ssldump/ssl/ssl.enums

420 lines
12 KiB
Text
Raw Normal View History

2015-01-31 09:13:33 +00:00
select {
ChangeCipherSpec(20)
{@
ssl_process_change_cipher_spec(ssl,ssl->decoder,dir);
if(dir==DIR_I2R){
ssl->i_state=SSL_ST_SENT_CHANGE_CIPHER_SPEC;
}
else{
ssl->r_state=SSL_ST_SENT_CHANGE_CIPHER_SPEC;
}
printf("\n");
return(0);
@}
, Alert(21)
{@
int r;
if(ssl->record_encryption==REC_CIPHERTEXT){
printf("\n");
return(0);
}
if(data->len!=2){
fprintf(stderr,"Wrong length for alert message: %d\n",
data->len);
ERETURN(R_EOD);
}
P_(P_HL){
printf("\n");
SSL_DECODE_ENUM(ssl,"level",1,AlertLevel_decoder,P_HL,data,0);
printf("\n");
SSL_DECODE_ENUM(ssl,"value",1,AlertDescription_decoder,P_HL,data,0);
printf("\n");
}
else {
SSL_DECODE_ENUM(ssl,0,1,AlertLevel_decoder,SSL_PRINT_ALL,data,0);
SSL_DECODE_ENUM(ssl,0,1,AlertDescription_decoder,SSL_PRINT_ALL,data,0);
printf("\n");
}
return(0);
@},
Handshake(22)
{@
extern decoder HandshakeType_decoder[];
int r;
UINT4 t,l;
int rs=0;
Data d;
if(ssl->record_encryption==REC_CIPHERTEXT){
printf("\n");
return(0);
}
while(data->len>0){
SSL_DECODE_UINT8(ssl,0,0,data,&t);
SSL_DECODE_UINT24(ssl,0,0,data,&l);
if(data->len<l){
fprintf(stderr,"Error: short handshake length: expected %d got %d\n",
l,data->len);
ERETURN(R_EOD);
}
d.data=data->data;
d.len=l;
data->len-=l;
data->data+=l;
P_(P_HL){
if(!rs){
printf("\n");
rs=1;
}
}
ssl_decode_switch(ssl,HandshakeType_decoder,t,dir,seg,&d);
}
return(0);
@},
application_data(23)
{@
int r;
Data d;
SSL_DECODE_OPAQUE_ARRAY(ssl,"data",data->len,0,data,&d);
P_(P_AD){
print_data(ssl,&d);
}
else {
printf("\n");
}
return(0);
@}
, (255)
} ContentType;
select {
HelloRequest(0)
{@
printf("\n");
@},
ClientHello(1)
{@
UINT4 vj,vn,cs,cslen,complen,comp;
Data session_id,random;
int r;
extern decoder cipher_suite_decoder[];
extern decoder compression_method_decoder[];
printf("\n");
SSL_DECODE_UINT8(ssl,0,0,data,&vj);
SSL_DECODE_UINT8(ssl,0,0,data,&vn);
P_(P_HL) {explain(ssl,"Version %d.%d ",vj,vn);
printf("\n");
}
SSL_DECODE_OPAQUE_ARRAY(ssl,"random",32,P_ND,data,&random);
ssl_set_client_random(ssl->decoder,random.data,random.len);
SSL_DECODE_OPAQUE_ARRAY(ssl,"session_id",-32,0,data,&session_id);
ssl_set_client_session_id(ssl->decoder,session_id.data,session_id.len);
P_(P_HL){
if(session_id.len)
exdump(ssl,"resume ",&session_id);
}
P_(P_HL){
SSL_DECODE_UINT16(ssl,"cipher Suites len",0,data,&cslen);
explain(ssl,"cipher suites\n");
for(;cslen;cslen-=2){
ssl_decode_enum(ssl,0,2,cipher_suite_decoder,
0,data,&cs);
ssl_print_cipher_suite(ssl,(vj<<8)|vn,P_HL,cs);
printf("\n");
}
}
SSL_DECODE_UINT8(ssl,"compressionMethod len",0,data,&complen);
if(complen){
explain(ssl,"compression methods\n");
for(;complen;complen--){
SSL_DECODE_ENUM(ssl,0,1,compression_method_decoder,P_HL,data,&comp);
printf("\n");
}
}
return(0);
@},
ServerHello(2)
{@
int r;
Data rnd,session_id;
UINT4 vj,vn;
printf("\n");
SSL_DECODE_UINT8(ssl,0,0,data,&vj);
SSL_DECODE_UINT8(ssl,0,0,data,&vn);
ssl->version=vj*256+vn;
P_(P_HL) {explain(ssl,"Version %d.%d ",vj,vn);
printf("\n");
}
SSL_DECODE_OPAQUE_ARRAY(ssl,"random",32,P_ND,data,&rnd);
ssl_set_server_random(ssl->decoder,rnd.data,rnd.len);
SSL_DECODE_OPAQUE_ARRAY(ssl,"session_id",-32,P_HL,data,&session_id);
SSL_DECODE_ENUM(ssl,"cipherSuite",2,cipher_suite_decoder,
0,data,&ssl->cipher_suite);
P_(P_HL){
