#include <epan/ipv6-utils.h>
#include <epan/expert.h>
#include <epan/asn1.h>
+#include <wsutil/filesystem.h>
#include <wsutil/file_util.h>
#include <wsutil/str_util.h>
#include <wsutil/report_err.h>
+#include <wsutil/pint.h>
#include "packet-x509af.h"
#include "packet-x509if.h"
#include "packet-ssl-utils.h"
#include "packet-ssl.h"
+#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT)
+#include <gnutls/abstract.h>
+#endif
/*
* Lookup tables
{ 70, "Protocol Version" },
{ 71, "Insufficient Security" },
{ 80, "Internal Error" },
+ { 86, "Inappropriate Fallback" },
{ 90, "User Canceled" },
{ 100, "No Renegotiation" },
{ 110, "Unsupported Extension" },
/* 0x00,0xC6-FE Unassigned */
/* From RFC 5746 */
{ 0x00FF, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV" },
- /* From draft-bmoeller-tls-downgrade-scsv-02 */
+ /* From RFC 7507 */
{ 0x5600, "TLS_FALLBACK_SCSV" },
/* From RFC 4492 */
{ 0xc001, "TLS_ECDH_ECDSA_WITH_NULL_SHA" },
{ 0, NULL }
};
+/* string_string is inappropriate as it compares strings while
+ * "byte strings MUST NOT be truncated" (RFC 7301) */
+typedef struct ssl_alpn_protocol {
+ const guint8 *proto_name;
+ size_t proto_name_len;
+ const char *dissector_name;
+} ssl_alpn_protocol_t;
+/* http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids */
+static const ssl_alpn_protocol_t ssl_alpn_protocols[] = {
+ { "http/1.1", sizeof("http/1.1"), "http" },
+ /* SPDY moves so fast, just 1, 2 and 3 are registered with IANA but there
+ * already exists 3.1 as of this writing... match the prefix. */
+ { "spdy/", sizeof("spdy/") - 1, "spdy" },
+ { "stun.turn", sizeof("stun.turn"), "turnchannel" },
+ { "stun.nat-discovery", sizeof("stun.nat-discovery"), "stun" },
+ /* draft-ietf-httpbis-http2-16 */
+ { "h2-", sizeof("h2-") - 1, "http2" }, /* draft versions */
+ { "h2", sizeof("h2"), "http2" }, /* final version */
+};
+
/* we keep this internal to packet-ssl-utils, as there should be
no need to access it any other way.
gint ssl_get_keyex_alg(gint cipher)
{
switch(cipher) {
- case 0x0001:
- case 0x0002:
- case 0x0003:
- case 0x0004:
- case 0x0005:
- case 0x0006:
- case 0x0007:
- case 0x0008:
- case 0x0009:
- case 0x000a:
- case 0x002f:
- case 0x0035:
- case 0x003b:
- case 0x003c:
- case 0x003d:
- case 0x0041:
- case 0x0060:
- case 0x0061:
- case 0x0062:
- case 0x0064:
- case 0x0084:
- case 0x0096:
- case 0x009c:
- case 0x009d:
- case 0x00ba:
- case 0x00c0:
- case 0xfefe:
- case 0xfeff:
- case 0xffe0:
- case 0xffe1:
- return KEX_RSA;
+ case 0x0017:
+ case 0x0018:
+ case 0x0019:
+ case 0x001a:
+ case 0x001b:
+ case 0x0034:
+ case 0x003a:
+ case 0x0046:
+ case 0x006c:
+ case 0x006d:
+ case 0x0089:
+ case 0x009b:
+ case 0x00a6:
+ case 0x00a7:
+ case 0x00bf:
+ case 0x00c5:
+ case 0xc084:
+ case 0xc085:
+ return KEX_DH_ANON;
case 0x000b:
case 0x000c:
case 0x000d:
+ case 0x0030:
+ case 0x0036:
+ case 0x003e:
+ case 0x0042:
+ case 0x0068:
+ case 0x0085:
+ case 0x0097:
+ case 0x00a4:
+ case 0x00a5:
+ case 0x00bb:
+ case 0x00c1:
+ case 0xc082:
+ case 0xc083:
+ return KEX_DH_DSS;
case 0x000e:
case 0x000f:
case 0x0010:
+ case 0x0031:
+ case 0x0037:
+ case 0x003f:
+ case 0x0043:
+ case 0x0069:
+ case 0x0086:
+ case 0x0098:
+ case 0x00a0:
+ case 0x00a1:
+ case 0x00bc:
+ case 0x00c2:
+ case 0xc07e:
+ case 0xc07f:
+ return KEX_DH_RSA;
case 0x0011:
case 0x0012:
case 0x0013:
- case 0x0014:
- case 0x0015:
- case 0x0016:
- case 0x0017:
- case 0x0018:
- case 0x0019:
- case 0x001a:
- case 0x001b:
- case 0x002d:
- case 0x0030:
- case 0x0031:
case 0x0032:
- case 0x0033:
- case 0x0034:
- case 0x0036:
- case 0x0037:
case 0x0038:
- case 0x0039:
- case 0x003a:
- case 0x003e:
- case 0x003f:
case 0x0040:
- case 0x0042:
- case 0x0043:
case 0x0044:
- case 0x0045:
- case 0x0046:
case 0x0063:
case 0x0065:
case 0x0066:
- case 0x0067:
- case 0x0068:
- case 0x0069:
case 0x006a:
- case 0x006b:
- case 0x006c:
- case 0x006d:
- case 0x0085:
- case 0x0086:
case 0x0087:
- case 0x0088:
- case 0x0089:
+ case 0x0099:
+ case 0x00a2:
+ case 0x00a3:
+ case 0x00bd:
+ case 0x00c3:
+ case 0xc080:
+ case 0xc081:
+ return KEX_DHE_DSS;
+ case 0x002d:
case 0x008e:
case 0x008f:
case 0x0090:
case 0x0091:
- case 0x0097:
- case 0x0098:
- case 0x0099:
- case 0x009a:
- case 0x009b:
- case 0x009e:
- case 0x009f:
- case 0x00a0:
- case 0x00a1:
- case 0x00a2:
- case 0x00a3:
- case 0x00a4:
- case 0x00a5:
- case 0x00a6:
- case 0x00a7:
case 0x00aa:
case 0x00ab:
case 0x00b2:
case 0x00b3:
case 0x00b4:
case 0x00b5:
- case 0x00bb:
- case 0x00bc:
- case 0x00bd:
+ case 0xc090:
+ case 0xc091:
+ case 0xc096:
+ case 0xc097:
+ case 0xc0a6:
+ case 0xc0a7:
+ case 0xc0aa:
+ case 0xc0ab:
+ case 0xe41c:
+ case 0xe41d:
+ return KEX_DHE_PSK;
+ case 0x0014:
+ case 0x0015:
+ case 0x0016:
+ case 0x0033:
+ case 0x0039:
+ case 0x0045:
+ case 0x0067:
+ case 0x006b:
+ case 0x0088:
+ case 0x009a:
+ case 0x009e:
+ case 0x009f:
case 0x00be:
- case 0x00bf:
- case 0x00c1:
- case 0x00c2:
- case 0x00c3:
case 0x00c4:
- case 0x00c5:
- return KEX_DH;
+ case 0xc07c:
+ case 0xc07d:
+ case 0xc09e:
+ case 0xc09f:
+ case 0xc0a2:
+ case 0xc0a3:
+ case 0xe41e:
+ case 0xe41f:
+ return KEX_DHE_RSA;
+ case 0xc015:
+ case 0xc016:
+ case 0xc017:
+ case 0xc018:
+ case 0xc019:
+ return KEX_ECDH_ANON;
case 0xc001:
case 0xc002:
case 0xc003:
case 0xc004:
case 0xc005:
- case 0xc006:
- case 0xc007:
- case 0xc008:
- case 0xc009:
- case 0xc00a:
+ case 0xc025:
+ case 0xc026:
+ case 0xc02d:
+ case 0xc02e:
+ case 0xc074:
+ case 0xc075:
+ case 0xc088:
+ case 0xc089:
+ return KEX_ECDH_ECDSA;
case 0xc00b:
case 0xc00c:
case 0xc00d:
case 0xc00e:
case 0xc00f:
- case 0xc010:
- case 0xc011:
- case 0xc012:
- case 0xc013:
- case 0xc014:
- case 0xc015:
- case 0xc016:
- case 0xc017:
- case 0xc018:
- case 0xc019:
- case 0xc023:
- case 0xc024:
- case 0xc025:
- case 0xc026:
- case 0xc027:
- case 0xc028:
case 0xc029:
case 0xc02a:
- case 0xc02b:
- case 0xc02c:
- case 0xc02d:
- case 0xc02e:
- case 0xc02f:
- case 0xc030:
case 0xc031:
case 0xc032:
+ case 0xc078:
+ case 0xc079:
+ case 0xc08c:
+ case 0xc08d:
+ return KEX_ECDH_RSA;
+ case 0xc006:
+ case 0xc007:
+ case 0xc008:
+ case 0xc009:
+ case 0xc00a:
+ case 0xc023:
+ case 0xc024:
+ case 0xc02b:
+ case 0xc02c:
+ case 0xc072:
+ case 0xc073:
+ case 0xc086:
+ case 0xc087:
+ case 0xc0ac:
+ case 0xc0ad:
+ case 0xc0ae:
+ case 0xc0af:
+ case 0xe414:
+ case 0xe415:
+ return KEX_ECDHE_ECDSA;
case 0xc033:
case 0xc034:
case 0xc035:
case 0xc039:
case 0xc03a:
case 0xc03b:
- case 0xc0ac:
- case 0xc0ad:
- case 0xc0ae:
- case 0xc0af:
- return KEX_ECDH;
- case 0x002C:
- case 0x008A:
- case 0x008B:
- case 0x008C:
- case 0x008D:
- case 0x00A8:
- case 0x00A9:
- case 0x00AE:
- case 0x00AF:
- case 0x00B0:
- case 0x00B1:
- case 0xC064:
- case 0xC065:
- case 0xC06A:
- case 0xC06B:
- case 0xC08E:
- case 0xC08F:
- case 0xC094:
- case 0xC095:
- case 0xC0A4:
- case 0xC0A5:
- case 0xC0A8:
- case 0xC0A9:
- case 0xC0AA:
- case 0xC0AB:
+ case 0xc09a:
+ case 0xc09b:
+ case 0xe418:
+ case 0xe419:
+ return KEX_ECDHE_PSK;
+ case 0xc010:
+ case 0xc011:
+ case 0xc012:
+ case 0xc013:
+ case 0xc014:
+ case 0xc027:
+ case 0xc028:
+ case 0xc02f:
+ case 0xc030:
+ case 0xc076:
+ case 0xc077:
+ case 0xc08a:
+ case 0xc08b:
+ case 0xe412:
+ case 0xe413:
+ return KEX_ECDHE_RSA;
+ case 0x001e:
+ case 0x001f:
+ case 0x0020:
+ case 0x0021:
+ case 0x0022:
+ case 0x0023:
+ case 0x0024:
+ case 0x0025:
+ case 0x0026:
+ case 0x0027:
+ case 0x0028:
+ case 0x0029:
+ case 0x002a:
+ case 0x002b:
+ return KEX_KRB5;
+ case 0x002c:
+ case 0x008a:
+ case 0x008b:
+ case 0x008c:
+ case 0x008d:
+ case 0x00a8:
+ case 0x00a9:
+ case 0x00ae:
+ case 0x00af:
+ case 0x00b0:
+ case 0x00b1:
+ case 0xc064:
+ case 0xc065:
+ case 0xc08e:
+ case 0xc08f:
+ case 0xc094:
+ case 0xc095:
+ case 0xc0a4:
+ case 0xc0a5:
+ case 0xc0a8:
+ case 0xc0a9:
+ case 0xe416:
+ case 0xe417:
return KEX_PSK;
- case 0x002E:
+ case 0x0001:
+ case 0x0002:
+ case 0x0003:
+ case 0x0004:
+ case 0x0005:
+ case 0x0006:
+ case 0x0007:
+ case 0x0008:
+ case 0x0009:
+ case 0x000a:
+ case 0x002f:
+ case 0x0035:
+ case 0x003b:
+ case 0x003c:
+ case 0x003d:
+ case 0x0041:
+ case 0x0060:
+ case 0x0061:
+ case 0x0062:
+ case 0x0064:
+ case 0x0084:
+ case 0x0096:
+ case 0x009c:
+ case 0x009d:
+ case 0x00ba:
+ case 0x00c0:
+ case 0xc07a:
+ case 0xc07b:
+ case 0xc09c:
+ case 0xc09d:
+ case 0xc0a0:
+ case 0xc0a1:
+ case 0xe410:
+ case 0xe411:
+ case 0xfefe:
+ case 0xfeff:
+ case 0xffe0:
+ case 0xffe1:
+ return KEX_RSA;
+ case 0x002e:
case 0x0092:
case 0x0093:
case 0x0094:
case 0x0095:
- case 0x00AC:
- case 0x00AD:
- case 0x00B6:
- case 0x00B7:
- case 0x00B8:
- case 0x00B9:
- case 0xC068:
- case 0xC069:
- case 0xC06E:
- case 0xC06F:
- case 0xC092:
- case 0xC093:
- case 0xC098:
- case 0xC099:
+ case 0x00ac:
+ case 0x00ad:
+ case 0x00b6:
+ case 0x00b7:
+ case 0x00b8:
+ case 0x00b9:
+ case 0xc092:
+ case 0xc093:
+ case 0xc098:
+ case 0xc099:
+ case 0xe41a:
+ case 0xe41b:
return KEX_RSA_PSK;
+ case 0xc01a:
+ case 0xc01d:
+ case 0xc020:
+ return KEX_SRP_SHA;
+ case 0xc01c:
+ case 0xc01f:
+ case 0xc022:
+ return KEX_SRP_SHA_DSS;
+ case 0xc01b:
+ case 0xc01e:
+ case 0xc021:
+ return KEX_SRP_SHA_RSA;
default:
break;
}
}
/* from_hex converts |hex_len| bytes of hex data from |in| and sets |*out| to
- * the result. |out->data| will be allocated using se_alloc. Returns TRUE on
+ * the result. |out->data| will be allocated using wmem_file_scope. Returns TRUE on
* success. */
static gboolean from_hex(StringInfo* out, const char* in, gsize hex_len) {
gsize i;
/* decrypt data with private key. Store decrypted data directly into input
* buffer */
static int
-ssl_private_decrypt(const guint len, guchar* data, SSL_PRIVATE_KEY* pk)
+ssl_private_decrypt(const guint len, guchar* data, gcry_sexp_t pk)
{
gint rc = 0;
size_t decr_len = 0, i = 0;
return 0;
}
-#ifndef SSL_FAST
/* put the data into a simple list */
rc = gcry_sexp_build(&s_data, NULL, "(enc-val(rsa(a%m)))", encr_mpi);
if (rc != 0) {
goto out;
}
-#else /* SSL_FAST */
- rc = _gcry_rsa_decrypt(0, &text, &encr_mpi, pk,0);
- gcry_mpi_print( GCRYMPI_FMT_USG, 0, 0, &decr_len, text);
-#endif /* SSL_FAST */
-
/* sanity check on out buffer */
if (decr_len > len) {
ssl_debug_printf("pcry_private_decrypt: decrypted data is too long ?!? (%" G_GSIZE_MODIFIER "u max %d)\n", decr_len, len);
};
static SslCipherSuite cipher_suites[]={
- {0x0001,KEX_RSA, ENC_NULL, 1, 0, 0,DIG_MD5, MODE_STREAM}, /* TLS_RSA_WITH_NULL_MD5 */
- {0x0002,KEX_RSA, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_RSA_WITH_NULL_SHA */
- {0x0003,KEX_RSA, ENC_RC4, 1,128, 40,DIG_MD5, MODE_STREAM}, /* TLS_RSA_EXPORT_WITH_RC4_40_MD5 */
- {0x0004,KEX_RSA, ENC_RC4, 1,128,128,DIG_MD5, MODE_STREAM}, /* TLS_RSA_WITH_RC4_128_MD5 */
- {0x0005,KEX_RSA, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_RSA_WITH_RC4_128_SHA */
- {0x0006,KEX_RSA, ENC_RC2, 8,128, 40,DIG_MD5, MODE_CBC }, /* TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 */
- {0x0007,KEX_RSA, ENC_IDEA, 8,128,128,DIG_SHA, MODE_CBC }, /* TLS_RSA_WITH_IDEA_CBC_SHA */
- {0x0008,KEX_RSA, ENC_DES, 8, 64, 40,DIG_SHA, MODE_CBC }, /* TLS_RSA_EXPORT_WITH_DES40_CBC_SHA */
- {0x0009,KEX_RSA, ENC_DES, 8, 64, 64,DIG_SHA, MODE_CBC }, /* TLS_RSA_WITH_DES_CBC_SHA */
- {0x000A,KEX_RSA, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_RSA_WITH_3DES_EDE_CBC_SHA */
- {0x000B,KEX_DH, ENC_DES, 8, 64, 40,DIG_SHA, MODE_CBC }, /* TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA */
- {0x000C,KEX_DH, ENC_DES, 8, 64, 64,DIG_SHA, MODE_CBC }, /* TLS_DH_DSS_WITH_DES_CBC_SHA */
- {0x000D,KEX_DH, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA */
- {0x000E,KEX_DH, ENC_DES, 8, 64, 40,DIG_SHA, MODE_CBC }, /* TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA */
- {0x000F,KEX_DH, ENC_DES, 8, 64, 64,DIG_SHA, MODE_CBC }, /* TLS_DH_RSA_WITH_DES_CBC_SHA */
- {0x0010,KEX_DH, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA */
- {0x0011,KEX_DH, ENC_DES, 8, 64, 40,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA */
- {0x0012,KEX_DH, ENC_DES, 8, 64, 64,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_WITH_DES_CBC_SHA */
- {0x0013,KEX_DH, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA */
- {0x0014,KEX_DH, ENC_DES, 8, 64, 40,DIG_SHA, MODE_CBC }, /* TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA */
- {0x0015,KEX_DH, ENC_DES, 8, 64, 64,DIG_SHA, MODE_CBC }, /* TLS_DHE_RSA_WITH_DES_CBC_SHA */
- {0x0016,KEX_DH, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA */
- {0x0017,KEX_DH, ENC_RC4, 1,128, 40,DIG_MD5, MODE_STREAM}, /* TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 */
- {0x0018,KEX_DH, ENC_RC4, 1,128,128,DIG_MD5, MODE_STREAM}, /* TLS_DH_anon_WITH_RC4_128_MD5 */
- {0x0019,KEX_DH, ENC_DES, 8, 64, 40,DIG_SHA, MODE_CBC }, /* TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA */
- {0x001A,KEX_DH, ENC_DES, 8, 64, 64,DIG_SHA, MODE_CBC }, /* TLS_DH_anon_WITH_DES_CBC_SHA */
- {0x001B,KEX_DH, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_DH_anon_WITH_3DES_EDE_CBC_SHA */
- {0x002C,KEX_PSK, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_PSK_WITH_NULL_SHA */
- {0x002D,KEX_DH, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_DHE_PSK_WITH_NULL_SHA */
- {0x002E,KEX_RSA_PSK,ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_RSA_PSK_WITH_NULL_SHA */
- {0x002F,KEX_RSA, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_RSA_WITH_AES_128_CBC_SHA */
- {0x0030,KEX_DH, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_DSS_WITH_AES_128_CBC_SHA */
- {0x0031,KEX_DH, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_RSA_WITH_AES_128_CBC_SHA */
- {0x0032,KEX_DH, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_WITH_AES_128_CBC_SHA */
- {0x0033,KEX_DH, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DHE_RSA_WITH_AES_128_CBC_SHA */
- {0x0034,KEX_DH, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_anon_WITH_AES_128_CBC_SHA */
- {0x0035,KEX_RSA, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_RSA_WITH_AES_256_CBC_SHA */
- {0x0036,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DH_DSS_WITH_AES_256_CBC_SHA */
- {0x0037,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DH_RSA_WITH_AES_256_CBC_SHA */
- {0x0038,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_WITH_AES_256_CBC_SHA */
- {0x0039,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA */
- {0x003A,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DH_anon_WITH_AES_256_CBC_SHA */
- {0x003B,KEX_RSA, ENC_NULL, 1, 0, 0,DIG_SHA256, MODE_STREAM}, /* TLS_RSA_WITH_NULL_SHA256 */
- {0x003C,KEX_RSA, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_RSA_WITH_AES_128_CBC_SHA256 */
- {0x003D,KEX_RSA, ENC_AES256, 16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_RSA_WITH_AES_256_CBC_SHA256 */
- {0x003E,KEX_DH, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DH_DSS_WITH_AES_128_CBC_SHA256 */
- {0x003F,KEX_DH, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DH_RSA_WITH_AES_128_CBC_SHA256 */
- {0x0040,KEX_DH, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 */
- {0x0041,KEX_RSA, ENC_CAMELLIA128,16,128,128,DIG_SHA, MODE_CBC }, /* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA */
- {0x0042,KEX_DH, ENC_CAMELLIA128,16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA */
- {0x0043,KEX_DH, ENC_CAMELLIA128,16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA */
- {0x0044,KEX_DH, ENC_CAMELLIA128,16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA */
- {0x0045,KEX_DH, ENC_CAMELLIA128,16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA */
- {0x0046,KEX_DH, ENC_CAMELLIA128,16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA */
- {0x0060,KEX_RSA, ENC_RC4, 1,128, 56,DIG_MD5, MODE_STREAM}, /* TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 */
- {0x0061,KEX_RSA, ENC_RC2, 1,128, 56,DIG_MD5, MODE_STREAM}, /* TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 */
- {0x0062,KEX_RSA, ENC_DES, 8, 64, 56,DIG_SHA, MODE_CBC }, /* TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA */
