mirror of
https://github.com/adulau/ssldump.git
synced 2024-11-22 01:17:04 +00:00
Adding tls1.3 decryption support
This commit is contained in:
parent
adb49668c0
commit
beb4dc134b
19 changed files with 905 additions and 95 deletions
257
samples/log.txt
Normal file
257
samples/log.txt
Normal file
|
@ -0,0 +1,257 @@
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET c209772f370f8d8fc8a6313d379ae082a3cb877358d9d36650b5168a12ba6c90 f1ea21905d642416d45baf557d45e0c9ab60df273c2f0c9366f84a91d7b886a1e9f8b544fa9dc2afc019799c042d2ee4
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET c209772f370f8d8fc8a6313d379ae082a3cb877358d9d36650b5168a12ba6c90 8384d76d250a7b9c8a20665d056902ea605fbec8e1130ced6fdbb6e1bf11368165f6c8a77f425bdb0c7339dda42e8feb
|
||||||
|
EXPORTER_SECRET c209772f370f8d8fc8a6313d379ae082a3cb877358d9d36650b5168a12ba6c90 95aff990e7ab00e6bf1c837e677b5fde3a371f79554046d0576faf00b3b8410693424cd1eed3b174d1794b8b18501184
|
||||||
|
SERVER_TRAFFIC_SECRET_0 c209772f370f8d8fc8a6313d379ae082a3cb877358d9d36650b5168a12ba6c90 80bddec16045070e74b34053380fe07656451c293a5aef07e237698510efcd42f1276b75500eb1be7c82db10ab17446c
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 c209772f370f8d8fc8a6313d379ae082a3cb877358d9d36650b5168a12ba6c90 5d7aa51a77b269e4515dbf8c7a12d18a4d4695d12b4fbe0824903ee016b8912851666a218e13676ae9e68c8f07047d49
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET ed786f6320232cc06879b08eed0555b3cf1b73996ad99efa0fab2fd04db3261a 491889e2602dce15b2bd6d9c97ef3cf4a9619a91981b1ca1b757f469ba6b296d3a67a7bf1e57fcb2139d73dd76d6eb42
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET ed786f6320232cc06879b08eed0555b3cf1b73996ad99efa0fab2fd04db3261a 5b1fb10febd3290acc8d52ff4965e2122212777c4504347d3615e2ae7d1bdbd94880458eefee4b1e76d99d6d4d7615b6
|
||||||
|
EXPORTER_SECRET ed786f6320232cc06879b08eed0555b3cf1b73996ad99efa0fab2fd04db3261a abb9d5d6977721538016924baf1bcbaa775d6d4a8c2bbcf95e56a70dd2bb5e0d00b0aede51c3ea2bcbebea0cdaf0ca37
|
||||||
|
SERVER_TRAFFIC_SECRET_0 ed786f6320232cc06879b08eed0555b3cf1b73996ad99efa0fab2fd04db3261a 212122dac8d55337e4328017b24636e265a58374a67358d314d9d04d648d9137ba368910f3137d706376675c24edb614
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 ed786f6320232cc06879b08eed0555b3cf1b73996ad99efa0fab2fd04db3261a d42814aceb92901b53121e7360977e6b800c9361019690787b608bbd236221121f475c8640b0da2f885b9e8d4de65a83
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 3095b9ed781e2e4bf55f9f52a3ab2b5e5cf4cc7637476cbb773d675f3f543933 03c6ebb0c72c901b8e7e2560d7a779ddb193670a91fece021c994ad05173be1d25f8b790f73b0efb5efeaaa667b839b2
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 3095b9ed781e2e4bf55f9f52a3ab2b5e5cf4cc7637476cbb773d675f3f543933 d3762c34c01832e9742e59757acdf5152a32f81e013820a15a58d09c42f836fde33b11f5a5b46717e674a45652c6ad7e
|
||||||
|
EXPORTER_SECRET 3095b9ed781e2e4bf55f9f52a3ab2b5e5cf4cc7637476cbb773d675f3f543933 f9cb1f6e3fd795d5b6a98cfa3d6c14be5afff180a49da65820441486dfa13f4c65374f0e978d15072495b964dcf91f2f
|
||||||
|
SERVER_TRAFFIC_SECRET_0 3095b9ed781e2e4bf55f9f52a3ab2b5e5cf4cc7637476cbb773d675f3f543933 e76d4c2be886bc95fc610fa043037e7a1353be6874d2ba48e0bfe39e2e1ae9fcc340ea3a40e23e47076888288e78b8ab
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 3095b9ed781e2e4bf55f9f52a3ab2b5e5cf4cc7637476cbb773d675f3f543933 76bbf106d61accf2898e1ac39f2c180a246dc5bb195b4c7dbcf2075b345b561c2a5329b3b607547c395a40499fba91ef
|
||||||
|
CLIENT_RANDOM 4c7540ab66eeb36607f45d1bf39556fa911b2b8987e09ac470ca6a6bb89cc067 f9d31873bb7236b6de64df5cb5332b40a73e7f7aa0ed6f904f09bd0acfa2e057519c0e3353698ef8dc597341d4203bbd
|
||||||
|
CLIENT_RANDOM e508d7e8af016d142e771e423b89e4badd50f9218c133f94a51fa0f331f6d6f0 98525781eeb33f9bbba8d1f6736635f7a8d585eea5a8609e583e7d5df01f7bf32704004fe8b28130fd14fcbd8581dd41
|
||||||
|
CLIENT_RANDOM 431483723659efb64c534a68fcf8c431ebd116c5901fbb7b6450dade0132f5f1 374ae1fbd2e1bfadb2a296699c2e505805ecfb9477f5313766dea4cac0d042798d23f6b4b26978c1b81b3d623572892d
|
||||||
|
CLIENT_RANDOM 532eea4473553fb90fbd4f55e96209e9af0284813675afe05d45b7bc0792f356 f6d96be8d360ad0531809f3e970908387578a44bd89597c6055288e9c2c49eba4f8944180de4fbb4f14a44feebfd4eb7
|
||||||
|
CLIENT_RANDOM 208dd4e770e625284e02ec114c0a581955ad2390b1ae16867772eb9c24223a54 0cc15de80101a5812bc1866e2db9d57563d96f616560485337a3662a9ad40d9cb65e5274980d4301f6c59eedb59e2011
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 7ca8d967bf880622b678102c9403c056f1d02a818d6c7fbe2c37bbffa2a84c7b 0aec7e7e6338bf3f3365813e8ccc57f282a591069bb9df53806aece17116eb41735ad1c92d6559462817e703d03b56d9
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 7ca8d967bf880622b678102c9403c056f1d02a818d6c7fbe2c37bbffa2a84c7b 29ec8ccb3969271d3c396f1b6f69a9fb21b0a1c092ec885357574aa419f429ca31f4d5faba1c773d65cb8e5247674709
|
||||||
|
EXPORTER_SECRET 7ca8d967bf880622b678102c9403c056f1d02a818d6c7fbe2c37bbffa2a84c7b 155129466c93e7e521b20dfeaab4c13ce81db5db5883d0d482c73186b9fad5be9520be2a60fd6b19a90f241e4208da94
|
||||||
|
SERVER_TRAFFIC_SECRET_0 7ca8d967bf880622b678102c9403c056f1d02a818d6c7fbe2c37bbffa2a84c7b ce8247fe6ee7ad0771be7d78feea579e36abaab1a5eaf15126d4bc6c3f9b305d8211fbe2ed256fd93852036bc59b890c
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 7ca8d967bf880622b678102c9403c056f1d02a818d6c7fbe2c37bbffa2a84c7b f8b89fbaee709d96f812f5de52514ecfa90186a9163b2c682bfdbcb7b803c66465ee6fb893d4d2adacc151ac368cf95c
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET ad2e8c1e1498d712bc7fc64a8801ce7d836487b8173d695bfb35907442328194 b16fcac17c6995d2f6bdf776caec8d995ed622484bccb1e0a9b8bf04b3e511d67afdf4514fc17dddede6dbae854979bd
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET ad2e8c1e1498d712bc7fc64a8801ce7d836487b8173d695bfb35907442328194 0a4c4177774b560d33ffecd1481a80607cb9879c1439e16ddff823db59dfcb2a9c9de5cda41dc231c0da8b1e587d6a53
|
||||||
|
EXPORTER_SECRET ad2e8c1e1498d712bc7fc64a8801ce7d836487b8173d695bfb35907442328194 b8da25ec874c0e02dedfc2381797d451744df5316db81648400cb7d3faf5748b15ae6b30d6f7a0704f6e0ae1df812150
|
||||||
|
SERVER_TRAFFIC_SECRET_0 ad2e8c1e1498d712bc7fc64a8801ce7d836487b8173d695bfb35907442328194 745e4564d0fdb4ea808cb27b5c93b561eb831f685bea16fbba93b7671a4373f3094846d6b85eaeded7e3eec262262a08
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 ad2e8c1e1498d712bc7fc64a8801ce7d836487b8173d695bfb35907442328194 95c94469093f6a3db2ad4a9c71ee3d430f4b2156a67bc5c8853c4e62a0bead9b4a3182244c64b8d9b7c713b51c1aa594
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET c82afc20053a5c6e36428604760ca380b7967bcc6930fcfb40848312c661dfb4 a0c6152223baf9046f2b829ce88b489a9004b87f27b2b05d8995907399b44fc3b8621c3c8ee5f2e98f8d27ed20b8ad96
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET c82afc20053a5c6e36428604760ca380b7967bcc6930fcfb40848312c661dfb4 25aef5cd4ff1205789989b46fc8fcd55706d4aa779e73ff081a842845101dacbaef19831c083ffcc31377d77f3ea65b8
|
||||||
|
EXPORTER_SECRET c82afc20053a5c6e36428604760ca380b7967bcc6930fcfb40848312c661dfb4 979a3b06f56ff0f7695c3195c037acb392ddc9ad411ee248a4dfebad0293dd1f727aea585cbb07adb17dae8c7ebc8c52
|
||||||
|
SERVER_TRAFFIC_SECRET_0 c82afc20053a5c6e36428604760ca380b7967bcc6930fcfb40848312c661dfb4 d9803a512639d0b15a419d4601678c9cc81a770a299cd43fc57e94506302cb2712fa2124c5208c1500540a7e0cef2bb2
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 c82afc20053a5c6e36428604760ca380b7967bcc6930fcfb40848312c661dfb4 d8932395c083441cb9f797b398750e50abc0d6f62bc7d31baf6b5141e9650bdf9231fab42b50f7cf4a0f2f044c9bc057
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 1becf381fd2cac334c7f0db9fdb2b22aa184d7eeb3034ff252e6e6ac7a8d4622 9fef2405b1d6417a6c4296d1c34e5bae4b9be0a873470f66038f6a0240475809bdc7258672700506877bb886231f901d
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 1becf381fd2cac334c7f0db9fdb2b22aa184d7eeb3034ff252e6e6ac7a8d4622 5ba0498b149e2f4a88ef10f539deacbf37512916c84f05a31fb3c286d7d8a62fc372ced1f8944d0622af0b8a409667e8
|
||||||
|
EXPORTER_SECRET 1becf381fd2cac334c7f0db9fdb2b22aa184d7eeb3034ff252e6e6ac7a8d4622 b24e413022bc1534ba085eb9f8f0c27009164b6c8004cd81a1a7082e02a696022b814f26a5d8d2b607440617189d8da9
|
||||||
|
SERVER_TRAFFIC_SECRET_0 1becf381fd2cac334c7f0db9fdb2b22aa184d7eeb3034ff252e6e6ac7a8d4622 fd00511b44573b9aad40b352da4b3881378c5f3b07fc06ff4891b7e9690eaf758c13a3b34c5c7c14f9f43b1d3472753b
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 1becf381fd2cac334c7f0db9fdb2b22aa184d7eeb3034ff252e6e6ac7a8d4622 56f356d630824780cb82ee0a1bc7da81fefe318b8039e92edfffc76efc064b02642c565d0d5c900846c87c9c2b9c1b68
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET e23aab10af40630cf3bac826e2453af6a18163930a98941af94ca9c45a0633a9 64f529b9491a85c407d5b4fdb5ada88167cd8aac3cd8cd29999277127b785c52dff6a4406748e7e5ca1b4754c673c1a7
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET e23aab10af40630cf3bac826e2453af6a18163930a98941af94ca9c45a0633a9 d0e75f1d0258d3bc425810c3a37e23bf3f1c56aedd09b29607a992129e09f1825def227be7bb9946292af64b37ec05dc
|
||||||
|
EXPORTER_SECRET e23aab10af40630cf3bac826e2453af6a18163930a98941af94ca9c45a0633a9 8ea1a409523e030ea42dc4a2ad3b330cf5a9a9d642805dca761ae7fbd5e2df0948b6cd02a910332e42005b7ccecdc5a3
|
||||||
|
SERVER_TRAFFIC_SECRET_0 e23aab10af40630cf3bac826e2453af6a18163930a98941af94ca9c45a0633a9 c82e5d1dac049bb110583a5d98912dda61c5fcd4e91c1fed2cd998945c8511beef2c38414ca663095da3debd539c061f
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 e23aab10af40630cf3bac826e2453af6a18163930a98941af94ca9c45a0633a9 d3c9121a8b35397d7e22d96bcedd2b177ede2f22c15db12f99a2e22df05068890762cde7832f3914f5206b4c6e8fa793
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 452e358e5fba511d65e80c284d57c3bfb6409080aadd86df46f95b35a43f0cbd 2bfcce11ccf325ebd2870e6523c8c56cdaa168222462455977055f94ff5c50d5be47a5596592cde4bb1f624770fd5335
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 452e358e5fba511d65e80c284d57c3bfb6409080aadd86df46f95b35a43f0cbd 6f34919b76405f35a67a809efac15666ab4bf9c6781833f48a242fe04c583be49109a8eedd5d54a4eaed2be050237ad7
|
||||||
|
EXPORTER_SECRET 452e358e5fba511d65e80c284d57c3bfb6409080aadd86df46f95b35a43f0cbd 15e38ab7d8e3673f8580b81206159f7d78f70af2eaefb141815591393f13509583ff347bcfc9d44db37754909cdf740f
|
||||||
|
SERVER_TRAFFIC_SECRET_0 452e358e5fba511d65e80c284d57c3bfb6409080aadd86df46f95b35a43f0cbd 5298effad90d9b540ed6de508cb8c4d43cd528dacdf80cba71164297eae417655ceacb5b4dd2f5e5b59b00d88f95fcb2
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 452e358e5fba511d65e80c284d57c3bfb6409080aadd86df46f95b35a43f0cbd f01e2a0ef3c63dd26f57381bb10cc0ae70be494e1e33ac37d2b283e78221089d2ec9c7352740f1fbcaf19afbc235dfc5
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 5e41320b56e65ef64b1cdd43772ac23f7b6911cc094fac846ec31f18ca271fbb 9bd3e024537ceb19a39783336b715f1d2777edc934dd618602a87c4f393024ed46a660a72d91ef56e9cc0ab7f81485ec
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 5e41320b56e65ef64b1cdd43772ac23f7b6911cc094fac846ec31f18ca271fbb a88826a872250233457a75f83d5ab05446707989e9861b4f12ab860350a6e6d9c80ca417bd85e00ef76d9216d989d017
|
||||||
|
EXPORTER_SECRET 5e41320b56e65ef64b1cdd43772ac23f7b6911cc094fac846ec31f18ca271fbb 229e5b39a020532844c3a8bd0adc1a46c9b50e557b52815894795ac9f636d62f08a3d101bc36bd026369b8efb0001980
|
||||||
|
SERVER_TRAFFIC_SECRET_0 5e41320b56e65ef64b1cdd43772ac23f7b6911cc094fac846ec31f18ca271fbb 9ea9a9d7db955c196d7805789d2eedba1691456916dad090f3a16b549c1c3d4349573dcd79e74443bf250fa6087b6057
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 5e41320b56e65ef64b1cdd43772ac23f7b6911cc094fac846ec31f18ca271fbb f9067986d7e4b6af3e1f7d23a3f8970391e0ce2920a2e02ecd4c8914a78280bfc05ddeb855339a362648bda479716bd4
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 1b2c90def2fa139e9b726a3463c248ab220a8c3c2916781d95d5d7fbf9082a4e d2747e8fa163a3f72e2ce5070d84c0924a46184edd441f80b1d549077ad2fe3a9f470c81b9c9e8b94261c5d3b63ecc0d
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 1b2c90def2fa139e9b726a3463c248ab220a8c3c2916781d95d5d7fbf9082a4e 973779693ea48ecf9ff6f824ddc58e714ed2e8c714eb1a14df9de9bac39ce32f769cdb7038475e3b3133b14269c01778
|
||||||
|
EXPORTER_SECRET 1b2c90def2fa139e9b726a3463c248ab220a8c3c2916781d95d5d7fbf9082a4e 45a877e512e1e1e73d8fcea15f7046545e01ad394a0fffc97caf3426f74db4dc00530e048360f581f98a962237bec140
|
||||||
|
SERVER_TRAFFIC_SECRET_0 1b2c90def2fa139e9b726a3463c248ab220a8c3c2916781d95d5d7fbf9082a4e ce52b3dbee9e95972ab9ec445991652d483af153779fea2906af1af2831891329400670d7be73e6a2aee711c4e45ae44
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 1b2c90def2fa139e9b726a3463c248ab220a8c3c2916781d95d5d7fbf9082a4e 3c607941064ff1862a3f8867c017cbe4d226879356d1535f246654d0e2c6b3d61b41b3f5ed0d3732ae9931aab16e29fd
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 1589a5776a0e2f538e6a133e594f24fbcb05e82cfa56322a6132a6ec3531f9dd ffa1732e4c5f3bb32349f8de7b0703b5e148c8e8bef6142acdf95969d43f0b84baaf3b06e2a81d80f3c8969414d1c35f
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 1589a5776a0e2f538e6a133e594f24fbcb05e82cfa56322a6132a6ec3531f9dd 11c542a1400615a428c852cd8603ac7981c206234b9057a3184e60903c7aa6fa043c382e88846917170c546ed2cc058f
