5 * ssl manipulation functions
6 * By Paolo Abeni <paolo.abeni@email.com>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
23 #ifndef __SSL_UTILS_H_
24 #define __SSL_UTILS_H_
27 #include <epan/packet.h>
28 #include <epan/gnuc_format_check.h>
29 #include <epan/value_string.h>
33 #include <winposixtype.h>
38 #include <gnutls/x509.h>
39 #include <gnutls/openssl.h>
41 #include <epan/conversation.h>
43 /* #define SSL_FAST 1 */
44 #define SSL_DECRYPT_DEBUG
46 #define SSL_CIPHER_CTX gcry_cipher_hd_t
48 #define SSL_PRIVATE_KEY gcry_mpi_t
50 #define SSL_PRIVATE_KEY struct gcry_sexp
52 #else /* HAVE_LIBGNUTLS */
53 #define SSL_CIPHER_CTX void*
54 #define SSL_PRIVATE_KEY void
55 #endif /* HAVE_LIBGNUTLS */
57 /* The TCP port to associate with by default */
58 #define TCP_PORT_SSL 443
59 #define TCP_PORT_SSL_LDAP 636
60 #define TCP_PORT_SSL_IMAP 993
61 #define TCP_PORT_SSL_POP 995
63 /* version state tables */
64 #define SSL_VER_UNKNOWN 0
65 #define SSL_VER_SSLv2 1
66 #define SSL_VER_SSLv3 2
68 #define SSL_VER_TLSv1DOT1 4
69 #define SSL_VER_DTLS 5
72 /* corresponds to the #defines above */
74 static const gchar* ssl_version_short_names[] = {
85 #define SSL_ID_CHG_CIPHER_SPEC 0x14
86 #define SSL_ID_ALERT 0x15
87 #define SSL_ID_HANDSHAKE 0x16
88 #define SSL_ID_APP_DATA 0x17
90 #define SSL_HND_HELLO_REQUEST 0
91 #define SSL_HND_CLIENT_HELLO 1
92 #define SSL_HND_SERVER_HELLO 2
93 #define SSL_HND_HELLO_VERIFY_REQUEST 3
94 #define SSL_HND_CERTIFICATE 11
95 #define SSL_HND_SERVER_KEY_EXCHG 12
96 #define SSL_HND_CERT_REQUEST 13
97 #define SSL_HND_SVR_HELLO_DONE 14
98 #define SSL_HND_CERT_VERIFY 15
99 #define SSL_HND_CLIENT_KEY_EXCHG 16
100 #define SSL_HND_FINISHED 20
102 #define SSL2_HND_ERROR 0x00
103 #define SSL2_HND_CLIENT_HELLO 0x01
104 #define SSL2_HND_CLIENT_MASTER_KEY 0x02
105 #define SSL2_HND_CLIENT_FINISHED 0x03
106 #define SSL2_HND_SERVER_HELLO 0x04
107 #define SSL2_HND_SERVER_VERIFY 0x05
108 #define SSL2_HND_SERVER_FINISHED 0x06
109 #define SSL2_HND_REQUEST_CERTIFICATE 0x07
110 #define SSL2_HND_CLIENT_CERTIFICATE 0x08
112 #define PCT_VERSION_1 0x8001
114 #define PCT_MSG_CLIENT_HELLO 0x01
115 #define PCT_MSG_SERVER_HELLO 0x02
116 #define PCT_MSG_CLIENT_MASTER_KEY 0x03
117 #define PCT_MSG_SERVER_VERIFY 0x04
118 #define PCT_MSG_ERROR 0x05
120 #define PCT_CH_OFFSET_V1 0xa
122 #define PCT_CIPHER_DES 0x01
123 #define PCT_CIPHER_IDEA 0x02
124 #define PCT_CIPHER_RC2 0x03
125 #define PCT_CIPHER_RC4 0x04
126 #define PCT_CIPHER_DES_112 0x05
127 #define PCT_CIPHER_DES_168 0x06
129 #define PCT_HASH_MD5 0x0001
130 #define PCT_HASH_MD5_TRUNC_64 0x0002
131 #define PCT_HASH_SHA 0x0003
132 #define PCT_HASH_SHA_TRUNC_80 0x0004
133 #define PCT_HASH_DES_DM 0x0005
135 #define PCT_CERT_NONE 0x00
136 #define PCT_CERT_X509 0x01
137 #define PCT_CERT_PKCS7 0x02
139 #define PCT_SIG_NONE 0x0000
140 #define PCT_SIG_RSA_MD5 0x0001
141 #define PCT_SIG_RSA_SHA 0x0002
142 #define PCT_SIG_DSA_SHA 0x0003
144 #define PCT_EXCH_RSA_PKCS1 0x01
145 #define PCT_EXCH_RSA_PKCS1_TOKEN_DES 0x02
146 #define PCT_EXCH_RSA_PKCS1_TOKEN_DES3 0x03
147 #define PCT_EXCH_RSA_PKCS1_TOKEN_RC2 0x04
148 #define PCT_EXCH_RSA_PKCS1_TOKEN_RC4 0x05
149 #define PCT_EXCH_DH_PKCS3 0x06
150 #define PCT_EXCH_DH_PKCS3_TOKEN_DES 0x07
151 #define PCT_EXCH_DH_PKCS3_TOKEN_DES3 0x08
152 #define PCT_EXCH_FORTEZZA_TOKEN 0x09
154 #define PCT_ERR_BAD_CERTIFICATE 0x01
155 #define PCT_ERR_CLIENT_AUTH_FAILED 0x02