- {0x0063,KEX_DH, ENC_DES, 8, 64, 56,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA */
- {0x0064,KEX_RSA, ENC_RC4, 1,128, 56,DIG_SHA, MODE_STREAM}, /* TLS_RSA_EXPORT1024_WITH_RC4_56_SHA */
- {0x0065,KEX_DH, ENC_RC4, 1,128, 56,DIG_SHA, MODE_STREAM}, /* TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA */
- {0x0066,KEX_DH, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_DHE_DSS_WITH_RC4_128_SHA */
- {0x0067,KEX_DH, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 */
- {0x0068,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DH_DSS_WITH_AES_256_CBC_SHA256 */
- {0x0069,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DH_RSA_WITH_AES_256_CBC_SHA256 */
- {0x006A,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 */
- {0x006B,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 */
- {0x006C,KEX_DH, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DH_anon_WITH_AES_128_CBC_SHA256 */
- {0x006D,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DH_anon_WITH_AES_256_CBC_SHA256 */
- {0x0084,KEX_RSA, ENC_CAMELLIA256,16,256,256,DIG_SHA, MODE_CBC }, /* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA */
- {0x0085,KEX_DH, ENC_CAMELLIA256,16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA */
- {0x0086,KEX_DH, ENC_CAMELLIA256,16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA */
- {0x0087,KEX_DH, ENC_CAMELLIA256,16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA */
- {0x0088,KEX_DH, ENC_CAMELLIA256,16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA */
- {0x0089,KEX_DH, ENC_CAMELLIA256,16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA */
- {0x008A,KEX_PSK, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_PSK_WITH_RC4_128_SHA */
- {0x008B,KEX_PSK, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_PSK_WITH_3DES_EDE_CBC_SHA */
- {0x008C,KEX_PSK, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_PSK_WITH_AES_128_CBC_SHA */
- {0x008D,KEX_PSK, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_PSK_WITH_AES_256_CBC_SHA */
- {0x008E,KEX_DH, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_DHE_PSK_WITH_RC4_128_SHA */
- {0x008F,KEX_DH, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA */
- {0x0090,KEX_DH, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DHE_PSK_WITH_AES_128_CBC_SHA */
- {0x0091,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DHE_PSK_WITH_AES_256_CBC_SHA */
- {0x0092,KEX_RSA_PSK,ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_RSA_PSK_WITH_RC4_128_SHA */
- {0x0093,KEX_RSA_PSK,ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA */
- {0x0094,KEX_RSA_PSK,ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_RSA_PSK_WITH_AES_128_CBC_SHA */
- {0x0095,KEX_RSA_PSK,ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_RSA_PSK_WITH_AES_256_CBC_SHA */
- {0x0096,KEX_RSA, ENC_SEED, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_RSA_WITH_SEED_CBC_SHA */
- {0x0097,KEX_DH, ENC_SEED, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_DSS_WITH_SEED_CBC_SHA */
- {0x0098,KEX_DH, ENC_SEED, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_RSA_WITH_SEED_CBC_SHA */
- {0x0099,KEX_DH, ENC_SEED, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_WITH_SEED_CBC_SHA */
- {0x009A,KEX_DH, ENC_SEED, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DHE_RSA_WITH_SEED_CBC_SHA */
- {0x009B,KEX_DH, ENC_SEED, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_anon_WITH_SEED_CBC_SHA */
- {0x009C,KEX_RSA, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_RSA_WITH_AES_128_GCM_SHA256 */
- {0x009D,KEX_RSA, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_RSA_WITH_AES_256_GCM_SHA384 */
- {0x009E,KEX_DH, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 */
- {0x009F,KEX_DH, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 */
- {0x00A0,KEX_DH, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DH_RSA_WITH_AES_128_GCM_SHA256 */
- {0x00A1,KEX_DH, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DH_RSA_WITH_AES_256_GCM_SHA384 */
- {0x00A2,KEX_DH, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 */
- {0x00A3,KEX_DH, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 */
- {0x00A4,KEX_DH, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DH_DSS_WITH_AES_128_GCM_SHA256 */
- {0x00A5,KEX_DH, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DH_DSS_WITH_AES_256_GCM_SHA384 */
- {0x00A6,KEX_DH, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DH_anon_WITH_AES_128_GCM_SHA256 */
- {0x00A7,KEX_DH, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DH_anon_WITH_AES_256_GCM_SHA384 */
- {0x00A8,KEX_PSK, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_PSK_WITH_AES_128_GCM_SHA256 */
- {0x00A9,KEX_PSK, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_PSK_WITH_AES_256_GCM_SHA384 */
- {0x00AA,KEX_DH, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 */
- {0x00AB,KEX_DH, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 */
- {0x00AC,KEX_RSA_PSK,ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 */
- {0x00AD,KEX_RSA_PSK,ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 */
- {0x00AE,KEX_PSK, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_PSK_WITH_AES_128_CBC_SHA256 */
- {0x00AF,KEX_PSK, ENC_AES256, 16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_PSK_WITH_AES_256_CBC_SHA384 */
- {0x00B0,KEX_PSK, ENC_NULL, 1, 0, 0,DIG_SHA256, MODE_STREAM}, /* TLS_PSK_WITH_NULL_SHA256 */
- {0x00B1,KEX_PSK, ENC_NULL, 1, 0, 0,DIG_SHA384, MODE_STREAM}, /* TLS_PSK_WITH_NULL_SHA384 */
- {0x00B2,KEX_DH, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 */
- {0x00B3,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 */
- {0x00B4,KEX_DH, ENC_NULL, 1, 0, 0,DIG_SHA256, MODE_STREAM}, /* TLS_DHE_PSK_WITH_NULL_SHA256 */
- {0x00B5,KEX_DH, ENC_NULL, 1, 0, 0,DIG_SHA384, MODE_STREAM}, /* TLS_DHE_PSK_WITH_NULL_SHA384 */
- {0x00B6,KEX_RSA_PSK,ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 */
- {0x00B7,KEX_RSA_PSK,ENC_AES256, 16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 */
- {0x00B8,KEX_RSA_PSK,ENC_NULL, 1, 0, 0,DIG_SHA256, MODE_STREAM}, /* TLS_RSA_PSK_WITH_NULL_SHA256 */
- {0x00B9,KEX_RSA_PSK,ENC_NULL, 1, 0, 0,DIG_SHA384, MODE_STREAM}, /* TLS_RSA_PSK_WITH_NULL_SHA384 */
- {0x00BA,KEX_RSA, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
- {0x00BB,KEX_DH, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 */
- {0x00BC,KEX_DH, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
- {0x00BD,KEX_DH, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 */
- {0x00BE,KEX_DH, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
- {0x00BF,KEX_DH, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 */
- {0x00C0,KEX_RSA, ENC_CAMELLIA256,16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 */
- {0x00C1,KEX_DH, ENC_CAMELLIA256,16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 */
- {0x00C2,KEX_DH, ENC_CAMELLIA256,16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 */
- {0x00C3,KEX_DH, ENC_CAMELLIA256,16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 */
- {0x00C4,KEX_DH, ENC_CAMELLIA256,16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 */
- {0x00C5,KEX_DH, ENC_CAMELLIA256,16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 */
- {0xC001,KEX_DH, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_ECDH_ECDSA_WITH_NULL_SHA */
- {0xC002,KEX_DH, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_ECDH_ECDSA_WITH_RC4_128_SHA */
- {0xC003,KEX_DH, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA */
- {0xC004,KEX_DH, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA */
- {0xC005,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA */
- {0xC006,KEX_DH, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_ECDHE_ECDSA_WITH_NULL_SHA */
- {0xC007,KEX_DH, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_ECDHE_ECDSA_WITH_RC4_128_SHA */
- {0xC008,KEX_DH, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA */
- {0xC009,KEX_DH, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA */
- {0xC00A,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA */
- {0xC00B,KEX_DH, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_ECDH_RSA_WITH_NULL_SHA */
- {0xC00C,KEX_DH, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_ECDH_RSA_WITH_RC4_128_SHA */
- {0xC00D,KEX_DH, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA */
- {0xC00E,KEX_DH, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_ECDH_RSA_WITH_AES_128_CBC_SHA */
- {0xC00F,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA */
- {0xC010,KEX_DH, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_ECDHE_RSA_WITH_NULL_SHA */
- {0xC011,KEX_DH, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_ECDHE_RSA_WITH_RC4_128_SHA */
- {0xC012,KEX_DH, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA */
- {0xC013,KEX_DH, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA */
- {0xC014,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA */
- {0xC015,KEX_DH, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_ECDH_anon_WITH_NULL_SHA */
- {0xC016,KEX_DH, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_ECDH_anon_WITH_RC4_128_SHA */
- {0xC017,KEX_DH, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA */
- {0xC018,KEX_DH, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_ECDH_anon_WITH_AES_128_CBC_SHA */
- {0xC019,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_ECDH_anon_WITH_AES_256_CBC_SHA */
- {0xC023,KEX_DH, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 */
- {0xC024,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 */
- {0xC025,KEX_DH, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 */
- {0xC026,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 */
- {0xC027,KEX_DH, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 */
- {0xC028,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 */
- {0xC029,KEX_DH, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 */
- {0xC02A,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 */
- {0xC02B,KEX_DH, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 */
- {0xC02C,KEX_DH, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 */
- {0xC02D,KEX_DH, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 */
- {0xC02E,KEX_DH, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 */
- {0xC02F,KEX_DH, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 */
- {0xC030,KEX_DH, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 */
- {0xC031,KEX_DH, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 */
- {0xC032,KEX_DH, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 */
- {0xC033,KEX_DH, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_ECDHE_PSK_WITH_RC4_128_SHA */
- {0xC034,KEX_DH, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA */
- {0xC035,KEX_DH, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA */
- {0xC036,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA */
- {0xC037,KEX_DH, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 */
- {0xC038,KEX_DH, ENC_AES256, 16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 */
- {0xC039,KEX_DH, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_ECDHE_PSK_WITH_NULL_SHA */
- {0xC03A,KEX_DH, ENC_NULL, 1, 0, 0,DIG_SHA256, MODE_STREAM}, /* TLS_ECDHE_PSK_WITH_NULL_SHA256 */
- {0xC03B,KEX_DH, ENC_NULL, 1, 0, 0,DIG_SHA384, MODE_STREAM}, /* TLS_ECDHE_PSK_WITH_NULL_SHA384 */
- {0xC072,KEX_DH, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 */
- {0xC073,KEX_DH, ENC_CAMELLIA256,16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 */
- {0xC074,KEX_DH, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 */
- {0xC075,KEX_DH, ENC_CAMELLIA256,16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 */
- {0xC076,KEX_DH, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
- {0xC077,KEX_DH, ENC_CAMELLIA256,16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 */
- {0xC078,KEX_DH, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
- {0xC079,KEX_DH, ENC_CAMELLIA256,16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 */
- {0xC07A,KEX_RSA, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 */
- {0xC07B,KEX_RSA, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 */
- {0xC07C,KEX_DH, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 */
- {0xC07D,KEX_DH, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 */
- {0xC07E,KEX_DH, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 */
- {0xC07F,KEX_DH, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 */
- {0xC080,KEX_DH, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 */
- {0xC081,KEX_DH, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 */
- {0xC082,KEX_DH, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 */
- {0xC083,KEX_DH, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 */
- {0xC084,KEX_DH, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 */
- {0xC085,KEX_DH, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 */
- {0xC086,KEX_DH, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 */
- {0xC087,KEX_DH, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 */
- {0xC088,KEX_DH, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 */
- {0xC089,KEX_DH, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 */
- {0xC08A,KEX_DH, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 */
- {0xC08B,KEX_DH, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 */
- {0xC08C,KEX_DH, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 */
- {0xC08D,KEX_DH, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 */
- {0xC08E,KEX_PSK, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 */
- {0xC08F,KEX_PSK, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 */
- {0xC090,KEX_DH, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 */
- {0xC091,KEX_DH, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 */
- {0xC092,KEX_RSA_PSK,ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 */
- {0xC093,KEX_RSA_PSK,ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 */
- {0xC094,KEX_PSK, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 */
- {0xC095,KEX_PSK, ENC_CAMELLIA256,16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 */
- {0xC096,KEX_DH, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 */
- {0xC097,KEX_DH, ENC_CAMELLIA256,16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 */
- {0xC098,KEX_RSA_PSK,ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 */
- {0xC099,KEX_RSA_PSK,ENC_CAMELLIA256,16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 */
- {0xC09A,KEX_DH, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 */
- {0xC09B,KEX_DH, ENC_CAMELLIA256,16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 */
- {0xC09C,KEX_RSA, ENC_AES, 4,128,128,DIG_NA, MODE_CCM }, /* TLS_RSA_WITH_AES_128_CCM */
- {0xC09D,KEX_RSA, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM }, /* TLS_RSA_WITH_AES_256_CCM */
- {0xC09E,KEX_DH, ENC_AES, 4,128,128,DIG_NA, MODE_CCM }, /* TLS_DHE_RSA_WITH_AES_128_CCM */
- {0xC09F,KEX_DH, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM }, /* TLS_DHE_RSA_WITH_AES_256_CCM */
- {0xC0A0,KEX_RSA, ENC_AES, 4,128,128,DIG_NA, MODE_CCM_8 }, /* TLS_RSA_WITH_AES_128_CCM_8 */
- {0xC0A1,KEX_RSA, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM_8 }, /* TLS_RSA_WITH_AES_256_CCM_8 */
- {0xC0A2,KEX_DH, ENC_AES, 4,128,128,DIG_NA, MODE_CCM_8 }, /* TLS_DHE_RSA_WITH_AES_128_CCM_8 */
- {0xC0A3,KEX_DH, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM_8 }, /* TLS_DHE_RSA_WITH_AES_256_CCM_8 */
- {0xC0A4,KEX_PSK, ENC_AES, 4,128,128,DIG_NA, MODE_CCM }, /* TLS_PSK_WITH_AES_128_CCM */
- {0xC0A5,KEX_PSK, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM }, /* TLS_PSK_WITH_AES_256_CCM */
- {0xC0A6,KEX_DH, ENC_AES, 4,128,128,DIG_NA, MODE_CCM }, /* TLS_DHE_PSK_WITH_AES_128_CCM */
- {0xC0A7,KEX_DH, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM }, /* TLS_DHE_PSK_WITH_AES_256_CCM */
- {0xC0A8,KEX_PSK, ENC_AES, 4,128,128,DIG_NA, MODE_CCM_8 }, /* TLS_PSK_WITH_AES_128_CCM_8 */
