diff options
| author | Peter Wu <peter@lekensteyn.nl> | 2014-06-23 23:14:06 +0200 |
|---|---|---|
| committer | Evan Huus <eapache@gmail.com> | 2014-06-23 23:31:40 +0000 |
| commit | e22d3c9b744af8fa49806f1cde2100be85cc58cc (patch) | |
| tree | 00274166a829725e8354a50eb5fa49edb8d98136 /epan/dissectors/packet-ssl-utils.h | |
| parent | 8702a6b82740054e9864c0ddd50fa9f0d966445f (diff) | |
ssl: fix ClientKeyExchange, fix TLSv1.2 SKE for DH
Since DTLS and TLS do not differ in handling ClientKeyExchange and
ServerKeyExchange, its dissection got moved to ssl-utils. The code is
based on the SSL dissector, with header field names adjusted to the
DTLS ones (those got capitalized). Besides a version difference (for
signatures), the header field and function names, the DTLS and SSL code
are equal (this is verified).
This patch refactors the dissectors for DHE_RSA and ECDHE to make use of
a common function to dissect the signed_params field. All offset
tracking is also removed in favor of exception handling by the
proto_tree_add_item function. Occurrences of proto_tree_add_uint are
also replaced by proto_tree_add_item for simplicity.
After those changes, the SKE dissector for DH key exchanges is updated
to handle the mandatory signature field in TLSv1.2, using the newly
added function. (bug 9208)
Another bug occurred after the length check removal, pre-TLS and
OpenSSL's old DTLS implemenation do not include a vector length in
the CKE. This is now also fixed. (bug 10222)
Other minor changes: comments added/corrected, renamed
keyex_dh -> keyex_dhe (includes DHE_RSA and DHE_DSS).
Bug: 9208
Bug: 10222
Change-Id: I76e835d56a65c91facce46840d79c1c48ce8d5dd
Reviewed-on: https://code.wireshark.org/review/2542
Reviewed-by: Evan Huus <eapache@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-ssl-utils.h')
| -rw-r--r-- | epan/dissectors/packet-ssl-utils.h | 176 |
1 files changed, 173 insertions, 3 deletions
diff --git a/epan/dissectors/packet-ssl-utils.h b/epan/dissectors/packet-ssl-utils.h index f64d4e0c29..1a085fa9bb 100644 --- a/epan/dissectors/packet-ssl-utils.h +++ b/epan/dissectors/packet-ssl-utils.h @@ -638,6 +638,32 @@ typedef struct ssl_common_dissect { gint hs_sig_hash_algs; gint hs_sig_hash_hash; gint hs_sig_hash_sig; + gint hs_client_keyex_epms_len; + gint hs_client_keyex_epms; + gint hs_server_keyex_modulus_len; + gint hs_server_keyex_exponent_len; + gint hs_server_keyex_sig_len; + gint hs_server_keyex_p_len; + gint hs_server_keyex_g_len; + gint hs_server_keyex_ys_len; + gint hs_client_keyex_yc_len; + gint hs_client_keyex_point_len; + gint hs_server_keyex_point_len; + gint hs_server_keyex_p; + gint hs_server_keyex_g; + gint hs_server_keyex_curve_type; + gint hs_server_keyex_named_curve; + gint hs_server_keyex_ys; + gint hs_client_keyex_yc; + gint hs_server_keyex_point; + gint hs_client_keyex_point; + gint hs_server_keyex_modulus; + gint hs_server_keyex_exponent; + gint hs_server_keyex_sig; + gint hs_server_keyex_hint_len; + gint hs_server_keyex_hint; + gint hs_client_keyex_identity_len; + gint hs_client_keyex_identity; } hf; struct { gint hs_ext; @@ -652,6 +678,7 @@ typedef struct ssl_common_dissect { gint hs_sig_hash_alg; gint hs_sig_hash_algs; gint urlhash; + gint keyex_params; } ett; struct { expert_field hs_ext_cert_status_undecoded; @@ -670,15 +697,27 @@ ssl_dissect_hash_alg_list(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *t extern void ssl_dissect_hnd_cert_url(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree, guint32 offset); +extern void +ssl_dissect_hnd_cli_keyex(ssl_common_dissect_t *hf, tvbuff_t *tvb, + proto_tree *tree, guint32 offset, guint32 length, + const SslSession *session); + +extern void +ssl_dissect_hnd_srv_keyex(ssl_common_dissect_t *hf, tvbuff_t *tvb, + proto_tree *tree, guint32 offset, guint32 length, + const SslSession *session); + #define SSL_COMMON_LIST_T(name) \ ssl_common_dissect_t name = { \ /* hf */ { \ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \ - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \ + -1, -1, -1, -1, -1, \ }, \ /* ett */ { \ - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \ }, \ /* ei */ { \ EI_INIT, \ @@ -896,6 +935,136 @@ ssl_common_dissect_t name = { \ FT_UINT8, BASE_DEC, VALS(tls_signature_algorithm), 0x0, \ NULL, HFILL } \ }, \ + { & name .hf.hs_client_keyex_epms_len, \ + { "Encrypted PreMaster length", prefix ".handshake.epms_len", \ + FT_UINT16, BASE_DEC, NULL, 0x0, \ + "Length of encrypted PreMaster secret", HFILL } \ + }, \ + { & name .hf.hs_client_keyex_epms, \ + { "Encrypted PreMaster", prefix ".handshake.epms", \ + FT_BYTES, BASE_NONE, NULL, 0x0, \ + "Encrypted PreMaster secret", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_modulus_len, \ + { "Modulus Length", prefix ".handshake.modulus_len", \ + FT_UINT16, BASE_DEC, NULL, 0x0, \ + "Length of RSA-EXPORT modulus", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_exponent_len, \ + { "Exponent Length", prefix ".handshake.exponent_len", \ + FT_UINT16, BASE_DEC, NULL, 0x0, \ + "Length of RSA-EXPORT exponent", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_sig_len, \ + { "Signature Length", prefix ".handshake.sig_len", \ + FT_UINT16, BASE_DEC, NULL, 0x0, \ + "Length of Signature", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_p_len, \ + { "p Length", prefix ".handshake.p_len", \ + FT_UINT16, BASE_DEC, NULL, 0x0, \ + "Length of p", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_g_len, \ + { "g Length", prefix ".handshake.g_len", \ + FT_UINT16, BASE_DEC, NULL, 0x0, \ + "Length of g", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_ys_len, \ + { "Pubkey Length", prefix ".handshake.ys_len", \ + FT_UINT16, BASE_DEC, NULL, 0x0, \ + "Length of server's Diffie-Hellman public key", HFILL } \ + }, \ + { & name .hf.hs_client_keyex_yc_len, \ + { "Pubkey Length", prefix ".handshake.yc_len", \ + FT_UINT16, BASE_DEC, NULL, 0x0, \ + "Length of client's Diffie-Hellman public key", HFILL } \ + }, \ + { & name .hf.hs_client_keyex_point_len, \ + { "Pubkey Length", prefix ".handshake.client_point_len", \ + FT_UINT8, BASE_DEC, NULL, 0x0, \ + "Length of client's EC Diffie-Hellman public key", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_point_len, \ + { "Pubkey Length", prefix ".handshake.server_point_len", \ + FT_UINT8, BASE_DEC, NULL, 0x0, \ + "Length of server's EC Diffie-Hellman public key", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_p, \ + { "p", prefix ".handshake.p", \ + FT_BYTES, BASE_NONE, NULL, 0x0, \ + "Diffie-Hellman p", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_g, \ + { "g", prefix ".handshake.g", \ + FT_BYTES, BASE_NONE, NULL, 0x0, \ + "Diffie-Hellman g", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_curve_type, \ + { "Curve Type", prefix ".handshake.server_curve_type", \ + FT_UINT8, BASE_HEX, VALS(ssl_curve_types), 0x0, \ + "Server curve_type", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_named_curve, \ + { "Named Curve", prefix ".handshake.server_named_curve", \ + FT_UINT16, BASE_HEX, VALS(ssl_extension_curves), 0x0, \ + "Server named_curve", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_ys, \ + { "Pubkey", prefix ".handshake.ys", \ + FT_BYTES, BASE_NONE, NULL, 0x0, \ + "Diffie-Hellman server pubkey", HFILL } \ + }, \ + { & name .hf.hs_client_keyex_yc, \ + { "Pubkey", prefix ".handshake.yc", \ + FT_BYTES, BASE_NONE, NULL, 0x0, \ + "Diffie-Hellman client pubkey", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_point, \ + { "Pubkey", prefix ".handshake.server_point", \ + FT_BYTES, BASE_NONE, NULL, 0x0, \ + "EC Diffie-Hellman server pubkey", HFILL } \ + }, \ + { & name .hf.hs_client_keyex_point, \ + { "Pubkey", prefix ".handshake.client_point", \ + FT_BYTES, BASE_NONE, NULL, 0x0, \ + "EC Diffie-Hellman client pubkey", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_modulus, \ + { "Modulus", prefix ".handshake.modulus", \ + FT_BYTES, BASE_NONE, NULL, 0x0, \ + "RSA-EXPORT modulus", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_exponent, \ + { "Exponent", prefix ".handshake.exponent", \ + FT_BYTES, BASE_NONE, NULL, 0x0, \ + "RSA-EXPORT exponent", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_sig, \ + { "Signature", prefix ".handshake.sig", \ + FT_BYTES, BASE_NONE, NULL, 0x0, \ + "Diffie-Hellman server signature", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_hint_len, \ + { "Hint Length", prefix ".handshake.hint_len", \ + FT_UINT16, BASE_DEC, NULL, 0x0, \ + "Length of PSK Hint", HFILL } \ + }, \ + { & name .hf.hs_server_keyex_hint, \ + { "Hint", prefix ".handshake.hint", \ + FT_BYTES, BASE_NONE, NULL, 0x0, \ + "PSK Hint", HFILL } \ + }, \ + { & name .hf.hs_client_keyex_identity_len, \ + { "Identity Length", prefix ".handshake.identity_len", \ + FT_UINT16, BASE_DEC, NULL, 0x0, \ + "Length of PSK Identity", HFILL } \ + }, \ + { & name .hf.hs_client_keyex_identity, \ + { "Identity", prefix ".handshake.identity", \ + FT_BYTES, BASE_NONE, NULL, 0x0, \ + "PSK Identity", HFILL } \ + }, \ { & name .hf.hs_ext_heartbeat_mode, \ { "Mode", prefix ".handshake.extension.heartbeat.mode", \ FT_UINT8, BASE_DEC, VALS(tls_heartbeat_mode), 0x0, \ @@ -914,7 +1083,8 @@ ssl_common_dissect_t name = { \ & name .ett.hs_ext_server_name, \ & name .ett.hs_sig_hash_alg, \ & name .ett.hs_sig_hash_algs, \ - & name .ett.urlhash + & name .ett.urlhash, \ + & name .ett.keyex_params #define SSL_COMMON_EI_LIST(name, prefix) \ |