, StringInfo* out_str, guint* outl);
|
2006-08-02 08:15:51 +00:00
|
|
|
|
|
|
|
|
|
|
|
/* Common part bitween SSL and DTLS dissectors */
|
|
|
|
/* Hash Functions for TLS/DTLS sessions table and private keys table */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern gint
|
2006-08-02 08:15:51 +00:00
|
|
|
ssl_equal (gconstpointer v, gconstpointer v2);
|
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
extern guint
|
2006-08-02 08:15:51 +00:00
|
|
|
ssl_hash (gconstpointer v);
|
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
extern gint
|
2006-08-02 08:15:51 +00:00
|
|
|
ssl_private_key_equal (gconstpointer v, gconstpointer v2);
|
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
extern guint
|
2006-08-02 08:15:51 +00:00
|
|
|
ssl_private_key_hash (gconstpointer v);
|
|
|
|
|
|
|
|
/* private key table entries have a scope 'larger' then packet capture,
|
|
|
|
* so we can't relay on se_alloc** function */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2006-08-02 08:15:51 +00:00
|
|
|
ssl_private_key_free(gpointer id, gpointer key, gpointer dummy _U_);
|
|
|
|
|
|
|
|
/* handling of association between tls/dtls ports and clear text protocol */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2006-08-29 08:33:52 +00:00
|
|
|
ssl_association_add(GTree* associations, dissector_handle_t handle, guint port, const gchar *protocol, gboolean tcp, gboolean from_key_list);
|
2006-08-25 08:07:26 +00:00
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2006-08-25 08:07:26 +00:00
|
|
|
ssl_association_remove(GTree* associations, SslAssociation *assoc);
|
2006-08-02 08:15:51 +00:00
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
extern gint
|
2006-08-02 08:15:51 +00:00
|
|
|
ssl_association_cmp(gconstpointer a, gconstpointer b);
|
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
extern SslAssociation*
|
2006-08-25 08:07:26 +00:00
|
|
|
ssl_association_find(GTree * associations, guint port, gboolean tcp);
|
2006-08-02 08:15:51 +00:00
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
extern gint
|
2006-08-25 08:07:26 +00:00
|
|
|
ssl_assoc_from_key_list(gpointer key _U_, gpointer data, gpointer user_data);
|
2006-08-02 08:15:51 +00:00
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
extern gint
|
2009-08-13 09:07:03 +00:00
|
|
|
ssl_packet_from_server(SslDecryptSession* ssl, GTree* associations, packet_info *pinfo);
|
2006-08-02 08:15:51 +00:00
|
|
|
|
2011-12-16 00:33:03 +00:00
|
|
|
/* add to packet data a copy of the specified real data */
|
2006-08-02 08:15:51 +00:00
|
|
|
extern void
|
|
|
|
ssl_add_record_info(gint proto, packet_info *pinfo, guchar* data, gint data_len, gint record_id);
|
|
|
|
|
2011-12-16 00:33:03 +00:00
|
|
|
/* search in packet data for the specified id; return a newly created tvb for the associated data */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern tvbuff_t*
|
2011-12-16 00:33:03 +00:00
|
|
|
ssl_get_record_info(tvbuff_t *parent_tvb, gint proto, packet_info *pinfo, gint record_id);
|
2006-08-02 08:15:51 +00:00
|
|
|
|
2007-01-12 10:25:03 +00:00
|
|
|
void
|
2007-04-10 15:12:48 +00:00
|
|
|
ssl_add_data_info(gint proto, packet_info *pinfo, guchar* data, gint data_len, gint key, SslFlow *flow);