- {0xC0A9,KEX_PSK, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM_8 }, /* TLS_PSK_WITH_AES_256_CCM_8 */
- {0xC0AA,KEX_DH, ENC_AES, 4,128,128,DIG_NA, MODE_CCM_8 }, /* TLS_PSK_DHE_WITH_AES_128_CCM_8 */
- {0xC0AB,KEX_DH, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM_8 }, /* TLS_PSK_DHE_WITH_AES_256_CCM_8 */
- {0xC0AC,KEX_ECDH, ENC_AES, 4,128,128,DIG_NA, MODE_CCM }, /* TLS_ECDHE_ECDSA_WITH_AES_128_CCM */
- {0xC0AD,KEX_ECDH, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM }, /* TLS_ECDHE_ECDSA_WITH_AES_256_CCM */
- {0xC0AE,KEX_ECDH, ENC_AES, 4,128,128,DIG_NA, MODE_CCM_8 }, /* TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 */
- {0xC0AF,KEX_ECDH, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM_8 }, /* TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 */
+ {0x0001,KEX_RSA, ENC_NULL, 1, 0, 0,DIG_MD5, MODE_STREAM}, /* TLS_RSA_WITH_NULL_MD5 */
+ {0x0002,KEX_RSA, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_RSA_WITH_NULL_SHA */
+ {0x0003,KEX_RSA, ENC_RC4, 1,128, 40,DIG_MD5, MODE_STREAM}, /* TLS_RSA_EXPORT_WITH_RC4_40_MD5 */
+ {0x0004,KEX_RSA, ENC_RC4, 1,128,128,DIG_MD5, MODE_STREAM}, /* TLS_RSA_WITH_RC4_128_MD5 */
+ {0x0005,KEX_RSA, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_RSA_WITH_RC4_128_SHA */
+ {0x0006,KEX_RSA, ENC_RC2, 8,128, 40,DIG_MD5, MODE_CBC }, /* TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 */
+ {0x0007,KEX_RSA, ENC_IDEA, 8,128,128,DIG_SHA, MODE_CBC }, /* TLS_RSA_WITH_IDEA_CBC_SHA */
+ {0x0008,KEX_RSA, ENC_DES, 8, 64, 40,DIG_SHA, MODE_CBC }, /* TLS_RSA_EXPORT_WITH_DES40_CBC_SHA */
+ {0x0009,KEX_RSA, ENC_DES, 8, 64, 64,DIG_SHA, MODE_CBC }, /* TLS_RSA_WITH_DES_CBC_SHA */
+ {0x000A,KEX_RSA, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_RSA_WITH_3DES_EDE_CBC_SHA */
+ {0x000B,KEX_DH_DSS, ENC_DES, 8, 64, 40,DIG_SHA, MODE_CBC }, /* TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA */
+ {0x000C,KEX_DH_DSS, ENC_DES, 8, 64, 64,DIG_SHA, MODE_CBC }, /* TLS_DH_DSS_WITH_DES_CBC_SHA */
+ {0x000D,KEX_DH_DSS, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA */
+ {0x000E,KEX_DH_RSA, ENC_DES, 8, 64, 40,DIG_SHA, MODE_CBC }, /* TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA */
+ {0x000F,KEX_DH_RSA, ENC_DES, 8, 64, 64,DIG_SHA, MODE_CBC }, /* TLS_DH_RSA_WITH_DES_CBC_SHA */
+ {0x0010,KEX_DH_RSA, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA */
+ {0x0011,KEX_DHE_DSS, ENC_DES, 8, 64, 40,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA */
+ {0x0012,KEX_DHE_DSS, ENC_DES, 8, 64, 64,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_WITH_DES_CBC_SHA */
+ {0x0013,KEX_DHE_DSS, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA */
+ {0x0014,KEX_DHE_RSA, ENC_DES, 8, 64, 40,DIG_SHA, MODE_CBC }, /* TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA */
+ {0x0015,KEX_DHE_RSA, ENC_DES, 8, 64, 64,DIG_SHA, MODE_CBC }, /* TLS_DHE_RSA_WITH_DES_CBC_SHA */
+ {0x0016,KEX_DHE_RSA, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA */
+ {0x0017,KEX_DH_ANON, ENC_RC4, 1,128, 40,DIG_MD5, MODE_STREAM}, /* TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 */
+ {0x0018,KEX_DH_ANON, ENC_RC4, 1,128,128,DIG_MD5, MODE_STREAM}, /* TLS_DH_anon_WITH_RC4_128_MD5 */
+ {0x0019,KEX_DH_ANON, ENC_DES, 8, 64, 40,DIG_SHA, MODE_CBC }, /* TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA */
+ {0x001A,KEX_DH_ANON, ENC_DES, 8, 64, 64,DIG_SHA, MODE_CBC }, /* TLS_DH_anon_WITH_DES_CBC_SHA */
+ {0x001B,KEX_DH_ANON, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_DH_anon_WITH_3DES_EDE_CBC_SHA */
+ {0x002C,KEX_PSK, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_PSK_WITH_NULL_SHA */
+ {0x002D,KEX_DHE_PSK, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_DHE_PSK_WITH_NULL_SHA */
+ {0x002E,KEX_RSA_PSK, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_RSA_PSK_WITH_NULL_SHA */
+ {0x002F,KEX_RSA, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_RSA_WITH_AES_128_CBC_SHA */
+ {0x0030,KEX_DH_DSS, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_DSS_WITH_AES_128_CBC_SHA */
+ {0x0031,KEX_DH_RSA, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_RSA_WITH_AES_128_CBC_SHA */
+ {0x0032,KEX_DHE_DSS, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_WITH_AES_128_CBC_SHA */
+ {0x0033,KEX_DHE_RSA, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DHE_RSA_WITH_AES_128_CBC_SHA */
+ {0x0034,KEX_DH_ANON, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_anon_WITH_AES_128_CBC_SHA */
+ {0x0035,KEX_RSA, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_RSA_WITH_AES_256_CBC_SHA */
+ {0x0036,KEX_DH_DSS, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DH_DSS_WITH_AES_256_CBC_SHA */
+ {0x0037,KEX_DH_RSA, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DH_RSA_WITH_AES_256_CBC_SHA */
+ {0x0038,KEX_DHE_DSS, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_WITH_AES_256_CBC_SHA */
+ {0x0039,KEX_DHE_RSA, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA */
+ {0x003A,KEX_DH_ANON, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DH_anon_WITH_AES_256_CBC_SHA */
+ {0x003B,KEX_RSA, ENC_NULL, 1, 0, 0,DIG_SHA256, MODE_STREAM}, /* TLS_RSA_WITH_NULL_SHA256 */
+ {0x003C,KEX_RSA, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_RSA_WITH_AES_128_CBC_SHA256 */
+ {0x003D,KEX_RSA, ENC_AES256, 16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_RSA_WITH_AES_256_CBC_SHA256 */
+ {0x003E,KEX_DH_DSS, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DH_DSS_WITH_AES_128_CBC_SHA256 */
+ {0x003F,KEX_DH_RSA, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DH_RSA_WITH_AES_128_CBC_SHA256 */
+ {0x0040,KEX_DHE_DSS, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 */
+ {0x0041,KEX_RSA, ENC_CAMELLIA128,16,128,128,DIG_SHA, MODE_CBC }, /* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA */
+ {0x0042,KEX_DH_DSS, ENC_CAMELLIA128,16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA */
+ {0x0043,KEX_DH_RSA, ENC_CAMELLIA128,16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA */
+ {0x0044,KEX_DHE_DSS, ENC_CAMELLIA128,16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA */
+ {0x0045,KEX_DHE_RSA, ENC_CAMELLIA128,16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA */
+ {0x0046,KEX_DH_ANON, ENC_CAMELLIA128,16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA */
+ {0x0060,KEX_RSA, ENC_RC4, 1,128, 56,DIG_MD5, MODE_STREAM}, /* TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 */
+ {0x0061,KEX_RSA, ENC_RC2, 1,128, 56,DIG_MD5, MODE_STREAM}, /* TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 */
+ {0x0062,KEX_RSA, ENC_DES, 8, 64, 56,DIG_SHA, MODE_CBC }, /* TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA */
+ {0x0063,KEX_DHE_DSS, ENC_DES, 8, 64, 56,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA */
+ {0x0064,KEX_RSA, ENC_RC4, 1,128, 56,DIG_SHA, MODE_STREAM}, /* TLS_RSA_EXPORT1024_WITH_RC4_56_SHA */
+ {0x0065,KEX_DHE_DSS, ENC_RC4, 1,128, 56,DIG_SHA, MODE_STREAM}, /* TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA */
+ {0x0066,KEX_DHE_DSS, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_DHE_DSS_WITH_RC4_128_SHA */
+ {0x0067,KEX_DHE_RSA, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 */
+ {0x0068,KEX_DH_DSS, ENC_AES256, 16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DH_DSS_WITH_AES_256_CBC_SHA256 */
+ {0x0069,KEX_DH_RSA, ENC_AES256, 16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DH_RSA_WITH_AES_256_CBC_SHA256 */
+ {0x006A,KEX_DHE_DSS, ENC_AES256, 16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 */
+ {0x006B,KEX_DHE_RSA, ENC_AES256, 16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 */
+ {0x006C,KEX_DH_ANON, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DH_anon_WITH_AES_128_CBC_SHA256 */
+ {0x006D,KEX_DH_ANON, ENC_AES256, 16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DH_anon_WITH_AES_256_CBC_SHA256 */
+ {0x0084,KEX_RSA, ENC_CAMELLIA256,16,256,256,DIG_SHA, MODE_CBC }, /* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA */
+ {0x0085,KEX_DH_DSS, ENC_CAMELLIA256,16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA */
+ {0x0086,KEX_DH_RSA, ENC_CAMELLIA256,16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA */
+ {0x0087,KEX_DHE_DSS, ENC_CAMELLIA256,16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA */
+ {0x0088,KEX_DHE_RSA, ENC_CAMELLIA256,16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA */
+ {0x0089,KEX_DH_ANON, ENC_CAMELLIA256,16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA */
+ {0x008A,KEX_PSK, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_PSK_WITH_RC4_128_SHA */
+ {0x008B,KEX_PSK, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_PSK_WITH_3DES_EDE_CBC_SHA */
+ {0x008C,KEX_PSK, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_PSK_WITH_AES_128_CBC_SHA */
+ {0x008D,KEX_PSK, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_PSK_WITH_AES_256_CBC_SHA */
+ {0x008E,KEX_DHE_PSK, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_DHE_PSK_WITH_RC4_128_SHA */
+ {0x008F,KEX_DHE_PSK, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA */
+ {0x0090,KEX_DHE_PSK, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DHE_PSK_WITH_AES_128_CBC_SHA */
+ {0x0091,KEX_DHE_PSK, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_DHE_PSK_WITH_AES_256_CBC_SHA */
+ {0x0092,KEX_RSA_PSK, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_RSA_PSK_WITH_RC4_128_SHA */
+ {0x0093,KEX_RSA_PSK, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA */
+ {0x0094,KEX_RSA_PSK, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_RSA_PSK_WITH_AES_128_CBC_SHA */
+ {0x0095,KEX_RSA_PSK, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_RSA_PSK_WITH_AES_256_CBC_SHA */
+ {0x0096,KEX_RSA, ENC_SEED, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_RSA_WITH_SEED_CBC_SHA */
+ {0x0097,KEX_DH_DSS, ENC_SEED, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_DSS_WITH_SEED_CBC_SHA */
+ {0x0098,KEX_DH_RSA, ENC_SEED, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_RSA_WITH_SEED_CBC_SHA */
+ {0x0099,KEX_DHE_DSS, ENC_SEED, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DHE_DSS_WITH_SEED_CBC_SHA */
+ {0x009A,KEX_DHE_RSA, ENC_SEED, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DHE_RSA_WITH_SEED_CBC_SHA */
+ {0x009B,KEX_DH_ANON, ENC_SEED, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_DH_anon_WITH_SEED_CBC_SHA */
+ {0x009C,KEX_RSA, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_RSA_WITH_AES_128_GCM_SHA256 */
+ {0x009D,KEX_RSA, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_RSA_WITH_AES_256_GCM_SHA384 */
+ {0x009E,KEX_DHE_RSA, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 */
+ {0x009F,KEX_DHE_RSA, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 */
+ {0x00A0,KEX_DH_RSA, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DH_RSA_WITH_AES_128_GCM_SHA256 */
+ {0x00A1,KEX_DH_RSA, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DH_RSA_WITH_AES_256_GCM_SHA384 */
+ {0x00A2,KEX_DHE_DSS, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 */
+ {0x00A3,KEX_DHE_DSS, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 */
+ {0x00A4,KEX_DH_DSS, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DH_DSS_WITH_AES_128_GCM_SHA256 */
+ {0x00A5,KEX_DH_DSS, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DH_DSS_WITH_AES_256_GCM_SHA384 */
+ {0x00A6,KEX_DH_ANON, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DH_anon_WITH_AES_128_GCM_SHA256 */
+ {0x00A7,KEX_DH_ANON, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DH_anon_WITH_AES_256_GCM_SHA384 */
+ {0x00A8,KEX_PSK, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_PSK_WITH_AES_128_GCM_SHA256 */
+ {0x00A9,KEX_PSK, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_PSK_WITH_AES_256_GCM_SHA384 */
+ {0x00AA,KEX_DHE_PSK, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 */
+ {0x00AB,KEX_DHE_PSK, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 */
+ {0x00AC,KEX_RSA_PSK, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 */
+ {0x00AD,KEX_RSA_PSK, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 */
+ {0x00AE,KEX_PSK, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_PSK_WITH_AES_128_CBC_SHA256 */
+ {0x00AF,KEX_PSK, ENC_AES256, 16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_PSK_WITH_AES_256_CBC_SHA384 */
+ {0x00B0,KEX_PSK, ENC_NULL, 1, 0, 0,DIG_SHA256, MODE_STREAM}, /* TLS_PSK_WITH_NULL_SHA256 */
+ {0x00B1,KEX_PSK, ENC_NULL, 1, 0, 0,DIG_SHA384, MODE_STREAM}, /* TLS_PSK_WITH_NULL_SHA384 */
+ {0x00B2,KEX_DHE_PSK, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 */
+ {0x00B3,KEX_DHE_PSK, ENC_AES256, 16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 */
+ {0x00B4,KEX_DHE_PSK, ENC_NULL, 1, 0, 0,DIG_SHA256, MODE_STREAM}, /* TLS_DHE_PSK_WITH_NULL_SHA256 */
+ {0x00B5,KEX_DHE_PSK, ENC_NULL, 1, 0, 0,DIG_SHA384, MODE_STREAM}, /* TLS_DHE_PSK_WITH_NULL_SHA384 */
+ {0x00B6,KEX_RSA_PSK, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 */
+ {0x00B7,KEX_RSA_PSK, ENC_AES256, 16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 */
+ {0x00B8,KEX_RSA_PSK, ENC_NULL, 1, 0, 0,DIG_SHA256, MODE_STREAM}, /* TLS_RSA_PSK_WITH_NULL_SHA256 */
+ {0x00B9,KEX_RSA_PSK, ENC_NULL, 1, 0, 0,DIG_SHA384, MODE_STREAM}, /* TLS_RSA_PSK_WITH_NULL_SHA384 */
+ {0x00BA,KEX_RSA, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
+ {0x00BB,KEX_DH_DSS, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 */
+ {0x00BC,KEX_DH_RSA, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
+ {0x00BD,KEX_DHE_DSS, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 */
+ {0x00BE,KEX_DHE_RSA, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
+ {0x00BF,KEX_DH_ANON, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 */
+ {0x00C0,KEX_RSA, ENC_CAMELLIA256,16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 */
+ {0x00C1,KEX_DH_DSS, ENC_CAMELLIA256,16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 */
+ {0x00C2,KEX_DH_RSA, ENC_CAMELLIA256,16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 */
+ {0x00C3,KEX_DHE_DSS, ENC_CAMELLIA256,16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 */
+ {0x00C4,KEX_DHE_RSA, ENC_CAMELLIA256,16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 */
+ {0x00C5,KEX_DH_ANON, ENC_CAMELLIA256,16,256,256,DIG_SHA256, MODE_CBC }, /* TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 */
+ {0xC001,KEX_ECDH_ECDSA, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_ECDH_ECDSA_WITH_NULL_SHA */
+ {0xC002,KEX_ECDH_ECDSA, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_ECDH_ECDSA_WITH_RC4_128_SHA */
+ {0xC003,KEX_ECDH_ECDSA, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA */
+ {0xC004,KEX_ECDH_ECDSA, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA */
+ {0xC005,KEX_ECDH_ECDSA, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA */
+ {0xC006,KEX_ECDHE_ECDSA, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_ECDHE_ECDSA_WITH_NULL_SHA */
+ {0xC007,KEX_ECDHE_ECDSA, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_ECDHE_ECDSA_WITH_RC4_128_SHA */
+ {0xC008,KEX_ECDHE_ECDSA, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA */
+ {0xC009,KEX_ECDHE_ECDSA, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA */
+ {0xC00A,KEX_ECDHE_ECDSA, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA */
+ {0xC00B,KEX_ECDH_RSA, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_ECDH_RSA_WITH_NULL_SHA */
+ {0xC00C,KEX_ECDH_RSA, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_ECDH_RSA_WITH_RC4_128_SHA */
+ {0xC00D,KEX_ECDH_RSA, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA */
+ {0xC00E,KEX_ECDH_RSA, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_ECDH_RSA_WITH_AES_128_CBC_SHA */
+ {0xC00F,KEX_ECDH_RSA, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA */
+ {0xC010,KEX_ECDHE_RSA, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_ECDHE_RSA_WITH_NULL_SHA */
+ {0xC011,KEX_ECDHE_RSA, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_ECDHE_RSA_WITH_RC4_128_SHA */
