diff options
author | Gergely Nagy <ngg@ngg.hu> | 2015-10-12 16:23:31 +0200 |
---|---|---|
committer | Peter Wu <peter@lekensteyn.nl> | 2015-10-13 07:34:24 +0000 |
commit | a386fc99ac72b4cdb88cb3d26fd19d6251391b96 (patch) | |
tree | 4d4828fb536460761ef0da81f674a572551890a1 /epan/dissectors/packet-ssl-utils.c | |
parent | f6d61ebfe8bd4c384366512bb05f33279a6f03d9 (diff) |
ssl-utils: Fix parsing pre-master-secrets in keylog-file
With "PMS_CLIENT_RANDOM xxxx yyyy" lines, only 32 byte long pre-master
secrets could be entered, but they are 48 byte long for RSA and can be
of any length for DHE cipher suites.
When a line had the "RSA xxxx yyyy" format then yyyy was previously
parsed with the <master_secret> regex group but it contains
the pre-master secret, so now it is parsed with the <pms> group.
This didn't cause a functional issue for RSA, but it couldn't be used
where the pre-master secret isn't 48 byte long.
After this change the regex will accept everything that was previously
working.
Change-Id: I71f43f3e9977a5e98758f387ad69893e8be0e27a
Reviewed-on: https://code.wireshark.org/review/10923
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Diffstat (limited to 'epan/dissectors/packet-ssl-utils.c')
-rw-r--r-- | epan/dissectors/packet-ssl-utils.c | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/epan/dissectors/packet-ssl-utils.c b/epan/dissectors/packet-ssl-utils.c index 39f5916018..cc40ac35d7 100644 --- a/epan/dissectors/packet-ssl-utils.c +++ b/epan/dissectors/packet-ssl-utils.c @@ -4555,14 +4555,20 @@ ssl_compile_keyfile_regex(void) { #define OCTET "(?:[[:xdigit:]]{2})" const gchar *pattern = - "(?:PMS_CLIENT_RANDOM (?<client_random_pms>" OCTET "{32}) (?<pms>" OCTET "{32}))" + "(?:" + /* Matches Client Hellos having this Client Random */ + "PMS_CLIENT_RANDOM (?<client_random_pms>" OCTET "{32}) " + /* Matches first part of encrypted RSA pre-master secret */ + "|RSA (?<encrypted_pmk>" OCTET "{8}) " + /* Pre-Master-Secret is given, it is 48 bytes for RSA, + but it can be of any length for DHE */ + ")(?<pms>" OCTET "+)" "|(?:" - /* First part of encrypted RSA pre-master secret */ - "RSA (?<encrypted_pmk>" OCTET "{8}) " /* Matches Server Hellos having a Session ID */ - "|RSA Session-ID:(?<session_id>" OCTET "+) Master-Key:" - /* Matches Client Hellos having this Client.Random */ + "RSA Session-ID:(?<session_id>" OCTET "+) Master-Key:" + /* Matches Client Hellos having this Client Random */ "|CLIENT_RANDOM (?<client_random>" OCTET "{32}) " + /* Master-Secret is given, its length is fixed */ ")(?<master_secret>" OCTET "{" G_STRINGIFY(SSL_MASTER_SECRET_LENGTH) "})"; #undef OCTET static GRegex *regex = NULL; |