|
||||||
|
EXPORTER_SECRET 1589a5776a0e2f538e6a133e594f24fbcb05e82cfa56322a6132a6ec3531f9dd d8cd815f494f1302a27f270c00ea7294180cf125db28c9d58770cc02b907317d73262400fbac1ac70b2176682baa9415
|
||||||
|
SERVER_TRAFFIC_SECRET_0 1589a5776a0e2f538e6a133e594f24fbcb05e82cfa56322a6132a6ec3531f9dd 47fc262605996243c02d61e28cca22d115418536202116278f374490947ff0ba4b90401bab51bdc645bf2eae36904d4a
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 1589a5776a0e2f538e6a133e594f24fbcb05e82cfa56322a6132a6ec3531f9dd e623d1db6f6cab44067ad3cda3ff9e61183df455b04ec89ace64e204497e8117125110fe0aee2a9aa2b40dc29ebd77a3
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET a4b36bb85899fa874525c0ac6ab4aac6a0602686a9949ac2f561c778bd96d73c 00038b8356a81113f1701b2e2115c6b9db8e56a8a17cde6d0db049f307d1aecfd668bd25e8576a37f387b81c07bc5391
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET a4b36bb85899fa874525c0ac6ab4aac6a0602686a9949ac2f561c778bd96d73c 30885506395e0f0c3fea37db14855e620aec4ec8e1e8681fd3b73b7d0541727d482eabd08ab504780b3f1f62af4ba156
|
||||||
|
EXPORTER_SECRET a4b36bb85899fa874525c0ac6ab4aac6a0602686a9949ac2f561c778bd96d73c 2978fec2ed11b0c2fb4f812b04d9853bd42a925bd98bc30d044338c7ea43680426fb1233a16ef46fd8414f5052c38d8e
|
||||||
|
SERVER_TRAFFIC_SECRET_0 a4b36bb85899fa874525c0ac6ab4aac6a0602686a9949ac2f561c778bd96d73c c41d1ef1ee370d400734c80b588895fdc1bbe94d46e572f437410173743f4abec3113855109ffbfb011828b56bed6215
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 a4b36bb85899fa874525c0ac6ab4aac6a0602686a9949ac2f561c778bd96d73c 57be0e0741a651f6ff5a6e7fcef7b520df9547d3bfaa015c1234f73d9f84ae61fb4bac773591345771683039bb14c35d
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 448ba07bcfb54b8455f2e0d46b4335f8d96b65248d8f0f8661d6fb290e7ae5a6 c5a9ef00030d51c5b96522034ac05ab8fe1c02faac4d5a3f892f1bf7faad6eb2f016b84ea55372fb1d7f9c0dbea6235e
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 448ba07bcfb54b8455f2e0d46b4335f8d96b65248d8f0f8661d6fb290e7ae5a6 ee143b434e31604067d74d628008016380396d2dbccf220f9c8791c3581457d8ada05cac78e50b9fd9898acaf02f0964
|
||||||
|
EXPORTER_SECRET 448ba07bcfb54b8455f2e0d46b4335f8d96b65248d8f0f8661d6fb290e7ae5a6 0659abb3c386966f96c44e82533cfcdb323aaf0b23ddaa374f81cc07d8472c97f0adcc3f2bd7bad01f43a5a356248cae
|
||||||
|
SERVER_TRAFFIC_SECRET_0 448ba07bcfb54b8455f2e0d46b4335f8d96b65248d8f0f8661d6fb290e7ae5a6 70ca7dcb37242b515433a5a318b635fa68fda7165b08c79ed5171f058fc3d3fc7b5acbc6e191378ab1569088589f6131
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 448ba07bcfb54b8455f2e0d46b4335f8d96b65248d8f0f8661d6fb290e7ae5a6 2ac52e1da0e26d7ca254875075110aa9e04db416dade43c9e2a1480181a71730aadd4609b15fb87f6429bfcd3394b271
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET db757d42168448f28549990522e30c95dabe006ecb4e2f63411d86a97d034575 ab7ec2ec609a33f0e9c01bfd12cc6e26d2231ec6bf45f16c67bb52095bfaf6e1ce9043d1a6369b558c4a9433f5bec83f
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET db757d42168448f28549990522e30c95dabe006ecb4e2f63411d86a97d034575 7a46d9524be63795d31ec54b72d2ea503d17d19229931efcb815658c037b49eba5faa255b7b863723ee519f037fc4a20
|
||||||
|
EXPORTER_SECRET db757d42168448f28549990522e30c95dabe006ecb4e2f63411d86a97d034575 e562a08f4686b48b68ecdccc4daf79e72b4c5353c2233720a2366e3bebf11ad4c9d4a74c531bcc40068dd74d06ba825b
|
||||||
|
SERVER_TRAFFIC_SECRET_0 db757d42168448f28549990522e30c95dabe006ecb4e2f63411d86a97d034575 2a78159b4fb5c2da594cb7e73e21f67e8a4016f07ab746ed079c301a664dfe3ef8db43dfb79131ecad9ca9d4f3e0febd
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 db757d42168448f28549990522e30c95dabe006ecb4e2f63411d86a97d034575 c6b2447b57b49d327c37025d7a1e0f36fd9ada12ca68c6ba76acfb78cbed2972ca12b4f4db28313ef5cd53158f7b2f1a
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET d15807c7c9404d2ea822228215f415102e2d9b157eda08bc1febb6ed21a15e38 001c8c10eaee916829b22feb1e152ac11b93430e3cd438e181cf742b2c9977ff7ff8af062c69ef129f5783636967a63f
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET d15807c7c9404d2ea822228215f415102e2d9b157eda08bc1febb6ed21a15e38 ab1a96c708a12c613247651e24764bce2de1fa2885f69f22f673cb2d58d66de1c820573998e4ecff25593e5bb1c80bf4
|
||||||
|
EXPORTER_SECRET d15807c7c9404d2ea822228215f415102e2d9b157eda08bc1febb6ed21a15e38 e8ff868de3f22a393c0ba82ec49e2ef3093f8695fafa47e3fc6779e20745a00045714140f8c6ce6641c1850ca25e9281
|
||||||
|
SERVER_TRAFFIC_SECRET_0 d15807c7c9404d2ea822228215f415102e2d9b157eda08bc1febb6ed21a15e38 5763288aa48d60bec99b2b75a99b936d48c176498b42ee85cd6dc8db0eba44c626d9004c41452d5ad3ed5d373718f456
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 d15807c7c9404d2ea822228215f415102e2d9b157eda08bc1febb6ed21a15e38 69a30983b177d2951c1bd6f6fdbe0a1711b004885dcd05f4a3f9ec04634c1a3ecb39c4fc472983330caa6d5fbd05d99e
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 46f27cf3f8732b6c172a85859d184bc52be63611e447bfbbe02f0a967dc6e6f8 8e40973e9be126761f05507189f010e30aeeb684c93e5760fc5ec7fc19f3bb924b2063621786e96020450d5041d91def
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 46f27cf3f8732b6c172a85859d184bc52be63611e447bfbbe02f0a967dc6e6f8 326551b4cfc6c84bd7844a4d2b508bb5fe0522daebcd8c31dec5970475f64ea6a2376506c567943d996c5e02b4bc608d
|
||||||
|
EXPORTER_SECRET 46f27cf3f8732b6c172a85859d184bc52be63611e447bfbbe02f0a967dc6e6f8 265c19673daa66b51db0325f829ebc6db4c352052baa1623fcb3761f148aa0d91f2a81789a890544499eb265e7e0d77f
|
||||||
|
SERVER_TRAFFIC_SECRET_0 46f27cf3f8732b6c172a85859d184bc52be63611e447bfbbe02f0a967dc6e6f8 0b1bf8569acd1ebf5008c2ce5ed203e23139b3d79d38d7e2a3606a3729297ae5bd1c1ced4e266b60b3edf19bad7b045b
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 46f27cf3f8732b6c172a85859d184bc52be63611e447bfbbe02f0a967dc6e6f8 ec61a4ad8ba705e7ffa343367e8064a8df4815c2b8c23b5aae50a0d2564acfe7033c88f968f815ded1161585256b1ee0
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET d46f97e262a631c410f0578370361e864013d14de7486e7a03f39df51ceeaec5 4a1ae4d915fc9826ccc807f97f081ad99a79eb98139c056dc9274267ba6a224d1558ee6cf3581dc483cfb5852bc91bc7
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET d46f97e262a631c410f0578370361e864013d14de7486e7a03f39df51ceeaec5 8a70efc48146ea6af38d9bb7a8363f82e46045316ba0ec6c59cb707bbf1be5e3ab408d97337cc4a82e736c3409953772
|
||||||
|
EXPORTER_SECRET d46f97e262a631c410f0578370361e864013d14de7486e7a03f39df51ceeaec5 1439a653754f895c77953fdbdfa46235c497a7880a646ef2a86e65b2cfa8d5a7b5bd44938a1db880bac8e731e4b87b19
|
||||||
|
SERVER_TRAFFIC_SECRET_0 d46f97e262a631c410f0578370361e864013d14de7486e7a03f39df51ceeaec5 a9e08db93bf547c9757f13494e94b1abfebb3728f4cb8bc3018ad015619ade89ef4bc5bed47b1e3bdfe7dbcaf9b08309
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 d46f97e262a631c410f0578370361e864013d14de7486e7a03f39df51ceeaec5 afa8935b84fc53df879e3855ce400a57ff3bb530dc26532de62aae9a1bc0cd0b36e514c119efcc1a03b139320c972088
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 14e3e927896aae3825aa1f9dcb7b54bf44f3526e636c79200f43d6fa5574e325 3c28a8b494311a317428f303ad763149c73619c139f66c5c6e0be08b63028e676323a54e071f19512d77f9cbb10c3b15
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 14e3e927896aae3825aa1f9dcb7b54bf44f3526e636c79200f43d6fa5574e325 8d0e1e7eb2066f13204133ff553b3188803933657d05ac63b002b558572250acde46645fb42415293712b54a5a061b44
|
||||||
|
EXPORTER_SECRET 14e3e927896aae3825aa1f9dcb7b54bf44f3526e636c79200f43d6fa5574e325 532002162c67ad2b1301100845f45bbb6a2b2857809b8a8f11aa0b3326d8b48de4aa7d35b340bc196abf072c9ca34a47
|
||||||
|
SERVER_TRAFFIC_SECRET_0 14e3e927896aae3825aa1f9dcb7b54bf44f3526e636c79200f43d6fa5574e325 e2238c1567491e3400803e459ad179796993d3b529b1bc68a11a97ccdd9b67eeb6fdea2a12d897952f6e6536f6b68bae
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 14e3e927896aae3825aa1f9dcb7b54bf44f3526e636c79200f43d6fa5574e325 02dca56d4a09b2fb1104f9664082710ae073b04cad9dba39fc49501b8a31984fa6f0d37861e2d6a65b810851ec47fe92
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET d6d4b7a3ac1f8ece057c185b11074aead3de89e5a11ea7a1b89b6393e412a167 af2ce6ac735f5832ce0791678a147611cee25ba9579fd92882bb03ce33327adfa8416b5360331065815ad43feeef5111
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET d6d4b7a3ac1f8ece057c185b11074aead3de89e5a11ea7a1b89b6393e412a167 0fdc494cbc70e0a77d3d37b26e7d90e4176d1916da827ff2d89c3c50563e9f3580f23d24ab26c3ef58d7397bbe6e9046
|
||||||
|
EXPORTER_SECRET d6d4b7a3ac1f8ece057c185b11074aead3de89e5a11ea7a1b89b6393e412a167 c2164a2b2556dde26805c7d29067f0075331933bc28ddd545e59c26f18f8e661dbecb6e49814b0aba66170b31b62fc4e
|
||||||
|
SERVER_TRAFFIC_SECRET_0 d6d4b7a3ac1f8ece057c185b11074aead3de89e5a11ea7a1b89b6393e412a167 03975fda853826f23adda673975957c66e8a6047b9d5057673f3a7780fd02b3d253701ef0555933af0b8a1894e81b248
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 d6d4b7a3ac1f8ece057c185b11074aead3de89e5a11ea7a1b89b6393e412a167 ba3f1c9e1b8fba8873322c2966c67a0005e44cc2c10d81eded978a428c6a7aba3fda361e738757f4738670b5d3872b5a
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 87f194f136faa69c6c7505b7e12b480496b3f0b77130c31c8923fdce22868431 0a412535cf590a239779cac8835e33dccc0ff939235dc104fbeb0a65bd3f3e9167c0eda41e460837d17e1a8e324e41a9
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 87f194f136faa69c6c7505b7e12b480496b3f0b77130c31c8923fdce22868431 67d18320d88059dbcc16bcb01e8426625480734ad32359595272843cb9aafda92bf10545097f97dc2bc0545f9a91761a
|
||||||
|
EXPORTER_SECRET 87f194f136faa69c6c7505b7e12b480496b3f0b77130c31c8923fdce22868431 a1c172df6ea144d89ac35b9d26d5bbc93010e3d788d44a2eb18b88dc48990ed06607121100dd1ae19559b3bce3151dfe
|
||||||
|
SERVER_TRAFFIC_SECRET_0 87f194f136faa69c6c7505b7e12b480496b3f0b77130c31c8923fdce22868431 2a0cf6458a6179f8f6b6774c51a7e39227783874f5b8f4b3762f0d5d7d0811ef167e8c552afe6e30ec90f9c986daa9e3
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 87f194f136faa69c6c7505b7e12b480496b3f0b77130c31c8923fdce22868431 3b8de68294d741f9ad6b3a061f98140a99b2e1da2eab05952f3605a1a00dbebca26ec8c5d0b86a1688c9cd04fa31ee53
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 7d9008e8e75260cd628639262b3b8a4b3bfbbeb9c1aa10e02847c78288080810 8ffa799f8036834fe798397933774423c6ff7d775153be709e4393116f91bccb8124f1ab3272cf8b3ee6d492fd5f2aea
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 7d9008e8e75260cd628639262b3b8a4b3bfbbeb9c1aa10e02847c78288080810 9907b615896c8e6ac98be0a716ac671784951541d23a0ce7174232a9c319848eeb309db3aa2ba74e2606e0ce331348ac
|
||||||
|
EXPORTER_SECRET 7d9008e8e75260cd628639262b3b8a4b3bfbbeb9c1aa10e02847c78288080810 fd25c46614c4ec58e9fd7332a617a3a0b95a6aebdaa962b85c2fee3b196cd8e62127d6a03b91b1048cd2feb199d03e8c
|
||||||
|
SERVER_TRAFFIC_SECRET_0 7d9008e8e75260cd628639262b3b8a4b3bfbbeb9c1aa10e02847c78288080810 6fb2e686fb016f76b34b20ac600ba1643ff758f5b3fc41ff2691636644546ca5029dd66b23454bbf10200091e9313c65
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 7d9008e8e75260cd628639262b3b8a4b3bfbbeb9c1aa10e02847c78288080810 dbd4b3fc8b3544d4e85330fa8b5d7df6851ba39d1298a1c2d2889b004e6f34c2905bcc356c950bb531d8cf84287feb39
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET f44632915f4a422f8d91f7100a63795e9c071156ee9361df65375e65b7a0265c 6077e13b2427563adf13496e4735958ddf7011aac693f17404190633132c4ae4322cafeba5362bb8800cd8f3a42e31a9
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET f44632915f4a422f8d91f7100a63795e9c071156ee9361df65375e65b7a0265c 633ee7d0bd1e105ae8756674ba786d5422774614f50009030266a6b52cd8ba5cc1f8bdc93947a9a95e6f889f3bdafcde
|
||||||
|
EXPORTER_SECRET f44632915f4a422f8d91f7100a63795e9c071156ee9361df65375e65b7a0265c cd9dfcbcb4aefe47964aceadbf9d22ba0aef0975869b12f157804d4fa6813f38d44fc033249c9cb22ae11a754f65986e
|
||||||
|
SERVER_TRAFFIC_SECRET_0 f44632915f4a422f8d91f7100a63795e9c071156ee9361df65375e65b7a0265c 4d4dd92fb0194b8298257b5ad6e0cec029456ee35aa025f1e9fcd592d3e63dcf657313d1d51fc2671d0472f9bc11a63e
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 f44632915f4a422f8d91f7100a63795e9c071156ee9361df65375e65b7a0265c 099966319f13070681e2fdc889951ed04b5de5af5bd870da7e2406a5708f2e4cd07be298f24a1f75eb9e49d12fd121e8
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET e3899c4dcfbbb415ba4d856f4253c34959c4531622e4105dfec451ed248ffc80 873b363dec1a6b03b675d593a870116e9a12e21254484bddde2ada942a713400508db3b1c8c0d36039e59e853589de9c
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET e3899c4dcfbbb415ba4d856f4253c34959c4531622e4105dfec451ed248ffc80 a17abdaf0c35fe86ca9ab816a3f502d2770a0c1c7b3c4554574e537f730153f9263a416e5533e6600ee04ca1671d21d4
|
||||||
|
EXPORTER_SECRET e3899c4dcfbbb415ba4d856f4253c34959c4531622e4105dfec451ed248ffc80 7d5bbfaa54615a009bb83753f1a2b069a52241da63ead3c71f568d80a13418141fec1fec9ef28f882e8926b185ce0dad
|
||||||
|
SERVER_TRAFFIC_SECRET_0 e3899c4dcfbbb415ba4d856f4253c34959c4531622e4105dfec451ed248ffc80 11367316c1a97048df2d70a1acae99357a03deea03efd9f064ec36fcf2672d9ad0a2018522a175585163a609750c4639
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 e3899c4dcfbbb415ba4d856f4253c34959c4531622e4105dfec451ed248ffc80 53ee68787d5129c87b23f421db61ce132b7e3e63fa80f9e1d5870fbbb63c15107b999ce695700c828460490eea130fa5