+ {0xC012,KEX_ECDHE_RSA, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA */
+ {0xC013,KEX_ECDHE_RSA, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA */
+ {0xC014,KEX_ECDHE_RSA, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA */
+ {0xC015,KEX_ECDH_ANON, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_ECDH_anon_WITH_NULL_SHA */
+ {0xC016,KEX_ECDH_ANON, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_ECDH_anon_WITH_RC4_128_SHA */
+ {0xC017,KEX_ECDH_ANON, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA */
+ {0xC018,KEX_ECDH_ANON, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_ECDH_anon_WITH_AES_128_CBC_SHA */
+ {0xC019,KEX_ECDH_ANON, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_ECDH_anon_WITH_AES_256_CBC_SHA */
+ {0xC023,KEX_ECDHE_ECDSA, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 */
+ {0xC024,KEX_ECDHE_ECDSA, ENC_AES256, 16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 */
+ {0xC025,KEX_ECDH_ECDSA, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 */
+ {0xC026,KEX_ECDH_ECDSA, ENC_AES256, 16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 */
+ {0xC027,KEX_ECDHE_RSA, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 */
+ {0xC028,KEX_ECDHE_RSA, ENC_AES256, 16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 */
+ {0xC029,KEX_ECDH_RSA, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 */
+ {0xC02A,KEX_ECDH_RSA, ENC_AES256, 16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 */
+ {0xC02B,KEX_ECDHE_ECDSA, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 */
+ {0xC02C,KEX_ECDHE_ECDSA, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 */
+ {0xC02D,KEX_ECDH_ECDSA, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 */
+ {0xC02E,KEX_ECDH_ECDSA, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 */
+ {0xC02F,KEX_ECDHE_RSA, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 */
+ {0xC030,KEX_ECDHE_RSA, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 */
+ {0xC031,KEX_ECDH_RSA, ENC_AES, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 */
+ {0xC032,KEX_ECDH_RSA, ENC_AES256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 */
+ {0xC033,KEX_ECDHE_PSK, ENC_RC4, 1,128,128,DIG_SHA, MODE_STREAM}, /* TLS_ECDHE_PSK_WITH_RC4_128_SHA */
+ {0xC034,KEX_ECDHE_PSK, ENC_3DES, 8,192,192,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA */
+ {0xC035,KEX_ECDHE_PSK, ENC_AES, 16,128,128,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA */
+ {0xC036,KEX_ECDHE_PSK, ENC_AES256, 16,256,256,DIG_SHA, MODE_CBC }, /* TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA */
+ {0xC037,KEX_ECDHE_PSK, ENC_AES, 16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 */
+ {0xC038,KEX_ECDHE_PSK, ENC_AES256, 16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 */
+ {0xC039,KEX_ECDHE_PSK, ENC_NULL, 1, 0, 0,DIG_SHA, MODE_STREAM}, /* TLS_ECDHE_PSK_WITH_NULL_SHA */
+ {0xC03A,KEX_ECDHE_PSK, ENC_NULL, 1, 0, 0,DIG_SHA256, MODE_STREAM}, /* TLS_ECDHE_PSK_WITH_NULL_SHA256 */
+ {0xC03B,KEX_ECDHE_PSK, ENC_NULL, 1, 0, 0,DIG_SHA384, MODE_STREAM}, /* TLS_ECDHE_PSK_WITH_NULL_SHA384 */
+ {0xC072,KEX_ECDHE_ECDSA, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 */
+ {0xC073,KEX_ECDHE_ECDSA, ENC_CAMELLIA256,16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 */
+ {0xC074,KEX_ECDH_ECDSA, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 */
+ {0xC075,KEX_ECDH_ECDSA, ENC_CAMELLIA256,16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 */
+ {0xC076,KEX_ECDHE_RSA, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
+ {0xC077,KEX_ECDHE_RSA, ENC_CAMELLIA256,16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 */
+ {0xC078,KEX_ECDH_RSA, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
+ {0xC079,KEX_ECDH_RSA, ENC_CAMELLIA256,16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 */
+ {0xC07A,KEX_RSA, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 */
+ {0xC07B,KEX_RSA, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 */
+ {0xC07C,KEX_DHE_RSA, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 */
+ {0xC07D,KEX_DHE_RSA, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 */
+ {0xC07E,KEX_DH_RSA, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 */
+ {0xC07F,KEX_DH_RSA, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 */
+ {0xC080,KEX_DHE_DSS, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 */
+ {0xC081,KEX_DHE_DSS, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 */
+ {0xC082,KEX_DH_DSS, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 */
+ {0xC083,KEX_DH_DSS, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 */
+ {0xC084,KEX_DH_ANON, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 */
+ {0xC085,KEX_DH_ANON, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 */
+ {0xC086,KEX_ECDHE_ECDSA, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 */
+ {0xC087,KEX_ECDHE_ECDSA, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 */
+ {0xC088,KEX_ECDH_ECDSA, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 */
+ {0xC089,KEX_ECDH_ECDSA, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 */
+ {0xC08A,KEX_ECDHE_RSA, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 */
+ {0xC08B,KEX_ECDHE_RSA, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 */
+ {0xC08C,KEX_ECDH_RSA, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 */
+ {0xC08D,KEX_ECDH_RSA, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 */
+ {0xC08E,KEX_PSK, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 */
+ {0xC08F,KEX_PSK, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 */
+ {0xC090,KEX_DHE_PSK, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 */
+ {0xC091,KEX_DHE_PSK, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 */
+ {0xC092,KEX_RSA_PSK, ENC_CAMELLIA128, 4,128,128,DIG_SHA256, MODE_GCM }, /* TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 */
+ {0xC093,KEX_RSA_PSK, ENC_CAMELLIA256, 4,256,256,DIG_SHA384, MODE_GCM }, /* TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 */
+ {0xC094,KEX_PSK, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 */
+ {0xC095,KEX_PSK, ENC_CAMELLIA256,16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 */
+ {0xC096,KEX_DHE_PSK, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 */
+ {0xC097,KEX_DHE_PSK, ENC_CAMELLIA256,16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 */
+ {0xC098,KEX_RSA_PSK, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 */
+ {0xC099,KEX_RSA_PSK, ENC_CAMELLIA256,16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 */
+ {0xC09A,KEX_ECDHE_PSK, ENC_CAMELLIA128,16,128,128,DIG_SHA256, MODE_CBC }, /* TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 */
+ {0xC09B,KEX_ECDHE_PSK, ENC_CAMELLIA256,16,256,256,DIG_SHA384, MODE_CBC }, /* TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 */
+ {0xC09C,KEX_RSA, ENC_AES, 4,128,128,DIG_NA, MODE_CCM }, /* TLS_RSA_WITH_AES_128_CCM */
+ {0xC09D,KEX_RSA, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM }, /* TLS_RSA_WITH_AES_256_CCM */
+ {0xC09E,KEX_DHE_RSA, ENC_AES, 4,128,128,DIG_NA, MODE_CCM }, /* TLS_DHE_RSA_WITH_AES_128_CCM */
+ {0xC09F,KEX_DHE_RSA, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM }, /* TLS_DHE_RSA_WITH_AES_256_CCM */
+ {0xC0A0,KEX_RSA, ENC_AES, 4,128,128,DIG_NA, MODE_CCM_8 }, /* TLS_RSA_WITH_AES_128_CCM_8 */
+ {0xC0A1,KEX_RSA, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM_8 }, /* TLS_RSA_WITH_AES_256_CCM_8 */
+ {0xC0A2,KEX_DHE_RSA, ENC_AES, 4,128,128,DIG_NA, MODE_CCM_8 }, /* TLS_DHE_RSA_WITH_AES_128_CCM_8 */
+ {0xC0A3,KEX_DHE_RSA, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM_8 }, /* TLS_DHE_RSA_WITH_AES_256_CCM_8 */
+ {0xC0A4,KEX_PSK, ENC_AES, 4,128,128,DIG_NA, MODE_CCM }, /* TLS_PSK_WITH_AES_128_CCM */
+ {0xC0A5,KEX_PSK, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM }, /* TLS_PSK_WITH_AES_256_CCM */
+ {0xC0A6,KEX_DHE_PSK, ENC_AES, 4,128,128,DIG_NA, MODE_CCM }, /* TLS_DHE_PSK_WITH_AES_128_CCM */
+ {0xC0A7,KEX_DHE_PSK, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM }, /* TLS_DHE_PSK_WITH_AES_256_CCM */
+ {0xC0A8,KEX_PSK, ENC_AES, 4,128,128,DIG_NA, MODE_CCM_8 }, /* TLS_PSK_WITH_AES_128_CCM_8 */
+ {0xC0A9,KEX_PSK, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM_8 }, /* TLS_PSK_WITH_AES_256_CCM_8 */
+ {0xC0AA,KEX_DHE_PSK, ENC_AES, 4,128,128,DIG_NA, MODE_CCM_8 }, /* TLS_PSK_DHE_WITH_AES_128_CCM_8 */
+ {0xC0AB,KEX_DHE_PSK, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM_8 }, /* TLS_PSK_DHE_WITH_AES_256_CCM_8 */
+ {0xC0AC,KEX_ECDHE_ECDSA, ENC_AES, 4,128,128,DIG_NA, MODE_CCM }, /* TLS_ECDHE_ECDSA_WITH_AES_128_CCM */
+ {0xC0AD,KEX_ECDHE_ECDSA, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM }, /* TLS_ECDHE_ECDSA_WITH_AES_256_CCM */
+ {0xC0AE,KEX_ECDHE_ECDSA, ENC_AES, 4,128,128,DIG_NA, MODE_CCM_8 }, /* TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 */
+ {0xC0AF,KEX_ECDHE_ECDSA, ENC_AES256, 4,256,256,DIG_NA, MODE_CCM_8 }, /* TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 */
{-1, 0, 0, 0, 0, 0,0, MODE_STREAM}
};
static int
ssl_decrypt_pre_master_secret(SslDecryptSession *ssl_session,
StringInfo *encrypted_pre_master,
- SSL_PRIVATE_KEY *pk);
+ gcry_sexp_t pk);
static gboolean
ssl_restore_master_key(SslDecryptSession *ssl, const char *label,
gboolean is_pre_master, GHashTable *ht, StringInfo *key);
return FALSE;
}
+ /* check to see if the PMS was provided to us*/
+ if (ssl_restore_master_key(ssl_session, "Unencrypted pre-master secret", TRUE,
+ mk_map->pms, &ssl_session->client_random)) {
+ return TRUE;
+ }
+
if (ssl_session->cipher_suite.kex == KEX_PSK)
{
/* calculate pre master secret*/
static gboolean
ssl_decrypt_pre_master_secret(SslDecryptSession*ssl_session,
- StringInfo* encrypted_pre_master, SSL_PRIVATE_KEY *pk)
+ StringInfo* encrypted_pre_master, gcry_sexp_t pk)
{
gint i;
if (!encrypted_pre_master)
return FALSE;
-
- if(ssl_session->cipher_suite.kex == KEX_DH) {
+ if(ssl_session->cipher_suite.kex == KEX_DHE_DSS ||
+ ssl_session->cipher_suite.kex == KEX_DHE_PSK ||
+ ssl_session->cipher_suite.kex == KEX_DHE_RSA ||
+ ssl_session->cipher_suite.kex == KEX_DH_ANON ||
+ ssl_session->cipher_suite.kex == KEX_DH_DSS ||
+ ssl_session->cipher_suite.kex == KEX_DH_RSA) {
ssl_debug_printf("%s: session uses DH (%d) key exchange, which is "
- "impossible to decrypt\n", G_STRFUNC, KEX_DH);
+ "impossible to decrypt\n", G_STRFUNC, ssl_session->cipher_suite.kex);
return FALSE;
} else if(ssl_session->cipher_suite.kex != KEX_RSA) {
ssl_debug_printf("%s key exchange %d different from KEX_RSA (%d)\n",
}
#define RSA_PARS 6
-static SSL_PRIVATE_KEY*
-ssl_privkey_to_sexp(struct gnutls_x509_privkey_int* priv_key)
+static gcry_sexp_t
+ssl_privkey_to_sexp(gnutls_x509_privkey_t priv_key)
{
gnutls_datum_t rsa_datum[RSA_PARS]; /* m, e, d, p, q, u */
size_t tmp_size;
gcry_error_t gret;
gcry_sexp_t rsa_priv_key = NULL;
gint i;
- int ret;
- size_t buf_len;
- unsigned char buf_keyid[32];
-
-#ifdef SSL_FAST
- gcry_mpi_t* rsa_params = g_malloc(sizeof(gcry_mpi_t)*RSA_PARS);
-#else
- gcry_mpi_t rsa_params[RSA_PARS];
-#endif
-
- buf_len = sizeof(buf_keyid);
- ret = gnutls_x509_privkey_get_key_id(priv_key, 0, buf_keyid, &buf_len);
- if (ret != 0) {
- ssl_debug_printf( "gnutls_x509_privkey_get_key_id(ssl_pkey, 0, buf_keyid, &buf_len) - %s\n", gnutls_strerror(ret));
- } else {
- char* keyid = (char*)bytestring_to_str(NULL, buf_keyid, (int) buf_len, ':');
- ssl_debug_printf( "Private key imported: KeyID %s\n", keyid);
- wmem_free(NULL, keyid);
- }
+ gcry_mpi_t rsa_params[RSA_PARS];
/* RSA get parameter */
if (gnutls_x509_privkey_export_rsa_raw(priv_key,
&rsa_datum[4],
&rsa_datum[5]) != 0) {
ssl_debug_printf("ssl_load_key: can't export rsa param (is a rsa private key file ?!?)\n");
-#ifdef SSL_FAST
- g_free(rsa_params);
-#endif
return NULL;
}
g_free(rsa_datum[i].data);
if (gret != 0) {
ssl_debug_printf("ssl_load_key: can't convert m rsa param to int (size %d)\n", rsa_datum[i].size);
-#ifdef SSL_FAST
- g_free(rsa_params);
-#endif
return NULL;
}
}
if (gcry_mpi_cmp(rsa_params[3], rsa_params[4]) > 0)
{
ssl_debug_printf("ssl_load_key: swapping p and q parameters and recomputing u\n");
+ /* p, q = q, p */
gcry_mpi_swap(rsa_params[3], rsa_params[4]);
- gcry_mpi_invm(rsa_params[5], rsa_params[3], rsa_params[4]);
+ /* due to swapping p and q, u = p^-1 mod p which happens to be needed. */
}
+ /* libgcrypt expects u = p^-1 mod q (for OpenPGP), but the u parameter
+ * says u = q^-1 mod p. Recompute u = p^-1 mod q. Do this unconditionally as
+ * at least GnuTLS 2.12.23 computes an invalid value. */
+ gcry_mpi_invm(rsa_params[5], rsa_params[3], rsa_params[4]);
if (gcry_sexp_build( &rsa_priv_key, NULL,
"(private-key(rsa((n%m)(e%m)(d%m)(p%m)(q%m)(u%m))))", rsa_params[0],
rsa_params[1], rsa_params[2], rsa_params[3], rsa_params[4],
rsa_params[5]) != 0) {
ssl_debug_printf("ssl_load_key: can't build rsa private key s-exp\n");
-#ifdef SSL_FAST
- g_free(rsa_params);
-#endif
return NULL;
}
-#ifdef SSL_FAST
- return rsa_params;
-#else
for (i=0; i< 6; i++)
gcry_mpi_release(rsa_params[i]);
return rsa_priv_key;
-#endif
-
}
-Ssl_private_key_t *
+/** Load an RSA private key from specified file
+ @param fp the file that contain the key data
+ @return a pointer to the loaded key on success, or NULL */
+static gnutls_x509_privkey_t
ssl_load_key(FILE* fp)
{
/* gnutls makes our work much harder, since we have to work internally with
*/
gnutls_x509_privkey_t priv_key;
gnutls_datum_t key;
- long size;
+ ws_statb64 statbuf;
gint ret;
guint bytes;
- Ssl_private_key_t *private_key = (Ssl_private_key_t *)g_malloc0(sizeof(Ssl_private_key_t));
-
- /* init private key data*/
- gnutls_x509_privkey_init(&priv_key);
-
- /* compute file size and load all file contents into a datum buffer*/
- if (fseek(fp, 0, SEEK_END) < 0) {
- ssl_debug_printf("ssl_load_key: can't fseek file\n");
- g_free(private_key);
+ if (ws_fstat64(fileno(fp), &statbuf) == -1) {
+ ssl_debug_printf("ssl_load_key: can't ws_fstat64 file\n");
return NULL;
}
- if ((size = ftell(fp)) < 0) {
- ssl_debug_printf("ssl_load_key: can't ftell file\n");
- g_free(private_key);
+ if (S_ISDIR(statbuf.st_mode)) {
+ ssl_debug_printf("ssl_load_key: file is a directory\n");
+ errno = EISDIR;
return NULL;
}
- if (fseek(fp, 0, SEEK_SET) < 0) {
- ssl_debug_printf("ssl_load_key: can't re-fseek file\n");
- g_free(private_key);
+ if (S_ISFIFO(statbuf.st_mode)) {
+ ssl_debug_printf("ssl_load_key: file is a named pipe\n");
+ errno = EINVAL;
return NULL;
}
- key.data = (unsigned char *)g_malloc(size);
- key.size = (int)size;
+ if (!S_ISREG(statbuf.st_mode)) {
+ ssl_debug_printf("ssl_load_key: file is not a regular file\n");
+ errno = EINVAL;
+ return NULL;
+ }
+ /* XXX - check for a too-big size */
+ /* load all file contents into a datum buffer*/
+ key.data = (unsigned char *)g_malloc((size_t)statbuf.st_size);
+ key.size = (int)statbuf.st_size;
bytes = (guint) fread(key.data, 1, key.size, fp);
if (bytes < key.size) {
ssl_debug_printf("ssl_load_key: can't read from file %d bytes, got %d\n",
key.size, bytes);
- g_free(private_key);
g_free(key.data);
return NULL;
}
+ /* init private key data*/
+ gnutls_x509_privkey_init(&priv_key);
+
/* import PEM data*/
if ((ret = gnutls_x509_privkey_import(priv_key, &key, GNUTLS_X509_FMT_PEM)) != GNUTLS_E_SUCCESS) {
ssl_debug_printf("ssl_load_key: can't import pem data: %s\n", gnutls_strerror(ret));
- g_free(private_key);
g_free(key.data);
return NULL;
}
if (gnutls_x509_privkey_get_pk_algorithm(priv_key) != GNUTLS_PK_RSA) {
ssl_debug_printf("ssl_load_key: private key public key algorithm isn't RSA\n");
- g_free(private_key);
g_free(key.data);
return NULL;
}
g_free(key.data);
- private_key->x509_pkey = priv_key;
- private_key->sexp_pkey = ssl_privkey_to_sexp(priv_key);
- if ( !private_key->sexp_pkey ) {
- g_free(private_key);
- return NULL;
- }
- return private_key;
+ return priv_key;
}
static const char *
* @param[out] err error message upon failure; NULL upon success.
