diff options
author | Tomas Kukosa <tomas.kukosa@siemens.com> | 2007-04-16 06:41:56 +0000 |
---|---|---|
committer | Tomas Kukosa <tomas.kukosa@siemens.com> | 2007-04-16 06:41:56 +0000 |
commit | 111d18c4b37104b47afd3822ba0f27a3efc1d338 (patch) | |
tree | 39efa6a4771342d3c3f32a0ea05f77e5ed01cf33 /epan | |
parent | 1b50aa2a44e090b8d8a7d32b831b813c140a8347 (diff) |
move string tables from packet-ssl-utils.h to packet-ssl-utils.c and export them
svn path=/trunk/; revision=21445
Diffstat (limited to 'epan')
-rw-r--r-- | epan/dissectors/packet-ssl-utils.c | 397 | ||||
-rw-r--r-- | epan/dissectors/packet-ssl-utils.h | 414 |
2 files changed, 420 insertions, 391 deletions
diff --git a/epan/dissectors/packet-ssl-utils.c b/epan/dissectors/packet-ssl-utils.c index 60e5f728b6..e6350a03a2 100644 --- a/epan/dissectors/packet-ssl-utils.c +++ b/epan/dissectors/packet-ssl-utils.c @@ -34,6 +34,403 @@ #include <epan/emem.h> +/* + * Lookup tables + * + */ +const value_string ssl_20_msg_types[] = { + { SSL2_HND_ERROR, "Error" }, + { SSL2_HND_CLIENT_HELLO, "Client Hello" }, + { SSL2_HND_CLIENT_MASTER_KEY, "Client Master Key" }, + { SSL2_HND_CLIENT_FINISHED, "Client Finished" }, + { SSL2_HND_SERVER_HELLO, "Server Hello" }, + { SSL2_HND_SERVER_VERIFY, "Server Verify" }, + { SSL2_HND_SERVER_FINISHED, "Server Finished" }, + { SSL2_HND_REQUEST_CERTIFICATE, "Request Certificate" }, + { SSL2_HND_CLIENT_CERTIFICATE, "Client Certificate" }, + { 0x00, NULL }, +}; + +const value_string ssl_20_cipher_suites[] = { + { 0x010080, "SSL2_RC4_128_WITH_MD5" }, + { 0x020080, "SSL2_RC4_128_EXPORT40_WITH_MD5" }, + { 0x030080, "SSL2_RC2_CBC_128_CBC_WITH_MD5" }, + { 0x040080, "SSL2_RC2_CBC_128_CBC_WITH_MD5" }, + { 0x050080, "SSL2_IDEA_128_CBC_WITH_MD5" }, + { 0x060040, "SSL2_DES_64_CBC_WITH_MD5" }, + { 0x0700c0, "SSL2_DES_192_EDE3_CBC_WITH_MD5" }, + { 0x080080, "SSL2_RC4_64_WITH_MD5" }, + { 0x000000, "TLS_NULL_WITH_NULL_NULL" }, + { 0x000001, "TLS_RSA_WITH_NULL_MD5" }, + { 0x000002, "TLS_RSA_WITH_NULL_SHA" }, + { 0x000003, "TLS_RSA_EXPORT_WITH_RC4_40_MD5" }, + { 0x000004, "TLS_RSA_WITH_RC4_128_MD5" }, + { 0x000005, "TLS_RSA_WITH_RC4_128_SHA" }, + { 0x000006, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5" }, + { 0x000007, "TLS_RSA_WITH_IDEA_CBC_SHA" }, + { 0x000008, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA" }, + { 0x000009, "TLS_RSA_WITH_DES_CBC_SHA" }, + { 0x00000a, "TLS_RSA_WITH_3DES_EDE_CBC_SHA" }, + { 0x00000b, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA" }, + { 0x00000c, "TLS_DH_DSS_WITH_DES_CBC_SHA" }, + { 0x00000d, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA" }, + { 0x00000e, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA" }, + { 0x00000f, "TLS_DH_RSA_WITH_DES_CBC_SHA" }, + { 0x000010, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA" }, + { 0x000011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA" }, + { 0x000012, "TLS_DHE_DSS_WITH_DES_CBC_SHA" }, + { 0x000013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA" }, + { 0x000014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA" }, + { 0x000015, "TLS_DHE_RSA_WITH_DES_CBC_SHA" }, + { 0x000016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA" }, + { 0x000017, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5" }, + { 0x000018, "TLS_DH_anon_WITH_RC4_128_MD5" }, + { 0x000019, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA" }, + { 0x00001a, "TLS_DH_anon_WITH_DES_CBC_SHA" }, + { 0x00001b, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA" }, + { 0x00001c, "SSL_FORTEZZA_KEA_WITH_NULL_SHA" }, + { 0x00001d, "SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA" }, + { 0x00001e, "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA" }, + { 0x00002f, "TLS_RSA_WITH_AES_128_CBC_SHA" }, + { 0x000030, "TLS_DH_DSS_WITH_AES_128_CBC_SHA" }, + { 0x000031, "TLS_DH_RSA_WITH_AES_128_CBC_SHA" }, + { 0x000032, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA" }, + { 0x000033, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" }, + { 0x000034, "TLS_DH_anon_WITH_AES_128_CBC_SHA" }, + { 0x000035, "TLS_RSA_WITH_AES_256_CBC_SHA" }, + { 0x000036, "TLS_DH_DSS_WITH_AES_256_CBC_SHA" }, + { 0x000037, "TLS_DH_RSA_WITH_AES_256_CBC_SHA" }, + { 0x000038, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA" }, + { 0x000039, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA" }, + { 