156 #define PCT_ERR_ILLEGAL_MESSAGE 0x03
157 #define PCT_ERR_INTEGRITY_CHECK_FAILED 0x04
158 #define PCT_ERR_SERVER_AUTH_FAILED 0x05
159 #define PCT_ERR_SPECS_MISMATCH 0x06
165 static const value_string ssl_20_msg_types[] = {
166 { SSL2_HND_ERROR, "Error" },
167 { SSL2_HND_CLIENT_HELLO, "Client Hello" },
168 { SSL2_HND_CLIENT_MASTER_KEY, "Client Master Key" },
169 { SSL2_HND_CLIENT_FINISHED, "Client Finished" },
170 { SSL2_HND_SERVER_HELLO, "Server Hello" },
171 { SSL2_HND_SERVER_VERIFY, "Server Verify" },
172 { SSL2_HND_SERVER_FINISHED, "Server Finished" },
173 { SSL2_HND_REQUEST_CERTIFICATE, "Request Certificate" },
174 { SSL2_HND_CLIENT_CERTIFICATE, "Client Certificate" },
178 static const value_string ssl_20_cipher_suites[] = {
179 { 0x010080, "SSL2_RC4_128_WITH_MD5" },
180 { 0x020080, "SSL2_RC4_128_EXPORT40_WITH_MD5" },
181 { 0x030080, "SSL2_RC2_CBC_128_CBC_WITH_MD5" },
182 { 0x040080, "SSL2_RC2_CBC_128_CBC_WITH_MD5" },
183 { 0x050080, "SSL2_IDEA_128_CBC_WITH_MD5" },
184 { 0x060040, "SSL2_DES_64_CBC_WITH_MD5" },
185 { 0x0700c0, "SSL2_DES_192_EDE3_CBC_WITH_MD5" },
186 { 0x080080, "SSL2_RC4_64_WITH_MD5" },
187 { 0x000000, "TLS_NULL_WITH_NULL_NULL" },
188 { 0x000001, "TLS_RSA_WITH_NULL_MD5" },
189 { 0x000002, "TLS_RSA_WITH_NULL_SHA" },
190 { 0x000003, "TLS_RSA_EXPORT_WITH_RC4_40_MD5" },
191 { 0x000004, "TLS_RSA_WITH_RC4_128_MD5" },
192 { 0x000005, "TLS_RSA_WITH_RC4_128_SHA" },
193 { 0x000006, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5" },
194 { 0x000007, "TLS_RSA_WITH_IDEA_CBC_SHA" },
195 { 0x000008, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA" },
196 { 0x000009, "TLS_RSA_WITH_DES_CBC_SHA" },
197 { 0x00000a, "TLS_RSA_WITH_3DES_EDE_CBC_SHA" },
198 { 0x00000b, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA" },
199 { 0x00000c, "TLS_DH_DSS_WITH_DES_CBC_SHA" },
200 { 0x00000d, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA" },
201 { 0x00000e, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA" },
202 { 0x00000f, "TLS_DH_RSA_WITH_DES_CBC_SHA" },
203 { 0x000010, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA" },
204 { 0x000011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA" },
205 { 0x000012, "TLS_DHE_DSS_WITH_DES_CBC_SHA" },
206 { 0x000013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA" },
207 { 0x000014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA" },
208 { 0x000015, "TLS_DHE_RSA_WITH_DES_CBC_SHA" },
209 { 0x000016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA" },
210 { 0x000017, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5" },
211 { 0x000018, "TLS_DH_anon_WITH_RC4_128_MD5" },
212 { 0x000019, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA" },
213 { 0x00001a, "TLS_DH_anon_WITH_DES_CBC_SHA" },
214 { 0x00001b, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA" },
215 { 0x00001c, "SSL_FORTEZZA_KEA_WITH_NULL_SHA" },
216 { 0x00001d, "SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA" },
217 { 0x00001e, "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA" },
218 { 0x00002f, "TLS_RSA_WITH_AES_128_CBC_SHA" },
219 { 0x000030, "TLS_DH_DSS_WITH_AES_128_CBC_SHA" },
220 { 0x000031, "TLS_DH_RSA_WITH_AES_128_CBC_SHA" },
221 { 0x000032, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA" },
222 { 0x000033, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" },
223 { 0x000034, "TLS_DH_anon_WITH_AES_128_CBC_SHA" },