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 58cfa2b2f47f6a19e80ef6a378c658e2691b0645432e2882170740b6a0c25061 ed3999eb3e1e0b4d3314c2597e990503c33ee396fc014af365f4fe8e6c59f2e2a986355a95640c237f27106cf1dd29bd
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 58cfa2b2f47f6a19e80ef6a378c658e2691b0645432e2882170740b6a0c25061 195ebdc9cafee2bc3ee2856f3aa604f5c7d7cf04d3c2843fdfa4ba18ff527be5520f69205b68aff3be8ea2b53518df14
|
||||||
|
EXPORTER_SECRET 58cfa2b2f47f6a19e80ef6a378c658e2691b0645432e2882170740b6a0c25061 375e645651e81ee9e1963a3fc66efbf5f9cada69e0b469a4c005082cea60ce80a45f7e2fe0b8c80c5d9b4bc55cda9fa4
|
||||||
|
SERVER_TRAFFIC_SECRET_0 58cfa2b2f47f6a19e80ef6a378c658e2691b0645432e2882170740b6a0c25061 3661f7b9c5fcbfdca08bc783e9ec8200a640320a9c94f98b2290b15abd462cefd2f21dcc52d05c0ddaf85a3e1a1a7b5a
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 58cfa2b2f47f6a19e80ef6a378c658e2691b0645432e2882170740b6a0c25061 95abd1b96d8b222b4c443898e82f584a13f3ed47f4e976423f06c50138a4b9ddb80ed5b19f9809e2a5c48c7c30693fdb
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 8e67bc86c77efe4a0bdd6610d2b283b2d41a590a52c6be00c14e19e8a2216a5c 68ec2db7e51a1b57f09e33e4aeb10025ee238ac4627746b6c2d2914fc1abe795470764362aab1d05f37eed5255d2953e
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 8e67bc86c77efe4a0bdd6610d2b283b2d41a590a52c6be00c14e19e8a2216a5c 684b2327ddd94c40e13426584f54d1a9b528d17d1f9bd7426ba7bd8ddeda98829b1c4585434bf6e1ba03a858b40c3efe
|
||||||
|
EXPORTER_SECRET 8e67bc86c77efe4a0bdd6610d2b283b2d41a590a52c6be00c14e19e8a2216a5c d5da49a7c3aa113835dfcaf4446c6da31595d93166be6f187b975f1a11b2cee3b75dbc5194643b86061f9e056bfd6f27
|
||||||
|
SERVER_TRAFFIC_SECRET_0 8e67bc86c77efe4a0bdd6610d2b283b2d41a590a52c6be00c14e19e8a2216a5c fe48361e4fbac31f1dee4375f096a06755ed5f43dd688e7993dbe96d3b77ae9ba5d3029b1ca2ca0ae28bd11c976baa59
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 8e67bc86c77efe4a0bdd6610d2b283b2d41a590a52c6be00c14e19e8a2216a5c a227da2a5ab1aa34221ddbeb6c4fdd7d6716f8be5fcd09d98552d285cc01616f22e785e65b9c5ff321b7d3f3c8986c9f
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 009ccdad7f30d6efd59b098ad6c2007c87fbc99205af96457790c0ecf17521a0 901589e627832045545f33259411701b9af5a5c9840b66eee7a3ead37119623df254cfb072b1036996a579b0c6347d75
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 009ccdad7f30d6efd59b098ad6c2007c87fbc99205af96457790c0ecf17521a0 d5d19dc69f2751fb43424fbd96ddfbd4890b8dda7a9cb4cc1641bf0e5155fd2088cdc51d3d0e3ae685280925c9d0bf3d
|
||||||
|
EXPORTER_SECRET 009ccdad7f30d6efd59b098ad6c2007c87fbc99205af96457790c0ecf17521a0 4b3a40c58c0754af6df77093a42133d60ed7141b15ae56c0b9a067a31ed4d8f064c2be9740dc114ce6ade9909d463d05
|
||||||
|
SERVER_TRAFFIC_SECRET_0 009ccdad7f30d6efd59b098ad6c2007c87fbc99205af96457790c0ecf17521a0 e5f3e6fb12eed9e50004a5bfb372354bc7dadadd5e481417bf4abb3febc043a45a76584912446b2abc2a9b479b70beca
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 009ccdad7f30d6efd59b098ad6c2007c87fbc99205af96457790c0ecf17521a0 b7c35ad24aed16963da9326e18d7f3dcc811942bf6086029d16368419e074a348dafec106295832977ee688102610b67
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET b41b59e34d1abbbd7de0d44209e05b403ce0a03dc4e3bf25729dac0addb74d3e 239c2901fac5b07b49680872a0e3cca9c150f2fb92d908f1f27086b59912bcac989c7f225e6e76c5228687a48fb6c899
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET b41b59e34d1abbbd7de0d44209e05b403ce0a03dc4e3bf25729dac0addb74d3e fbe7dc3eb607bb0183a00104441027d5db80721a42ed17c5ee7458f539c0c8e1e996c79f1fc1dcf9791b53b0fcd934f1
|
||||||
|
EXPORTER_SECRET b41b59e34d1abbbd7de0d44209e05b403ce0a03dc4e3bf25729dac0addb74d3e c43232be2135f4c217fae0e963e91a05a5053fa205ec9912ea2aa395381bb95570004e044da2a11245e97f23095429f9
|
||||||
|
SERVER_TRAFFIC_SECRET_0 b41b59e34d1abbbd7de0d44209e05b403ce0a03dc4e3bf25729dac0addb74d3e 75b073c41ca2618525a29ae1d35879b40d5466c2faf79e62dab0e9536dc0b84a620492efd124da1db2effe438424f3fd
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 b41b59e34d1abbbd7de0d44209e05b403ce0a03dc4e3bf25729dac0addb74d3e 7bc971f04177b778e1186e3efca96018e85dec2000651e7ec93a7475a4d38db8fc808c43a9616a1b31e781687147be79
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 3c20ea9ea4054044f75512da39064f98544fa006c3c12ee5239a4c5a31320540 88904a4816ddfa5e2a0d16eed0f55a4d3b0ce8c889d7a7f7db589085f53e72fc
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 3c20ea9ea4054044f75512da39064f98544fa006c3c12ee5239a4c5a31320540 7cdb5f2b3dad33efe1617efcba04a2d92e0b6e5a65cedeb8a837dee395e6c085
|
||||||
|
EXPORTER_SECRET 3c20ea9ea4054044f75512da39064f98544fa006c3c12ee5239a4c5a31320540 c7b13c68943998598e2ee60e615efc5904a943bf48ea007c05759f4f6b2395e2
|
||||||
|
SERVER_TRAFFIC_SECRET_0 3c20ea9ea4054044f75512da39064f98544fa006c3c12ee5239a4c5a31320540 1094947db3f6fe2370e5aa81fc3a30a8c85b83b5950a8d9dbd101f6c5ecc16ec
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 3c20ea9ea4054044f75512da39064f98544fa006c3c12ee5239a4c5a31320540 574ca7d87618738edcf11fe6937338b3eb58c31ee49dcda2f7284fdc4dfcdf56
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 169637b581d83e615cee48ae69fd0d810f24e8855dac989600b48fac970c36d9 182ed636bf590c245fea0ad4b04d9b2304bb30279e1a2f7bfef16861d13e2462
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 169637b581d83e615cee48ae69fd0d810f24e8855dac989600b48fac970c36d9 1e4ad1aaddf8a4f64f35859461df54d193d1cd081845a422ef44d71f5ca71f71
|
||||||
|
EXPORTER_SECRET 169637b581d83e615cee48ae69fd0d810f24e8855dac989600b48fac970c36d9 23136badd3a8975b1ceea1b4d9523055cbe296dfe75596b1e90ab6f0b7100350
|
||||||
|
SERVER_TRAFFIC_SECRET_0 169637b581d83e615cee48ae69fd0d810f24e8855dac989600b48fac970c36d9 e15200b68d7f703abe7b04165c8885566d90c4dd509c7d174dc4c2cf130cf4d2
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 169637b581d83e615cee48ae69fd0d810f24e8855dac989600b48fac970c36d9 c5fef93efea3e4a24499a408af7e3de26411738cf25063c9efaad9b8d045487d
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 27c30a115134f44650c60dee4d44978aefd02c47ce11f453a0de8192fa4aea92 f57367d19017ecbf85a2b2b16840452685a6ccc96bb269976374662c45a442e3781976c63829b74519b9ff0ddfa775b1
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 27c30a115134f44650c60dee4d44978aefd02c47ce11f453a0de8192fa4aea92 6e13477063c742a800cce3a59994158e51b0fb324410a316a3d2977c6f41a276a323f22770667e563ad1525e5db3dcd2
|
||||||
|
EXPORTER_SECRET 27c30a115134f44650c60dee4d44978aefd02c47ce11f453a0de8192fa4aea92 6a3e9a5b09e243c90d99d7519ca983bd4bd595f53e40de974a601081073160ba9f41a85d6f8d1e39584ca66c053806ad
|
||||||
|
SERVER_TRAFFIC_SECRET_0 27c30a115134f44650c60dee4d44978aefd02c47ce11f453a0de8192fa4aea92 435989df8c9c5e83bdbafbf82198bb8a5bfee5d972dfe5b893b549defb899f1e7baed8c9cafa3e6816aab80428f127b7
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 27c30a115134f44650c60dee4d44978aefd02c47ce11f453a0de8192fa4aea92 79202c8c9ab63aa7fb6b94f237397bf7063a51784405309f51428a1c1b5c3a813099252eea22f6ad0284f443a8594ea6
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET b0470796569b4f1ca61e1287dfa61a808ac0c491fd51559cec0d2ad4cde10fed 20cc50c46d802b17ef8b2619d473500c8f970cbc5e84656de2742f1473874ca696abc05f63dbc28f81a239ce5230eaa8
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET b0470796569b4f1ca61e1287dfa61a808ac0c491fd51559cec0d2ad4cde10fed c7334c9a3d174754fc282deab4d074a8af681656eb1d116778560f336eb5165acd4b8c236092362168fa19c29170eca9
|
||||||
|
EXPORTER_SECRET b0470796569b4f1ca61e1287dfa61a808ac0c491fd51559cec0d2ad4cde10fed 3c38b92da4194ad31d356e8bf7d48e14aad46af8d30eb164b3cb628f96b54a4cdc6f58406834864ce27885d766ab69ee
|
||||||
|
SERVER_TRAFFIC_SECRET_0 b0470796569b4f1ca61e1287dfa61a808ac0c491fd51559cec0d2ad4cde10fed 1db7bfe15206432b36de2412d5bac549632f7d796b6f14259a6762202886559a7c9de75d6650c7743cb3b28a631e8847
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 b0470796569b4f1ca61e1287dfa61a808ac0c491fd51559cec0d2ad4cde10fed f925e39221a1e0af51c842fbf5f7f3b81d515e81f1f616a2684e7dc33699b4be8784d379d2c28c6496cbedbf9b060048
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 97eae75a36290fde86bf2ff48c8039cf2c0a8f36cb727897b954dc60e0d6cb4f 22e8aa7eda51ffccda0a6425c79432370e299acf9d9d484bf17d3c2c0bfb9fe0
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 97eae75a36290fde86bf2ff48c8039cf2c0a8f36cb727897b954dc60e0d6cb4f a2fe0dd7f22162b3c0c8c28f1c87366268bef27a4854268f9fa3c6425c55eac6
|
||||||
|
EXPORTER_SECRET 97eae75a36290fde86bf2ff48c8039cf2c0a8f36cb727897b954dc60e0d6cb4f 3191a28e731defa7eabca0bf3cfdbf94aa0a5e361cbf99c70674293ef3a2fd34
|
||||||
|
SERVER_TRAFFIC_SECRET_0 97eae75a36290fde86bf2ff48c8039cf2c0a8f36cb727897b954dc60e0d6cb4f fdfd73a8fb41ceabc7dc6ee1422e0e99c19f7a5c2fe291a1b8268bc6edc673ee
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 97eae75a36290fde86bf2ff48c8039cf2c0a8f36cb727897b954dc60e0d6cb4f 7ac1dfda09a9552f18d354bd9ee7fbede1b098e955d25872f9499f3ac7cc6aae
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 897fdc7e6097f8d59e66cc656efa4f1738c41e28905c3877f10d52935335a4c5 1952044bcd496831f0fff4e07b45d418d12858c99db1224823b796e3e201feede3af8517e44fcbe170c809313672e673
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 897fdc7e6097f8d59e66cc656efa4f1738c41e28905c3877f10d52935335a4c5 6e12ea4fb6e483999c7e506fe79f20bf1729b7cbc067fc550954d48b0a067d7f919b365fe27a1951d45bc04af0aa195d
|
||||||
|
EXPORTER_SECRET 897fdc7e6097f8d59e66cc656efa4f1738c41e28905c3877f10d52935335a4c5 8bcbc5371d8658f7c6914e1fcf67b9bdd0851355ef5fab90e84a6e8529d2d882d8874aab4b5bcb4b1ce5ed43bb408687
|
||||||
|
SERVER_TRAFFIC_SECRET_0 897fdc7e6097f8d59e66cc656efa4f1738c41e28905c3877f10d52935335a4c5 907ace566debefd423c3f66b62e544a1602816e7e0336e0c017916792818a8c6dfc4cce1e76de025a2571d4630c9c753
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 897fdc7e6097f8d59e66cc656efa4f1738c41e28905c3877f10d52935335a4c5 ec78712410c873158c52583b3bd7f95216400d14a473a96402efde819268a8bee1a9c5e92b2eb12a5bbb7246ddcaf5e3
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 8add6459527b417ba0c689ffe3a7bc34a460d85811322870c93e83d998ee91ec ec90888e7e8063f8cdf21791d5da805a90eabc99ce98cc1cd19aa6337ef7306ca27844bef2e5e8351e9956fafa3ca70a
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 8add6459527b417ba0c689ffe3a7bc34a460d85811322870c93e83d998ee91ec 6fee3f0cc4c02cef4c391f0bd963bafbab9c718b2e532a26656f55b9048461789594078a604cb100c1562d24c156fe27
|
||||||
|
EXPORTER_SECRET 8add6459527b417ba0c689ffe3a7bc34a460d85811322870c93e83d998ee91ec fb05a6ce3b7fa64c673376dbf696866dee3ad5650149c63a8c728ccba3da6fa1a93d452d54503ce4de1617a49ad74133
|
||||||
|
SERVER_TRAFFIC_SECRET_0 8add6459527b417ba0c689ffe3a7bc34a460d85811322870c93e83d998ee91ec 4a329814c248187c9f2b1016f0852b998168ba8af5555a0ba181e344eb679318ae142c366e6258012a098cf18618534d
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 8add6459527b417ba0c689ffe3a7bc34a460d85811322870c93e83d998ee91ec 3e4ea5a39212649282f9918193b6de5ab59ddc38043294ce056cd404e2d3c22ab7c3f1399fe5c70cd28c2b10576045ac
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET e8fc4d4e916c503f0ab28b4c64068f9cb05cad6cd10f3da7768eef0ecc0804ac d8ed82fe7e70a93f353f7380c77c4f390685e4a651e52788c1078afea5b8f0c5
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET e8fc4d4e916c503f0ab28b4c64068f9cb05cad6cd10f3da7768eef0ecc0804ac 6ca30da4679fdec76fbff8c56ab34e6b8a0b614449f1ac3686429edafbc063f7
|
||||||
|
EXPORTER_SECRET e8fc4d4e916c503f0ab28b4c64068f9cb05cad6cd10f3da7768eef0ecc0804ac 00dd5747a6cce10577b7913573a1515a4771f7b93cc67b426b7231754981f541
|
||||||
|
SERVER_TRAFFIC_SECRET_0 e8fc4d4e916c503f0ab28b4c64068f9cb05cad6cd10f3da7768eef0ecc0804ac 72b07b2120e80254d17d4db7c8ce46bc64a02eea2ac09d07899a0504889f0765
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 e8fc4d4e916c503f0ab28b4c64068f9cb05cad6cd10f3da7768eef0ecc0804ac ef22fc4f576b358c3bf77c526e3830811d25608b8c32d3b8d4accabc02b034d3
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 4b038c23f532ba8c893ead81d1f07f1681e4d18987b65333408e20957fde7e71 9eb2c91bcc6e0864c364858e0864d041c52f41ca3ce396d128d4fb5dc386ac00
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 4b038c23f532ba8c893ead81d1f07f1681e4d18987b65333408e20957fde7e71 8577431055b2a50669270c3bf08aaf32dc7dd66a7e9a5efbeb93677db231fd72
|
||||||
|
EXPORTER_SECRET 4b038c23f532ba8c893ead81d1f07f1681e4d18987b65333408e20957fde7e71 6a58ac33631d88787f62a919a8f0d2b6c0f8d03075aeb04b880ce2330cb9b2fc
|
||||||
|
SERVER_TRAFFIC_SECRET_0 4b038c23f532ba8c893ead81d1f07f1681e4d18987b65333408e20957fde7e71 243d0b750befa5d25af82ea4d5eaacf7f52c5343dc260f75344dcaadc69544b3
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 4b038c23f532ba8c893ead81d1f07f1681e4d18987b65333408e20957fde7e71 0a921480912454ce03a14c5eeb75ae44c7c9a82a883eb632e7279cbdab3d1188
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 1ba4a034638a63221f55e3e684fa4e6a5bbbb9f9711c035e23441810b82667c8 aa87c1bd965ea9e1361d15e7fd671792980da373f34e4eefe1fd21effbd65a80
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 1ba4a034638a63221f55e3e684fa4e6a5bbbb9f9711c035e23441810b82667c8 533b0dcc030ecac8feace33031a405f5e05ecd0d7c7e64a6e30fa7bbee9bb813
|