0x00003A, "TLS_DH_anon_WITH_AES_256_CBC_SHA" }, + { 0x000041, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA" }, + { 0x000042, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA" }, + { 0x000043, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA" }, + { 0x000044, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA" }, + { 0x000045, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA" }, + { 0x000046, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA" }, + { 0x000047, "TLS_ECDH_ECDSA_WITH_NULL_SHA" }, + { 0x000048, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA" }, + { 0x000049, "TLS_ECDH_ECDSA_WITH_DES_CBC_SHA" }, + { 0x00004A, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA" }, + { 0x00004B, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA" }, + { 0x00004C, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA" }, + { 0x000060, "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5" }, + { 0x000061, "TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5" }, + { 0x000062, "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA" }, + { 0x000063, "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA" }, + { 0x000064, "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA" }, + { 0x000065, "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA" }, + { 0x000066, "TLS_DHE_DSS_WITH_RC4_128_SHA" }, + { 0x000084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA" }, + { 0x000085, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA" }, + { 0x000086, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA" }, + { 0x000087, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA" }, + { 0x000088, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA" }, + { 0x000089, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA" }, + /* these from http://www.mozilla.org/projects/ + security/pki/nss/ssl/fips-ssl-ciphersuites.html */ + { 0x00fefe, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"}, + { 0x00feff, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" }, + { 0x00ffe0, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" }, + { 0x00ffe1, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"}, + /* Microsoft's old PCT protocol. These are from Eric Rescorla's + book "SSL and TLS" */ + { 0x8f8001, "PCT_SSL_COMPAT | PCT_VERSION_1" }, + { 0x800003, "PCT_SSL_CERT_TYPE | PCT1_CERT_X509_CHAIN" }, + { 0x800001, "PCT_SSL_CERT_TYPE | PCT1_CERT_X509" }, + { 0x810001, "PCT_SSL_HASH_TYPE | PCT1_HASH_MD5" }, + { 0x810003, "PCT_SSL_HASH_TYPE | PCT1_HASH_SHA" }, + { 0x820001, "PCT_SSL_EXCH_TYPE | PCT1_EXCH_RSA_PKCS1" }, + { 0x830004, "PCT_SSL_CIPHER_TYPE_1ST_HALF | PCT1_CIPHER_RC4" }, + { 0x848040, "PCT_SSL_CIPHER_TYPE_2ND_HALF | PCT1_ENC_BITS_128 | PCT1_MAC_BITS_128" }, + { 0x842840, "PCT_SSL_CIPHER_TYPE_2ND_HALF | PCT1_ENC_BITS_40 | PCT1_MAC_BITS_128" }, + /* note that ciphersuites of {0x00????} are TLS cipher suites in + * a sslv2 client hello message; the ???? above is the two-byte + * tls cipher suite id + */ + { 0x00, NULL } +}; + +const value_string ssl_20_certificate_type[] = { + { 0x00, "N/A" }, + { 0x01, "X.509 Certificate" }, + { 0x00, NULL }, +}; + +const value_string ssl_31_content_type[] = { + { 20, "Change Cipher Spec" }, + { 21, "Alert" }, + { 22, "Handshake" }, + { 23, "Application Data" }, + { 0x00, NULL } +}; + +const value_string ssl_versions[] = { + { 0x0100, "DTLS 1.0" }, + { 0x0302, "TLS 1.1" }, + { 0x0301, "TLS 1.0" }, + { 0x0300, "SSL 3.0" }, + { 0x0002, "SSL 2.0" }, + { 0x00, NULL } +}; + +#if 0 +/* XXX - would be used if we dissected the body of a Change Cipher Spec + message. */ +const value_string ssl_31_change_cipher_spec[] = { + { 1, "Change Cipher Spec" }, + { 0x00, NULL }, +}; +#endif + +const value_string ssl_31_alert_level[] = { + { 1, "Warning" }, + { 2, "Fatal" }, + { 0x00, NULL } +}; + +const value_string ssl_31_alert_description[] = { + { 0, "Close Notify" }, + { 10, "Unexpected Message" }, + { 20, "Bad Record MAC" }, + { 21, "Decryption Failed" }, + { 22, "Record Overflow" }, + { 30, "Decompression Failure" }, + { 40, "Handshake Failure" }, + { 42, "Bad Certificate" }, + { 43, "Unsupported Certificate" }, + { 44, "Certificate Revoked" }, + { 45, "Certificate Expired" }, + { 46, "Certificate Unknown" }, + { 47, "Illegal Parameter" }, + { 48, "Unknown CA" }, + { 49, "Access