* @return a pointer to the loaded key on success; NULL upon failure.
*/
-static Ssl_private_key_t *
+static gnutls_x509_privkey_t
ssl_load_pkcs12(FILE* fp, const gchar *cert_passwd, char** err) {
int i, j, ret;
gnutls_datum_t data;
gnutls_pkcs12_bag_t bag = NULL;
gnutls_pkcs12_bag_type_t bag_type;
- size_t len, buf_len;
- static char buf_name[256];
- static char buf_email[128];
- unsigned char buf_keyid[32];
- char *tmp_str;
+ size_t len;
gnutls_pkcs12_t ssl_p12 = NULL;
- gnutls_x509_crt_t ssl_cert = NULL;
gnutls_x509_privkey_t ssl_pkey = NULL;
- Ssl_private_key_t *private_key = (Ssl_private_key_t *)g_malloc0(sizeof(Ssl_private_key_t));
+ gnutls_x509_privkey_t priv_key = NULL;
*err = NULL;
rest = 4096;
if (!feof(fp)) {
*err = g_strdup("Error during certificate reading.");
ssl_debug_printf("%s\n", *err);
- g_free(private_key);
g_free(data.data);
return 0;
}
if (ret < 0) {
*err = g_strdup_printf("gnutls_pkcs12_init(&st_p12) - %s", gnutls_strerror(ret));
ssl_debug_printf("%s\n", *err);
- g_free(private_key);
g_free(data.data);
return 0;
}
}
g_free(data.data);
if (ret < 0) {
- g_free(private_key);
return 0;
}
ssl_debug_printf( "PKCS#12 imported\n");
- for (i=0; ret==0; i++) {
-
- if (bag) { gnutls_pkcs12_bag_deinit(bag); bag = NULL; }
+ /* TODO: Use gnutls_pkcs12_simple_parse, since 3.1.0 (August 2012) */
+ for (i=0; ; i++) {
ret = gnutls_pkcs12_bag_init(&bag);
- if (ret < 0) continue;
+ if (ret < 0) break;
ret = gnutls_pkcs12_get_bag(ssl_p12, i, bag);
- if (ret < 0) continue;
+ if (ret < 0) break;
- for (j=0; ret==0 && j<gnutls_pkcs12_bag_get_count(bag); j++) {
+ for (j=0; j<gnutls_pkcs12_bag_get_count(bag); j++) {
bag_type = gnutls_pkcs12_bag_get_type(bag, j);
- if (bag_type >= GNUTLS_BAG_UNKNOWN) continue;
+ if (bag_type >= GNUTLS_BAG_UNKNOWN) goto done;
ssl_debug_printf( "Bag %d/%d: %s\n", i, j, BAGTYPE(bag_type));
if (bag_type == GNUTLS_BAG_ENCRYPTED) {
ret = gnutls_pkcs12_bag_decrypt(bag, cert_passwd);
if (ret == 0) {
bag_type = gnutls_pkcs12_bag_get_type(bag, j);
- if (bag_type >= GNUTLS_BAG_UNKNOWN) continue;
+ if (bag_type >= GNUTLS_BAG_UNKNOWN) goto done;
ssl_debug_printf( "Bag %d/%d decrypted: %s\n", i, j, BAGTYPE(bag_type));
}
}
ret = gnutls_pkcs12_bag_get_data(bag, j, &data);
- if (ret < 0) continue;
+ if (ret < 0) goto done;
switch (bag_type) {
- case GNUTLS_BAG_CERTIFICATE:
-
- ret = gnutls_x509_crt_init(&ssl_cert);
- if (ret < 0) {
- *err = g_strdup_printf("gnutls_x509_crt_init(&ssl_cert) - %s", gnutls_strerror(ret));
- ssl_debug_printf("%s\n", *err);
- g_free(private_key);
- return 0;
- }
-
- ret = gnutls_x509_crt_import(ssl_cert, &data, GNUTLS_X509_FMT_DER);
- if (ret < 0) {
- *err = g_strdup_printf("gnutls_x509_crt_import(ssl_cert, &data, GNUTLS_X509_FMT_DER) - %s", gnutls_strerror(ret));
- ssl_debug_printf("%s\n", *err);
- g_free(private_key);
- return 0;
- }
-
- buf_len = sizeof(buf_name);
- ret = gnutls_x509_crt_get_dn_by_oid(ssl_cert, GNUTLS_OID_X520_COMMON_NAME, 0, 0, buf_name, &buf_len);
- if (ret < 0) { g_strlcpy(buf_name, "<ERROR>", 256); }
- buf_len = sizeof(buf_email);
- ret = gnutls_x509_crt_get_dn_by_oid(ssl_cert, GNUTLS_OID_PKCS9_EMAIL, 0, 0, buf_email, &buf_len);
- if (ret < 0) { g_strlcpy(buf_email, "<ERROR>", 128); }
-
- buf_len = sizeof(buf_keyid);
- ret = gnutls_x509_crt_get_key_id(ssl_cert, 0, buf_keyid, &buf_len);
- if (ret < 0) { g_strlcpy(buf_keyid, "<ERROR>", 32); }
-
- private_key->x509_cert = ssl_cert;
- tmp_str = bytes_to_str(NULL, buf_keyid, (int) buf_len);
- ssl_debug_printf( "Certificate imported: %s <%s>, KeyID %s\n", buf_name, buf_email, tmp_str);
- wmem_free(NULL, tmp_str);
- break;
-
case GNUTLS_BAG_PKCS8_KEY:
case GNUTLS_BAG_PKCS8_ENCRYPTED_KEY:
if (ret < 0) {
*err = g_strdup_printf("gnutls_x509_privkey_init(&ssl_pkey) - %s", gnutls_strerror(ret));
ssl_debug_printf("%s\n", *err);
- g_free(private_key);
- return 0;
+ goto done;
}
ret = gnutls_x509_privkey_import_pkcs8(ssl_pkey, &data, GNUTLS_X509_FMT_DER, cert_passwd,
(bag_type==GNUTLS_BAG_PKCS8_KEY) ? GNUTLS_PKCS_PLAIN : 0);
if (ret < 0) {
*err = g_strdup_printf("Can not decrypt private key - %s", gnutls_strerror(ret));
ssl_debug_printf("%s\n", *err);
- g_free(private_key);
- return 0;
+ goto done;
}
if (gnutls_x509_privkey_get_pk_algorithm(ssl_pkey) != GNUTLS_PK_RSA) {
*err = g_strdup("ssl_load_pkcs12: private key public key algorithm isn't RSA");
ssl_debug_printf("%s\n", *err);
- g_free(private_key);
- return 0;
+ goto done;
}
- private_key->x509_pkey = ssl_pkey;
- private_key->sexp_pkey = ssl_privkey_to_sexp(ssl_pkey);
- if ( !private_key->sexp_pkey ) {
- *err = g_strdup("ssl_load_pkcs12: could not create sexp_pkey");
- ssl_debug_printf("%s\n", *err);
- g_free(private_key);
- return NULL;
- }
+ /* Private key found, return it. */
+ priv_key = ssl_pkey;
+ goto done;
break;
default: ;
}
} /* j */
+ if (bag) { gnutls_pkcs12_bag_deinit(bag); bag = NULL; }
} /* i */
- return private_key;
+done:
+ if (!priv_key && ssl_pkey)
+ gnutls_x509_privkey_deinit(ssl_pkey);
+ if (bag)
+ gnutls_pkcs12_bag_deinit(bag);
+
+ return priv_key;
}
-void ssl_free_key(Ssl_private_key_t* key)
+void
+ssl_private_key_free(gpointer key)
{
-#ifdef SSL_FAST
- gint i;
- for (i=0; i< 6; i++)
- gcry_mpi_release(key->sexp_pkey[i]);
-#else
- gcry_sexp_release(key->sexp_pkey);
-#endif
-
- if (!key->x509_cert)
- gnutls_x509_crt_deinit (key->x509_cert);
-
- if (!key->x509_pkey)
- gnutls_x509_privkey_deinit(key->x509_pkey);
-
- g_free((Ssl_private_key_t*)key);
+ gcry_sexp_release((gcry_sexp_t) key);
}
-void
-ssl_find_private_key(SslDecryptSession *ssl_session, GHashTable *key_hash, GTree* associations, packet_info *pinfo) {
- SslService dummy;
- char ip_addr_any[] = {0,0,0,0};
- guint32 port = 0;
- gchar *addr_string;
- Ssl_private_key_t * private_key;
-
- if (!ssl_session) {
- return;
- }
+static void
+ssl_find_private_key_by_pubkey(SslDecryptSession *ssl, GHashTable *key_hash,
+ gnutls_datum_t *subjectPublicKeyInfo)
+{
+ gnutls_pubkey_t pubkey = NULL;
+ guchar key_id[20];
+ size_t key_id_len = sizeof(key_id);
+ int r;
- /* we need to know which side of the conversation is speaking */
- if (ssl_packet_from_server(ssl_session, associations, pinfo)) {
- dummy.addr = pinfo->src;
- dummy.port = port = pinfo->srcport;
- } else {
- dummy.addr = pinfo->dst;
- dummy.port = port = pinfo->destport;
+ if (!subjectPublicKeyInfo->size) {
+ ssl_debug_printf("%s: could not find SubjectPublicKeyInfo\n", G_STRFUNC);
+ return;
}
- addr_string = address_to_str(NULL, &dummy.addr);
- ssl_debug_printf("ssl_find_private_key server %s:%u\n",
- addr_string, dummy.port);
- wmem_free(NULL, addr_string);
- if (g_hash_table_size(key_hash) == 0) {
- ssl_debug_printf("ssl_find_private_key: no keys found\n");
+ r = gnutls_pubkey_init(&pubkey);
+ if (r < 0) {
+ ssl_debug_printf("%s: failed to init pubkey: %s\n",
+ G_STRFUNC, gnutls_strerror(r));
return;
- } else {
- ssl_debug_printf("ssl_find_private_key: testing %i keys\n",
- g_hash_table_size(key_hash));
}
- /* try to retrieve private key for this service. Do it now 'cause pinfo
- * is not always available
- * Note that with HAVE_LIBGNUTLS undefined private_key is allways 0
- * and thus decryption never engaged*/
-
-
- ssl_session->private_key = 0;
- private_key = (Ssl_private_key_t *)g_hash_table_lookup(key_hash, &dummy);
-
- if (!private_key) {
- ssl_debug_printf("ssl_find_private_key can't find private key for this server! Try it again with universal port 0\n");
-
- dummy.port = 0;
- private_key = (Ssl_private_key_t *)g_hash_table_lookup(key_hash, &dummy);
+ r = gnutls_pubkey_import(pubkey, subjectPublicKeyInfo, GNUTLS_X509_FMT_DER);
+ if (r < 0) {
+ ssl_debug_printf("%s: failed to import pubkey from handshake: %s\n",
+ G_STRFUNC, gnutls_strerror(r));
+ goto end;
}
- if (!private_key) {
- ssl_debug_printf("ssl_find_private_key can't find private key for this server (universal port)! Try it again with universal address 0.0.0.0\n");
-
- dummy.addr.type = AT_IPv4;
- dummy.addr.len = 4;
- dummy.addr.data = ip_addr_any;
-
- dummy.port = port;
- private_key = (Ssl_private_key_t *)g_hash_table_lookup(key_hash, &dummy);
+ /* Generate a 20-byte SHA-1 hash. */
+ r = gnutls_pubkey_get_key_id(pubkey, 0, key_id, &key_id_len);
+ if (r < 0) {
+ ssl_debug_printf("%s: failed to extract key id from pubkey: %s\n",
+ G_STRFUNC, gnutls_strerror(r));
+ goto end;
}
- if (!private_key) {
- ssl_debug_printf("ssl_find_private_key can't find private key for this server! Try it again with universal address 0.0.0.0 and universal port 0\n");
-
- dummy.port = 0;
- private_key = (Ssl_private_key_t *)g_hash_table_lookup(key_hash, &dummy);
- }
+ ssl_print_data("lookup(KeyID)", key_id, key_id_len);
+ ssl->private_key = (gcry_sexp_t)g_hash_table_lookup(key_hash, key_id);
+ ssl_debug_printf("%s: lookup result: %p\n", G_STRFUNC, (void *) ssl->private_key);
- if (!private_key) {
- ssl_debug_printf("ssl_find_private_key can't find any private key!\n");
- } else {
- ssl_session->private_key = private_key->sexp_pkey;
- }
+end:
+ gnutls_pubkey_deinit(pubkey);
}
void
{
}
-Ssl_private_key_t *
-ssl_load_key(FILE* fp)
-{
- ssl_debug_printf("ssl_load_key: impossible without gnutls. fp %p\n",fp);
- return NULL;
-}
-
-Ssl_private_key_t *
-ssl_load_pkcs12(FILE* fp, const gchar *cert_passwd _U_, char** err) {
- *err = NULL;
- ssl_debug_printf("ssl_load_pkcs12: impossible without gnutls. fp %p\n",fp);
- return NULL;
-}
-
-void
-ssl_free_key(Ssl_private_key_t* key _U_)
-{
-}
-
void
-ssl_find_private_key(SslDecryptSession *ssl_session _U_, GHashTable *key_hash _U_, GTree* associations _U_, packet_info *pinfo _U_)
+ssl_private_key_free(gpointer key _U_)
{
}
#endif /* defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) */
/* get ssl data for this session. if no ssl data is found allocate a new one*/
-void
-ssl_session_init(SslDecryptSession* ssl_session)
+SslDecryptSession *
+ssl_get_session(conversation_t *conversation, dissector_handle_t ssl_handle)
{
- ssl_debug_printf("ssl_session_init: initializing ptr %p size %" G_GSIZE_MODIFIER "u\n",
- (void *)ssl_session, sizeof(SslDecryptSession));
+ void *conv_data;
+ SslDecryptSession *ssl_session;
+ int proto_ssl;
+
+ proto_ssl = dissector_handle_get_protocol_index(ssl_handle);
+ conv_data = conversation_get_proto_data(conversation, proto_ssl);
+ if (conv_data != NULL)
+ return (SslDecryptSession *)conv_data;
+
+ /* no previous SSL conversation info, initialize it. */
+ ssl_session = wmem_new0(wmem_file_scope(), SslDecryptSession);
/* data_len is the part that is meaningful, not the allocated length */
ssl_session->master_secret.data_len = 0;
ssl_session->client_data_for_iv.data = ssl_session->_client_data_for_iv;
ssl_session->app_data_segment.data = NULL;
ssl_session->app_data_segment.data_len = 0;
- SET_ADDRESS(&ssl_session->srv_addr, AT_NONE, 0, NULL);
- ssl_session->srv_ptype = PT_NONE;
- ssl_session->srv_port = 0;
ssl_session->handshake_data.data=NULL;
ssl_session->handshake_data.data_len=0;
+
+ /* Initialize parameters which are not necessary specific to decryption. */
+ ssl_session->session.version = SSL_VER_UNKNOWN;
+ SET_ADDRESS(&ssl_session->session.srv_addr, AT_NONE, 0, NULL);
+ ssl_session->session.srv_ptype = PT_NONE;
+ ssl_session->session.srv_port = 0;
+
+ conversation_add_proto_data(conversation, proto_ssl, ssl_session);
+ return ssl_session;
}
void
-ssl_set_server(SslDecryptSession* ssl, address *addr, port_type ptype, guint32 port)
+ssl_set_server(SslSession *session, address *addr, port_type ptype, guint32 port)
+{
+ WMEM_COPY_ADDRESS(wmem_file_scope(), &session->srv_addr, addr);
+ session->srv_ptype = ptype;
+ session->srv_port = port;
+}
+
+guint32
+ssl_starttls_ack(dissector_handle_t ssl_handle, packet_info *pinfo,
+ dissector_handle_t app_handle)
{
- SE_COPY_ADDRESS(&ssl->srv_addr, addr);
- ssl->srv_ptype = ptype;
- ssl->srv_port = port;
+ conversation_t *conversation;
+ SslSession *session;
+
+ /* Ignore if the SSL dissector is disabled. */
+ if (!ssl_handle)
+ return 0;
+ /* The caller should always pass a valid handle to its own dissector. */
+ DISSECTOR_ASSERT(app_handle);
+
+ conversation = find_or_create_conversation(pinfo);
+ session = &ssl_get_session(conversation, ssl_handle)->session;
+
+ ssl_debug_printf("%s: old frame %d, app_handle=%p (%s)\n", G_STRFUNC,
+ session->last_nontls_frame,
+ (void *)session->app_handle,
+ dissector_handle_get_dissector_name(session->app_handle));
+ ssl_debug_printf("%s: current frame %d, app_handle=%p (%s)\n", G_STRFUNC,
+ pinfo->fd->num, (void *)app_handle,
+ dissector_handle_get_dissector_name(app_handle));
+
+ /* Do not switch again if a dissector did it before. */
+ if (session->last_nontls_frame) {
+ ssl_debug_printf("%s: not overriding previous app handle!\n", G_STRFUNC);
+ return session->last_nontls_frame;
+ }
+
+ session->app_handle = app_handle;