explain(ssl,"cipherSuite ");
ssl_print_cipher_suite(ssl,ssl->version,P_HL,ssl->cipher_suite);
}
ssl_find_cipher(ssl->cipher_suite,&ssl->cs);
ssl_process_server_session_id(ssl,ssl->decoder,session_id.data,
session_id.len);
P_(P_HL) printf("\n");
SSL_DECODE_ENUM(ssl,"compressionMethod",1,compression_method_decoder,P_HL,data,0);
P_(P_HL) printf("\n");
return(0);
@},
Certificate(11)
{@
UINT4 len;
Data cert;
int r;
printf("\n");
SSL_DECODE_UINT24(ssl,"certificates len",0,data,&len);
while(len){
SSL_DECODE_OPAQUE_ARRAY(ssl,"certificate",-((1<<23)-1),
0,data,&cert);
sslx_print_certificate(ssl,&cert,P_ND);
len-=(cert.len + 3);
}
return(0);
@},
ServerKeyExchange (12)
{@
int r;
printf("\n");
if(ssl->cs){
P_(P_ND){
explain(ssl,"params\n");
}
INDENT_INCR;
switch(ssl->cs->kex){
case KEX_DH:
SSL_DECODE_OPAQUE_ARRAY(ssl,"DH_p",-((1<<15)-1),P_ND,data,0);
SSL_DECODE_OPAQUE_ARRAY(ssl,"DH_g",-((1<<15)-1),P_ND,data,0);
SSL_DECODE_OPAQUE_ARRAY(ssl,"DH_Ys",-((1<<15)-1),P_ND,data,0);
break;
case KEX_RSA:
SSL_DECODE_OPAQUE_ARRAY(ssl,"RSA_modulus",-((1<<15)-1),P_ND,data,0);
SSL_DECODE_OPAQUE_ARRAY(ssl,"RSA_exponent",-((1<<15)-1),P_ND,data,0);
break;
}
INDENT_POP;
SSL_DECODE_OPAQUE_ARRAY(ssl,"signature",-((1<<15)-1),P_ND,data,0);
}
return(0);
@}
,
CertificateRequest(13)
{@
UINT4 len;
Data ca;
int r;
printf("\n");
SSL_DECODE_UINT8(ssl,"certificate_types len",0,data,&len);
for(;len;len--){
SSL_DECODE_ENUM(ssl,"certificate_types",1,
client_certificate_type_decoder, P_HL,data,0);
P_(P_HL){
printf("\n");
}
};
SSL_DECODE_UINT16(ssl,"certificate_authorities len",0,data,&len);
while(len){
SSL_DECODE_OPAQUE_ARRAY(ssl,"certificate_authorities",
-((1<<15)-1),0,data,&ca);
explain(ssl,"certificate_authority\n");
INDENT_INCR;
sslx_print_dn(ssl,&ca,P_HL);
INDENT_POP;
len-=(ca.len + 2);
}
return(0);
@}
, ServerHelloDone(14)
{@
printf("\n");
@},
CertificateVerify(15)
{@
int r;
printf("\n");
SSL_DECODE_OPAQUE_ARRAY(ssl,"Signature",-(1<<15-1),P_HL,data,0);
return(0);
@}
,
ClientKeyExchange(16)
{@
int r;
Data pms;
printf("\n");
if(ssl->cs){
switch(ssl->cs->kex){
case KEX_RSA:
if(ssl->version > 768) {
SSL_DECODE_OPAQUE_ARRAY(ssl,"EncryptedPreMasterSecret",-(1<<15-1),
P_ND,data,&pms);
}
else {
SSL_DECODE_OPAQUE_ARRAY(ssl,"EncryptedPreMasterSecret",data->len,P_ND,data,&pms);
}
ssl_process_client_key_exchange(ssl,
ssl->decoder,pms.data,pms.len);
break;
case KEX_DH:
SSL_DECODE_OPAQUE_ARRAY(ssl,"DiffieHellmanClientPublicValue",
-(1<<15-1),P_HL,data,0);
}
}
return(0);
@}
,
Finished(20)
{@
int r;
printf("\n");
switch(ssl->version){
case 0x300:
SSL_DECODE_OPAQUE_ARRAY(ssl,"md5_hash",16,P_ND,data,0);
SSL_DECODE_OPAQUE_ARRAY(ssl,"sha_hash",20,P_ND,data,0);
break;
case 0x301:
SSL_DECODE_OPAQUE_ARRAY(ssl,"verify_data",12,P_ND,data,0);
P_(P_ND)
printf("\n");
break;
}
return (0);
@}
, (255)
} HandshakeType;
constant {
CipherSuite TLS_RSA_WITH_NULL_MD5 = { 0x00,0x01 };
CipherSuite TLS_RSA_WITH_NULL_SHA = { 0x00,0x02 };
CipherSuite TLS_RSA_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x03 };
CipherSuite TLS_RSA_WITH_RC4_128_MD5 = { 0x00,0x04 };
CipherSuite TLS_RSA_WITH_RC4_128_SHA = { 0x00,0x05 };
CipherSuite TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = { 0x00,0x06 };
CipherSuite TLS_RSA_WITH_IDEA_CBC_SHA = { 0x00,0x07 };
CipherSuite TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x08 };