Denied" }, + { 50, "Decode Error" }, + { 51, "Decrypt Error" }, + { 60, "Export Restriction" }, + { 70, "Protocol Version" }, + { 71, "Insufficient Security" }, + { 80, "Internal Error" }, + { 90, "User Canceled" }, + { 100, "No Renegotiation" }, + { 0x00, NULL } +}; + +const value_string ssl_31_handshake_type[] = { + { SSL_HND_HELLO_REQUEST, "Hello Request" }, + { SSL_HND_CLIENT_HELLO, "Client Hello" }, + { SSL_HND_SERVER_HELLO, "Server Hello" }, + { SSL_HND_HELLO_VERIFY_REQUEST, "Hello Verify Request"}, + { SSL_HND_CERTIFICATE, "Certificate" }, + { SSL_HND_SERVER_KEY_EXCHG, "Server Key Exchange" }, + { SSL_HND_CERT_REQUEST, "Certificate Request" }, + { SSL_HND_SVR_HELLO_DONE, "Server Hello Done" }, + { SSL_HND_CERT_VERIFY, "Certificate Verify" }, + { SSL_HND_CLIENT_KEY_EXCHG, "Client Key Exchange" }, + { SSL_HND_FINISHED, "Finished" }, + { 0x00, NULL } +}; + +const value_string ssl_31_compression_method[] = { + { 0, "null" }, + { 1, "DEFLATE" }, + { 64, "LZS" }, + { 0x00, NULL } +}; + +#if 0 +/* XXX - would be used if we dissected a Signature, as would be + seen in a server key exchange or certificate verify message. */ +const value_string ssl_31_key_exchange_algorithm[] = { + { 0, "RSA" }, + { 1, "Diffie Hellman" }, + { 0x00, NULL } +}; + +const value_string ssl_31_signature_algorithm[] = { + { 0, "Anonymous" }, + { 1, "RSA" }, + { 2, "DSA" }, + { 0x00, NULL } +}; +#endif + +const value_string ssl_31_client_certificate_type[] = { + { 1, "RSA Sign" }, + { 2, "DSS Sign" }, + { 3, "RSA Fixed DH" }, + { 4, "DSS Fixed DH" }, + { 0x00, NULL } +}; + +#if 0 +/* XXX - would be used if we dissected exchange keys, as would be + seen in a client key exchange message. */ +const value_string ssl_31_public_value_encoding[] = { + { 0, "Implicit" }, + { 1, "Explicit" }, + { 0x00, NULL } +}; +#endif + +const value_string ssl_31_ciphersuite[] = { + { 0x0000, "TLS_NULL_WITH_NULL_NULL" }, + { 0x0001, "TLS_RSA_WITH_NULL_MD5" }, + { 0x0002, "TLS_RSA_WITH_NULL_SHA" }, + { 0x0003, "TLS_RSA_EXPORT_WITH_RC4_40_MD5" }, + { 0x0004, "TLS_RSA_WITH_RC4_128_MD5" }, + { 0x0005, "TLS_RSA_WITH_RC4_128_SHA" }, + { 0x0006, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5" }, + { 0x0007, "TLS_RSA_WITH_IDEA_CBC_SHA" }, + { 0x0008, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA" }, + { 0x0009, "TLS_RSA_WITH_DES_CBC_SHA" }, + { 0x000a, "TLS_RSA_WITH_3DES_EDE_CBC_SHA" }, + { 0x000b, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA" }, + { 0x000c, "TLS_DH_DSS_WITH_DES_CBC_SHA" }, + { 0x000d, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA" }, + { 0x000e, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA" }, + { 0x000f, "TLS_DH_RSA_WITH_DES_CBC_SHA" }, + { 0x0010, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA" }, + { 0x0011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA" }, + { 0x0012, "TLS_DHE_DSS_WITH_DES_CBC_SHA" }, + { 0x0013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA" }, + { 0x0014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA" }, + { 0x0015, "TLS_DHE_RSA_WITH_DES_CBC_SHA" }, + { 0x0016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA" }, + { 0x0017, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5" }, + { 0x0018, "TLS_DH_anon_WITH_RC4_128_MD5" }, + { 0x0019, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA" }, + { 0x001a, "TLS_DH_anon_WITH_DES_CBC_SHA" }, + { 0x001b, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA" }, + { 0x001c, "SSL_FORTEZZA_KEA_WITH_NULL_SHA" }, + { 0x001d, "SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA" }, + { 0x001e, "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA" }, + { 0x002f, "TLS_RSA_WITH_AES_128_CBC_SHA" }, + { 0x0030, "TLS_DH_DSS_WITH_AES_128_CBC_SHA" }, + { 0x0031, "TLS_DH_RSA_WITH_AES_128_CBC_SHA" }, + { 0x0032, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA" }, + { 0x0033, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" }, + { 0x0034, "TLS_DH_anon_WITH_AES_128_CBC_SHA" }, + { 0x0035, "TLS_RSA_WITH_AES_256_CBC_SHA" }, + { 0x0036, "TLS_DH_DSS_WITH_AES_256_CBC_SHA" }, + { 0x0037, "TLS_DH_RSA_WITH_AES_256_CBC_SHA" }, + { 0x0038, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA" }, + { 0x0039, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA" }, + { 0x003A, "TLS_DH_anon_WITH_AES_256_CBC_SHA" }, + { 0x0041, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA" }, + { 