||||||
|
EXPORTER_SECRET 1ba4a034638a63221f55e3e684fa4e6a5bbbb9f9711c035e23441810b82667c8 027a31d81dfa560205e25a50740b13dc7ce6f5c18004dac45e2b68517c0a75e1
|
||||||
|
SERVER_TRAFFIC_SECRET_0 1ba4a034638a63221f55e3e684fa4e6a5bbbb9f9711c035e23441810b82667c8 15f1d79f92d5b5cc15a1ebb67c39bfc4cce4934aac2722fb89a0e055c81c562e
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 1ba4a034638a63221f55e3e684fa4e6a5bbbb9f9711c035e23441810b82667c8 e7cd79a7d0bd712d966261ddc5a7eec31b1e9d5cff667843eafa7e01348d1dcc
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 7e2c0186c249512d260b171732055c9ac9ed32a9a5d52eceb68f103dc9cefdb9 28cebb1404b17be90013e1b68e85e1edcdb987684b6a3627bd6f9388faa43b15ae4c2ab0ff21464af2a5c50a129cfdd0
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 7e2c0186c249512d260b171732055c9ac9ed32a9a5d52eceb68f103dc9cefdb9 6c7257cd7d2a548b845b0965454a7dafcdc26bda58fd34cc4acb60a0ee1334627a246556a811c4c4659e092eebf20143
|
||||||
|
EXPORTER_SECRET 7e2c0186c249512d260b171732055c9ac9ed32a9a5d52eceb68f103dc9cefdb9 eaafed694970e1e45c203b9b72673d4f5fb8a5ab8aa85232ad8844cff5add6ac707de526348b06337f95d8702b26e2f4
|
||||||
|
SERVER_TRAFFIC_SECRET_0 7e2c0186c249512d260b171732055c9ac9ed32a9a5d52eceb68f103dc9cefdb9 8c41a6763a2d5ae32ac3301025201eaab784e89536eb086848d124d09dc33c2358e4455e09f267f3389ebf488ed0971b
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 7e2c0186c249512d260b171732055c9ac9ed32a9a5d52eceb68f103dc9cefdb9 307973c6a786e6226ecd9cefe8a60a976f8488efd0d27b7a4b21cff823db90aa2b0c0a2ccc3e867e798d85e34054e136
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 6c357174384538a3c2e267279248533ad0343c68b88904ccd9153bcd4e13242c 475411cbf1975c3a02e52b9add7e82657c986de14ba5711096adb2bcc7ec9c7b27bb5259a6d22f667ff28bb9f0823e95
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 6c357174384538a3c2e267279248533ad0343c68b88904ccd9153bcd4e13242c 0745a8590c3c01105975e8d4d46b16a59e4fe35a7ae6042bb7af8008e38bc6834e1c8404b17cf145d5885e257d41f723
|
||||||
|
EXPORTER_SECRET 6c357174384538a3c2e267279248533ad0343c68b88904ccd9153bcd4e13242c eedf5b47e7ecc48241ddad2d2280c6a5f6502a82a5a88f2748b1aa6203833aadbc7c4266e8101975484d20867bb70f00
|
||||||
|
SERVER_TRAFFIC_SECRET_0 6c357174384538a3c2e267279248533ad0343c68b88904ccd9153bcd4e13242c b4e5db43a0e7b92ffec3708650b013d5ae3434b389172ed1f6eb5c5b28c7e92921431c6628e1354a219c25bf64108d80
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 6c357174384538a3c2e267279248533ad0343c68b88904ccd9153bcd4e13242c 641adb6a6298096359f586c44fd11608857a4ce27140c63d4e3d0e24ff3fb883fe9ec26eca6a3c7a61e2920c62c40ebf
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 4faf16f6b06718630097c50a65b3f09b91df212c3b2f336ac5aa3b33befaee57 f564a762eff57f31001eee9996aebc5bd480889f1bc5e5f410775887b4ddd1d365e6218f1065979134c458ad413674a6
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 4faf16f6b06718630097c50a65b3f09b91df212c3b2f336ac5aa3b33befaee57 8a3544d148c7d8e43c0608a9e7b67d803973c38518e4bf5ed14580c57073a236a250f0a65d0d18e27bcfb47005bb393d
|
||||||
|
EXPORTER_SECRET 4faf16f6b06718630097c50a65b3f09b91df212c3b2f336ac5aa3b33befaee57 1cfcc37cf34a944d699ae339e7fdb450509e70f55f62df0edef3af88721d15aaade82ee0ffb7f7cce9ce3403a95a6833
|
||||||
|
SERVER_TRAFFIC_SECRET_0 4faf16f6b06718630097c50a65b3f09b91df212c3b2f336ac5aa3b33befaee57 60f6308216dad40d6a8c383b3f98a11ed4d4046645bbabf242a187332f2631a837df196aafd2f54230ebe5adfd2a21d0
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 4faf16f6b06718630097c50a65b3f09b91df212c3b2f336ac5aa3b33befaee57 f6888064defe7395c0f9b108b56eda7fa3a54dbaec5d58fe396cbc19aa7f9ee6f7d2edf23514583310a9fd6a3e6d2411
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET a3b4da6a6952237f519b9b7bdc975663484a7d5257724ccf636ee13831d69e2b bd8bca6d44de0a1e4e08eedb0bd4aeb62903568347d7f35413cbf5e7ae2588ddbf41db901b7cc2079be3ef993b21246c
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET a3b4da6a6952237f519b9b7bdc975663484a7d5257724ccf636ee13831d69e2b f54ab51e681825cfb5171acb142f44cbc0379ef7248d18185a298fbe6b8ddd255bd365b4dce0b645a37bfa3346f5a333
|
||||||
|
EXPORTER_SECRET a3b4da6a6952237f519b9b7bdc975663484a7d5257724ccf636ee13831d69e2b f86bac4e964eb075fe479058fb83cd201079c498f984c2f708e047067358d0f6e76773c1df6a6e60dc9281914619d9b0
|
||||||
|
SERVER_TRAFFIC_SECRET_0 a3b4da6a6952237f519b9b7bdc975663484a7d5257724ccf636ee13831d69e2b 449116c8c865bf1309c0e20ab7d60c536dab15bb30a94a30316694cdbb7e502cce6992e7c3b30ffd9fb7b6f37d0de6a0
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 a3b4da6a6952237f519b9b7bdc975663484a7d5257724ccf636ee13831d69e2b 37c131d7de3c529defaaeed4efb74403b0ca623ad447ae06f7527668f12e86326a052040bf5f849eddcba33349d82d2e
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET ddb0c305ae061b5de9f15e88f7e14b15263dfc49c929d192aa814c51558dc913 0c0c62997bdd46ad7af2796ee214b6fcefcfd0b05fe2d91f38b34bd99487d7b99c976bb88cd25b069fafc40540106cf8
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET ddb0c305ae061b5de9f15e88f7e14b15263dfc49c929d192aa814c51558dc913 9b0425f2d9ef2307c4f6c03a87843a60d0b4a452bf1357aa67cdb335e28ace0ef7e0c9fbb2aeeea0a227f3397b5d29b9
|
||||||
|
EXPORTER_SECRET ddb0c305ae061b5de9f15e88f7e14b15263dfc49c929d192aa814c51558dc913 db4f74c17d322d963191022388fd447c82e2fce8d0ce0a21a958a2e3d908ea34b6772433950a696d2a4c0e6463ee9aaf
|
||||||
|
SERVER_TRAFFIC_SECRET_0 ddb0c305ae061b5de9f15e88f7e14b15263dfc49c929d192aa814c51558dc913 cb145ee586f889a50952297402dc135485ab1c63bc29cab98844e6591547af810dfad2fe0ecdda7df23736bd3482b0bd
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 ddb0c305ae061b5de9f15e88f7e14b15263dfc49c929d192aa814c51558dc913 ab6c0da35947d5988980b44eb01aaaf1c9fce074b925e4830f021ec95ea39e353676ce7c789a65d3a865277d54d616fb
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 0bf0490aff6c8dfeb88a87e473d1dc49c14c3053f8029a6be49c3604ea088466 4eefffa3d30e509e1f583097bc0ad1eb9baf573455c66d4c6bb4ec964de97a8e5934f546459914a02dd30d9495a1b37c
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 0bf0490aff6c8dfeb88a87e473d1dc49c14c3053f8029a6be49c3604ea088466 a4c043f9803f8011046198f6bf35914a84afeff8c689d1276a3a395296e7f4cd0c1d89649479292e483630423066c5d2
|
||||||
|
EXPORTER_SECRET 0bf0490aff6c8dfeb88a87e473d1dc49c14c3053f8029a6be49c3604ea088466 e9dd9449b2bf58880b3c49c585c997a37173d9dfd0f01556ed32685b345ad43b7f63d309f20c07d2f6c560baeeef88fa
|
||||||
|
SERVER_TRAFFIC_SECRET_0 0bf0490aff6c8dfeb88a87e473d1dc49c14c3053f8029a6be49c3604ea088466 3618537e80c8b742f98c8a0089929e9c9792993824b7db5101a80f45190bd107fe04454e083df2fbb69d2bdd7bc9760f
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 0bf0490aff6c8dfeb88a87e473d1dc49c14c3053f8029a6be49c3604ea088466 120ecb9ba14111a8cc8df1e0b9dc4c550a08d88ba91f16123bb8d89aa23e3f538b15994ae62da0d29a3e1ed1e032f8a6
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 2e78ab0ab702be305ae81cf0886bc93d09967eb60d9a1d837677c0af52b88c89 91e7f391b276856033a47e458e1d64bf81d08a3292ff30aa582bcbd140d764cc8626c16742ebd6d9a7f500a68aeb5ebb
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 2e78ab0ab702be305ae81cf0886bc93d09967eb60d9a1d837677c0af52b88c89 ef2ac5e176b3e5713a6c205790e3b58b12b64cc4628fbb6ac0b12273a73be6e6913a0556f823eebe12c4e42199bfbcc6
|
||||||
|
EXPORTER_SECRET 2e78ab0ab702be305ae81cf0886bc93d09967eb60d9a1d837677c0af52b88c89 ad46dd23b08dd4135c63f3291953254977a7526630d3cc9455d8da59eb5cf712cf671d9970dad31f1c793617a60c6f99
|
||||||
|
SERVER_TRAFFIC_SECRET_0 2e78ab0ab702be305ae81cf0886bc93d09967eb60d9a1d837677c0af52b88c89 3f4de0cda8b51bf7533e12279bebd1062459700be861c1a951e4224652872aec2162bd2b8ae16a3a16fe580aa941e6ff
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 2e78ab0ab702be305ae81cf0886bc93d09967eb60d9a1d837677c0af52b88c89 7ea195809a87dc2b3af3f1a1f0317a4f5d51d0e26012e59bc2aeba8c867c0ab735140853234354feb6adc49ea24714b8
|
||||||
|
CLIENT_RANDOM ff71dd83376f0a35a8b86e8b9f516d9938a36ec3803e48b5a256fc7cd597528d 6bf5b5d1515d70facf6f2a76c997add2a9464b5712b17ee0273dbfeaa3c1ddc7daf5ff21e552cc1ab09ad45fe815d616
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 1ca51d8032bbf6e0748bc3852de83b111463295f913ea8a0695ee384a4503848 53f1bfdfbc44559025a6562937995d9406033304bf59a457e1b1eb817f530e16
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 1ca51d8032bbf6e0748bc3852de83b111463295f913ea8a0695ee384a4503848 b8412c25f615a5674f51817604e28b8bf70b269007c05cd408b1a24cfaa9a936
|
||||||
|
EXPORTER_SECRET 1ca51d8032bbf6e0748bc3852de83b111463295f913ea8a0695ee384a4503848 fb2e70cca12d1e15534b3c2b6b67b85a2a148ee4318922451bc2d7cc768a4c91
|
||||||
|
SERVER_TRAFFIC_SECRET_0 1ca51d8032bbf6e0748bc3852de83b111463295f913ea8a0695ee384a4503848 17e8205e0f334bd5c34c9b73e7f791386f3c8e3316d3bdf133d8227380555109
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 1ca51d8032bbf6e0748bc3852de83b111463295f913ea8a0695ee384a4503848 eaedfbfff17ffe92267845cda264104c3ba8da6d6d10a1233ef388bfb8bbbf2d
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 453873a2ebc5c814d8d457df0b880569df7a12c88d6668429214cfbdd1d2689d d42056ad78e6cc6f1fb4a369d5044742a4241f877431bebfbe840a689d81bdd16e2505a3f428f41c00b62985cda19331
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 453873a2ebc5c814d8d457df0b880569df7a12c88d6668429214cfbdd1d2689d 6c0902e413aab1fb0113c96387fc11e8b2d42684083429102df0f1730037228f1e225c1e7aa8f559711d572b274c2569
|
||||||
|
EXPORTER_SECRET 453873a2ebc5c814d8d457df0b880569df7a12c88d6668429214cfbdd1d2689d 2b125c1595eca3737cd16e32b1da984ff697c30f0c6e7369d24e5bc8833fa8797a6847ff6051f61bd81b1e5ddaec7f39
|
||||||
|
SERVER_TRAFFIC_SECRET_0 453873a2ebc5c814d8d457df0b880569df7a12c88d6668429214cfbdd1d2689d de0adf2cced89b5634546421cb4ae2c92d40987abffd83f23cf27a2e2d8f2e4645abb3d7a26980884384e883d0b9437b
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 453873a2ebc5c814d8d457df0b880569df7a12c88d6668429214cfbdd1d2689d d1031684006f9e3463e8411afd3926af09717c286445d550ea436c27b009e13d0c02b4bf106ded3175a26e850bddc99d
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 172f0e36bede6f9f78157e8e338ee8b5d501a0c264a7c248d4d2092283badd19 574e234b9ed1fe38053194bd7641126bde6e0e005ce33162d5743ab34a99327fce670b1fa134caf943dfbc0a5d686ecc
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 172f0e36bede6f9f78157e8e338ee8b5d501a0c264a7c248d4d2092283badd19 838049b240d1ae3a80ff4ff0268e248588ec6913f4caae68dfeaf4ea03f330bcab4606d1bee74d299be6c800b2671595
|
||||||
|
EXPORTER_SECRET 172f0e36bede6f9f78157e8e338ee8b5d501a0c264a7c248d4d2092283badd19 13965d7ae6d230cee91ebe990c07e7d5ca46ed40a6924a91bf60901618226a88d606fb5467827cd1d3765fa827476a50
|
||||||
|
SERVER_TRAFFIC_SECRET_0 172f0e36bede6f9f78157e8e338ee8b5d501a0c264a7c248d4d2092283badd19 da4c9bb2d82ce66a35ec5899a9f7bf67e2f24e2b190f9cabc94dd56bfdbf39f54d001da93120554293f711972f03fb16
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 172f0e36bede6f9f78157e8e338ee8b5d501a0c264a7c248d4d2092283badd19 f7f968b5b7eee2b521cda8575822bfdb2887913764a08e35648a26ab4ff98aad230b192ae6b376701395575a372c1c3e
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 3c5b65efb7b4424f2f1bb4d263befa34af2fbb14058f16428ba0187586ee6973 fcb2538d16f80d242d51c0a35395169944182eb5710fb984d03c7b8df864b181642af07af807a75bc133382641ed8bd3
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 3c5b65efb7b4424f2f1bb4d263befa34af2fbb14058f16428ba0187586ee6973 551c476c45b74d91062991523ff7374b211575d497a41eb0902c3d8329382b51c00df6ebc461da6f2bead0a637352c09
|
||||||
|
EXPORTER_SECRET 3c5b65efb7b4424f2f1bb4d263befa34af2fbb14058f16428ba0187586ee6973 e4c4e35876208551f3f3db9916db2841e2c81b730e9815e52c319ca82e718cad579e351fee75b7a94181419f83d705a2
|
||||||
|
SERVER_TRAFFIC_SECRET_0 3c5b65efb7b4424f2f1bb4d263befa34af2fbb14058f16428ba0187586ee6973 035eed62f0d1ff88326220347fbb3e60e4ee76c99b3a73415f55af9d5cb0d7a2e73e0faa29097acd718fea92c811558e
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 3c5b65efb7b4424f2f1bb4d263befa34af2fbb14058f16428ba0187586ee6973 869488a30d316752c049f2704315bd505f2aa59c608f20867bc9adce929aa25a774500214a0bc06c34dc6774add3b82a
|
||||||
|
SERVER_HANDSHAKE_TRAFFIC_SECRET 86c98dd9032df8ef2e6f74b4396c2c2acd8da6f35406412400f9da8d2b48ffbc 783799f80f8d03250acd957dac465e0cb95a5c3b5a1adf4b928a8bceda57246c9d722d02675504a512d7800ebd21f7c0
|
||||||
|
EXPORTER_SECRET 86c98dd9032df8ef2e6f74b4396c2c2acd8da6f35406412400f9da8d2b48ffbc 363ac8e9af29c6063792ca3e2bc7301b6cbbbfbe646f82254a843528ff708846ea934d55b4e37d8b22797f842c4b5aad
|
||||||
|
SERVER_TRAFFIC_SECRET_0 86c98dd9032df8ef2e6f74b4396c2c2acd8da6f35406412400f9da8d2b48ffbc f5402ccfccbf4a46844be1f356931700bb5881ad4dfd07fe57e7330afdfeac08a753035684ffb2b48f504ae836fca1c5
|
||||||
|
CLIENT_HANDSHAKE_TRAFFIC_SECRET 86c98dd9032df8ef2e6f74b4396c2c2acd8da6f35406412400f9da8d2b48ffbc d5f5c7ac89b41eb782181a5d230c8ddf51233f6d3989b4944a95dc95924ee200fe4b1fa02b3e6cf07908c334905a8961
|
||||||
|
CLIENT_TRAFFIC_SECRET_0 86c98dd9032df8ef2e6f74b4396c2c2acd8da6f35406412400f9da8d2b48ffbc 6b37aa85b4698e4d6abfb66933e3fd4283f9fe08faee2a314ce8e1b95a245ceead2f64f4024c27e0cb4fc3c7b20f7ad5
|
||||||
|
|
BIN
samples/tls.13_keyupdates_aes256.pcap
Normal file
BIN
samples/tls.13_keyupdates_aes256.pcap
Normal file
Binary file not shown.