CipherSuite TLS_RSA_WITH_DES_CBC_SHA = { 0x00,0x09 };
CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0A };
CipherSuite TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0B };
CipherSuite TLS_DH_DSS_WITH_DES_CBC_SHA = { 0x00,0x0C };
CipherSuite TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0D };
CipherSuite TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0E };
CipherSuite TLS_DH_RSA_WITH_DES_CBC_SHA = { 0x00,0x0F };
CipherSuite TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x10 };
CipherSuite TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x11 };
CipherSuite TLS_DHE_DSS_WITH_DES_CBC_SHA = { 0x00,0x12 };
CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x13 };
CipherSuite TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x14 };
CipherSuite TLS_DHE_RSA_WITH_DES_CBC_SHA = { 0x00,0x15 };
CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x16 };
CipherSuite TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x17 };
CipherSuite TLS_DH_anon_WITH_RC4_128_MD5 = { 0x00,0x18 };
CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x19 };
CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA = { 0x00,0x1A };
CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1B };
CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 = { 0x00,0x60 };
CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = { 0x00,0x61 };
CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x62 };
CipherSuite TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x63 };
CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_SHA = { 0x00,0x64 };
CipherSuite TLS_DHE_DSS_WITH_RC2_56_CBC_SHA = { 0x00,0x65 };
CipherSuite TLS_DHE_DSS_WITH_RC4_128_SHA = { 0x00,0x66 };
CipherSuite TLS_DHE_DSS_WITH_NULL_SHA = { 0x00,0x67 };
CipherSuite SSL2_CK_RC4 = { 0x01,0x00,0x80};
CipherSuite SSL2_CK_RC4_EXPORT40 = { 0x02,0x00,0x80};
CipherSuite SSL2_CK_RC2 = { 0x03,0x00,0x80};
CipherSuite SSL2_CK_RC2_EXPORT40 = { 0x04,0x00,0x80};
CipherSuite SSL2_CK_IDEA = { 0x05,0x00,0x80};
CipherSuite SSL2_CK_DES = { 0x06,0x00,0x40};
CipherSuite SSL2_CK_RC464 = { 0x08,0x00,0x80};
CipherSuite SSL2_CK_3DES = { 0x07,0x00,0xc0};
CipherSuite TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = {0x00,0x4a};
CipherSuite TLS_ECDH_ECDSA_WITH_RC4_128_SHA = {0x00,0x48};
CipherSuite SSL_RSA_WITH_RC2_CBC_MD5 = {0xff,0x80};
CipherSuite TLS_ECDH_ECDSA_WITH_DES_CBC_SHA = {0x00,0x49};
CipherSuite TLS_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA={0xff,0x85};
CipherSuite TLS_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA={0xff,0x84};
} cipher_suite;
select { warning(1), fatal(2), (255) } AlertLevel;
select {
close_notify(0),
unexpected_message(10),
bad_record_mac(20),
decryption_failed(21),
record_overflow(22),
decompression_failure(30),
handshake_failure(40),
bad_certificate(42),
unsupported_certificate(43),
certificate_revoked(44),
certificate_expired(45),
certificate_unknown(46),
illegal_parameter(47),
unknown_ca(48),
access_denied(49),
decode_error(50),
decrypt_error(51),
export_restriction(60),
protocol_version(70),
insufficient_security(71),
internal_error(80),
user_canceled(90),
no_renegotiation(100),
(255)
} AlertDescription;
constant {
CompressionMethod NULL={0};
} compression_method;
select {
rsa_sign(1), dss_sign(2), rsa_fixed_dh(3), dss_fixed_dh(4),
(255)
} client_certificate_type;