0x0042, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA" }, + { 0x0043, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA" }, + { 0x0044, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA" }, + { 0x0045, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA" }, + { 0x0046, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA" }, + { 0x0047, "TLS_ECDH_ECDSA_WITH_NULL_SHA" }, + { 0x0048, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA" }, + { 0x0049, "TLS_ECDH_ECDSA_WITH_DES_CBC_SHA" }, + { 0x004A, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA" }, + { 0x004B, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA" }, + { 0x004C, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA" }, + { 0x0060, "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5" }, + { 0x0061, "TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5" }, + { 0x0062, "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA" }, + { 0x0063, "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA" }, + { 0x0064, "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA" }, + { 0x0065, "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA" }, + { 0x0066, "TLS_DHE_DSS_WITH_RC4_128_SHA" }, + { 0x0084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA" }, + { 0x0085, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA" }, + { 0x0086, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA" }, + { 0x0087, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA" }, + { 0x0088, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA" }, + { 0x0089, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA" }, + /* these from http://www.mozilla.org/projects/ + security/pki/nss/ssl/fips-ssl-ciphersuites.html */ + { 0xfefe, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"}, + { 0xfeff, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" }, + { 0xffe0, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" }, + { 0xffe1, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"}, + /* note that ciphersuites 0xff00 - 0xffff are private */ + { 0x00, NULL } +}; + +const value_string pct_msg_types[] = { + { PCT_MSG_CLIENT_HELLO, "Client Hello" }, + { PCT_MSG_SERVER_HELLO, "Server Hello" }, + { PCT_MSG_CLIENT_MASTER_KEY, "Client Master Key" }, + { PCT_MSG_SERVER_VERIFY, "Server Verify" }, + { PCT_MSG_ERROR, "Error" }, + { 0x00, NULL }, +}; + +const value_string pct_cipher_type[] = { + { PCT_CIPHER_DES, "DES" }, + { PCT_CIPHER_IDEA, "IDEA" }, + { PCT_CIPHER_RC2, "RC2" }, + { PCT_CIPHER_RC4, "RC4" }, + { PCT_CIPHER_DES_112, "DES 112 bit" }, + { PCT_CIPHER_DES_168, "DES 168 bit" }, + { 0x00, NULL }, +}; + +const value_string pct_hash_type[] = { + { PCT_HASH_MD5, "MD5" }, + { PCT_HASH_MD5_TRUNC_64, "MD5_TRUNC_64"}, + { PCT_HASH_SHA, "SHA"}, + { PCT_HASH_SHA_TRUNC_80, "SHA_TRUNC_80"}, + { PCT_HASH_DES_DM, "DES_DM"}, + { 0x00, NULL }, +}; + +const value_string pct_cert_type[] = { + { PCT_CERT_NONE, "None" }, + { PCT_CERT_X509, "X.509" }, + { PCT_CERT_PKCS7, "PKCS #7" }, + { 0x00, NULL }, +}; +const value_string pct_sig_type[] = { + { PCT_SIG_NONE, "None" }, + { PCT_SIG_RSA_MD5, "MD5" }, + { PCT_SIG_RSA_SHA, "RSA SHA" }, + { PCT_SIG_DSA_SHA, "DSA SHA" }, + { 0x00, NULL }, +}; + +const value_string pct_exch_type[] = { + { PCT_EXCH_RSA_PKCS1, "RSA PKCS#1" }, + { PCT_EXCH_RSA_PKCS1_TOKEN_DES, "RSA PKCS#1 Token DES" }, + { PCT_EXCH_RSA_PKCS1_TOKEN_DES3, "RSA PKCS#1 Token 3DES" }, + { PCT_EXCH_RSA_PKCS1_TOKEN_RC2, "RSA PKCS#1 Token RC-2" }, + { PCT_EXCH_RSA_PKCS1_TOKEN_RC4, "RSA PKCS#1 Token RC-4" }, + { PCT_EXCH_DH_PKCS3, "DH PKCS#3" }, + { PCT_EXCH_DH_PKCS3_TOKEN_DES, "DH PKCS#3 Token DES" }, + { PCT_EXCH_DH_PKCS3_TOKEN_DES3, "DH PKCS#3 Token 3DES" }, + { PCT_EXCH_FORTEZZA_TOKEN, "Fortezza" }, + { 0x00, NULL }, +}; + +const value_string pct_error_code[] = { + { PCT_ERR_BAD_CERTIFICATE, "PCT_ERR_BAD_CERTIFICATE" }, + { PCT_ERR_CLIENT_AUTH_FAILED, "PCT_ERR_CLIENT_AUTH_FAILE" }, + { PCT_ERR_ILLEGAL_MESSAGE, "PCT_ERR_ILLEGAL_MESSAGE" }, + { PCT_ERR_INTEGRITY_CHECK_FAILED, "PCT_ERR_INTEGRITY_CHECK_FAILED" }, + { PCT_ERR_SERVER_AUTH_FAILED, "PCT_ERR_SERVER_AUTH_FAILED" }, + { PCT_ERR_SPECS_MISMATCH, "PCT_ERR_SPECS_MISMATCH" }, + { 0x00, NULL }, +}; + +/* RFC 3546 */ +const value_string tls_hello_extension_types[] = { + { 0, "server_name" }, + { 1, "max_fragment_length" }, + { 