224 { 0x000035, "TLS_RSA_WITH_AES_256_CBC_SHA" },
225 { 0x000036, "TLS_DH_DSS_WITH_AES_256_CBC_SHA" },
226 { 0x000037, "TLS_DH_RSA_WITH_AES_256_CBC_SHA" },
227 { 0x000038, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA" },
228 { 0x000039, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA" },
229 { 0x00003A, "TLS_DH_anon_WITH_AES_256_CBC_SHA" },
230 { 0x000041, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA" },
231 { 0x000042, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA" },
232 { 0x000043, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA" },
233 { 0x000044, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA" },
234 { 0x000045, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA" },
235 { 0x000046, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA" },
236 { 0x000047, "TLS_ECDH_ECDSA_WITH_NULL_SHA" },
237 { 0x000048, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA" },
238 { 0x000049, "TLS_ECDH_ECDSA_WITH_DES_CBC_SHA" },
239 { 0x00004A, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA" },
240 { 0x00004B, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA" },
241 { 0x00004C, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA" },
242 { 0x000060, "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5" },
243 { 0x000061, "TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5" },
244 { 0x000062, "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA" },
245 { 0x000063, "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA" },
246 { 0x000064, "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA" },
247 { 0x000065, "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA" },
248 { 0x000066, "TLS_DHE_DSS_WITH_RC4_128_SHA" },
249 { 0x000084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA" },
250 { 0x000085, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA" },
251 { 0x000086, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA" },
252 { 0x000087, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA" },
253 { 0x000088, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA" },
254 { 0x000089, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA" },
255 /* these from http://www.mozilla.org/projects/
256 security/pki/nss/ssl/fips-ssl-ciphersuites.html */
257 { 0x00fefe, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"},
258 { 0x00feff, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" },
259 { 0x00ffe0, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" },
260 { 0x00ffe1, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"},
261 /* Microsoft's old PCT protocol. These are from Eric Rescorla's
262 book "SSL and TLS" */
263 { 0x8f8001, "PCT_SSL_COMPAT | PCT_VERSION_1" },
264 { 0x800003, "PCT_SSL_CERT_TYPE | PCT1_CERT_X509_CHAIN" },
265 { 0x800001, "PCT_SSL_CERT_TYPE | PCT1_CERT_X509" },
266 { 0x810001, "PCT_SSL_HASH_TYPE | PCT1_HASH_MD5" },
267 { 0x810003, "PCT_SSL_HASH_TYPE | PCT1_HASH_SHA" },
268 { 0x820001, "PCT_SSL_EXCH_TYPE | PCT1_EXCH_RSA_PKCS1" },
269 { 0x830004, "PCT_SSL_CIPHER_TYPE_1ST_HALF | PCT1_CIPHER_RC4" },
270 { 0x848040, "PCT_SSL_CIPHER_TYPE_2ND_HALF | PCT1_ENC_BITS_128 | PCT1_MAC_BITS_128" },
271 { 0x842840, "PCT_SSL_CIPHER_TYPE_2ND_HALF | PCT1_ENC_BITS_40 | PCT1_MAC_BITS_128" },
272 /* note that ciphersuites of {0x00????} are TLS cipher suites in
273 * a sslv2 client hello message; the ???? above is the two-byte