|
2007-01-12 10:25:03 +00:00
|
|
|
|
2007-09-16 19:28:58 +00:00
|
|
|
SslDataInfo*
|
2007-01-12 10:25:03 +00:00
|
|
|
ssl_get_data_info(int proto, packet_info *pinfo, gint key);
|
|
|
|
|
2006-08-02 08:15:51 +00:00
|
|
|
/* initialize/reset per capture state data (ssl sessions cache) */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2007-04-10 15:12:48 +00:00
|
|
|
ssl_common_init(GHashTable **session_hash, StringInfo *decrypted_data, StringInfo *compressed_data);
|
2006-08-02 08:15:51 +00:00
|
|
|
|
|
|
|
/* parse ssl related preferences (private keys and ports association strings) */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2011-04-26 21:59:11 +00:00
|
|
|
ssl_parse_key_list(const ssldecrypt_assoc_t * uats, GHashTable *key_hash, GTree* associations, dissector_handle_t handle, gboolean tcp);
|
2006-08-02 08:15:51 +00:00
|
|
|
|
|
|
|
/* store master secret into session data cache */
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2006-08-02 08:15:51 +00:00
|
|
|
ssl_save_session(SslDecryptSession* ssl, GHashTable *session_hash);
|
|
|
|
|
2012-06-24 15:24:59 +00:00
|
|
|
extern gboolean
|
2006-08-02 08:15:51 +00:00
|
|
|
ssl_restore_session(SslDecryptSession* ssl, GHashTable *session_hash);
|
|
|
|
|
|
|
|
extern gint
|
|
|
|
ssl_is_valid_content_type(guint8 type);
|
2006-02-04 23:44:05 +00:00
|
|
|
|
|
|
|
#ifdef SSL_DECRYPT_DEBUG
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2010-01-25 13:20:53 +00:00
|
|
|
ssl_debug_printf(const gchar* fmt,...) G_GNUC_PRINTF(1,2);
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2009-12-21 21:06:01 +00:00
|
|
|
ssl_print_data(const gchar* name, const guchar* data, size_t len);
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2006-08-02 08:15:51 +00:00
|
|
|
ssl_print_string(const gchar* name, const StringInfo* data);
|
2007-09-16 19:28:58 +00:00
|
|
|
extern void
|
2012-04-30 19:14:14 +00:00
|
|
|
ssl_set_debug(const gchar* name);
|
2007-11-30 11:12:55 +00:00
|
|
|
extern void
|
|
|
|
ssl_debug_flush(void);
|
2006-02-04 23:44:05 +00:00
|
|
|
#else
|
2006-02-06 01:01:09 +00:00
|
|
|
|
|
|
|
/* No debug: nullify debug operation*/
|
2010-01-25 13:20:53 +00:00
|
|
|
static inline void G_GNUC_PRINTF(1,2)
|
2006-08-02 08:15:51 +00:00
|
|
|
ssl_debug_printf(const gchar* fmt _U_,...)
|
2007-09-16 19:28:58 +00:00
|
|
|
{
|
2006-02-06 01:01:09 +00:00
|
|
|
}
|
2006-02-04 23:44:05 +00:00
|
|
|
#define ssl_print_data(a, b, c)
|
|
|
|
#define ssl_print_string(a, b)
|
2006-02-11 13:41:17 +00:00
|
|
|
#define ssl_set_debug(name)
|
2007-11-30 12:41:23 +00:00
|
|
|
#define ssl_debug_flush()
|
2006-02-11 13:41:17 +00:00
|
|
|
|
2011-04-26 21:59:11 +00:00
|
|
|
#endif /* SSL_DECRYPT_DEBUG */
|
2006-02-04 23:44:05 +00:00
|
|
|
|
2011-04-26 21:59:11 +00:00
|
|
|
#endif /* SSL_UTILS_H */
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Editor modelines - http://www.wireshark.org/tools/modelines.html
|
|
|
|
*
|
|
|
|
* Local variables:
|
|
|
|
* c-basic-offset: 4
|
|
|
|
* tab-width: 8
|
|
|
|
* indent-tabs-mode: nil
|
|
|
|
* End:
|
|
|
|
*
|
2011-09-21 16:28:53 +00:00
|
|
|
* vi: set shiftwidth=4 tabstop=8 expandtab:
|
2011-04-26 21:59:11 +00:00
|
|
|
* :indentSize=4:tabSize=8:noTabs=true:
|
|
|
|
*/
|