2, "client_certificate_url" }, + { 3, "trusted_ca_keys" }, + { 4, "truncated_hmac" }, + { 5, "status_request" }, + { 35, "EAP-FAST PAC-Opaque" /* draft-cam-winget-eap-fast-00.txt */ }, + { 0, NULL } +}; + + /* we keep this internal to packet-ssl-utils, as there should be no need to access it any other way. diff --git a/epan/dissectors/packet-ssl-utils.h b/epan/dissectors/packet-ssl-utils.h index da36dbd3cf..361ffa3ce2 100644 --- a/epan/dissectors/packet-ssl-utils.h +++ b/epan/dissectors/packet-ssl-utils.h @@ -151,397 +151,29 @@ * Lookup tables * */ -static const value_string ssl_20_msg_types[] _U_ = { - { SSL2_HND_ERROR, "Error" }, - { SSL2_HND_CLIENT_HELLO, "Client Hello" }, - { SSL2_HND_CLIENT_MASTER_KEY, "Client Master Key" }, - { SSL2_HND_CLIENT_FINISHED, "Client Finished" }, - { SSL2_HND_SERVER_HELLO, "Server Hello" }, - { SSL2_HND_SERVER_VERIFY, "Server Verify" }, - { SSL2_HND_SERVER_FINISHED, "Server Finished" }, - { SSL2_HND_REQUEST_CERTIFICATE, "Request Certificate" }, - { SSL2_HND_CLIENT_CERTIFICATE, "Client Certificate" }, - { 0x00, NULL }, -}; - -static const value_string ssl_20_cipher_suites[] _U_ = { - { 0x010080, "SSL2_RC4_128_WITH_MD5" }, - { 0x020080, "SSL2_RC4_128_EXPORT40_WITH_MD5" }, - { 0x030080, "SSL2_RC2_CBC_128_CBC_WITH_MD5" }, - { 0x040080, "SSL2_RC2_CBC_128_CBC_WITH_MD5" }, - { 0x050080, "SSL2_IDEA_128_CBC_WITH_MD5" }, - { 0x060040, "SSL2_DES_64_CBC_WITH_MD5" }, - { 0x0700c0, "SSL2_DES_192_EDE3_CBC_WITH_MD5" }, - { 0x080080, "SSL2_RC4_64_WITH_MD5" }, - { 0x000000, "TLS_NULL_WITH_NULL_NULL" }, - { 0x000001, "TLS_RSA_WITH_NULL_MD5" }, - { 0x000002, "TLS_RSA_WITH_NULL_SHA" }, - { 0x000003, "TLS_RSA_EXPORT_WITH_RC4_40_MD5" }, - { 0x000004, "TLS_RSA_WITH_RC4_128_MD5" }, - { 0x000005, "TLS_RSA_WITH_RC4_128_SHA" }, - { 0x000006, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5" }, - { 0x000007, "TLS_RSA_WITH_IDEA_CBC_SHA" }, - { 0x000008, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA" }, - { 0x000009, "TLS_RSA_WITH_DES_CBC_SHA" }, - { 0x00000a, "TLS_RSA_WITH_3DES_EDE_CBC_SHA" }, - { 0x00000b, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA" }, - { 0x00000c, "TLS_DH_DSS_WITH_DES_CBC_SHA" }, - { 0x00000d, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA" }, - { 0x00000e, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA" }, - { 0x00000f, "TLS_DH_RSA_WITH_DES_CBC_SHA" }, - { 0x000010, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA" }, - { 0x000011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA" }, - { 0x000012, "TLS_DHE_DSS_WITH_DES_CBC_SHA" }, - { 0x000013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA" }, - { 0x000014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA" }, - { 0x000015, "TLS_DHE_RSA_WITH_DES_CBC_SHA" }, - { 0x000016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA" }, - { 0x000017, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5" }, - { 0x000018, "TLS_DH_anon_WITH_RC4_128_MD5" }, - { 0x000019, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA" }, - { 0x00001a, "TLS_DH_anon_WITH_DES_CBC_SHA" }, - { 0x00001b, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA" }, - { 0x00001c, "SSL_FORTEZZA_KEA_WITH_NULL_SHA" }, - { 0x00001d, "SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA" }, - { 0x00001e, "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA" }, - { 0x00002f, "TLS_RSA_WITH_AES_128_CBC_SHA" }, - { 0x000030, "TLS_DH_DSS_WITH_AES_128_CBC_SHA" }, - { 0x000031, "TLS_DH_RSA_WITH_AES_128_CBC_SHA" }, - { 0x000032, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA" }, - { 0x000033, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" }, - { 0x000034, "TLS_DH_anon_WITH_AES_128_CBC_SHA" }, - { 0x000035, "TLS_RSA_WITH_AES_256_CBC_SHA" }, - { 0x000036, "TLS_DH_DSS_WITH_AES_256_CBC_SHA" }, - { 0x000037, "TLS_DH_RSA_WITH_AES_256_CBC_SHA" }, - { 0x000038, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA" }, - { 0x000039, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA" }, - { 0x00003A, "TLS_DH_anon_WITH_AES_256_CBC_SHA" }, - { 0x000041, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA" }, - { 0x000042, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA" }, - { 0x000043, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA" }, - { 0x000044, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA" }, - { 