BIN
samples/tls.13_session_resumption.pcap
Normal file
BIN
samples/tls.13_session_resumption.pcap
Normal file
Binary file not shown.
BIN
samples/tls1.2_aes256.pcap
Normal file
BIN
samples/tls1.2_aes256.pcap
Normal file
Binary file not shown.
BIN
samples/tls1.3_aes128.pcap
Normal file
BIN
samples/tls1.3_aes128.pcap
Normal file
Binary file not shown.
BIN
samples/tls1.3_aes256gcm.pcap
Normal file
BIN
samples/tls1.3_aes256gcm.pcap
Normal file
Binary file not shown.
BIN
samples/tls1.3_ccm.pcap
Normal file
BIN
samples/tls1.3_ccm.pcap
Normal file
Binary file not shown.
BIN
samples/tls1.3_ccm8.pcap
Normal file
BIN
samples/tls1.3_ccm8.pcap
Normal file
Binary file not shown.
BIN
samples/tls1.3_chacha.pcap
Normal file
BIN
samples/tls1.3_chacha.pcap
Normal file
Binary file not shown.
BIN
samples/tls1.3_curl_google.pcap
Normal file
BIN
samples/tls1.3_curl_google.pcap
Normal file
Binary file not shown.
|
@ -154,6 +154,11 @@ static SSL_CipherSuite CipherSuites[]={
|
||||||
{195,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0},
|
{195,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0},
|
||||||
{196,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0},
|
{196,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0},
|
||||||
{197,KEX_DH,SIG_NONE,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0},
|
{197,KEX_DH,SIG_NONE,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0},
|
||||||
|
{4865,KEX_DH,SIG_NONE,ENC_AES128_GCM,16,128,128,DIG_SHA256,32,0},
|
||||||
|
{4866,KEX_DH,SIG_NONE,ENC_AES256_GCM,16,256,256,DIG_SHA384,48,0},
|
||||||
|
{4867,KEX_DH,SIG_NONE,ENC_CHACHA20_POLY1305,64,256,256,DIG_SHA256,32,0},
|
||||||
|
{4868,KEX_DH,SIG_NONE,ENC_AES128_CCM,16,128,128,DIG_SHA256,32,0},
|
||||||
|
{4869,KEX_DH,SIG_NONE,ENC_AES128_CCM_8,16,128,128,DIG_SHA256,32,0},
|
||||||
{49153,KEX_DH,SIG_DSS,ENC_NULL,0,0,0,DIG_SHA,20,0},
|
{49153,KEX_DH,SIG_DSS,ENC_NULL,0,0,0,DIG_SHA,20,0},
|
||||||
{49154,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0},
|
{49154,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0},
|
||||||
{49155,KEX_DH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA,20,0},
|
{49155,KEX_DH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA,20,0},
|
||||||
|
|
237
ssl/ssl.enums.c
237
ssl/ssl.enums.c
|
@ -138,10 +138,11 @@ static int decode_ContentType_application_data(ssl,dir,seg,data)
|
||||||
|
|
||||||
SSL_DECODE_OPAQUE_ARRAY(ssl,"data",data->len,0,data,&d);
|
SSL_DECODE_OPAQUE_ARRAY(ssl,"data",data->len,0,data,&d);
|
||||||
|
|
||||||
P_(P_AD){
|
if(NET_print_flags & NET_PRINT_JSON) {
|
||||||
|
json_object_object_add(jobj, "msg_data", json_object_new_string_len(d.data, d.len));
|
||||||
|
} else P_(P_AD) {
|
||||||
print_data(ssl,&d);
|
print_data(ssl,&d);
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
LF;
|
LF;
|
||||||
}
|
}
|
||||||
return(0);
|
return(0);
|
||||||
|
@ -425,8 +426,6 @@ static int decode_HandshakeType_ServerHello(ssl,dir,seg,data)
|
||||||
ja3s_c_str = calloc(6, 1);
|
ja3s_c_str = calloc(6, 1);
|
||||||
snprintf(ja3s_c_str, 6, "%u", ssl->cipher_suite);
|
snprintf(ja3s_c_str, 6, "%u", ssl->cipher_suite);
|
||||||
|
|
||||||
ssl_process_server_session_id(ssl,ssl->decoder,session_id.data,
|
|
||||||
session_id.len);
|
|
||||||
|
|
||||||
P_(P_HL) LF;
|
P_(P_HL) LF;
|
||||||
SSL_DECODE_ENUM(ssl,"compressionMethod",1,compression_method_decoder,P_HL,data,0);
|
SSL_DECODE_ENUM(ssl,"compressionMethod",1,compression_method_decoder,P_HL,data,0);
|
||||||
|
@ -457,6 +456,14 @@ static int decode_HandshakeType_ServerHello(ssl,dir,seg,data)
|
||||||
ja3s_ex_str[strlen(ja3s_ex_str) - 1] = '\0';
|
ja3s_ex_str[strlen(ja3s_ex_str) - 1] = '\0';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (ssl->version==TLSV13_VERSION){
|
||||||
|
// tls version is known in server hello for tls1.3 hence generate keying material here
|
||||||
|
ssl_tls13_generate_keying_material(ssl,ssl->decoder);
|
||||||
|
}
|
||||||
|
|
||||||
|
ssl_process_server_session_id(ssl,ssl->decoder,session_id.data,
|
||||||
|
session_id.len);
|
||||||
|
|
||||||
if(!ja3s_ver_str) {
|
if(!ja3s_ver_str) {
|
||||||
ja3s_ver_str = calloc(1, 1);
|
ja3s_ver_str = calloc(1, 1);
|
||||||
*ja3s_ver_str = '\0';
|
*ja3s_ver_str = '\0';
|
||||||
|
@ -519,18 +526,20 @@ static int decode_HandshakeType_Certificate(ssl,dir,seg,data)
|
||||||
segment *seg;
|
segment *seg;
|
||||||
Data *data;
|
Data *data;
|
||||||
{
|
{
|
||||||
|
UINT4 len,exlen,ex;
|
||||||
|
|
||||||
UINT4 len;
|
|
||||||
Data cert;
|
Data cert;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
struct json_object *jobj;
|
struct json_object *jobj;
|
||||||
jobj = ssl->cur_json_st;
|
jobj = ssl->cur_json_st;
|
||||||
json_object_object_add(jobj, "handshake_type", json_object_new_string("Certificate"));
|
json_object_object_add(jobj, "handshake_type", json_object_new_string("Certificate"));
|
||||||
|
extern decoder extension_decoder[];
|
||||||
|
|
||||||
LF;
|
LF;
|
||||||
ssl_update_handshake_messages(ssl,data);
|
ssl_update_handshake_messages(ssl,data);
|
||||||
|
if (ssl->version==TLSV13_VERSION){
|
||||||
|
SSL_DECODE_OPAQUE_ARRAY(ssl,"certificate request context",-((1<<7)-1),0, data, NULL);
|
||||||
|
}
|
||||||
SSL_DECODE_UINT24(ssl,"certificates len",0,data,&len);
|
SSL_DECODE_UINT24(ssl,"certificates len",0,data,&len);
|
||||||
|
|
||||||
json_object_object_add(jobj, "cert_chain", json_object_new_array());
|
json_object_object_add(jobj, "cert_chain", json_object_new_array());
|
||||||
|
@ -540,11 +549,95 @@ static int decode_HandshakeType_Certificate(ssl,dir,seg,data)
|
||||||
0,data,&cert);
|
0,data,&cert);
|
||||||
sslx_print_certificate(ssl,&cert,P_ND);
|
sslx_print_certificate(ssl,&cert,P_ND);
|
||||||
len-=(cert.len + 3);
|
len-=(cert.len + 3);
|
||||||
|
if (ssl->version==TLSV13_VERSION) { // TLS 1.3 has certificates
|
||||||
|
SSL_DECODE_UINT16(ssl,"certificate extensions len",0,data,&exlen);
|
||||||
|
len-=2;
|
||||||
|
while (exlen) {
|
||||||
|
SSL_DECODE_UINT16(ssl, "extension type", 0, data, &ex);
|
||||||
|
len -= (2+ex);
|
||||||
|
if (ssl_decode_switch(ssl, extension_decoder, ex, dir, seg, data) == R_NOT_FOUND) {
|
||||||
|
decode_extension(ssl, dir, seg, data);
|
||||||
|
P_(P_RH) { explain(ssl, "Extension type: %u not yet implemented in ssldump\n", ex); }
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
LF;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return(0);
|
return(0);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int decode_HandshakeType_SessionTicket(ssl,dir,seg,data)
|
||||||
|
ssl_obj *ssl;
|
||||||
|
int dir;
|
||||||
|
segment *seg;
|
||||||
|
Data *data;
|
||||||
|
{
|
||||||
|
int r;
|
||||||
|
UINT4 exlen, ex, val;
|
||||||
|
extern decoder extension_decoder[];
|
||||||
|
|
||||||
|
LF;
|
||||||
|
SSL_DECODE_UINT32(ssl, "ticket_lifetime",0, data, &val);
|
||||||
|
explain(ssl, "ticket_lifetime %u\n", val);
|
||||||
|
SSL_DECODE_UINT32(ssl, "ticket_age_add", 0,data, &val);
|
||||||
|
explain(ssl, "ticket_age_add %u\n", val);
|
||||||
|
SSL_DECODE_UINT8(ssl, "ticket_nonce",0,data, &val);
|
||||||
|
if (val>data->len) {
|
||||||
|
fprintf(stderr, "Short read: %d bytes available (expecting %d)\n", data->len, val);
|
||||||
|
ERETURN(R_EOD);
|
||||||
|
}
|
||||||
|
CRDUMP("ticket_nonce", data->data, val);
|
||||||
|
data->data+=val;data->len-=val;
|
||||||
|
SSL_DECODE_UINT16(ssl, "ticket",0,data, &val);
|
||||||
|
if (val>data->len) {
|
||||||
|
fprintf(stderr, "Short read: %d bytes available (expecting %d)\n", data->len, val);
|
||||||
|
ERETURN(R_EOD);
|
||||||
|
}
|
||||||
|
CRDUMP("ticket", data->data, val);
|
||||||
|
data->data+=val;data->len-=val;
|
||||||
|
SSL_DECODE_UINT16(ssl, "exlen", 0, data, &exlen);
|
||||||
|
LF;
|
||||||
|
if (exlen) {
|
||||||
|
while (data->len) {
|
||||||
|
SSL_DECODE_UINT16(ssl, "extension type", 0, data, &ex);
|
||||||
|
if (ssl_decode_switch(ssl, extension_decoder, ex, dir, seg, data) == R_NOT_FOUND) {
|
||||||
|
decode_extension(ssl, dir, seg, data);
|
||||||
|
P_(P_RH) { explain(ssl, "Extension type: %u not yet implemented in ssldump\n", ex); }
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
LF;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static int decode_HandshakeType_EncryptedExtensions(ssl,dir,seg,data)
|
||||||
|
ssl_obj *ssl;
|
||||||
|
int dir;
|
||||||
|
segment *seg;
|
||||||
|
Data *data;
|
||||||
|
{
|
||||||
|
int r;
|
||||||
|
UINT4 exlen, ex;
|
||||||
|
extern decoder extension_decoder[];
|
||||||
|
|
||||||
|
SSL_DECODE_UINT16(ssl, 0, 0, data, &exlen);
|
||||||
|
LF;
|
||||||
|
if (exlen) {
|
||||||
|
while (data->len) {
|
||||||
|
SSL_DECODE_UINT16(ssl, "extension type", 0, data, &ex);
|
||||||
|
if (ssl_decode_switch(ssl, extension_decoder, ex, dir, seg, data) == R_NOT_FOUND) {
|
||||||
|
decode_extension(ssl, dir, seg, data);
|
||||||
|
P_(P_RH) { explain(ssl, "Extension type: %u not yet implemented in ssldump\n", ex); }
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
LF;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
static int decode_HandshakeType_ServerKeyExchange(ssl,dir,seg,data)
|
static int decode_HandshakeType_ServerKeyExchange(ssl,dir,seg,data)
|
||||||
ssl_obj *ssl;
|
ssl_obj *ssl;
|
||||||
int dir;
|
int dir;
|
||||||
|
@ -650,6 +743,7 @@ static int decode_HandshakeType_CertificateVerify(ssl,dir,seg,data)
|
||||||
|
|
||||||
|
|
||||||
int r;
|
int r;
|
||||||
|
UINT4 signature_type;
|
||||||
|
|
||||||
struct json_object *jobj;
|
struct json_object *jobj;
|
||||||
jobj = ssl->cur_json_st;
|
jobj = ssl->cur_json_st;
|
||||||
|
@ -657,6 +751,9 @@ static int decode_HandshakeType_CertificateVerify(ssl,dir,seg,data)
|
||||||
|
|
||||||
LF;
|
LF;
|
||||||
ssl_update_handshake_messages(ssl,data);
|
ssl_update_handshake_messages(ssl,data);
|
||||||
|
if (ssl->version == TLSV13_VERSION) {
|
||||||
|
SSL_DECODE_UINT16(ssl,"signature_type",P_HL,data,&signature_type);
|
||||||
|
}
|
||||||
SSL_DECODE_OPAQUE_ARRAY(ssl,"Signature",-((1<<15)-1),P_HL,data,0);
|
SSL_DECODE_OPAQUE_ARRAY(ssl,"Signature",-((1<<15)-1),P_HL,data,0);
|
||||||
return(0);
|
return(0);
|
||||||
|
|
||||||
|
@ -732,9 +829,22 @@ static int decode_HandshakeType_Finished(ssl,dir,seg,data)
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ssl_process_handshake_finished(ssl,ssl->decoder,data);
|
||||||
return (0);
|
return (0);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int decode_HandshakeType_KeyUpdate(ssl,dir,seg,data)
|
||||||
|
ssl_obj *ssl;
|
||||||
|
int dir;
|
||||||
|
segment *seg;
|
||||||
|
Data *data;
|
||||||
|
{
|
||||||
|
LF;
|
||||||
|
ssl_tls13_update_keying_material(ssl, ssl->decoder, dir);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
decoder HandshakeType_decoder[]={
|
decoder HandshakeType_decoder[]={
|
||||||
{
|
{
|
||||||
0,
|
0,
|
||||||
|
@ -751,6 +861,16 @@ decoder HandshakeType_decoder[]={
|
||||||
"ServerHello",
|
"ServerHello",
|
||||||
decode_HandshakeType_ServerHello
|
decode_HandshakeType_ServerHello
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
4,
|
||||||
|
"SessionTicket",
|
||||||
|
decode_HandshakeType_SessionTicket
|
||||||
|
},
|
||||||
|
{
|
||||||
|
8,
|
||||||
|
"EncryptedExtensions",
|
||||||
|
decode_HandshakeType_EncryptedExtensions
|
||||||
|
},
|
||||||
{
|
{
|
||||||
11,
|
11,
|
||||||
"Certificate",
|
"Certificate",
|
||||||
|
@ -786,6 +906,11 @@ decoder HandshakeType_decoder[]={
|
||||||
"Finished",
|
"Finished",
|
||||||
decode_HandshakeType_Finished
|
decode_HandshakeType_Finished
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
24,
|
||||||
|
"KeyUpdate",
|
||||||
|
decode_HandshakeType_KeyUpdate
|
||||||
|
},
|
||||||
{-1}
|
{-1}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -2839,6 +2964,18 @@ static int decode_extension(ssl,dir,seg,data)
|
||||||
return(0);
|
return(0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
decoder supported_groups_decoder[] = {
|
||||||
|
{0x0017,"secp256r1",0},
|
||||||
|
{0x0018,"secp384r1",0},
|
||||||
|
{0x0019,"secp521r1",0},
|
||||||
|
{0x001d,"x25519",0},
|
||||||
|
{0x001e,"x448",0},
|
||||||
|
{0x0100,"ffdhe2048",0},
|
||||||
|
{0x0101,"ffdhe3072",0},
|
||||||
|
{0x0102,"ffdhe4096",0},
|
||||||
|
{0x0103,"ffdhe6144",0},
|
||||||
|
{0x0104,"ffdhe8192",0},
|
||||||
|
};
|
||||||
// Extension #10 supported_groups (renamed from "elliptic_curves")
|
// Extension #10 supported_groups (renamed from "elliptic_curves")
|
||||||
static int decode_extension_supported_groups(ssl,dir,seg,data)
