sldump-0.9-aes.patch

ssl/ciphersuites.c

@@ -78,10 +78,22 @@ static SSL_CipherSuite CipherSuites[]={
      {25,KEX_DH,SIG_NONE,ENC_DES,8,64,40,DIG_MD5,16,1},
      {26,KEX_DH,SIG_NONE,ENC_DES,8,64,64,DIG_MD5,16,0},
      {27,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_MD5,16,0},
+     {47,KEX_RSA,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
+     {48,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
+     {49,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
+     {50,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
+     {51,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
+     {52,KEX_DH,SIG_NONE,ENC_AES128,16,128,128,DIG_SHA,20,0},
+     {53,KEX_RSA,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
+     {54,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
+     {55,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
+     {56,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
+     {57,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
+     {58,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA,20,0},
      {96,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_MD5,16,1},
      {97,KEX_RSA,SIG_RSA,ENC_RC2,1,128,56,DIG_MD5,16,1},
      {98,KEX_RSA,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,1},
-     {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,16,1},
+     {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,20,1},
      {100,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_SHA,20,1},
      {101,KEX_DH,SIG_DSS,ENC_RC4,1,128,56,DIG_SHA,20,1},     
      {102,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0},

ssl/ssl.enums

@@ -356,6 +356,18 @@ ClientKeyExchange(16)
     CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA  = { 0x00,0x19 };
     CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA           = { 0x00,0x1A };
     CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA      = { 0x00,0x1B };
+    CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA           = { 0x00,0x2F };
+    CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA        = { 0x00,0x30 };
+    CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA        = { 0x00,0x31 };
+    CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA       = { 0x00,0x32 };
+    CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA       = { 0x00,0x33 };
+    CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA       = { 0x00,0x34 };
+    CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA           = { 0x00,0x35 };
+    CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA        = { 0x00,0x36 };
+    CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA        = { 0x00,0x37 };
+    CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA       = { 0x00,0x38 };
+    CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA       = { 0x00,0x39 };
+    CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA       = { 0x00,0x3A };
     CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5     = { 0x00,0x60 };
     CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5   = { 0x00,0x61 };
     CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA     = { 0x00,0x62 };

ssl/ssl.enums.c

@@ -151,7 +151,7 @@ decoder ContentType_decoder[]={
 		"application_data",
 		decode_ContentType_application_data
 	},
-{0}
+{-1}
 };
 
 static int decode_HandshakeType_HelloRequest(ssl,dir,seg,data)
@@ -163,6 +163,7 @@ static int decode_HandshakeType_HelloRequest(ssl,dir,seg,data)
 
 
   printf("\n");
+  return(0);
 
   }
 static int decode_HandshakeType_ClientHello(ssl,dir,seg,data)
@@ -368,6 +369,7 @@ static int decode_HandshakeType_ServerHelloDone(ssl,dir,seg,data)
 
 
   printf("\n");
+  return(0);
 
   }
 static int decode_HandshakeType_CertificateVerify(ssl,dir,seg,data)
@@ -610,6 +612,54 @@ decoder cipher_suite_decoder[]={
 		27,
 		"TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",
 		0	},
+	{
+		47,
+		"TLS_RSA_WITH_AES_128_CBC_SHA",
+		0	},
+	{
+		48,
+		"TLS_DH_DSS_WITH_AES_128_CBC_SHA",
+		0	},
+	{
+		49,
+		"TLS_DH_RSA_WITH_AES_128_CBC_SHA",
+		0	},
+	{
+		50,
+		"TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+		0	},
+	{
+		51,
+		"TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+		0	},
+	{
+		52,
+		"TLS_DH_anon_WITH_AES_128_CBC_SHA",
+		0	},
+	{
+		53,
+		"TLS_RSA_WITH_AES_256_CBC_SHA",
+		0	},
+	{
+		54,
+		"TLS_DH_DSS_WITH_AES_256_CBC_SHA",
+		0	},
+	{
+		55,
+		"TLS_DH_RSA_WITH_AES_256_CBC_SHA",
+		0	},
+	{
+		56,
+		"TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
+		0	},
+	{
+		57,
+		"TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
+		0	},
+	{
+		58,
+		"TLS_DH_anon_WITH_AES_256_CBC_SHA",
+		0	},
 	{
 		96,
 		"TLS_RSA_EXPORT1024_WITH_RC4_56_MD5",

ssl/ssl_enum.c

@@ -70,7 +70,7 @@ decoder ContentType_decoder[]={
 		"application_data",
 		decode_ContentType_application_data
 	},
-{0}
+{-1}
 };
 
 static int decode_HandshakeType_hello_request(ssl,dir,seg,data)

ssl/ssl_rec.c

@@ -78,7 +78,9 @@ static char *ciphers[]={
      "DES3",
      "RC4",
      "RC2",
-     "IDEA"
+     "IDEA",
+     "AES128",
+     "AES256"
 };
 
 
@@ -101,6 +103,11 @@ int ssl_create_rec_decoder(dp,cs,mk,sk,iv)
     /* Find the SSLeay cipher */
     if(cs->enc!=ENC_NULL){
       ciph=(EVP_CIPHER *)EVP_get_cipherbyname(ciphers[cs->enc-0x30]);
+      if(!ciph)
+        ABORT(R_INTERNAL);
+    }
+    else {
+      ciph=EVP_enc_null();
     }
 
     if(!(dec=(ssl_rec_decoder *)calloc(sizeof(ssl_rec_decoder),1)))
@@ -169,7 +176,7 @@ int ssl_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
     *outl=inl;
     
     /* Now strip off the padding*/
-    if(d->cs->block!=1){
+    if(d->cs->block>1){
       pad=out[inl-1];
       *outl-=(pad+1);
     }

ssl/sslciphers.h

@@ -71,7 +71,9 @@ typedef struct SSL_CipherSuite_ {
 #define ENC_RC4		0x32
 #define ENC_RC2		0x33
 #define ENC_IDEA	0x34
-#define ENC_NULL	0x35
+#define ENC_AES128	0x35
+#define ENC_AES256	0x36
+#define ENC_NULL	0x37
 
 #define DIG_MD5		0x40
 #define DIG_SHA		0x41