0x000045, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA" }, - { 0x000046, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA" }, - { 0x000047, "TLS_ECDH_ECDSA_WITH_NULL_SHA" }, - { 0x000048, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA" }, - { 0x000049, "TLS_ECDH_ECDSA_WITH_DES_CBC_SHA" }, - { 0x00004A, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA" }, - { 0x00004B, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA" }, - { 0x00004C, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA" }, - { 0x000060, "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5" }, - { 0x000061, "TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5" }, - { 0x000062, "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA" }, - { 0x000063, "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA" }, - { 0x000064, "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA" }, - { 0x000065, "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA" }, - { 0x000066, "TLS_DHE_DSS_WITH_RC4_128_SHA" }, - { 0x000084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA" }, - { 0x000085, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA" }, - { 0x000086, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA" }, - { 0x000087, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA" }, - { 0x000088, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA" }, - { 0x000089, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA" }, - /* these from http://www.mozilla.org/projects/ - security/pki/nss/ssl/fips-ssl-ciphersuites.html */ - { 0x00fefe, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"}, - { 0x00feff, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" }, - { 0x00ffe0, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" }, - { 0x00ffe1, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"}, - /* Microsoft's old PCT protocol. These are from Eric Rescorla's - book "SSL and TLS" */ - { 0x8f8001, "PCT_SSL_COMPAT | PCT_VERSION_1" }, - { 0x800003, "PCT_SSL_CERT_TYPE | PCT1_CERT_X509_CHAIN" }, - { 0x800001, "PCT_SSL_CERT_TYPE | PCT1_CERT_X509" }, - { 0x810001, "PCT_SSL_HASH_TYPE | PCT1_HASH_MD5" }, - { 0x810003, "PCT_SSL_HASH_TYPE | PCT1_HASH_SHA" }, - { 0x820001, "PCT_SSL_EXCH_TYPE | PCT1_EXCH_RSA_PKCS1" }, - { 0x830004, "PCT_SSL_CIPHER_TYPE_1ST_HALF | PCT1_CIPHER_RC4" }, - { 0x848040, "PCT_SSL_CIPHER_TYPE_2ND_HALF | PCT1_ENC_BITS_128 | PCT1_MAC_BITS_128" }, - { 0x842840, "PCT_SSL_CIPHER_TYPE_2ND_HALF | PCT1_ENC_BITS_40 | PCT1_MAC_BITS_128" }, - /* note that ciphersuites of {0x00????} are TLS cipher suites in - * a sslv2 client hello message; the ???? above is the two-byte - * tls cipher suite id - */ - { 0x00, NULL } -}; - -static const value_string ssl_20_certificate_type[] _U_ = { - { 0x00, "N/A" }, - { 0x01, "X.509 Certificate" }, - { 0x00, NULL }, -}; - -static const value_string ssl_31_content_type[] _U_ = { - { 20, "Change Cipher Spec" }, - { 21, "Alert" }, - { 22, "Handshake" }, - { 23, "Application Data" }, - { 0x00, NULL } -}; - -static const value_string ssl_versions[] _U_ = { - { 0x0100, "DTLS 1.0" }, - { 0x0302, "TLS 1.1" }, - { 0x0301, "TLS 1.0" }, - { 0x0300, "SSL 3.0" }, - { 0x0002, "SSL 2.0" }, - { 0x00, NULL } -}; - -#if 0 -/* XXX - would be used if we dissected the body of a Change Cipher Spec - message. */ -static const value_string ssl_31_change_cipher_spec[] = { - { 1, "Change Cipher Spec" }, - { 0x00, NULL }, -}; -#endif - -static const value_string ssl_31_alert_level[] _U_ = { - { 1, "Warning" }, - { 2, "Fatal" }, - { 0x00, NULL } -}; - -static const value_string ssl_31_alert_description[] _U_ = { - { 0, "Close Notify" }, - { 10, "Unexpected Message" }, - { 20, "Bad Record MAC" }, - { 21, "Decryption Failed" }, - { 22, "Record Overflow" }, - { 30, "Decompression Failure" }, - { 40, "Handshake Failure" }, - { 42, "Bad Certificate" }, - { 43, "Unsupported Certificate" }, - { 44, "Certificate Revoked" }, - { 45, "Certificate Expired" }, - { 46, "Certificate Unknown" }, - { 47, "Illegal Parameter" }, - { 48, "Unknown CA" }, - { 49, "Access Denied" }, - { 50, "Decode Error" }, - { 51, "Decrypt Error" }, - { 60, "Export Restriction" }, - { 70, "Protocol Version" }, - { 71, "Insufficient Security" }, - { 80, "Internal Error" }, - { 90, "User Canceled" }, - { 100, "No Renegotiation" }, - { 0x00, NULL } -}; - -static const value_string