+ /* The SSL dissector should be called first for this conversation. */
+ conversation_set_dissector(conversation, ssl_handle);
+ /* SSL starts after this frame. */
+ session->last_nontls_frame = pinfo->fd->num;
+ return 0;
}
/* Hash Functions for TLS/DTLS sessions table and private keys table*/
return hash;
}
-gint
+gboolean
ssl_private_key_equal (gconstpointer v, gconstpointer v2)
{
- const SslService *val1;
- const SslService *val2;
- val1 = (const SslService *)v;
- val2 = (const SslService *)v2;
-
- if ((val1->port == val2->port) &&
- ! CMP_ADDRESS(&val1->addr, &val2->addr)) {
- return 1;
- }
- return 0;
+ /* key ID length (SHA-1 hash, per GNUTLS_KEYID_USE_SHA1) */
+ return !memcmp(v, v2, 20);
}
guint
-ssl_private_key_hash (gconstpointer v)
+ssl_private_key_hash (gconstpointer v)
{
- const SslService *key;
- guint l, hash, len ;
- const guint* cur;
+ guint l, hash = 0;
+ const guint8 *cur = (const guint8 *)v;
- key = (const SslService *)v;
- hash = key->port;
- len = key->addr.len;
- hash |= len << 16;
- cur = (const guint*) key->addr.data;
-
- for (l=4; (l<len); l+=4, cur++)
- hash = hash ^ (*cur);
+ /* The public key' SHA-1 hash (which maps to a private key) has a uniform
+ * distribution, hence simply xor'ing them should be sufficient. */
+ for (l = 0; l < 20; l += 4, cur += 4)
+ hash ^= pntoh32(cur);
return hash;
}
-/* private key table entries have a scope 'larger' then packet capture,
- * so we can't relay on se_alloc** function */
-void
-ssl_private_key_free(gpointer id, gpointer key, gpointer dummy _U_)
-{
- if (id != NULL) {
- g_free(id);
- ssl_free_key((Ssl_private_key_t*) key);
- }
-}
-
/* handling of association between tls/dtls ports and clear text protocol */
void
ssl_association_add(GTree* associations, dissector_handle_t handle, guint port, const gchar *protocol, gboolean tcp, gboolean from_key_list)
}
int
-ssl_packet_from_server(SslDecryptSession* ssl, GTree* associations, packet_info *pinfo)
+ssl_packet_from_server(SslSession *session, GTree *associations, packet_info *pinfo)
{
gint ret;
- if (ssl && (ssl->srv_ptype != PT_NONE)) {
- ret = (ssl->srv_ptype == pinfo->ptype) && (ssl->srv_port == pinfo->srcport) && ADDRESSES_EQUAL(&ssl->srv_addr, &pinfo->src);
+ if (session->srv_ptype != PT_NONE) {
+ ret = (session->srv_ptype == pinfo->ptype) &&
+ (session->srv_port == pinfo->srcport) &&
+ ADDRESSES_EQUAL(&session->srv_addr, &pinfo->src);
} else {
- ret = ssl_association_find(associations, pinfo->srcport, pinfo->ptype == PT_TCP) != 0;
+ ret = ssl_association_find(associations, pinfo->srcport, pinfo->ptype != PT_UDP) != 0;
}
ssl_debug_printf("packet_from_server: is from server - %s\n", (ret)?"TRUE":"FALSE");
/* initialize/reset per capture state data (ssl sessions cache) */
void
-ssl_common_init(ssl_master_key_map_t *mk_map, FILE **ssl_keylog_file,
+ssl_common_init(ssl_master_key_map_t *mk_map,
StringInfo *decrypted_data, StringInfo *compressed_data)
{
- if (mk_map->session)
- g_hash_table_remove_all(mk_map->session);
- else
- mk_map->session = g_hash_table_new(ssl_hash, ssl_equal);
-
- if (mk_map->crandom)
- g_hash_table_remove_all(mk_map->crandom);
- else
- mk_map->crandom = g_hash_table_new(ssl_hash, ssl_equal);
+ mk_map->session = g_hash_table_new(ssl_hash, ssl_equal);
+ mk_map->crandom = g_hash_table_new(ssl_hash, ssl_equal);
+ mk_map->pre_master = g_hash_table_new(ssl_hash, ssl_equal);
+ mk_map->pms = g_hash_table_new(ssl_hash, ssl_equal);
+ ssl_data_alloc(decrypted_data, 32);
+ ssl_data_alloc(compressed_data, 32);
+}
- if (mk_map->pre_master)
- g_hash_table_remove_all(mk_map->pre_master);
- else
- mk_map->pre_master = g_hash_table_new(ssl_hash, ssl_equal);
+void
+ssl_common_cleanup(ssl_master_key_map_t *mk_map, FILE **ssl_keylog_file,
+ StringInfo *decrypted_data, StringInfo *compressed_data)
+{
+ g_hash_table_destroy(mk_map->session);
+ g_hash_table_destroy(mk_map->crandom);
+ g_hash_table_destroy(mk_map->pre_master);
+ g_hash_table_destroy(mk_map->pms);
g_free(decrypted_data->data);
- ssl_data_alloc(decrypted_data, 32);
-
g_free(compressed_data->data);
- ssl_data_alloc(compressed_data, 32);
/* close the previous keylog file now that the cache are cleared, this
* allows the cache to be filled with the full keylog file contents. */
}
/* parse ssl related preferences (private keys and ports association strings) */
+#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT)
void
-ssl_parse_key_list(const ssldecrypt_assoc_t * uats, GHashTable *key_hash, GTree* associations, dissector_handle_t handle, gboolean tcp)
+ssl_parse_key_list(const ssldecrypt_assoc_t *uats, GHashTable *key_hash, GTree* associations, dissector_handle_t handle, gboolean tcp)
{
- SslService* service;
- Ssl_private_key_t* private_key, *tmp_private_key;
+ gnutls_x509_privkey_t priv_key;
+ gcry_sexp_t private_key;
FILE* fp = NULL;
- guint32 addr_data[4];
- int addr_len, at;
- address_type addr_type[2] = { AT_IPv4, AT_IPv6 };
- gchar* address_string;
+ int ret;
+ size_t key_id_len = 20;
+ guchar *key_id = NULL;
/* try to load keys file first */
fp = ws_fopen(uats->keyfile, "rb");
return;
}
- for (at = 0; at < 2; at++) {
- memset(addr_data, 0, sizeof(addr_data));
- addr_len = 0;
-
- /* any: IPv4 or IPv6 wildcard */
- /* anyipv4: IPv4 wildcard */
- /* anyipv6: IPv6 wildcard */
-
- if(addr_type[at] == AT_IPv4) {
- if (strcmp(uats->ipaddr, "any") == 0 || strcmp(uats->ipaddr, "anyipv4") == 0 ||
- get_host_ipaddr(uats->ipaddr, &addr_data[0])) {
- addr_len = 4;
- }
- } else { /* AT_IPv6 */
- if(strcmp(uats->ipaddr, "any") == 0 || strcmp(uats->ipaddr, "anyipv6") == 0 ||
- get_host_ipaddr6(uats->ipaddr, (struct e_in6_addr *) addr_data)) {
- addr_len = 16;
- }
- }
-
- if (! addr_len) {
- continue;
- }
-
- /* reset the data pointer for the second iteration */
- rewind(fp);
-
- if ((gint)strlen(uats->password) == 0) {
- private_key = ssl_load_key(fp);
- } else {
- char *err = NULL;
- private_key = ssl_load_pkcs12(fp, uats->password, &err);
- if (err) {
- report_failure("%s\n", err);
- g_free(err);
- }
- }
-
- if (!private_key) {
- report_failure("Can't load private key from %s\n", uats->keyfile);
- fclose(fp);
- return;
+ if ((gint)strlen(uats->password) == 0) {
+ priv_key = ssl_load_key(fp);
+ } else {
+ char *err = NULL;
+ priv_key = ssl_load_pkcs12(fp, uats->password, &err);
+ if (err) {
+ report_failure("%s\n", err);
+ g_free(err);
}
+ }
+ fclose(fp);
- service = (SslService *)g_malloc(sizeof(SslService) + addr_len);
- service->addr.type = addr_type[at];
- service->addr.len = addr_len;
- service->addr.data = ((guchar*)service) + sizeof(SslService);
- memcpy((void*)service->addr.data, addr_data, addr_len);
+ if (!priv_key) {
+ report_failure("Can't load private key from %s\n", uats->keyfile);
+ return;
+ }
- if(strcmp(uats->port,"start_tls")==0) {
- service->port = 0;
- } else {
- service->port = atoi(uats->port);
- }
+ key_id = (guchar *) g_malloc0(key_id_len);
+ ret = gnutls_x509_privkey_get_key_id(priv_key, 0, key_id, &key_id_len);
+ if (ret < 0) {
+ report_failure("Can't calculate public key ID for %s: %s",
+ uats->keyfile, gnutls_strerror(ret));
+ goto end;
+ }
+ ssl_print_data("KeyID", key_id, key_id_len);
- /*
- * This gets called outside any dissection scope, so we have to
- * use a NULL scope and free it ourselves.
- */
- address_string = address_to_str(NULL, &service->addr);
- ssl_debug_printf("ssl_init %s addr '%s' (%s) port '%d' filename '%s' password(only for p12 file) '%s'\n",
- (addr_type[at] == AT_IPv4) ? "IPv4" : "IPv6", uats->ipaddr, address_string,
- service->port, uats->keyfile, uats->password);
- wmem_free(NULL, address_string);
-
- ssl_debug_printf("ssl_init private key file %s successfully loaded.\n", uats->keyfile);
-
- /* if item exists, remove first */
- tmp_private_key = (Ssl_private_key_t *)g_hash_table_lookup(key_hash, service);
- if (tmp_private_key) {
- g_hash_table_remove(key_hash, service);
- ssl_free_key(tmp_private_key);
- }
+ private_key = ssl_privkey_to_sexp(priv_key);
+ if (!private_key) {
+ report_failure("Can't extract private key parameters for %s", uats->keyfile);
+ goto end;
+ }
- g_hash_table_insert(key_hash, service, private_key);
+ g_hash_table_replace(key_hash, key_id, private_key);
+ key_id = NULL; /* used in key_hash, do not free. */
+ ssl_debug_printf("ssl_init private key file %s successfully loaded.\n", uats->keyfile);
- ssl_association_add(associations, handle, service->port, uats->protocol, tcp, TRUE);
+ {
+ /* Port to subprotocol mapping */
+ int port = atoi(uats->port); /* Also maps "start_tls" -> 0 (wildcard) */
+ ssl_debug_printf("ssl_init port '%d' filename '%s' password(only for p12 file) '%s'\n",
+ port, uats->keyfile, uats->password);
+ ssl_association_add(associations, handle, port, uats->protocol, tcp, TRUE);
}
- fclose(fp);
+end:
+ gnutls_x509_privkey_deinit(priv_key);
+ g_free(key_id);
}
+#else
+void
+ssl_parse_key_list(const ssldecrypt_assoc_t *uats _U_, GHashTable *key_hash _U_, GTree* associations _U_, dissector_handle_t handle _U_, gboolean tcp _U_)
+{
+ report_failure("Can't load private key files, support is not compiled in.");
+}
+#endif
/** store a known (pre-)master secret into cache */
static void
ssl_debug_printf("%s can't generate keyring material\n", G_STRFUNC);
return;
}
+ /* Save Client Random/ Session ID for "SSL Export Session keys" */
+ ssl_save_master_key("Client Random", mk_map->crandom,
+ &ssl->client_random, &ssl->master_secret);
ssl_save_master_key("Session ID", mk_map->session,
&ssl->session_id, &ssl->master_secret);
ssl_save_master_key("Session Ticket", mk_map->session,
/** keyfile handling */
-/* returns >0 on success and outputs regexes in regexes_out */
-static guint
-ssl_compile_keyfile_regexes(GRegex ***regexes_out)
+static GRegex *
+ssl_compile_keyfile_regex(void)
{
#define OCTET "(?:[[:xdigit:]]{2})"
-#define SSL_REGEX_MK "(" OCTET "{" G_STRINGIFY(SSL_MASTER_SECRET_LENGTH) "})"
- const gchar *patterns[] = {
- "RSA (" OCTET "{8}) " SSL_REGEX_MK,
- "RSA Session-ID:(" OCTET "+) Master-Key:" SSL_REGEX_MK,
- "CLIENT_RANDOM (" OCTET "{32}) " SSL_REGEX_MK
- };
-#undef SSL_REGEX_MK
+ const gchar *pattern =
+ "(?:"
+ /* Matches Client Hellos having this Client Random */
+ "PMS_CLIENT_RANDOM (?<client_random_pms>" OCTET "{32}) "
+ /* Matches first part of encrypted RSA pre-master secret */
+ "|RSA (?<encrypted_pmk>" OCTET "{8}) "
+ /* Pre-Master-Secret is given, it is 48 bytes for RSA,
+ but it can be of any length for DHE */
+ ")(?<pms>" OCTET "+)"
+ "|(?:"
+ /* Matches Server Hellos having a Session ID */
+ "RSA Session-ID:(?<session_id>" OCTET "+) Master-Key:"
+ /* Matches Client Hellos having this Client Random */
+ "|CLIENT_RANDOM (?<client_random>" OCTET "{32}) "
+ /* Master-Secret is given, its length is fixed */
+ ")(?<master_secret>" OCTET "{" G_STRINGIFY(SSL_MASTER_SECRET_LENGTH) "})";
#undef OCTET
- static GRegex **regexes = NULL;
- unsigned i;
+ static GRegex *regex = NULL;
GError *gerr = NULL;
- if (!regexes) {
- regexes = (GRegex**) g_malloc(array_length(patterns) * sizeof(GRegex *));
- for (i = 0; i < array_length(patterns); i++) {
- regexes[i] = g_regex_new(patterns[i], G_REGEX_OPTIMIZE,
- G_REGEX_MATCH_ANCHORED, &gerr);
- if (gerr) {
- ssl_debug_printf("%s failed to compile %s: %s\n", G_STRFUNC,
- patterns[i], gerr->message);
- g_error_free(gerr);
- /* failed to compile some regexes, free resources and fail */
- while (i-- > 0)
- g_regex_unref(regexes[i]);
- g_free(regexes);
- regexes = NULL;
- return 0;
- }
+ if (!regex) {
+ regex = g_regex_new(pattern, G_REGEX_OPTIMIZE,
+ G_REGEX_MATCH_ANCHORED, &gerr);
+ if (gerr) {
+ ssl_debug_printf("%s failed to compile regex: %s\n", G_STRFUNC,
+ gerr->message);
+ g_error_free(gerr);
+ regex = NULL;
}
}
- *regexes_out = regexes;
- return array_length(patterns);
+ return regex;
}
static gboolean
open_stat.st_size > current_stat.st_size;
}
+typedef struct ssl_master_key_match_group {
+ const char *re_group_name;
+ GHashTable *master_key_ht;
+} ssl_master_key_match_group_t;
+
void
ssl_load_keyfile(const gchar *ssl_keylog_filename, FILE **keylog_file,
const ssl_master_key_map_t *mk_map)
{
unsigned i;
- guint re_count;
- GRegex **regexes = NULL;
- GHashTable *hts[] = {
- mk_map->pre_master,
- mk_map->session,
- mk_map->crandom
+ GRegex *regex;
+ ssl_master_key_match_group_t mk_groups[] = {
+ { "encrypted_pmk", mk_map->pre_master },
+ { "session_id", mk_map->session },
+ { "client_random", mk_map->crandom },
+ { "client_random_pms", mk_map->pms},
};
-
/* no need to try if no key log file is configured. */
- if (!ssl_keylog_filename) {
+ if (!ssl_keylog_filename || !*ssl_keylog_filename) {
ssl_debug_printf("%s dtls/ssl.keylog_file is not configured!\n",
G_STRFUNC);
return;
* This is somewhat is a misnomer because there's nothing RSA specific
* about this.