|
static int decode_extension_supported_groups(ssl,dir,seg,data)
|
||||||
ssl_obj *ssl;
|
ssl_obj *ssl;
|
||||||
|
@ -2856,7 +2993,8 @@ static int decode_extension_supported_groups(ssl,dir,seg,data)
|
||||||
LF;
|
LF;
|
||||||
while(l) {
|
while(l) {
|
||||||
p=data->len;
|
p=data->len;
|
||||||
SSL_DECODE_UINT16(ssl, "supported group", 0, data, &g);
|
SSL_DECODE_ENUM(ssl,"supported group",2,supported_groups_decoder,SSL_PRINT_ALL,data,&g);
|
||||||
|
LF;
|
||||||
if(!ja3_ec_str)
|
if(!ja3_ec_str)
|
||||||
ja3_ec_str = calloc(7, 1);
|
ja3_ec_str = calloc(7, 1);
|
||||||
else
|
else
|
||||||
|
@ -2875,6 +3013,11 @@ static int decode_extension_supported_groups(ssl,dir,seg,data)
|
||||||
return(0);
|
return(0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
decoder ec_point_formats_decoder[] = {
|
||||||
|
{0,"uncompressed",0,},
|
||||||
|
{1,"ansiX962_compressed_prime",0,},
|
||||||
|
{2,"ansiX962_compressed_char2",0,}
|
||||||
|
};
|
||||||
// Extension #11 ec_point_formats
|
// Extension #11 ec_point_formats
|
||||||
static int decode_extension_ec_point_formats(ssl,dir,seg,data)
|
static int decode_extension_ec_point_formats(ssl,dir,seg,data)
|
||||||
ssl_obj *ssl;
|
ssl_obj *ssl;
|
||||||
|
@ -2892,7 +3035,8 @@ static int decode_extension_ec_point_formats(ssl,dir,seg,data)
|
||||||
LF;
|
LF;
|
||||||
while(l) {
|
while(l) {
|
||||||
p=data->len;
|
p=data->len;
|
||||||
SSL_DECODE_UINT8(ssl, "ec point format", 0, data, &f);
|
SSL_DECODE_ENUM(ssl,"ec point format",1,ec_point_formats_decoder,SSL_PRINT_ALL,data, &f);
|
||||||
|
LF;
|
||||||
if(!ja3_ecp_str)
|
if(!ja3_ecp_str)
|
||||||
ja3_ecp_str = calloc(5, 1);
|
ja3_ecp_str = calloc(5, 1);
|
||||||
else
|
else
|
||||||
|
@ -2912,6 +3056,72 @@ static int decode_extension_ec_point_formats(ssl,dir,seg,data)
|
||||||
return(0);
|
return(0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int decode_extension_supported_versions(ssl,dir,seg,data)
|
||||||
|
ssl_obj *ssl;
|
||||||
|
int dir;
|
||||||
|
segment *seg;
|
||||||
|
Data *data;
|
||||||
|
{
|
||||||
|
int r;
|
||||||
|
UINT4 len, version;
|
||||||
|
SSL_DECODE_UINT16(ssl, "extensions length", 0, data, &len);
|
||||||
|
LF;
|
||||||
|
if (dir == DIR_I2R) SSL_DECODE_UINT8(ssl, "supported versions length", 0, data, &len);//client sends extension<..>
|
||||||
|
while (len) {
|
||||||
|
SSL_DECODE_UINT16(ssl, "supported version", 0, data, &version);
|
||||||
|
explain(ssl, "version: %u.%u", (version>>8)&0xff, version&0xff);
|
||||||
|
len -= 2;
|
||||||
|
if (len) printf("\n");
|
||||||
|
}
|
||||||
|
if (dir == DIR_R2I) ssl->version = version; // Server sets the tls version
|
||||||
|
}
|
||||||
|
|
||||||
|
decoder tls13_certificate_types[] = {
|
||||||
|
{0,"x509",0},
|
||||||
|
{1,"openpgp",0},
|
||||||
|
{2,"raw public key",0},
|
||||||
|
{3,"1609 dot 2",0}
|
||||||
|
};
|
||||||
|
static int decode_extension_client_certificate_type(ssl,dir,seg,data)
|
||||||
|
ssl_obj *ssl;
|
||||||
|
int dir;
|
||||||
|
segment *seg;
|
||||||
|
Data *data;
|
||||||
|
{
|
||||||
|
int r;
|
||||||
|
UINT4 len, certificate_type;
|
||||||
|
SSL_DECODE_UINT16(ssl, "extensions length", 0, data, &len);
|
||||||
|
LF;
|
||||||
|
if (dir == DIR_I2R) SSL_DECODE_UINT8(ssl, "client certificates length", 0, data, &len);//client sends certificates<..>
|
||||||
|
while (len) {
|
||||||
|
SSL_DECODE_ENUM(ssl,"certificate type",1,tls13_certificate_types,SSL_PRINT_ALL,data, &certificate_type);
|
||||||
|
len -= 1;
|
||||||
|
data += 1;
|
||||||
|
if (len) printf("\n");
|
||||||
|
}
|
||||||
|
if (dir == DIR_R2I) ssl->extensions->client_certificate_type = certificate_type; // Server sets the client_certificate_type
|
||||||
|
}
|
||||||
|
|
||||||
|
static int decode_extension_server_certificate_type(ssl,dir,seg,data)
|
||||||
|
ssl_obj *ssl;
|
||||||
|
int dir;
|
||||||
|
segment *seg;
|
||||||
|
Data *data;
|
||||||
|
{
|
||||||
|
int r;
|
||||||
|
UINT4 len, certificate_type;
|
||||||
|
SSL_DECODE_UINT16(ssl, "extensions length", 0, data, &len);
|
||||||
|
LF;
|
||||||
|
if (dir == DIR_I2R) SSL_DECODE_UINT8(ssl, "server certificates length", 0, data, &len);//client sends certificates<..>
|
||||||
|
while (len) {
|
||||||
|
SSL_DECODE_ENUM(ssl,"certificate type",1,tls13_certificate_types,SSL_PRINT_ALL,data, &certificate_type);
|
||||||
|
len -= 1;
|
||||||
|
data += 1;
|
||||||
|
if (len) printf("\n");
|
||||||
|
}
|
||||||
|
if (dir == DIR_R2I) ssl->extensions->server_certificate_type = certificate_type; // Server sets the server_certificate_type
|
||||||
|
}
|
||||||
|
|
||||||
decoder extension_decoder[] = {
|
decoder extension_decoder[] = {
|
||||||
{
|
{
|
||||||
0,
|
0,
|
||||||
|
@ -3011,12 +3221,12 @@ decoder extension_decoder[] = {
|
||||||
{
|
{
|
||||||
19,
|
19,
|
||||||
"client_certificate_type",
|
"client_certificate_type",
|
||||||
decode_extension
|
decode_extension_client_certificate_type
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
20,
|
20,
|
||||||
"server_certificate_type",
|
"server_certificate_type",
|
||||||
decode_extension
|
decode_extension_server_certificate_type
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
21,
|
21,
|
||||||
|
@ -3126,7 +3336,7 @@ decoder extension_decoder[] = {
|
||||||
{
|
{
|
||||||
43,
|
43,
|
||||||
"supported_versions",
|
"supported_versions",
|
||||||
decode_extension
|
decode_extension_supported_versions
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
44,
|
44,
|
||||||
|
@ -3193,7 +3403,6 @@ decoder extension_decoder[] = {
|
||||||
"renegotiation_info",
|
"renegotiation_info",
|
||||||
decode_extension
|
decode_extension
|
||||||
},
|
},
|
||||||
|
|
||||||
{-1}
|
{-1}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -70,6 +70,8 @@ typedef struct d_queue_ {
|
||||||
typedef struct ssl_extensions_ {
|
typedef struct ssl_extensions_ {
|
||||||
int encrypt_then_mac;
|
int encrypt_then_mac;
|
||||||
int extended_master_secret;
|
int extended_master_secret;
|
||||||
|
int client_certificate_type;
|
||||||
|
int server_certificate_type;
|
||||||
} ssl_extensions;
|
} ssl_extensions;
|
||||||
|
|
||||||
typedef struct ssl_obj_ {
|
typedef struct ssl_obj_ {
|
||||||
|
@ -135,6 +137,7 @@ typedef struct decoder_ {
|
||||||
#define TLSV1_VERSION 0x301
|
#define TLSV1_VERSION 0x301
|
||||||
#define TLSV11_VERSION 0x302
|
#define TLSV11_VERSION 0x302
|
||||||
#define TLSV12_VERSION 0x303
|
#define TLSV12_VERSION 0x303
|
||||||
|
#define TLSV13_VERSION 0x304
|
||||||
|
|
||||||
/*State defines*/
|
/*State defines*/
|
||||||
#define SSL_ST_SENT_NOTHING 0
|
#define SSL_ST_SENT_NOTHING 0
|
||||||
|
|
122
ssl/ssl_rec.c
122
ssl/ssl_rec.c
|
@ -53,10 +53,12 @@
|
||||||
#include <openssl/ssl.h>
|
#include <openssl/ssl.h>
|
||||||
#include <openssl/hmac.h>
|
#include <openssl/hmac.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
#endif
|
#endif
|
||||||
#include "ssldecode.h"
|
#include "ssldecode.h"
|
||||||
#include "ssl_rec.h"
|
#include "ssl_rec.h"
|
||||||
|
|
||||||
|
|
||||||
struct ssl_rec_decoder_ {
|
struct ssl_rec_decoder_ {
|
||||||
SSL_CipherSuite *cs;
|
SSL_CipherSuite *cs;
|
||||||
Data *mac_key;
|
Data *mac_key;
|
||||||
|
@ -65,10 +67,9 @@ struct ssl_rec_decoder_ {
|
||||||
#ifdef OPENSSL
|
#ifdef OPENSSL
|
||||||
EVP_CIPHER_CTX *evp;
|
EVP_CIPHER_CTX *evp;
|
||||||
#endif
|
#endif
|
||||||
UINT4 seq;
|
UINT8 seq;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
char *digests[]={
|
char *digests[]={
|
||||||
"MD5",
|
"MD5",
|
||||||
"SHA1",
|
"SHA1",
|
||||||
|
@ -92,7 +93,10 @@ char *ciphers[]={
|
||||||
"SEED",
|
"SEED",
|
||||||
NULL,
|
NULL,
|
||||||
"aes-128-gcm",
|
"aes-128-gcm",
|
||||||
"aes-256-gcm"
|
"aes-256-gcm",
|
||||||
|
"ChaCha20-Poly1305",
|
||||||
|
"aes-128-ccm",
|
||||||
|
"aes-128-ccm", // for ccm 8, uses the same cipher
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
@ -100,9 +104,9 @@ static int tls_check_mac PROTO_LIST((ssl_rec_decoder *d,int ct,
|
||||||
int ver,UCHAR *data,UINT4 datalen,UCHAR *iv,UINT4 ivlen,UCHAR *mac));
|
int ver,UCHAR *data,UINT4 datalen,UCHAR *iv,UINT4 ivlen,UCHAR *mac));
|
||||||
static int fmt_seq PROTO_LIST((UINT4 num,UCHAR *buf));
|
static int fmt_seq PROTO_LIST((UINT4 num,UCHAR *buf));
|
||||||
|
|
||||||
int ssl_create_rec_decoder(dp,cs,mk,sk,iv)
|
int ssl_create_rec_decoder(dp,ssl,mk,sk,iv)
|
||||||
ssl_rec_decoder **dp;
|
ssl_rec_decoder **dp;
|
||||||
SSL_CipherSuite *cs;
|
ssl_obj *ssl;
|
||||||
UCHAR *mk;
|
UCHAR *mk;
|
||||||
UCHAR *sk;
|
UCHAR *sk;
|
||||||
UCHAR *iv;
|
UCHAR *iv;
|
||||||
|
@ -111,10 +115,11 @@ int ssl_create_rec_decoder(dp,cs,mk,sk,iv)
|
||||||
ssl_rec_decoder *dec=0;
|
ssl_rec_decoder *dec=0;
|
||||||
#ifdef OPENSSL
|
#ifdef OPENSSL
|
||||||
const EVP_CIPHER *ciph=0;
|
const EVP_CIPHER *ciph=0;
|
||||||
|
int iv_len = ssl->version == TLSV13_VERSION?12:ssl->cs->block;
|
||||||
|
|
||||||
/* Find the SSLeay cipher */
|
/* Find the SSLeay cipher */
|
||||||
if(cs->enc!=ENC_NULL){
|
if(ssl->cs->enc!=ENC_NULL){
|
||||||
ciph=(EVP_CIPHER *)EVP_get_cipherbyname(ciphers[cs->enc-0x30]);
|
ciph=(EVP_CIPHER *)EVP_get_cipherbyname(ciphers[ssl->cs->enc-0x30]);
|
||||||
if(!ciph)
|
if(!ciph)
|
||||||
ABORT(R_INTERNAL);
|
ABORT(R_INTERNAL);
|
||||||
}
|
}
|
||||||
|
@ -125,28 +130,28 @@ int ssl_create_rec_decoder(dp,cs,mk,sk,iv)
|
||||||
if(!(dec=(ssl_rec_decoder *)calloc(1,sizeof(ssl_rec_decoder))))
|
if(!(dec=(ssl_rec_decoder *)calloc(1,sizeof(ssl_rec_decoder))))
|
||||||
ABORT(R_NO_MEMORY);
|
ABORT(R_NO_MEMORY);
|
||||||
|
|
||||||
dec->cs=cs;
|
dec->cs=ssl->cs;
|
||||||
|
|
||||||
if((r=r_data_alloc(&dec->mac_key,cs->dig_len)))
|
if((r=r_data_alloc(&dec->mac_key,ssl->cs->dig_len)))
|
||||||
ABORT(r);
|
ABORT(r);
|
||||||
|
|
||||||
if((r=r_data_alloc(&dec->implicit_iv,cs->block)))
|
if((r=r_data_alloc(&dec->implicit_iv,iv_len)))
|
||||||
ABORT(r);
|
ABORT(r);
|
||||||
memcpy(dec->implicit_iv->data,iv,cs->block);
|
memcpy(dec->implicit_iv->data,iv, iv_len);
|
||||||
|
|
||||||
if((r=r_data_create(&dec->write_key,sk,cs->eff_bits/8)))
|
if((r=r_data_create(&dec->write_key,sk,ssl->cs->eff_bits/8)))
|
||||||
ABORT(r);
|
ABORT(r);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
This is necessary for AEAD ciphers, because we must wait to fully initialize the cipher
|
This is necessary for AEAD ciphers, because we must wait to fully initialize the cipher
|
||||||
in order to include the implicit IV
|
in order to include the implicit IV
|
||||||
*/
|
*/
|
||||||
if(IS_AEAD_CIPHER(cs)){
|
if(IS_AEAD_CIPHER(ssl->cs)){
|
||||||
sk=NULL;
|
sk=NULL;
|
||||||
iv=NULL;
|
iv=NULL;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
memcpy(dec->mac_key->data,mk,cs->dig_len);
|
memcpy(dec->mac_key->data,mk,ssl->cs->dig_len);
|
||||||
|
|
||||||
if(!(dec->evp=EVP_CIPHER_CTX_new()))
|
if(!(dec->evp=EVP_CIPHER_CTX_new()))
|
||||||
ABORT(R_NO_MEMORY);
|
ABORT(R_NO_MEMORY);
|
||||||
|
@ -190,6 +195,95 @@ int ssl_destroy_rec_decoder(dp)
|
||||||
#define MSB(a) ((a>>8)&0xff)
|
#define MSB(a) ((a>>8)&0xff)
|
||||||
#define LSB(a) (a&0xff)
|
#define LSB(a) (a&0xff)
|
||||||
|
|
||||||
|
int tls13_update_rec_key(d,newkey,newiv)
|
||||||
|
ssl_rec_decoder *d;
|
||||||
|
UCHAR *newkey;
|
||||||
|
UCHAR *newiv;
|
||||||
|
{
|
||||||
|
d->write_key->data = newkey;
|
||||||
|
d->implicit_iv->data = newiv;
|
||||||
|
d->seq = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
int tls13_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
|
||||||
|
ssl_obj *ssl;
|
||||||
|
ssl_rec_decoder *d;
|
||||||
|
int ct;
|
||||||
|
int version;
|
||||||
|
UCHAR *in;
|
||||||
|
int inl;
|
||||||
|
UCHAR *out;
|
||||||
|
int *outl;
|
||||||
|
{
|
||||||
|
int pad,i;
|
||||||
|
int r,encpadl,x,_status=0;
|
||||||
|
UCHAR aad[5],aead_nonce[12], *tag;
|
||||||
|
int taglen = d->cs->enc==ENC_AES128_CCM_8?8:16;
|
||||||
|
CRDUMP("CipherText",in,inl);
|
||||||
|
CRDUMPD("KEY",d->write_key);
|
||||||
|
CRDUMPD("IV",d->implicit_iv);
|
||||||
|
if (!IS_AEAD_CIPHER(d->cs)){
|
||||||
|
fprintf(stderr, "Non aead cipher in tls13\n");
|
||||||
|
ABORT(-1);
|
||||||
|
}
|
||||||
|
memcpy(aead_nonce, d->implicit_iv->data, 12);
|
||||||
|
for (i = 0; i < 8; i++) { // AEAD NONCE according to RFC TLS1.3
|
||||||
|
aead_nonce[12 - 1 - i] ^= ((d->seq >> (i * 8)) & 0xFF);
|
||||||
|
}
|
||||||
|
d->seq++;
|
||||||
|
CRDUMP("NONCE",aead_nonce,12);
|
||||||
|
tag = in+(inl-taglen);
|
||||||
|
CRDUMP("Tag", tag, taglen);
|
||||||
|
|
||||||
|
aad[0] = ct;
|
||||||
|