274 * tls cipher suite id
279 static const value_string ssl_20_certificate_type[] = {
281 { 0x01, "X.509 Certificate" },
285 static const value_string ssl_31_content_type[] = {
286 { 20, "Change Cipher Spec" },
289 { 23, "Application Data" },
293 static const value_string ssl_versions[] = {
294 { 0x0100, "DTLS 1.0" },
295 { 0x0302, "TLS 1.1" },
296 { 0x0301, "TLS 1.0" },
297 { 0x0300, "SSL 3.0" },
298 { 0x0002, "SSL 2.0" },
303 /* XXX - would be used if we dissected the body of a Change Cipher Spec
305 static const value_string ssl_31_change_cipher_spec[] = {
306 { 1, "Change Cipher Spec" },
311 static const value_string ssl_31_alert_level[] = {
317 static const value_string ssl_31_alert_description[] = {
318 { 0, "Close Notify" },
319 { 10, "Unexpected Message" },
320 { 20, "Bad Record MAC" },
321 { 21, "Decryption Failed" },
322 { 22, "Record Overflow" },
323 { 30, "Decompression Failure" },
324 { 40, "Handshake Failure" },
325 { 42, "Bad Certificate" },
326 { 43, "Unsupported Certificate" },
327 { 44, "Certificate Revoked" },
328 { 45, "Certificate Expired" },
329 { 46, "Certificate Unknown" },
330 { 47, "Illegal Parameter" },
331 { 48, "Unknown CA" },
332 { 49, "Access Denied" },
333 { 50, "Decode Error" },
334 { 51, "Decrypt Error" },
335 { 60, "Export Restriction" },
336 { 70, "Protocol Version" },
337 { 71, "Insufficient Security" },
338 { 80, "Internal Error" },
339 { 90, "User Canceled" },
340 { 100, "No Renegotiation" },
344 static const value_string ssl_31_handshake_type[] = {
345 { SSL_HND_HELLO_REQUEST, "Hello Request" },
346 { SSL_HND_CLIENT_HELLO, "Client Hello" },
347 { SSL_HND_SERVER_HELLO, "Server Hello" },
348 { SSL_HND_HELLO_VERIFY_REQUEST, "Hello Verify Request"},
349 { SSL_HND_CERTIFICATE, "Certificate" },
350 { SSL_HND_SERVER_KEY_EXCHG, "Server Key Exchange" },
351 { SSL_HND_CERT_REQUEST, "Certificate Request" },
352 { SSL_HND_SVR_HELLO_DONE, "Server Hello Done" },
353 { SSL_HND_CERT_VERIFY, "Certificate Verify" },
354 { SSL_HND_CLIENT_KEY_EXCHG, "Client Key Exchange" },
355 { SSL_HND_FINISHED, "Finished" },
359 static const value_string ssl_31_compression_method[] = {
367 /* XXX - would be used if we dissected a Signature, as would be
368 seen in a server key exchange or certificate verify message. */
369 static const value_string ssl_31_key_exchange_algorithm[] = {
371 { 1, "Diffie Hellman" },
375 static const value_string ssl_31_signature_algorithm[] = {
383 static const value_string ssl_31_client_certificate_type[] = {
386 { 3, "RSA Fixed DH" },
387 { 4, "DSS Fixed DH" },
392 /* XXX - would be used if we dissected exchange keys, as would be
393 seen in a client key exchange message. */
394 static const value_string ssl_31_public_value_encoding[] = {
401 static const value_string ssl_31_ciphersuite[] = {
402 { 0x0000, "TLS_NULL_WITH_NULL_NULL" },
403 { 0x0001, "TLS_RSA_WITH_NULL_MD5" },
404 { 0x0002, "TLS_RSA_WITH_NULL_SHA" },
405 { 0x0003, "TLS_RSA_EXPORT_WITH_RC4_40_MD5" },
406 { 0x0004, "TLS_RSA_WITH_RC4_128_MD5" },
407 { 0x0005, "TLS_RSA_WITH_RC4_128_SHA" },
408 { 0x0006, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5" },
409 { 0x0007, "TLS_RSA_WITH_IDEA_CBC_SHA" },
410 { 0x0008, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA" },
411 { 0x0009, "TLS_RSA_WITH_DES_CBC_SHA" },
412 { 0x000a, "TLS_RSA_WITH_3DES_EDE_CBC_SHA" },
413 { 0x000b, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA" },