*
+ * - "PMS_CLIENT_RANDOM xxxx yyyy"
+ * Where xxxx is the client_random from the ClientHello (hex-encoded)
+ * Where yyyy is the cleartext pre-master secret (hex-encoded)
+ * (This format allows SSL connections to be decrypted, if a user can
+ * capture the PMS but could not recover the MS for a specific session
+ * with a SSL Server.)
+ *
* - "CLIENT_RANDOM xxxx yyyy"
* Where xxxx is the client_random from the ClientHello (hex-encoded)
- * Where yyy is the cleartext master secret (hex-encoded)
+ * Where yyyy is the cleartext master secret (hex-encoded)
* (This format allows non-RSA SSL connections to be decrypted, i.e.
* ECDHE-RSA.)
*/
- re_count = ssl_compile_keyfile_regexes(®exes);
- if (re_count == 0)
+ regex = ssl_compile_keyfile_regex();
+ if (!regex)
return;
ssl_debug_printf("trying to use SSL keylog in %s\n", ssl_keylog_filename);
for (;;) {
char buf[512], *line;
gsize bytes_read;
+ GMatchInfo *mi;
line = fgets(buf, sizeof(buf), *keylog_file);
if (!line)
}
ssl_debug_printf(" checking keylog line: %s\n", line);
- for (i = 0; i < re_count; i++) {
- gchar *hex_key, *hex_ms;
- StringInfo *ms, *key;
- GMatchInfo *mi;
- if (!g_regex_match(regexes[i], line, G_REGEX_MATCH_ANCHORED, &mi)) {
- g_match_info_free(mi);
- continue;
+ if (g_regex_match(regex, line, G_REGEX_MATCH_ANCHORED, &mi)) {
+ gchar *hex_key, *hex_pre_ms_or_ms;
+ StringInfo *key = wmem_new(wmem_file_scope(), StringInfo);
+ StringInfo *pre_ms_or_ms = NULL;
+ GHashTable *ht = NULL;
+
+ /* Is the PMS being supplied with the PMS_CLIENT_RANDOM
+ * otherwise we will use the Master Secret
+ */
+ hex_pre_ms_or_ms = g_match_info_fetch_named(mi, "master_secret");
+ if (hex_pre_ms_or_ms == NULL || strlen(hex_pre_ms_or_ms) == 0){
+ g_free(hex_pre_ms_or_ms);
+ hex_pre_ms_or_ms = g_match_info_fetch_named(mi, "pms");
}
+ /* There is always a match, otherwise the regex is wrong. */
+ DISSECTOR_ASSERT(hex_pre_ms_or_ms && strlen(hex_pre_ms_or_ms));
/* convert from hex to bytes and save to hashtable */
- hex_key = g_match_info_fetch(mi, 1);
- hex_ms = g_match_info_fetch(mi, 2);
- g_match_info_free(mi);
-
- key = (StringInfo *) wmem_alloc(wmem_file_scope(), sizeof(StringInfo));
- ms = (StringInfo *) wmem_alloc(wmem_file_scope(), sizeof(StringInfo));
- from_hex(key, hex_key, strlen(hex_key));
- from_hex(ms, hex_ms, strlen(hex_ms));
- g_hash_table_insert(hts[i], key, ms);
- g_free(hex_key);
- g_free(hex_ms);
- ssl_debug_printf(" matched type %d\n", i);
- break; /* found a match, no need to continue */
- }
+ pre_ms_or_ms = wmem_new(wmem_file_scope(), StringInfo);
+ from_hex(pre_ms_or_ms, hex_pre_ms_or_ms, strlen(hex_pre_ms_or_ms));
+ g_free(hex_pre_ms_or_ms);
+
+ /* Find a master key from any format (CLIENT_RANDOM, SID, ...) */
+ for (i = 0; i < G_N_ELEMENTS(mk_groups); i++) {
+ ssl_master_key_match_group_t *g = &mk_groups[i];
+ hex_key = g_match_info_fetch_named(mi, g->re_group_name);
+ if (hex_key && *hex_key) {
+ ssl_debug_printf(" matched %s\n", g->re_group_name);
+ ht = g->master_key_ht;
+ from_hex(key, hex_key, strlen(hex_key));
+ g_free(hex_key);
+ break;
+ }
+ g_free(hex_key);
+ }
+ DISSECTOR_ASSERT(ht); /* Cannot be reached, or regex is wrong. */
+
+ g_hash_table_insert(ht, key, pre_ms_or_ms);
- if (i == re_count)
+ } else {
ssl_debug_printf(" unrecognized line\n");
+ }
+ /* always free match info even if there is no match. */
+ g_match_info_free(mi);
}
}
/* checks for SSL and DTLS UAT key list fields */
gboolean
-ssldecrypt_uat_fld_ip_chk_cb(void* r _U_, const char* p, guint len _U_, const void* u1 _U_, const void* u2 _U_, const char** err)
+ssldecrypt_uat_fld_ip_chk_cb(void* r _U_, const char* p, guint len _U_, const void* u1 _U_, const void* u2 _U_, char** err)
{
if (!p || strlen(p) == 0u) {
- *err = ep_strdup_printf("No IP address given.");
+ *err = g_strdup_printf("No IP address given.");
return FALSE;
}
}
gboolean
-ssldecrypt_uat_fld_port_chk_cb(void* r _U_, const char* p, guint len _U_, const void* u1 _U_, const void* u2 _U_, const char** err)
+ssldecrypt_uat_fld_port_chk_cb(void* r _U_, const char* p, guint len _U_, const void* u1 _U_, const void* u2 _U_, char** err)
{
if (!p || strlen(p) == 0u) {
- *err = ep_strdup_printf("No Port given.");
+ *err = g_strdup_printf("No Port given.");
return FALSE;
}
if (strcmp(p, "start_tls") != 0){
const gint i = atoi(p);
if (i < 0 || i > 65535) {
- *err = ep_strdup_printf("Invalid port given.");
+ *err = g_strdup_printf("Invalid port given.");
return FALSE;
}
}
}
gboolean
-ssldecrypt_uat_fld_protocol_chk_cb(void* r _U_, const char* p, guint len _U_, const void* u1 _U_, const void* u2 _U_, const char** err)
+ssldecrypt_uat_fld_protocol_chk_cb(void* r _U_, const char* p, guint len _U_, const void* u1 _U_, const void* u2 _U_, char** err)
{
if (!p || strlen(p) == 0u) {
- *err = ep_strdup_printf("No protocol given.");
+ *err = g_strdup_printf("No protocol given.");
return FALSE;
}
if (!find_dissector(p)) {
- *err = ep_strdup_printf("Could not find dissector for: '%s'\nValid dissectors are:\n%s", p, ssl_association_info());
+ if (proto_get_id_by_filter_name(p) != -1) {
+ *err = g_strdup_printf("While '%s' is a valid dissector filter name, that dissector is not configured"
+ " to support SSL decryption.\n\n"
+ "If you need to decrypt '%s' over SSL, please contact the Wireshark development team.", p, p);
+ } else {
+ char* ssl_str = ssl_association_info();
+ *err = g_strdup_printf("Could not find dissector for: '%s'\nCommonly used SSL dissectors include:\n%s", p, ssl_str);
+ g_free(ssl_str);
+ }
return FALSE;
}
}
gboolean
-ssldecrypt_uat_fld_fileopen_chk_cb(void* r _U_, const char* p, guint len _U_, const void* u1 _U_, const void* u2 _U_, const char** err)
+ssldecrypt_uat_fld_fileopen_chk_cb(void* r _U_, const char* p, guint len _U_, const void* u1 _U_, const void* u2 _U_, char** err)
{
ws_statb64 st;
if (!p || strlen(p) == 0u) {
- *err = ep_strdup_printf("No filename given.");
+ *err = g_strdup_printf("No filename given.");
return FALSE;
} else {
if (ws_stat64(p, &st) != 0) {
- *err = ep_strdup_printf("File '%s' does not exist or access is denied.", p);
+ *err = g_strdup_printf("File '%s' does not exist or access is denied.", p);
return FALSE;
}
}
}
gboolean
-ssldecrypt_uat_fld_password_chk_cb(void* r _U_, const char* p, guint len _U_, const void* u1 _U_, const void* u2 _U_, const char ** err)
+ssldecrypt_uat_fld_password_chk_cb(void *r _U_, const char *p _U_, guint len _U_, const void *u1 _U_, const void *u2 _U_, char **err)
{
+#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT)
ssldecrypt_assoc_t* f = (ssldecrypt_assoc_t *)r;
FILE *fp = NULL;
fp = ws_fopen(f->keyfile, "rb");
if (fp) {
char *msg = NULL;
- if (!ssl_load_pkcs12(fp, p, &msg)) {
+ gnutls_x509_privkey_t priv_key = ssl_load_pkcs12(fp, p, &msg);
+ if (!priv_key) {
fclose(fp);
- *err = ep_strdup_printf("Could not load PKCS#12 key file: %s", msg);
+ *err = g_strdup_printf("Could not load PKCS#12 key file: %s", msg);
g_free(msg);
return FALSE;
}
g_free(msg);
+ gnutls_x509_privkey_deinit(priv_key);
fclose(fp);
} else {
- *err = ep_strdup_printf("Leave this field blank if the keyfile is not PKCS#12.");
+ *err = g_strdup_printf("Leave this field blank if the keyfile is not PKCS#12.");
return FALSE;
}
}
*err = NULL;
return TRUE;
+#else
+ *err = g_strdup("Cannot load key files, support is not compiled in.");
+ return FALSE;
+#endif
}
TLS1.2 certificate request */
static gint
ssl_dissect_hash_alg_list(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree,
- guint32 offset, guint16 len)
+ packet_info* pinfo, guint32 offset, guint16 len)
{
guint32 offset_start;
proto_tree *subtree, *alg_tree;
subtree = proto_item_add_subtree(ti, hf->ett.hs_sig_hash_algs);
if (len % 2) {
- proto_tree_add_text(tree, tvb, offset, 2,
+ expert_add_info_format(pinfo, ti, &hf->ei.hs_sig_hash_algs_bad,
"Invalid Signature Hash Algorithm length: %d", len);
return offset-offset_start;
}
static gint
ssl_dissect_hnd_hello_ext_sig_hash_algs(ssl_common_dissect_t *hf, tvbuff_t *tvb,
- proto_tree *tree, guint32 offset, guint32 ext_len)
+ proto_tree *tree, packet_info* pinfo, guint32 offset, guint32 ext_len)
{
guint16 sh_alg_length;
gint ret;
return offset;
}
- ret = ssl_dissect_hash_alg_list(hf, tvb, tree, offset, sh_alg_length);
+ ret = ssl_dissect_hash_alg_list(hf, tvb, tree, pinfo, offset, sh_alg_length);
if (ret >= 0)
offset += ret;
static gint
ssl_dissect_hnd_hello_ext_alpn(ssl_common_dissect_t *hf, tvbuff_t *tvb,
- proto_tree *tree, guint32 offset, guint32 ext_len)
+ proto_tree *tree, guint32 offset, guint32 ext_len,
+ gboolean is_client, SslSession *session)
{
guint16 alpn_length;
guint8 name_length;
tvb, offset, alpn_length, ENC_NA);
alpn_tree = proto_item_add_subtree(ti, hf->ett.hs_ext_alpn);
+ /* If ALPN is given in ServerHello, then ProtocolNameList MUST contain
+ * exactly one "ProtocolName". */
+ if (!is_client) {
+ guint8 *proto_name;
+ size_t i;
+
+ name_length = tvb_get_guint8(tvb, offset);
+ /* '\0'-terminated string for prefix/full string comparison purposes. */
+ proto_name = tvb_get_string_enc(wmem_packet_scope(), tvb, offset + 1,
+ name_length, ENC_ASCII);
+ for (i = 0; i < G_N_ELEMENTS(ssl_alpn_protocols); i++) {
+ const ssl_alpn_protocol_t *alpn_proto = &ssl_alpn_protocols[i];
+
+ if (name_length >= alpn_proto->proto_name_len &&
+ (memcmp(proto_name, alpn_proto->proto_name,
+ alpn_proto->proto_name_len) == 0)) {
+
+ dissector_handle_t handle;
+ /* ProtocolName match, so set the App data dissector handle.