ssl_31_handshake_type[] _U_ = { - { SSL_HND_HELLO_REQUEST, "Hello Request" }, - { SSL_HND_CLIENT_HELLO, "Client Hello" }, - { SSL_HND_SERVER_HELLO, "Server Hello" }, - { SSL_HND_HELLO_VERIFY_REQUEST, "Hello Verify Request"}, - { SSL_HND_CERTIFICATE, "Certificate" }, - { SSL_HND_SERVER_KEY_EXCHG, "Server Key Exchange" }, - { SSL_HND_CERT_REQUEST, "Certificate Request" }, - { SSL_HND_SVR_HELLO_DONE, "Server Hello Done" }, - { SSL_HND_CERT_VERIFY, "Certificate Verify" }, - { SSL_HND_CLIENT_KEY_EXCHG, "Client Key Exchange" }, - { SSL_HND_FINISHED, "Finished" }, - { 0x00, NULL } -}; - -static const value_string ssl_31_compression_method[] _U_ = { - { 0, "null" }, - { 1, "DEFLATE" }, - { 64, "LZS" }, - { 0x00, NULL } -}; - -#if 0 -/* XXX - would be used if we dissected a Signature, as would be - seen in a server key exchange or certificate verify message. */ -static const value_string ssl_31_key_exchange_algorithm[] = { - { 0, "RSA" }, - { 1, "Diffie Hellman" }, - { 0x00, NULL } -}; - -static const value_string ssl_31_signature_algorithm[] = { - { 0, "Anonymous" }, - { 1, "RSA" }, - { 2, "DSA" }, - { 0x00, NULL } -}; -#endif - -static const value_string ssl_31_client_certificate_type[] _U_ = { - { 1, "RSA Sign" }, - { 2, "DSS Sign" }, - { 3, "RSA Fixed DH" }, - { 4, "DSS Fixed DH" }, - { 0x00, NULL } -}; - -#if 0 -/* XXX - would be used if we dissected exchange keys, as would be - seen in a client key exchange message. */ -static const value_string ssl_31_public_value_encoding[] = { - { 0, "Implicit" }, - { 1, "Explicit" }, - { 0x00, NULL } -}; -#endif - -static const value_string ssl_31_ciphersuite[] _U_ = { - { 0x0000, "TLS_NULL_WITH_NULL_NULL" }, - { 0x0001, "TLS_RSA_WITH_NULL_MD5" }, - { 0x0002, "TLS_RSA_WITH_NULL_SHA" }, - { 0x0003, "TLS_RSA_EXPORT_WITH_RC4_40_MD5" }, - { 0x0004, "TLS_RSA_WITH_RC4_128_MD5" }, - { 0x0005, "TLS_RSA_WITH_RC4_128_SHA" }, - { 0x0006, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5" }, - { 0x0007, "TLS_RSA_WITH_IDEA_CBC_SHA" }, - { 0x0008, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA" }, - { 0x0009, "TLS_RSA_WITH_DES_CBC_SHA" }, - { 0x000a, "TLS_RSA_WITH_3DES_EDE_CBC_SHA" }, - { 0x000b, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA" }, - { 0x000c, "TLS_DH_DSS_WITH_DES_CBC_SHA" }, - { 0x000d, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA" }, - { 0x000e, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA" }, - { 0x000f, "TLS_DH_RSA_WITH_DES_CBC_SHA" }, - { 0x0010, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA" }, - { 0x0011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA" }, - { 0x0012, "TLS_DHE_DSS_WITH_DES_CBC_SHA" }, - { 0x0013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA" }, - { 0x0014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA" }, - { 0x0015, "TLS_DHE_RSA_WITH_DES_CBC_SHA" }, - { 0x0016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA" }, - { 0x0017, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5" }, - { 0x0018, "TLS_DH_anon_WITH_RC4_128_MD5" }, - { 0x0019, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA" }, - { 0x001a, "TLS_DH_anon_WITH_DES_CBC_SHA" }, - { 0x001b, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA" }, - { 0x001c, "SSL_FORTEZZA_KEA_WITH_NULL_SHA" }, - { 0x001d, "SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA" }, - { 0x001e, "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA" }, - { 0x002f, "TLS_RSA_WITH_AES_128_CBC_SHA" }, - { 0x0030, "TLS_DH_DSS_WITH_AES_128_CBC_SHA" }, - { 0x0031, "TLS_DH_RSA_WITH_AES_128_CBC_SHA" }, - { 0x0032, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA" }, - { 0x0033, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" }, - { 0x0034, "TLS_DH_anon_WITH_AES_128_CBC_SHA" }, - { 0x0035, "TLS_RSA_WITH_AES_256_CBC_SHA" }, - { 0x0036, "TLS_DH_DSS_WITH_AES_256_CBC_SHA" }, - { 0x0037, "TLS_DH_RSA_WITH_AES_256_CBC_SHA" }, - { 0x0038, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA" }, - { 0x0039, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA" }, - { 0x003A, "TLS_DH_anon_WITH_AES_256_CBC_SHA" }, - { 0x0041, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA" }, - { 0x0042, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA" }, - { 0x0043, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA" }, - { 0x0044, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA" }, - { 