414 { 0x000c, "TLS_DH_DSS_WITH_DES_CBC_SHA" },
415 { 0x000d, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA" },
416 { 0x000e, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA" },
417 { 0x000f, "TLS_DH_RSA_WITH_DES_CBC_SHA" },
418 { 0x0010, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA" },
419 { 0x0011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA" },
420 { 0x0012, "TLS_DHE_DSS_WITH_DES_CBC_SHA" },
421 { 0x0013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA" },
422 { 0x0014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA" },
423 { 0x0015, "TLS_DHE_RSA_WITH_DES_CBC_SHA" },
424 { 0x0016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA" },
425 { 0x0017, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5" },
426 { 0x0018, "TLS_DH_anon_WITH_RC4_128_MD5" },
427 { 0x0019, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA" },
428 { 0x001a, "TLS_DH_anon_WITH_DES_CBC_SHA" },
429 { 0x001b, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA" },
430 { 0x001c, "SSL_FORTEZZA_KEA_WITH_NULL_SHA" },
431 { 0x001d, "SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA" },
432 { 0x001e, "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA" },
433 { 0x002f, "TLS_RSA_WITH_AES_128_CBC_SHA" },
434 { 0x0030, "TLS_DH_DSS_WITH_AES_128_CBC_SHA" },
435 { 0x0031, "TLS_DH_RSA_WITH_AES_128_CBC_SHA" },
436 { 0x0032, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA" },
437 { 0x0033, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" },
438 { 0x0034, "TLS_DH_anon_WITH_AES_128_CBC_SHA" },
439 { 0x0035, "TLS_RSA_WITH_AES_256_CBC_SHA" },
440 { 0x0036, "TLS_DH_DSS_WITH_AES_256_CBC_SHA" },
441 { 0x0037, "TLS_DH_RSA_WITH_AES_256_CBC_SHA" },
442 { 0x0038, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA" },
443 { 0x0039, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA" },
444 { 0x003A, "TLS_DH_anon_WITH_AES_256_CBC_SHA" },
445 { 0x0041, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA" },
446 { 0x0042, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA" },
447 { 0x0043, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA" },
448 { 0x0044, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA" },
449 { 0x0045, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA" },
450 { 0x0046, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA" },
451 { 0x0047, "TLS_ECDH_ECDSA_WITH_NULL_SHA" },
452 { 0x0048, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA" },
453 { 0x0049, "TLS_ECDH_ECDSA_WITH_DES_CBC_SHA" },
454 { 0x004A, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA" },
455 { 0x004B, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA" },
456 { 0x004C, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA" },
457 { 0x0060, "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5" },
458 { 0x0061, "TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5" },
459 { 0x0062, "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA" },
460 { 0x0063, "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA" },
461 { 0x0064, "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA" },
462 { 0x0065, "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA" },
463 { 0x0066, "TLS_DHE_DSS_WITH_RC4_128_SHA" },
464 { 0x0084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA" },
465 { 0x0085, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA" },