aad[1] = 0x03;
|
||||||
|
aad[2] = 0x03;
|
||||||
|
aad[3] = MSB(inl);
|
||||||
|
aad[4] = LSB(inl);
|
||||||
|
CRDUMP("AAD",aad,5);
|
||||||
|
inl-=taglen;
|
||||||
|
|
||||||
|
if (!EVP_CIPHER_CTX_ctrl(d->evp, EVP_CTRL_AEAD_SET_IVLEN, 12, NULL)) {
|
||||||
|
fprintf(stderr, "Unable to set ivlen\n");
|
||||||
|
ABORT(-1);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (IS_CCM_CIPHER(d->cs) && !EVP_CIPHER_CTX_ctrl(d->evp, EVP_CTRL_AEAD_SET_TAG, taglen, tag)) {
|
||||||
|
fprintf(stderr, "Unable to set tag for ccm cipher\n");
|
||||||
|
ABORT(-1);
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!EVP_DecryptInit_ex(d->evp,NULL,NULL,d->write_key->data,aead_nonce)){
|
||||||
|
fprintf(stderr,"Unable to init evp1\n");
|
||||||
|
ABORT(-1);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (IS_CCM_CIPHER(d->cs) && !EVP_DecryptUpdate(d->evp,NULL,outl,NULL,inl)){
|
||||||
|
fprintf(stderr,"Unable to update data length\n");
|
||||||
|
ABORT(-1);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!EVP_DecryptUpdate(d->evp,NULL,outl,aad,5)){
|
||||||
|
fprintf(stderr,"Unable to update aad\n");
|
||||||
|
ABORT(-1);
|
||||||
|
}
|
||||||
|
|
||||||
|
CRDUMP("Real CipherText", in, inl);
|
||||||
|
if (!EVP_DecryptUpdate(d->evp,out,outl,in,inl)){
|
||||||
|
fprintf(stderr,"Unable to update with CipherText\n");
|
||||||
|
ABORT(-1);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!IS_CCM_CIPHER(d->cs) && (!EVP_CIPHER_CTX_ctrl(d->evp,EVP_CTRL_GCM_SET_TAG,taglen,tag) || !EVP_DecryptFinal(d->evp,NULL,&x))) {
|
||||||
|
fprintf(stderr,"BAD MAC\n");
|
||||||
|
ABORT(SSL_BAD_MAC);
|
||||||
|
}
|
||||||
|
|
||||||
|
abort:
|
||||||
|
ERR_print_errors_fp(stderr);
|
||||||
|
return _status;
|
||||||
|
}
|
||||||
|
|
||||||
int ssl_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
|
int ssl_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
|
||||||
ssl_obj *ssl;
|
ssl_obj *ssl;
|
||||||
ssl_rec_decoder *d;
|
ssl_rec_decoder *d;
|
||||||
|
|
|
@ -51,13 +51,16 @@ typedef struct ssl_rec_decoder_ ssl_rec_decoder;
|
||||||
|
|
||||||
int ssl_destroy_rec_decoder PROTO_LIST((ssl_rec_decoder **dp));
|
int ssl_destroy_rec_decoder PROTO_LIST((ssl_rec_decoder **dp));
|
||||||
int ssl_create_rec_decoder PROTO_LIST((ssl_rec_decoder **dp,
|
int ssl_create_rec_decoder PROTO_LIST((ssl_rec_decoder **dp,
|
||||||
SSL_CipherSuite *cs,UCHAR *mk,UCHAR *sk,UCHAR *iv));
|
ssl_obj *ssl,UCHAR *mk,UCHAR *sk,UCHAR *iv));
|
||||||
int ssl_decode_rec_data PROTO_LIST((ssl_obj *ssl,ssl_rec_decoder *d,
|
int ssl_decode_rec_data PROTO_LIST((ssl_obj *ssl,ssl_rec_decoder *d,
|
||||||
int ct,int version,UCHAR *in,int inl,UCHAR *out,int *outl));
|
int ct,int version,UCHAR *in,int inl,UCHAR *out,int *outl));
|
||||||
|
int tls13_decode_rec_data PROTO_LIST((ssl_obj *ssl,ssl_rec_decoder *d,int ct,int version,UCHAR *in,int inl,UCHAR *out,int *outl));
|
||||||
|
int tls13_update_rec_key PROTO_LIST((ssl_rec_decoder *d,UCHAR *newkey, UCHAR *newiv));
|
||||||
|
|
||||||
int ssl3_check_mac(ssl_rec_decoder *d, int ct, int ver, UCHAR *data,
|
int ssl3_check_mac(ssl_rec_decoder *d, int ct, int ver, UCHAR *data,
|
||||||
UINT4 datalen, UCHAR *mac);
|
UINT4 datalen, UCHAR *mac);
|
||||||
|
|
||||||
#define IS_AEAD_CIPHER(cs) (cs->enc==0x3b||cs->enc==0x3c)
|
#define IS_AEAD_CIPHER(cs) (cs->enc==0x3b||cs->enc==0x3c||cs->enc==0x3d||cs->enc==0x3e||cs->enc==0x3f)
|
||||||
|
#define IS_CCM_CIPHER(cs) (cs->enc==0x3e||cs->enc==0x3f)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
|
@ -79,6 +79,9 @@ typedef struct SSL_CipherSuite_ {
|
||||||
#define ENC_NULL 0x3a
|
#define ENC_NULL 0x3a
|
||||||
#define ENC_AES128_GCM 0x3b
|
#define ENC_AES128_GCM 0x3b
|
||||||
#define ENC_AES256_GCM 0x3c
|
#define ENC_AES256_GCM 0x3c
|
||||||
|
#define ENC_CHACHA20_POLY1305 0x3d
|
||||||
|
#define ENC_AES128_CCM 0x3e
|
||||||
|
#define ENC_AES128_CCM_8 0x3f
|
||||||
|
|
||||||
#define DIG_MD5 0x40
|
#define DIG_MD5 0x40
|
||||||
#define DIG_SHA 0x41
|
#define DIG_SHA 0x41
|
||||||
|
|
281
ssl/ssldecode.c
281
ssl/ssldecode.c
|
@ -48,6 +48,8 @@
|
||||||
#include "sslprint.h"
|
#include "sslprint.h"
|
||||||
#include "ssl.enums.h"
|
#include "ssl.enums.h"
|
||||||
#ifdef OPENSSL
|
#ifdef OPENSSL
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/kdf.h>
|
||||||
#include <openssl/ssl.h>
|
#include <openssl/ssl.h>
|
||||||
#include <openssl/hmac.h>
|
#include <openssl/hmac.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
|
@ -91,6 +93,10 @@ struct ssl_decoder_ {
|
||||||
int ephemeral_rsa;
|
int ephemeral_rsa;
|
||||||
Data *PMS;
|
Data *PMS;
|
||||||
Data *MS;
|
Data *MS;
|
||||||
|
Data *SHTS;//Server Handshake traffic secret
|
||||||
|
Data *CHTS;//Client Handshake traffic secret
|
||||||
|
Data *STS;//Server traffic Secret
|
||||||
|
Data *CTS;//Client traffic secret
|
||||||
Data *handshake_messages;
|
Data *handshake_messages;
|
||||||
Data *session_hash;
|
Data *session_hash;
|
||||||
ssl_rec_decoder *c_to_s;
|
ssl_rec_decoder *c_to_s;
|
||||||
|
@ -115,7 +121,7 @@ static int ssl_generate_keying_material PROTO_LIST((ssl_obj *ssl,
|
||||||
ssl_decoder *d));
|
ssl_decoder *d));
|
||||||
static int ssl_generate_session_hash PROTO_LIST((ssl_obj *ssl,
|
static int ssl_generate_session_hash PROTO_LIST((ssl_obj *ssl,
|
||||||
ssl_decoder *d));
|
ssl_decoder *d));
|
||||||
static int ssl_read_key_log_file PROTO_LIST((ssl_decoder *d));
|
static int ssl_read_key_log_file PROTO_LIST((ssl_obj* obj,ssl_decoder *d));
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
static int ssl_create_session_lookup_key PROTO_LIST((ssl_obj *ssl,
|
static int ssl_create_session_lookup_key PROTO_LIST((ssl_obj *ssl,
|
||||||
|
@ -196,6 +202,7 @@ int ssl_decode_ctx_destroy(dp)
|
||||||
{
|
{
|
||||||
#ifdef OPENSSL
|
#ifdef OPENSSL
|
||||||
ssl_decode_ctx *d = *dp;
|
ssl_decode_ctx *d = *dp;
|
||||||
|
if (!d) return 0;
|
||||||
if(d->ssl_key_log_file) {
|
if(d->ssl_key_log_file) {
|
||||||
fclose(d->ssl_key_log_file);
|
fclose(d->ssl_key_log_file);
|
||||||
}
|
}
|
||||||
|
@ -320,6 +327,9 @@ int ssl_process_server_session_id(ssl,d,msg,len)
|
||||||
|
|
||||||
INIT_DATA(idd,msg,len);
|
INIT_DATA(idd,msg,len);
|
||||||
|
|
||||||
|
if (ssl->version==TLSV13_VERSION){
|
||||||
|
// No need to save/restore session in tls1.3 since the only way of decrypting is through log file
|
||||||
|
} else {
|
||||||
/* First check to see if the client tried to restore */
|
/* First check to see if the client tried to restore */
|
||||||
if(d->session_id){
|
if(d->session_id){
|
||||||
/* Now check to see if we restored */
|
/* Now check to see if we restored */
|
||||||
|
@ -334,6 +344,7 @@ int ssl_process_server_session_id(ssl,d,msg,len)
|
||||||
|
|
||||||
restored=1;
|
restored=1;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
_status=0;
|
_status=0;
|
||||||
abort:
|
abort:
|
||||||
|
@ -365,7 +376,7 @@ int ssl_process_client_session_id(ssl,d,msg,len)
|
||||||
//todo: better save and destroy only when successfully read key log
|
//todo: better save and destroy only when successfully read key log
|
||||||
r_data_destroy(&d->MS);
|
r_data_destroy(&d->MS);
|
||||||
|
|
||||||
if(d->ctx->ssl_key_log_file && (ssl_read_key_log_file(d)==0) && d->MS)
|
if(d->ctx->ssl_key_log_file && (ssl_read_key_log_file(ssl, d)==0) && d->MS)
|
||||||
{
|
{
|
||||||
//we found master secret for session in keylog
|
//we found master secret for session in keylog
|
||||||
//try to save session
|
//try to save session
|
||||||
|
@ -387,12 +398,25 @@ int ssl_process_client_session_id(ssl,d,msg,len)
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int ssl_process_handshake_finished(ssl_obj* ssl,ssl_decoder *dec, Data *data){
|
||||||
|
if (ssl->version==TLSV13_VERSION){
|
||||||
|
if (ssl->direction==DIR_I2R){ // Change from handshake decoder to data traffic decoder
|
||||||
|
dec->c_to_s = dec->c_to_s_n;
|
||||||
|
dec->c_to_s_n = 0;
|
||||||
|
} else {
|
||||||
|
dec->s_to_c = dec->s_to_c_n;
|
||||||
|
dec->s_to_c_n = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
int ssl_process_change_cipher_spec(ssl,d,direction)
|
int ssl_process_change_cipher_spec(ssl,d,direction)
|
||||||
ssl_obj *ssl;
|
ssl_obj *ssl;
|
||||||
ssl_decoder *d;
|
ssl_decoder *d;
|
||||||
int direction;
|
int direction;
|
||||||
{
|
{
|
||||||
#ifdef OPENSSL
|
#ifdef OPENSSL
|
||||||
|
if (ssl->version!=TLSV13_VERSION){
|
||||||
if(direction==DIR_I2R){
|
if(direction==DIR_I2R){
|
||||||
d->c_to_s=d->c_to_s_n;
|
d->c_to_s=d->c_to_s_n;
|
||||||
d->c_to_s_n=0;
|
d->c_to_s_n=0;
|
||||||
|
@ -403,7 +427,7 @@ int ssl_process_change_cipher_spec(ssl,d,direction)
|
||||||
d->s_to_c_n=0;
|
d->s_to_c_n=0;
|
||||||
if(d->s_to_c) ssl->process_ciphertext |= direction;
|
if(d->s_to_c) ssl->process_ciphertext |= direction;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
return(0);
|
return(0);
|
||||||
}
|
}
|
||||||
|
@ -427,7 +451,10 @@ int ssl_decode_record(ssl,dec,direction,ct,version,d)
|
||||||
rd=0;
|
rd=0;
|
||||||
state=(direction==DIR_I2R)?ssl->i_state:ssl->r_state;
|
state=(direction==DIR_I2R)?ssl->i_state:ssl->r_state;
|
||||||
|
|
||||||
if(!rd){
|
if (ssl->version == TLSV13_VERSION && ct != 23) { // Only type 23 is encrypted in tls1.3
|
||||||
|
ssl->record_encryption = REC_PLAINTEXT;
|
||||||
|
return 0;
|
||||||
|
} else if(!rd){
|
||||||
if(state & SSL_ST_SENT_CHANGE_CIPHER_SPEC){
|
if(state & SSL_ST_SENT_CHANGE_CIPHER_SPEC){
|
||||||
ssl->record_encryption=REC_CIPHERTEXT;
|
ssl->record_encryption=REC_CIPHERTEXT;
|
||||||
return(SSL_NO_DECRYPT);
|
return(SSL_NO_DECRYPT);
|
||||||
|
@ -443,7 +470,12 @@ int ssl_decode_record(ssl,dec,direction,ct,version,d)
|
||||||
if(!(out=(UCHAR *)malloc(d->len)))
|
if(!(out=(UCHAR *)malloc(d->len)))
|
||||||
ABORT(R_NO_MEMORY);
|
ABORT(R_NO_MEMORY);
|
||||||
|
|
||||||
if((r=ssl_decode_rec_data(ssl,rd,ct,version,d->data,d->len,out,&outl))){
|
if (ssl->version==TLSV13_VERSION){
|
||||||
|
r=tls13_decode_rec_data(ssl,rd,ct,version,d->data,d->len,out,&outl);
|
||||||
|
} else {
|
||||||
|
r=ssl_decode_rec_data(ssl,rd,ct,version,d->data,d->len,out,&outl);
|
||||||
|
}
|
||||||
|
if(r) {
|
||||||
ABORT(r);
|
ABORT(r);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -620,7 +652,7 @@ int ssl_process_client_key_exchange(ssl,d,msg,len)
|
||||||
r_data_destroy(&d->MS);
|
r_data_destroy(&d->MS);
|
||||||
|
|
||||||
if(!d->ctx->ssl_key_log_file ||
|
if(!d->ctx->ssl_key_log_file ||
|
||||||
ssl_read_key_log_file(d) ||
|
ssl_read_key_log_file(ssl,d) ||
|
||||||
!d->MS){
|
!d->MS){
|
||||||
if(ssl->cs->kex!=KEX_RSA)
|
if(ssl->cs->kex!=KEX_RSA)
|
||||||
return(-1);
|
return(-1);
|
||||||
|
@ -1070,10 +1102,10 @@ static int ssl_generate_keying_material(ssl,d)
|
||||||
}
|
}
|
||||||
|
|
||||||
if((r=ssl_create_rec_decoder(&d->c_to_s_n,
|
if((r=ssl_create_rec_decoder(&d->c_to_s_n,
|
||||||
ssl->cs,c_mk,c_wk,c_iv)))
|
ssl,c_mk,c_wk,c_iv)))
|
||||||
ABORT(r);
|
ABORT(r);
|
||||||
if((r=ssl_create_rec_decoder(&d->s_to_c_n,
|
if((r=ssl_create_rec_decoder(&d->s_to_c_n,
|
||||||
ssl->cs,s_mk,s_wk,s_iv)))
|
ssl,s_mk,s_wk,s_iv)))
|
||||||
ABORT(r);
|
ABORT(r);
|
||||||
|
|
||||||
|
|
||||||
|
@ -1086,6 +1118,175 @@ static int ssl_generate_keying_material(ssl,d)
|
||||||
return(_status);
|
return(_status);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int hkdf_expand_label(ssl,d,secret,label,context,length,out)
|
||||||
|
ssl_obj *ssl;
|
||||||
|
ssl_decoder *d;
|
||||||
|
Data *secret;
|
||||||
|
char *label;
|
||||||
|
Data *context;
|
||||||
|
uint16_t length;
|
||||||
|
UCHAR **out;
|
||||||
|
{
|
||||||
|
int r;
|
||||||
|
size_t outlen = length;
|
||||||
|
EVP_PKEY_CTX *pctx;
|
||||||
|
|
||||||
|
pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
|
||||||
|
|
||||||
|
Data hkdf_label;
|
||||||
|
UCHAR *ptr;
|
||||||
|
|
||||||
|
//Construct HkdfLabel
|
||||||
|
hkdf_label.data = ptr = malloc(512);
|
||||||
|
*(uint16_t*)ptr = ntohs(length);
|
||||||
|
ptr+=2;
|
||||||
|
*(uint8_t*)ptr++ = 6+(label?strlen(label):0);
|
||||||
|
memcpy(ptr, "tls13 ", 6);
|
||||||
|
ptr+=6;
|
||||||
|
if (label) {
|
||||||
|
memcpy(ptr, label, strlen(label));
|
||||||
|
ptr+=strlen(label);
|
||||||
|
}
|
||||||
|
*(uint8_t*)ptr++ = context?context->len:0;
|
||||||
|
if (context) {
|
||||||
|
memcpy(ptr, context->data, context->len);
|
||||||
|
ptr+=context->len;
|
||||||
|
}
|
||||||
|
hkdf_label.len = ptr - hkdf_label.data;
|
||||||
|
CRDUMPD("hkdf_label", &hkdf_label);
|
||||||
|