+ * This may override protocols given via the UAT dialog, but
+ * since the ALPN hint is precise, do it anyway. */
+ handle = find_dissector(alpn_proto->dissector_name);
+ ssl_debug_printf("%s: changing handle %p to %p (%s)", G_STRFUNC,
+ (void *)session->app_handle,
+ (void *)handle, alpn_proto->dissector_name);
+ /* if dissector is disabled, do not overwrite previous one */
+ if (handle)
+ session->app_handle = handle;
+ break;
+ }
+ }
+ }
+
while (alpn_length > 0) {
name_length = tvb_get_guint8(tvb, offset);
proto_tree_add_item(alpn_tree, hf->hf.hs_ext_alpn_str_len,
offset += 1;
if (reneg_info_length > 0) {
- proto_tree_add_text(reneg_info_tree, tvb, offset, reneg_info_length, "Renegotiation Info");
+ proto_tree_add_item(reneg_info_tree, hf->hf.hs_ext_reneg_info, tvb, offset, reneg_info_length, ENC_NA);
offset += reneg_info_length;
}
static gint
ssl_dissect_hnd_hello_ext(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree,
- guint32 offset, guint32 left, gboolean is_client,
+ packet_info* pinfo, guint32 offset, guint32 left, gboolean is_client,
SslSession *session, SslDecryptSession *ssl);
void
}
}
if (length > offset - start_offset) {
- ssl_dissect_hnd_hello_ext(hf, tvb, tree, offset,
+ ssl_dissect_hnd_hello_ext(hf, tvb, tree, pinfo, offset,
length - (offset - start_offset), TRUE,
session, ssl);
}
void
ssl_dissect_hnd_srv_hello(ssl_common_dissect_t *hf, tvbuff_t *tvb,
- proto_tree *tree, guint32 offset, guint32 length,
+ packet_info* pinfo, proto_tree *tree, guint32 offset, guint32 length,
SslSession *session, SslDecryptSession *ssl)
{
/* struct {
/* remaining data are extensions */
if (length > offset - start_offset) {
- ssl_dissect_hnd_hello_ext(hf, tvb, tree, offset,
+ ssl_dissect_hnd_hello_ext(hf, tvb, tree, pinfo, offset,
length - (offset - start_offset), FALSE,
session, ssl);
}
void
ssl_dissect_hnd_cert(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree,
guint32 offset, packet_info *pinfo,
- const SslSession *session, gint is_from_server)
+ const SslSession *session, SslDecryptSession *ssl _U_,
+ GHashTable *key_hash _U_, gint is_from_server)
{
- /* opaque ASN.1Cert<2^24-1>;
+ /* opaque ASN.1Cert<1..2^24-1>;
*
* struct {
- * ASN.1Cert certificate_list<1..2^24-1>;
+ * select(certificate_type) {
+ *
+ * // certificate type defined in RFC 7250
+ * case RawPublicKey:
+ * opaque ASN.1_subjectPublicKeyInfo<1..2^24-1>;
+ *
+ * // X.509 certificate defined in RFC 5246
+ * case X.509:
+ * ASN.1Cert certificate_list<0..2^24-1>;
+ * };
* } Certificate;
*/
- guint32 certificate_list_length;
- proto_item *ti;
- proto_tree *subtree;
+ enum { CERT_X509, CERT_RPK } cert_type;
asn1_ctx_t asn1_ctx;
-
- if (!tree)
- return;
+#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT)
+ gnutls_datum_t subjectPublicKeyInfo = { NULL, 0 };
+#endif
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
- certificate_list_length = tvb_get_ntoh24(tvb, offset);
- proto_tree_add_uint(tree, hf->hf.hs_certificates_len,
- tvb, offset, 3, certificate_list_length);
- offset += 3; /* 24-bit length value */
-
- if (certificate_list_length > 0) {
- ti = proto_tree_add_none_format(tree,
- hf->hf.hs_certificates,
- tvb, offset, certificate_list_length,
- "Certificates (%u bytes)",
- certificate_list_length);
-
- /* make it a subtree */
- subtree = proto_item_add_subtree(ti, hf->ett.certificates);
+ if ((is_from_server && session->server_cert_type == SSL_HND_CERT_TYPE_RAW_PUBLIC_KEY) ||
+ (!is_from_server && session->client_cert_type == SSL_HND_CERT_TYPE_RAW_PUBLIC_KEY)) {
+ cert_type = CERT_RPK;
+ } else {
+ cert_type = CERT_X509;
+ }
- /* iterate through each certificate */
- while (certificate_list_length > 0) {
- /* get the length of the current certificate */
- guint32 cert_length;
- cert_length = tvb_get_ntoh24(tvb, offset);
- certificate_list_length -= 3 + cert_length;
+#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT)
+ /* Ask the pkcs1 dissector to return the public key details */
+ if (ssl)
+ asn1_ctx.private_data = &subjectPublicKeyInfo;
+#endif
- proto_tree_add_item(subtree, hf->hf.hs_certificate_len,
+ switch (cert_type) {
+ case CERT_RPK:
+ {
+ proto_tree_add_item(tree, hf->hf.hs_certificate_len,
tvb, offset, 3, ENC_BIG_ENDIAN);
offset += 3;
- if ((is_from_server && session->server_cert_type == SSL_HND_CERT_TYPE_RAW_PUBLIC_KEY) ||
- (!is_from_server && session->client_cert_type == SSL_HND_CERT_TYPE_RAW_PUBLIC_KEY)) {
- dissect_x509af_SubjectPublicKeyInfo(FALSE, tvb, offset, &asn1_ctx, subtree, hf->hf.hs_certificate);
- } else {
- dissect_x509af_Certificate(FALSE, tvb, offset, &asn1_ctx, subtree, hf->hf.hs_certificate);
- }
+ dissect_x509af_SubjectPublicKeyInfo(FALSE, tvb, offset, &asn1_ctx, tree, hf->hf.hs_certificate);
+
+ break;
+ }
+ case CERT_X509:
+ {
+ guint32 certificate_list_length;
+ proto_item *ti;
+ proto_tree *subtree;
+
+ certificate_list_length = tvb_get_ntoh24(tvb, offset);
+
+ proto_tree_add_uint(tree, hf->hf.hs_certificates_len,
+ tvb, offset, 3, certificate_list_length);
+ offset += 3; /* 24-bit length value */
+
+ if (certificate_list_length > 0) {
+ ti = proto_tree_add_none_format(tree,
+ hf->hf.hs_certificates,
+ tvb, offset, certificate_list_length,
+ "Certificates (%u bytes)",
+ certificate_list_length);
+
+ /* make it a subtree */
+ subtree = proto_item_add_subtree(ti, hf->ett.certificates);
+
+ /* iterate through each certificate */
+ while (certificate_list_length > 0) {
+ /* get the length of the current certificate */
+ guint32 cert_length;
+ cert_length = tvb_get_ntoh24(tvb, offset);
+ certificate_list_length -= 3 + cert_length;
+
+ proto_tree_add_item(subtree, hf->hf.hs_certificate_len,
+ tvb, offset, 3, ENC_BIG_ENDIAN);
+ offset += 3;
+
+ dissect_x509af_Certificate(FALSE, tvb, offset, &asn1_ctx, subtree, hf->hf.hs_certificate);
+#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT)
+ /* Only attempt to get the RSA modulus for the first cert. */
+ asn1_ctx.private_data = NULL;
+#endif
- offset += cert_length;
+ offset += cert_length;
+ }
+ }
+ break;
}
}
+
+#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT)
+ if (ssl)
+ ssl_find_private_key_by_pubkey(ssl, key_hash, &subjectPublicKeyInfo);
+#endif
}
void
tvb, offset, 2, sh_alg_length);
offset += 2;
- ret = ssl_dissect_hash_alg_list(hf, tvb, tree, offset, sh_alg_length);
+ ret = ssl_dissect_hash_alg_list(hf, tvb, tree, pinfo, offset, sh_alg_length);
if (ret >= 0)
offset += ret;
break;
}
}
+static void
+ssl_dissect_digitally_signed(ssl_common_dissect_t *hf, tvbuff_t *tvb,
+ proto_tree *tree, guint32 offset,
+ const SslSession *session,
+ gint hf_sig_len, gint hf_sig);
+
+void
+ssl_dissect_hnd_cli_cert_verify(ssl_common_dissect_t *hf, tvbuff_t *tvb,
+ proto_tree *tree, guint32 offset,
+ const SslSession *session)
+{
+ ssl_dissect_digitally_signed(hf, tvb, tree, offset, session,
+ hf->hf.hs_client_cert_vrfy_sig_len,
+ hf->hf.hs_client_cert_vrfy_sig);
+}
+
void
ssl_dissect_hnd_finished(ssl_common_dissect_t *hf, tvbuff_t *tvb,
proto_tree *tree, guint32 offset,
static gint
ssl_dissect_hnd_hello_ext(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree,
- guint32 offset, guint32 left, gboolean is_client,
+ packet_info* pinfo, guint32 offset, guint32 left, gboolean is_client,
SslSession *session, SslDecryptSession *ssl)
{
guint16 extension_length;
offset = ssl_dissect_hnd_hello_ext_ec_point_formats(hf, tvb, ext_tree, offset);
break;
case SSL_HND_HELLO_EXT_SIG_HASH_ALGS:
- offset = ssl_dissect_hnd_hello_ext_sig_hash_algs(hf, tvb, ext_tree, offset, ext_len);
+ offset = ssl_dissect_hnd_hello_ext_sig_hash_algs(hf, tvb, ext_tree, pinfo, offset, ext_len);
break;
case SSL_HND_HELLO_EXT_ALPN:
- offset = ssl_dissect_hnd_hello_ext_alpn(hf, tvb, ext_tree, offset, ext_len);
+ offset = ssl_dissect_hnd_hello_ext_alpn(hf, tvb, ext_tree, offset, ext_len, is_client, session);
break;
case SSL_HND_HELLO_EXT_NPN:
offset = ssl_dissect_hnd_hello_ext_npn(hf, tvb, ext_tree, offset, ext_len);
}
-/* ServerKeyExchange algo-specific dissectors */
-
-/* dissects signed_params inside a ServerKeyExchange for some keyex algos */
+/* Dissects DigitallySigned (see RFC 5246 4.7 Cryptographic Attributes). */
static void
-dissect_ssl3_hnd_srv_keyex_sig(ssl_common_dissect_t *hf, tvbuff_t *tvb,
- proto_tree *tree, guint32 offset,
- const SslSession *session)
+ssl_dissect_digitally_signed(ssl_common_dissect_t *hf, tvbuff_t *tvb,
+ proto_tree *tree, guint32 offset,
+ const SslSession *session,
+ gint hf_sig_len, gint hf_sig)
{
gint sig_len;
proto_item *ti_algo;
/* Sig */
sig_len = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf->hf.hs_server_keyex_sig_len, tvb,
- offset, 2, ENC_BIG_ENDIAN);
- proto_tree_add_item(tree, hf->hf.hs_server_keyex_sig, tvb,
- offset + 2, sig_len, ENC_NA);
+ proto_tree_add_item(tree, hf_sig_len, tvb, offset, 2, ENC_BIG_ENDIAN);
+ proto_tree_add_item(tree, hf_sig, tvb, offset + 2, sig_len, ENC_NA);
+}
+
+/* ServerKeyExchange algo-specific dissectors */
+
+/* dissects signed_params inside a ServerKeyExchange for some keyex algos */
+static void
+dissect_ssl3_hnd_srv_keyex_sig(ssl_common_dissect_t *hf, tvbuff_t *tvb,
+ proto_tree *tree, guint32 offset,
+ const SslSession *session)
+{
+ /*
+ * TLSv1.2 (RFC 5246 sec 7.4.8)
+ * struct {
+ * digitally-signed struct {
+ * opaque handshake_messages[handshake_messages_length];
+ * }
+ * } CertificateVerify;
+ *
+ * TLSv1.0/TLSv1.1 (RFC 5436 sec 7.4.8 and 7.4.3) works essentially the same
+ * as TLSv1.2, but the hash algorithms are not explicit in digitally-signed.
+ *
+ * SSLv3 (RFC 6101 sec 5.6.8) esseentially works the same as TLSv1.0 but it
+ * does more hashing including the master secret and padding.
+ */
+ ssl_dissect_digitally_signed(hf, tvb, tree, offset, session,
+ hf->hf.hs_server_keyex_sig_len,
+ hf->hf.hs_server_keyex_sig);
}
static void
dissect_ssl3_hnd_srv_keyex_ecdh(ssl_common_dissect_t *hf, tvbuff_t *tvb,
proto_tree *tree, guint32 offset,
- guint32 length, const SslSession *session)
+ guint32 length, const SslSession *session,
+ gboolean anon)
{
/*
* RFC 4492 ECC cipher suites for TLS
offset + 1, point_len, ENC_NA);
offset += 1 + point_len;
- /* Signature */
- dissect_ssl3_hnd_srv_keyex_sig(hf, tvb, ssl_ecdh_tree, offset, session);
+ /* Signature (if non-anonymous KEX) */
+ if (!anon) {
+ dissect_ssl3_hnd_srv_keyex_sig(hf, tvb, ssl_ecdh_tree, offset, session);
+ }
}
static void
dissect_ssl3_hnd_srv_keyex_dhe(ssl_common_dissect_t *hf, tvbuff_t *tvb,
proto_tree *tree, guint32 offset, guint32 length,
- const SslSession *session)
+ const SslSession *session, gboolean anon)
{
gint p_len, g_len, ys_len;
proto_tree *ssl_dh_tree;
offset + 2, ys_len, ENC_NA);
offset += 2 + ys_len;
- /* Signature */
- dissect_ssl3_hnd_srv_keyex_sig(hf, tvb, ssl_dh_tree, offset, session);
+ /* Signature (if non-anonymous KEX) */
+ if (!anon) {
+ dissect_ssl3_hnd_srv_keyex_sig(hf, tvb, ssl_dh_tree, offset, session);
+ }
}
/* Only used in RSA-EXPORT cipher suites */
const SslSession *session)
{
switch (ssl_get_keyex_alg(session->cipher)) {
- case KEX_RSA: /* rsa: EncryptedPreMasterSecret */
- dissect_ssl3_hnd_cli_keyex_rsa(hf, tvb, tree, offset, length, session);
- break;
- case KEX_DH: /* DHE_RSA: ClientDiffieHellmanPublic */
- /* XXX: DHE_DSS, DH_DSS, DH_RSA, DH_ANON; same format */
+ case KEX_DH_ANON: /* RFC 5246; DHE_DSS, DHE_RSA, DH_DSS, DH_RSA, DH_ANON: ClientDiffieHellmanPublic */
+ case KEX_DH_DSS:
+ case KEX_DH_RSA:
+ case KEX_DHE_DSS:
+ case KEX_DHE_RSA:
dissect_ssl3_hnd_cli_keyex_dh(hf, tvb, tree, offset, length);
break;
- case KEX_ECDH: /* ec_diffie_hellman: ClientECDiffieHellmanPublic */
+ case KEX_DHE_PSK: /* RFC 4279; diffie_hellman_psk: psk_identity, ClientDiffieHellmanPublic */
+ /* XXX: implement support for DHE_PSK */
+ break;
+ case KEX_ECDH_ANON: /* RFC 4492; ec_diffie_hellman: ClientECDiffieHellmanPublic */
+ case KEX_ECDH_ECDSA:
+ case KEX_ECDH_RSA:
+ case KEX_ECDHE_ECDSA:
+ case KEX_ECDHE_RSA:
dissect_ssl3_hnd_cli_keyex_ecdh(hf, tvb, tree, offset, length);
break;
- case KEX_PSK:
+ case KEX_ECDHE_PSK: /* RFC 5489; ec_diffie_hellman_psk: psk_identity, ClientECDiffieHellmanPublic */
+ /* XXX: implement support for ECDHE_PSK */
+ break;
+ case KEX_KRB5: /* RFC 2712; krb5: KerberosWrapper */
+ /* XXX: implement support for KRB5 */
+ break;
+ case KEX_PSK: /* RFC 4279; psk: psk_identity */
dissect_ssl3_hnd_cli_keyex_psk(hf, tvb, tree, offset, length);
break;
- case KEX_RSA_PSK:
+ case KEX_RSA: /* RFC 5246; rsa: EncryptedPreMasterSecret */
+ dissect_ssl3_hnd_cli_keyex_rsa(hf, tvb, tree, offset, length, session);
+ break;
+ case KEX_RSA_PSK: /* RFC 4279; rsa_psk: psk_identity, EncryptedPreMasterSecret */
dissect_ssl3_hnd_cli_keyex_rsa_psk(hf, tvb, tree, offset, length);
break;
+ case KEX_SRP_SHA: /* RFC 5054; srp: ClientSRPPublic */
+ case KEX_SRP_SHA_DSS:
+ case KEX_SRP_SHA_RSA:
+ /* XXX: implement support for SRP_SHA* */
+ break;
+ default:
+ /* XXX: add info message for not supported KEX algo */
+ break;
}
}
const SslSession *session)
{
switch (ssl_get_keyex_alg(session->cipher)) {
- case KEX_DH: /* DHE_RSA: ServerDHParams + signature */
- /* XXX: DHE_DSS, same format */
- /* XXX: DHE_ANON, almost the same, but without signed_params */
- dissect_ssl3_hnd_srv_keyex_dhe(hf, tvb, tree, offset, length, session);
+ case KEX_DH_ANON: /* RFC 5246; ServerDHParams */
+ dissect_ssl3_hnd_srv_keyex_dhe(hf, tvb, tree, offset, length, session, TRUE);
break;
- case KEX_RSA: /* TLSv1.0 and older: RSA_EXPORT cipher suites */
- dissect_ssl3_hnd_srv_keyex_rsa(hf, tvb, tree, offset, length, session);
+ case KEX_DH_DSS: /* RFC 5246; not allowed */
+ case KEX_DH_RSA:
+ /* XXX: add error on not allowed KEX */
+ break;
+ case KEX_DHE_DSS: /* RFC 5246; dhe_dss, dhe_rsa: ServerDHParams, Signature */
+ case KEX_DHE_RSA:
+ dissect_ssl3_hnd_srv_keyex_dhe(hf, tvb, tree, offset, length, session, FALSE);
+ break;
+ case KEX_DHE_PSK: /* RFC 4279; diffie_hellman_psk: psk_identity_hint, ServerDHParams */
+ /* XXX: implement support for DHE_PSK */
break;
- case KEX_ECDH: /* ec_diffie_hellman: ServerECDHParams + signature */
- dissect_ssl3_hnd_srv_keyex_ecdh(hf, tvb, tree, offset, length, session);
+ case KEX_ECDH_ANON: /* RFC 4492; ec_diffie_hellman: ServerECDHParams (without signature for anon) */
+ dissect_ssl3_hnd_srv_keyex_ecdh(hf, tvb, tree, offset, length, session, TRUE);
break;
+ case KEX_ECDHE_PSK: /* RFC 5489; psk_identity_hint, ServerECDHParams */
+ /* XXX: implement support for ECDHE_PSK */
+ break;
+ case KEX_ECDH_ECDSA: /* RFC 4492; ec_diffie_hellman: ServerECDHParams, Signature */
+ case KEX_ECDH_RSA:
+ case KEX_ECDHE_ECDSA:
+ case KEX_ECDHE_RSA:
+ dissect_ssl3_hnd_srv_keyex_ecdh(hf, tvb, tree, offset, length, session, FALSE);
+ break;
+ case KEX_KRB5: /* RFC 2712; not allowed */
+ /* XXX: add error on not allowed KEX */
+ break;
+ case KEX_PSK: /* RFC 4279; psk, rsa: psk_identity*/
case KEX_RSA_PSK:
- case KEX_PSK:
dissect_ssl3_hnd_srv_keyex_psk(hf, tvb, tree, offset, length);
break;
+ case KEX_RSA: /* only allowed if the public key in the server certificate is longer than 512 bits*/
+ dissect_ssl3_hnd_srv_keyex_rsa(hf, tvb, tree, offset, length, session);
+ break;
+ case KEX_SRP_SHA: /* RFC 5054; srp: ServerSRPParams, Signature */
+ case KEX_SRP_SHA_DSS:
+ case KEX_SRP_SHA_RSA:
+ /* XXX: implement support for SRP_SHA* */
+ break;
+ default:
+ /* XXX: add info message for not supported KEX algo */
+ break;
}
}
ssl_common_register_options(module_t *module, ssl_common_options_t *options)
{
prefs_register_string_preference(module, "psk", "Pre-Shared-Key",
- "Pre-Shared-Key as HEX string, should be 0 to 16 bytes",
+ "Pre-Shared-Key as HEX string. Should be 0 to 16 bytes.",
&(options->psk));
prefs_register_filename_preference(module, "keylog_file", "(Pre)-Master-Secret log filename",
- "The filename of a file which contains a list of \n"
+ "The name of a file which contains a list of \n"
"(pre-)master secrets in one of the following formats:\n"
"\n"
"RSA <EPMS> <PMS>\n"
"RSA Session-ID:<SSLID> Master-Key:<MS>\n"
"CLIENT_RANDOM <CRAND> <MS>\n"
+ "PMS_CLIENT_RANDOM <CRAND> <PMS>\n"
"\n"
"Where:\n"
"<EPMS> = First 8 bytes of the Encrypted PMS\n"
- "<PMS> = The Pre-Master-Secret (PMS)\n"
+ "<PMS> = The Pre-Master-Secret (PMS) used to derive the MS\n"
"<SSLID> = The SSL Session ID\n"
"<MS> = The Master-Secret (MS)\n"
"<CRAND> = The Client's random number from the ClientHello message\n"