466 { 0x0086, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA" },
467 { 0x0087, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA" },
468 { 0x0088, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA" },
469 { 0x0089, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA" },
470 /* these from http://www.mozilla.org/projects/
471 security/pki/nss/ssl/fips-ssl-ciphersuites.html */
472 { 0xfefe, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"},
473 { 0xfeff, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" },
474 { 0xffe0, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" },
475 { 0xffe1, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"},
476 /* note that ciphersuites 0xff00 - 0xffff are private */
480 static const value_string pct_msg_types[] = {
481 { PCT_MSG_CLIENT_HELLO, "Client Hello" },
482 { PCT_MSG_SERVER_HELLO, "Server Hello" },
483 { PCT_MSG_CLIENT_MASTER_KEY, "Client Master Key" },
484 { PCT_MSG_SERVER_VERIFY, "Server Verify" },
485 { PCT_MSG_ERROR, "Error" },
489 static const value_string pct_cipher_type[] = {
490 { PCT_CIPHER_DES, "DES" },
491 { PCT_CIPHER_IDEA, "IDEA" },
492 { PCT_CIPHER_RC2, "RC2" },
493 { PCT_CIPHER_RC4, "RC4" },
494 { PCT_CIPHER_DES_112, "DES 112 bit" },
495 { PCT_CIPHER_DES_168, "DES 168 bit" },
499 static const value_string pct_hash_type[] = {
500 { PCT_HASH_MD5, "MD5" },
501 { PCT_HASH_MD5_TRUNC_64, "MD5_TRUNC_64"},
502 { PCT_HASH_SHA, "SHA"},
503 { PCT_HASH_SHA_TRUNC_80, "SHA_TRUNC_80"},
504 { PCT_HASH_DES_DM, "DES_DM"},
508 static const value_string pct_cert_type[] = {
509 { PCT_CERT_NONE, "None" },
510 { PCT_CERT_X509, "X.509" },
511 { PCT_CERT_PKCS7, "PKCS #7" },
514 static const value_string pct_sig_type[] = {
515 { PCT_SIG_NONE, "None" },
516 { PCT_SIG_RSA_MD5, "MD5" },
517 { PCT_SIG_RSA_SHA, "RSA SHA" },
518 { PCT_SIG_DSA_SHA, "DSA SHA" },
522 static const value_string pct_exch_type[] = {
523 { PCT_EXCH_RSA_PKCS1, "RSA PKCS#1" },
524 { PCT_EXCH_RSA_PKCS1_TOKEN_DES, "RSA PKCS#1 Token DES" },
525 { PCT_EXCH_RSA_PKCS1_TOKEN_DES3, "RSA PKCS#1 Token 3DES" },
526 { PCT_EXCH_RSA_PKCS1_TOKEN_RC2, "RSA PKCS#1 Token RC-2" },
527 { PCT_EXCH_RSA_PKCS1_TOKEN_RC4, "RSA PKCS#1 Token RC-4" },
528 { PCT_EXCH_DH_PKCS3, "DH PKCS#3" },
529 { PCT_EXCH_DH_PKCS3_TOKEN_DES, "DH PKCS#3 Token DES" },
530 { PCT_EXCH_DH_PKCS3_TOKEN_DES3, "DH PKCS#3 Token 3DES" },
531 { PCT_EXCH_FORTEZZA_TOKEN, "Fortezza" },
535 static const value_string pct_error_code[] = {
536 { PCT_ERR_BAD_CERTIFICATE, "PCT_ERR_BAD_CERTIFICATE" },
537 { PCT_ERR_CLIENT_AUTH_FAILED, "PCT_ERR_CLIENT_AUTH_FAILE" },
538 { PCT_ERR_ILLEGAL_MESSAGE, "PCT_ERR_ILLEGAL_MESSAGE" },
539 { PCT_ERR_INTEGRITY_CHECK_FAILED, "PCT_ERR_INTEGRITY_CHECK_FAILED" },
540 { PCT_ERR_SERVER_AUTH_FAILED, "PCT_ERR_SERVER_AUTH_FAILED" },
541 { PCT_ERR_SPECS_MISMATCH, "PCT_ERR_SPECS_MISMATCH" },
546 static const value_string tls_hello_extension_types[] = {
547 { 0, "server_name" },
548 { 1, "max_fragment_length" },
549 { 2, "client_certificate_url" },
550 { 3, "trusted_ca_keys" },
551 { 4, "truncated_hmac" },
552 { 5, "status_request" },
553 { 35, "EAP-FAST PAC-Opaque" /* draft-cam-winget-eap-fast-00.txt */ },
557 typedef struct _StringInfo {
562 #define SSL_WRITE_KEY 1
564 #define SSLV3_VERSION 0x300
565 #define TLSV1_VERSION 0x301
566 #define TLSV1DOT1_VERSION 0x302
567 #define DTLSV1DOT0_VERSION 0x100
569 #define SSL_CLIENT_RANDOM 1