// Load parameters
|
||||||
|
*out = malloc(length);
|
||||||
|
if (EVP_PKEY_derive_init(pctx) <= 0) {
|
||||||
|
fprintf(stderr, "EVP_PKEY_derive_init failed\n");
|
||||||
|
}
|
||||||
|
/* Error */
|
||||||
|
if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY)<=0) {
|
||||||
|
fprintf(stderr, "EVP_PKEY_CTX_hkdf_mode failed\n");
|
||||||
|
goto abort;
|
||||||
|
}
|
||||||
|
if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_get_digestbyname(digests[ssl->cs->dig-0x40])) <= 0) {
|
||||||
|
fprintf(stderr, "EVP_PKEY_CTX_set_hkdf_md failed\n");
|
||||||
|
goto abort;
|
||||||
|
}
|
||||||
|
if (EVP_PKEY_CTX_set1_hkdf_key(pctx, secret->data, secret->len) <= 0) {
|
||||||
|
fprintf(stderr, "EVP_PKEY_CTX_set_hkdf_md failed\n");
|
||||||
|
goto abort;
|
||||||
|
}
|
||||||
|
if (EVP_PKEY_CTX_add1_hkdf_info(pctx, hkdf_label.data, hkdf_label.len) <= 0) {
|
||||||
|
fprintf(stderr, "EVP_PKEY_CTX_add1_hkdf_info failed\n");
|
||||||
|
goto abort;
|
||||||
|
}
|
||||||
|
if (EVP_PKEY_derive(pctx, *out, &outlen) <= 0) {
|
||||||
|
fprintf(stderr, "EVP_PKEY_derive failed\n");
|
||||||
|
goto abort;
|
||||||
|
}
|
||||||
|
|
||||||
|
CRDUMP("out_hkdf", *out, outlen);
|
||||||
|
return 0;
|
||||||
|
abort:
|
||||||
|
ERR_print_errors_fp(stderr);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Will update the keys for the particular direction
|
||||||
|
int ssl_tls13_update_keying_material(ssl,d,direction)
|
||||||
|
ssl_obj *ssl;
|
||||||
|
ssl_decoder *d;
|
||||||
|
int direction;
|
||||||
|
{
|
||||||
|
Data *secret;
|
||||||
|
ssl_rec_decoder *decoder;
|
||||||
|
UCHAR *newsecret;
|
||||||
|
UCHAR *newkey;
|
||||||
|
UCHAR *newiv;
|
||||||
|
|
||||||
|
if (direction == DIR_I2R) {
|
||||||
|
secret = d->CTS;
|
||||||
|
decoder = d->c_to_s;
|
||||||
|
} else {
|
||||||
|
secret = d->STS;
|
||||||
|
decoder = d->s_to_c;
|
||||||
|
}
|
||||||
|
hkdf_expand_label(ssl, d, secret, "traffic upd", NULL, ssl->cs->dig_len, &newsecret);
|
||||||
|
secret->data = newsecret;
|
||||||
|
hkdf_expand_label(ssl, d, secret, "key", NULL, ssl->cs->eff_bits/8, &newkey);
|
||||||
|
hkdf_expand_label(ssl, d, secret, "iv", NULL, 12, &newiv);
|
||||||
|
tls13_update_rec_key(decoder,newkey,newiv);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
int ssl_tls13_generate_keying_material(ssl,d)
|
||||||
|
ssl_obj* ssl;
|
||||||
|
ssl_decoder *d;
|
||||||
|
{
|
||||||
|
int r,_status;
|
||||||
|
Data out;
|
||||||
|
UCHAR *s_wk_h,*s_iv_h,*c_wk_h,*c_iv_h,
|
||||||
|
*s_wk,*s_iv,*c_wk,*c_iv;
|
||||||
|
if (!(d->ctx->ssl_key_log_file && ssl_read_key_log_file(ssl, d)==0 &&
|
||||||
|
d->SHTS && d->CHTS && d->STS && d->CTS)){
|
||||||
|
ABORT(-1);
|
||||||
|
}
|
||||||
|
// It is 12 for all ciphers
|
||||||
|
if (hkdf_expand_label(ssl, d, d->SHTS, "key", NULL, ssl->cs->eff_bits/8, &s_wk_h)) {
|
||||||
|
fprintf(stderr, "s_wk_h hkdf_expand_label failed\n");
|
||||||
|
goto abort;
|
||||||
|
}
|
||||||
|
if (hkdf_expand_label(ssl, d, d->SHTS, "iv", NULL, 12, &s_iv_h)) {
|
||||||
|
fprintf(stderr, "s_iv_h hkdf_expand_label failed\n");
|
||||||
|
goto abort;
|
||||||
|
}
|
||||||
|
if (hkdf_expand_label(ssl, d, d->CHTS, "key", NULL, ssl->cs->eff_bits/8, &c_wk_h)) {
|
||||||
|
fprintf(stderr, "c_wk_h hkdf_expand_label failed\n");
|
||||||
|
goto abort;
|
||||||
|
}
|
||||||
|
if (hkdf_expand_label(ssl, d, d->CHTS, "iv", NULL, 12, &c_iv_h)) {
|
||||||
|
fprintf(stderr, "c_iv_h hkdf_expand_label failed\n");
|
||||||
|
goto abort;
|
||||||
|
}
|
||||||
|
if (hkdf_expand_label(ssl, d, d->STS, "key", NULL, ssl->cs->eff_bits/8, &s_wk)) {
|
||||||
|
fprintf(stderr, "s_wk hkdf_expand_label failed\n");
|
||||||
|
goto abort;
|
||||||
|
}
|
||||||
|
if (hkdf_expand_label(ssl, d, d->STS, "iv", NULL, 12, &s_iv)) {
|
||||||
|
fprintf(stderr, "s_iv hkdf_expand_label failed\n");
|
||||||
|
goto abort;
|
||||||
|
}
|
||||||
|
if (hkdf_expand_label(ssl, d, d->CTS, "key", NULL, ssl->cs->eff_bits/8, &c_wk)) {
|
||||||
|
fprintf(stderr, "c_wk hkdf_expand_label failed\n");
|
||||||
|
goto abort;
|
||||||
|
}
|
||||||
|
if (hkdf_expand_label(ssl, d, d->CTS, "iv", NULL, 12, &c_iv)) {
|
||||||
|
fprintf(stderr, "c_iv hkdf_expand_label failed\n");
|
||||||
|
goto abort;
|
||||||
|
}
|
||||||
|
CRDUMP("Server Handshake Write key", s_wk_h,ssl->cs->eff_bits/8 );
|
||||||
|
CRDUMP("Server Handshake IV", s_iv_h, 12);
|
||||||
|
CRDUMP("Client Handshake Write key", c_wk_h, ssl->cs->eff_bits/8);
|
||||||
|
CRDUMP("Client Handshake IV", c_iv_h,12);
|
||||||
|
CRDUMP("Server Write key", s_wk,ssl->cs->eff_bits/8);
|
||||||
|
CRDUMP("Server IV", s_iv,12);
|
||||||
|
CRDUMP("Client Write key",c_wk, ssl->cs->eff_bits/8);
|
||||||
|
CRDUMP("Client IV", c_iv,12);
|
||||||
|
|
||||||
|
if((r=ssl_create_rec_decoder(&d->c_to_s_n,
|
||||||
|
ssl,NULL,c_wk,c_iv)))
|
||||||
|
ABORT(r);
|
||||||
|
if((r=ssl_create_rec_decoder(&d->s_to_c_n,
|
||||||
|
ssl,NULL,s_wk,s_iv)))
|
||||||
|
ABORT(r);
|
||||||
|
if((r=ssl_create_rec_decoder(&d->c_to_s,
|
||||||
|
ssl,NULL,c_wk_h,c_iv_h)))
|
||||||
|
ABORT(r);
|
||||||
|
if((r=ssl_create_rec_decoder(&d->s_to_c,
|
||||||
|
ssl,NULL,s_wk_h,s_iv_h)))
|
||||||
|
ABORT(r);
|
||||||
|
return 0;
|
||||||
|
abort:
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
static int ssl_generate_session_hash(ssl,d)
|
static int ssl_generate_session_hash(ssl,d)
|
||||||
ssl_obj *ssl;
|
ssl_obj *ssl;
|
||||||
ssl_decoder *d;
|
ssl_decoder *d;
|
||||||
|
@ -1134,36 +1335,64 @@ static int ssl_generate_session_hash(ssl,d)
|
||||||
return(_status);
|
return(_status);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ssl_read_key_log_file(d)
|
static int read_hex_string(char *str, UCHAR *buf, int n) {
|
||||||
|
unsigned int t;
|
||||||
|
int i;
|
||||||
|
for (i = 0; i < n; i++) {
|
||||||
|
if (sscanf(str + i * 2, "%02x", &t) != 1)
|
||||||
|
return -1;
|
||||||
|
buf[i] = (char)t;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
static int ssl_read_key_log_file(ssl,d)
|
||||||
|
ssl_obj *ssl;
|
||||||
ssl_decoder *d;
|
ssl_decoder *d;
|
||||||
{
|
{
|
||||||
int r,_status,n,i;
|
int r,_status,n,i;
|
||||||
unsigned int t;
|
unsigned int t;
|
||||||
size_t l=0;
|
size_t l=0;
|
||||||
char *line,*label_data;
|
char *line, *d_client_random, *label, *client_random, *secret;
|
||||||
|
if (ssl->version==TLSV13_VERSION && !ssl->cs)// ssl->cs is not set when called from ssl_process_client_session_id
|
||||||
while ((n=getline(&line,&l,d->ctx->ssl_key_log_file))!=-1) {
|
ABORT(r);
|
||||||
if(n==(d->client_random->len*2)+112 &&
|
if (!(d_client_random = malloc((d->client_random->len * 2) + 1)))
|
||||||
!strncmp(line,"CLIENT_RANDOM",13)) {
|
|
||||||
|
|
||||||
if(!(label_data=malloc((d->client_random->len*2)+1)))
|
|
||||||
ABORT(r);
|
ABORT(r);
|
||||||
|
|
||||||
for (i = 0; i < d->client_random->len; i++)
|
for (i = 0; i < d->client_random->len; i++)
|
||||||
if(snprintf(label_data+(i*2),3,"%02x",d->client_random->data[i])!=2)
|
if (snprintf(d_client_random + (i * 2), 3, "%02x", d->client_random->data[i]) != 2)
|
||||||
ABORT(r);
|
ABORT(r);
|
||||||
|
while ((n = getline(&line, &l, d->ctx->ssl_key_log_file)) != -1) {
|
||||||
if(STRNICMP(line+14,label_data,64))
|
if (line[n-1] =='\n') line[n-1] = '\0';
|
||||||
continue;
|
if (!(label=strtok(line, " "))) continue;
|
||||||
|
if (!(client_random=strtok(NULL, " ")) || strlen(client_random)!=64 || STRNICMP(client_random, d_client_random, 64)) continue;
|
||||||
|
secret=strtok(NULL, " ");
|
||||||
|
if (!(secret) || strlen(secret)!=(ssl->version==TLSV13_VERSION?ssl->cs->dig_len*2:96)) continue;
|
||||||
|
if (!strncmp(label, "CLIENT_RANDOM", 13)) {
|
||||||
if ((r=r_data_alloc(&d->MS, 48)))
|
if ((r=r_data_alloc(&d->MS, 48)))
|
||||||
ABORT(r);
|
ABORT(r);
|
||||||
|
if (read_hex_string(secret, d->MS->data, 48))
|
||||||
for(i=0; i < d->MS->len; i++) {
|
|
||||||
if(sscanf(line+14+65+(i*2),"%2x",&t)!=1)
|
|
||||||
ABORT(r);
|
ABORT(r);
|
||||||
*(d->MS->data+i)=(char)t;
|
|
||||||
}
|
}
|
||||||
|
if (ssl->version!=TLSV13_VERSION) continue;
|
||||||
|
if (!strncmp(label, "SERVER_HANDSHAKE_TRAFFIC_SECRET", 31)){
|
||||||
|
if ((r=r_data_alloc(&d->SHTS, ssl->cs->dig_len)))
|
||||||
|
ABORT(r);
|
||||||
|
if (read_hex_string(secret, d->SHTS->data, ssl->cs->dig_len))
|
||||||
|
ABORT(r);
|
||||||
|
} else if (!strncmp(label, "CLIENT_HANDSHAKE_TRAFFIC_SECRET", 31)){
|
||||||
|
if ((r=r_data_alloc(&d->CHTS, ssl->cs->dig_len)))
|
||||||
|
ABORT(r);
|
||||||
|
if (read_hex_string(secret, d->CHTS->data, ssl->cs->dig_len))
|
||||||
|
ABORT(r);
|
||||||
|
} else if (!strncmp(label, "SERVER_TRAFFIC_SECRET_0", 23)){
|
||||||
|
if ((r=r_data_alloc(&d->STS, ssl->cs->dig_len)))
|
||||||
|
ABORT(r);
|
||||||
|
if (read_hex_string(secret, d->STS->data, ssl->cs->dig_len))
|
||||||
|
ABORT(r);
|
||||||
|
} else if (!strncmp(label, "CLIENT_TRAFFIC_SECRET_0", 23)){
|
||||||
|
if ((r=r_data_alloc(&d->CTS, ssl->cs->dig_len)))
|
||||||
|
ABORT(r);
|
||||||
|
if (read_hex_string(secret, d->CTS->data, ssl->cs->dig_len))
|
||||||
|
ABORT(r);
|
||||||
}
|
}
|
||||||
/*
|
/*
|
||||||
Eventually add support for other labels defined here:
|
Eventually add support for other labels defined here:
|
||||||
|
|
|
@ -73,6 +73,9 @@ int ssl_update_handshake_messages PROTO_LIST((ssl_obj *ssl,
|
||||||
Data *data));
|
Data *data));
|
||||||
int ssl_decode_record PROTO_LIST((ssl_obj *ssl,ssl_decoder *dec,int direction,
|
int ssl_decode_record PROTO_LIST((ssl_obj *ssl,ssl_decoder *dec,int direction,
|
||||||
int ct,int version,Data *d));
|
int ct,int version,Data *d));
|
||||||
|
int ssl_tls13_generate_keying_material PROTO_LIST((ssl_obj *obj,ssl_decoder *dec));
|
||||||
|
int ssl_process_handshake_finished PROTO_LIST((ssl_obj* ssl,ssl_decoder *dec, Data *data));
|
||||||
|
int ssl_tls13_update_keying_material PROTO_LIST((ssl_obj *ssl,ssl_decoder *dec,int dir));
|
||||||
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -268,18 +268,16 @@ int ssl_expand_record(ssl,q,direction,data,len)
|
||||||
explain(ssl," Short record: %u bytes available (expecting: %u)\n",length,d.len);
|
explain(ssl," Short record: %u bytes available (expecting: %u)\n",length,d.len);
|
||||||
return(0);
|
return(0);
|
||||||
}
|
}
|
||||||
|
version = ssl->version ? ssl->version : (vermaj*256+vermin);
|
||||||
|
|
||||||
P_(P_RH){
|
P_(P_RH){
|
||||||
explain(ssl," V%d.%d(%d)",vermaj,vermin,length);
|
explain(ssl," V%d.%d(%d)",(version>>8)&0xff,version&0xff,length);
|
||||||
json_object_object_add(jobj, "record_len", json_object_new_int(length));
|
json_object_object_add(jobj, "record_len", json_object_new_int(length));
|
||||||
snprintf(verstr,8,"%d.%d",vermaj,vermin);
|
snprintf(verstr,8,"%d.%d",(version>>8)&0xff,version&0xff);
|
||||||
json_object_object_add(jobj, "record_ver", json_object_new_string(verstr));
|
json_object_object_add(jobj, "record_ver", json_object_new_string(verstr));
|
||||||
}
|
}
|
||||||
|
|
||||||
version=vermaj*256+vermin;
|
|
||||||
|
|
||||||
r = ssl_decode_record(ssl, ssl->decoder, direction, ct, version, &d);
|
r = ssl_decode_record(ssl, ssl->decoder, direction, ct, version, &d);
|
||||||
|
|
||||||
if(r==SSL_BAD_MAC){
|
if(r==SSL_BAD_MAC){
|
||||||
explain(ssl," bad MAC\n");
|
explain(ssl," bad MAC\n");
|
||||||
return(0);
|
return(0);
|
||||||
|
@ -303,9 +301,15 @@ int ssl_expand_record(ssl,q,direction,data,len)
|
||||||
else{
|
else{
|
||||||
//try to save unencrypted data to logger
|
//try to save unencrypted data to logger
|
||||||
//we must save record with type "application_data" (this is unencrypted data)
|
//we must save record with type "application_data" (this is unencrypted data)
|
||||||
if ((ct == 23) && (logger)) logger->vtbl->data(ssl->logger_obj,d.data,d.len,direction);
|
if (ct==23){
|
||||||
|
if (logger) {
|
||||||
if((r=ssl_decode_switch(ssl,ContentType_decoder,data[0],direction,q, &d))) {
|
logger->vtbl->data(ssl->logger_obj,d.data,d.len,direction);
|
||||||
|
}
|
||||||
|
if (ssl->version==TLSV13_VERSION){
|
||||||
|
ct = d.data[--d.len]; // In TLS 1.3 ct is stored in the end for encrypted records
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if((r=ssl_decode_switch(ssl,ContentType_decoder,ct,direction,q, &d))) {
|
||||||
if(!(SSL_print_flags & SSL_PRINT_JSON))
|
if(!(SSL_print_flags & SSL_PRINT_JSON))
|
||||||
printf(" unknown record type: %d\n", ct);
|
printf(" unknown record type: %d\n", ct);
|
||||||
ERETURN(r);
|
ERETURN(r);
|
||||||
|
|
Loading…
Reference in a new issue