570 #define SSL_SERVER_RANDOM 2
572 #define SSL_HAVE_SESSION_KEY 8
573 #define SSL_VERSION 0x10
574 #define SSL_MASTER_SECRET 0x20
576 #define SSL_CIPHER_MODE_STREAM 0
577 #define SSL_CIPHER_MODE_CBC 1
579 #define SSL_DEBUG_USE_STDERR "-"
581 typedef struct _SslCipherSuite {
595 typedef struct _SslDecoder {
596 SslCipherSuite* cipher_suite;
610 #define SIG_NONE 0x22
613 #define ENC_3DES 0x31
616 #define ENC_IDEA 0x34
618 #define ENC_AES256 0x36
619 #define ENC_NULL 0x37
626 typedef struct _SslRecordInfo {
629 struct _SslRecordInfo* next;
632 typedef struct _SslDataInfo {
634 StringInfo plain_data;
637 struct _SslDataInfo *next;
641 SslDataInfo *appl_data;
642 SslRecordInfo* handshake_data;
645 typedef struct _SslDecryptSession {
646 guchar _master_secret[48];
647 guchar _session_id[256];
648 guchar _client_random[32];
649 guchar _server_random[32];
650 StringInfo session_id;
651 StringInfo server_random;
652 StringInfo client_random;
653 StringInfo master_secret;
654 StringInfo pre_master_secret;
655 guchar _server_data_for_iv[24];
656 StringInfo server_data_for_iv;
657 guchar _client_data_for_iv[24];
658 StringInfo client_data_for_iv;
662 SslCipherSuite cipher_suite;
665 SSL_PRIVATE_KEY* private_key;
667 guint16 version_netorder;
668 StringInfo app_data_segment;
672 typedef struct _SslAssociation {
675 dissector_handle_t handle;
677 gboolean from_key_list;
680 typedef struct _SslService {
686 /** Initialize decryption engine/ssl layer. To be called once per execution */
690 /** Initialize an ssl session struct
691 @param ssl pointer to ssl session struct to be initialized */
693 ssl_session_init(SslDecryptSession* ssl);
695 /** set the data and len for the stringInfo buffer. buf should be big enough to
696 * contain the provided data
697 @param buf the buffer to update
698 @param src the data source
699 @param len the source data len */
701 ssl_data_set(StringInfo* buf, const guchar* src, guint len);
704 ssl_cipher_setiv(SSL_CIPHER_CTX *cipher, guchar* iv, gint iv_len);
706 /** Load an RSA private key from specified file
707 @param fp the file that contain the key data
708 @return a pointer to the loaded key on success, or NULL */
709 extern SSL_PRIVATE_KEY*
710 ssl_load_key(FILE* fp);
712 /** Deallocate the memory used for specified key
713 @param pointer to the key to be freed */
715 ssl_free_key(SSL_PRIVATE_KEY* key);
717 /* Search for the specified cipher souite id
718 @param num the id of the cipher suite to be searched
719 @param cs pointer to the cipher suite struct to be filled
720 @return 0 if the cipher suite is found, -1 elsewhere */
722 ssl_find_cipher(int num,SslCipherSuite* cs);
724 /* Expand the pre_master_secret to generate all the session information
725 * (master secret, session keys, ivs)
726 @param ssl_session the store for all the session data
727 @return 0 on success */
729 ssl_generate_keyring_material(SslDecryptSession*ssl_session);
731 /* Try to decrypt in place the encrypted pre_master_secret
732 @param ssl_session the store for the decrypted pre_master_secret
733 @param entrypted_pre_master the rsa encrypted pre_master_secret
734 @param pk the private key to be used for decryption
735 @return 0 on success */
737 ssl_decrypt_pre_master_secret(SslDecryptSession*ssl_session,
738 StringInfo* entrypted_pre_master, SSL_PRIVATE_KEY *pk);
740 /* Try to decrypt an ssl record
741 @param ssl_session the store all the session data
742 @param decoder the stream decoder to be used
743 @param ct the content type of this ssl record
744 @param in a pinter to the ssl record to be decrypted
745 @param inl the record lenght
746 @param out a pointer to the store for the decrypted data
747 @param outl the decrypted data len
748 @return 0 on success */
750 ssl_decrypt_record(SslDecryptSession*ssl,SslDecoder* decoder, gint ct,
751 const guchar* in, gint inl,guchar*out,gint* outl);
754 /* Common part bitween SSL and DTLS dissectors */
755 /* Hash Functions for TLS/DTLS sessions table and private keys table */
757 ssl_equal (gconstpointer v, gconstpointer v2);
760 ssl_hash (gconstpointer v);
763 ssl_private_key_equal (gconstpointer v, gconstpointer v2);
766 ssl_private_key_hash (gconstpointer v);
768 /* private key table entries have a scope 'larger' then packet capture,
769 * so we can't relay on se_alloc** function */
771 ssl_private_key_free(gpointer id, gpointer key, gpointer dummy _U_);
773 /* handling of association between tls/dtls ports and clear text protocol */
775 ssl_association_add(GTree* associations, dissector_handle_t handle, guint port, const gchar *protocol, gboolean tcp, gboolean from_key_list);
778 ssl_association_remove(GTree* associations, SslAssociation *assoc);
781 ssl_association_cmp(gconstpointer a, gconstpointer b);
783 extern SslAssociation*
784 ssl_association_find(GTree * associations, guint port, gboolean tcp);
787 ssl_assoc_from_key_list(gpointer key _U_, gpointer data, gpointer user_data);
790 ssl_packet_from_server(GTree* associations, guint port, gboolean tcp);
792 /* add to packet data a newly allocated tvb with the specified real data*/
794 ssl_add_record_info(gint proto, packet_info *pinfo, guchar* data, gint data_len, gint record_id);
796 /* search in packet data the tvbuff associated to the specified id */
798 ssl_get_record_info(gint proto, packet_info *pinfo, gint record_id);
801 ssl_add_data_info(gint proto, packet_info *pinfo, guchar* data, gint data_len, gint key, guint32 seq);
804 ssl_get_data_info(int proto, packet_info *pinfo, gint key);
806 /* initialize/reset per capture state data (ssl sessions cache) */
808 ssl_common_init(GHashTable **session_hash , StringInfo * decrypted_data);
810 /* parse ssl related preferences (private keys and ports association strings) */
812 ssl_parse_key_list(const gchar * keys_list, GHashTable *key_hash, GTree* associations, dissector_handle_t handle, gboolean tcp);
814 /* store master secret into session data cache */
816 ssl_save_session(SslDecryptSession* ssl, GHashTable *session_hash);
819 ssl_restore_session(SslDecryptSession* ssl, GHashTable *session_hash);
822 ssl_is_valid_content_type(guint8 type);
824 #ifdef SSL_DECRYPT_DEBUG
826 ssl_debug_printf(const gchar* fmt,...) GNUC_FORMAT_CHECK(printf,1,2);
828 ssl_print_data(const gchar* name, const guchar* data, gint len);
830 ssl_print_string(const gchar* name, const StringInfo* data);
832 ssl_print_text_data(const gchar* name, const guchar* data, gint len);
834 ssl_set_debug(gchar* name);
837 /* No debug: nullify debug operation*/
838 static inline void GNUC_FORMAT_CHECK(printf,1,2)
839 ssl_debug_printf(const gchar* fmt _U_,...)
842 #define ssl_print_data(a, b, c)
843 #define ssl_print_string(a, b)
844 #define ssl_print_text_data(a, b, c)
845 #define ssl_set_debug(name)