0x0045, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA" }, - { 0x0046, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA" }, - { 0x0047, "TLS_ECDH_ECDSA_WITH_NULL_SHA" }, - { 0x0048, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA" }, - { 0x0049, "TLS_ECDH_ECDSA_WITH_DES_CBC_SHA" }, - { 0x004A, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA" }, - { 0x004B, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA" }, - { 0x004C, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA" }, - { 0x0060, "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5" }, - { 0x0061, "TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5" }, - { 0x0062, "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA" }, - { 0x0063, "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA" }, - { 0x0064, "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA" }, - { 0x0065, "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA" }, - { 0x0066, "TLS_DHE_DSS_WITH_RC4_128_SHA" }, - { 0x0084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA" }, - { 0x0085, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA" }, - { 0x0086, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA" }, - { 0x0087, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA" }, - { 0x0088, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA" }, - { 0x0089, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA" }, - /* these from http://www.mozilla.org/projects/ - security/pki/nss/ssl/fips-ssl-ciphersuites.html */ - { 0xfefe, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"}, - { 0xfeff, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" }, - { 0xffe0, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" }, - { 0xffe1, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"}, - /* note that ciphersuites 0xff00 - 0xffff are private */ - { 0x00, NULL } -}; - -static const value_string pct_msg_types[] _U_ = { - { PCT_MSG_CLIENT_HELLO, "Client Hello" }, - { PCT_MSG_SERVER_HELLO, "Server Hello" }, - { PCT_MSG_CLIENT_MASTER_KEY, "Client Master Key" }, - { PCT_MSG_SERVER_VERIFY, "Server Verify" }, - { PCT_MSG_ERROR, "Error" }, - { 0x00, NULL }, -}; - -static const value_string pct_cipher_type[] _U_ = { - { PCT_CIPHER_DES, "DES" }, - { PCT_CIPHER_IDEA, "IDEA" }, - { PCT_CIPHER_RC2, "RC2" }, - { PCT_CIPHER_RC4, "RC4" }, - { PCT_CIPHER_DES_112, "DES 112 bit" }, - { PCT_CIPHER_DES_168, "DES 168 bit" }, - { 0x00, NULL }, -}; - -static const value_string pct_hash_type[] _U_ = { - { PCT_HASH_MD5, "MD5" }, - { PCT_HASH_MD5_TRUNC_64, "MD5_TRUNC_64"}, - { PCT_HASH_SHA, "SHA"}, - { PCT_HASH_SHA_TRUNC_80, "SHA_TRUNC_80"}, - { PCT_HASH_DES_DM, "DES_DM"}, - { 0x00, NULL }, -}; - -static const value_string pct_cert_type[] _U_ = { - { PCT_CERT_NONE, "None" }, - { PCT_CERT_X509, "X.509" }, - { PCT_CERT_PKCS7, "PKCS #7" }, - { 0x00, NULL }, -}; -static const value_string pct_sig_type[] _U_ = { - { PCT_SIG_NONE, "None" }, - { PCT_SIG_RSA_MD5, "MD5" }, - { PCT_SIG_RSA_SHA, "RSA SHA" }, - { PCT_SIG_DSA_SHA, "DSA SHA" }, - { 0x00, NULL }, -}; - -static const value_string pct_exch_type[] _U_ = { - { PCT_EXCH_RSA_PKCS1, "RSA PKCS#1" }, - { PCT_EXCH_RSA_PKCS1_TOKEN_DES, "RSA PKCS#1 Token DES" }, - { PCT_EXCH_RSA_PKCS1_TOKEN_DES3, "RSA PKCS#1 Token 3DES" }, - { PCT_EXCH_RSA_PKCS1_TOKEN_RC2, "RSA PKCS#1 Token RC-2" }, - { PCT_EXCH_RSA_PKCS1_TOKEN_RC4, "RSA PKCS#1 Token RC-4" }, - { PCT_EXCH_DH_PKCS3, "DH PKCS#3" }, - { PCT_EXCH_DH_PKCS3_TOKEN_DES, "DH PKCS#3 Token DES" }, - { PCT_EXCH_DH_PKCS3_TOKEN_DES3, "DH PKCS#3 Token 3DES" }, - { PCT_EXCH_FORTEZZA_TOKEN, "Fortezza" }, - { 0x00, NULL }, -}; - -static const value_string pct_error_code[] _U_ = { - { PCT_ERR_BAD_CERTIFICATE, "PCT_ERR_BAD_CERTIFICATE" }, - { PCT_ERR_CLIENT_AUTH_FAILED, "PCT_ERR_CLIENT_AUTH_FAILE" }, - { PCT_ERR_ILLEGAL_MESSAGE, "PCT_ERR_ILLEGAL_MESSAGE" }, - { PCT_ERR_INTEGRITY_CHECK_FAILED, "PCT_ERR_INTEGRITY_CHECK_FAILED" }, - { PCT_ERR_SERVER_AUTH_FAILED, "PCT_ERR_SERVER_AUTH_FAILED" }, - { PCT_ERR_SPECS_MISMATCH, "PCT_ERR_SPECS_MISMATCH" }, - { 0x00, NULL }, -}; - -/* RFC 3546 */ -static const value_string tls_hello_extension_types[] _U_ = { - { 0, "server_name" }, - { 1, "max_fragment_length" }, - { 2, "client_certificate_url" }, - { 3, "trusted_ca_keys" }, - { 4, "truncated_hmac" }, - { 5, "status_request" }, - { 35, "EAP-FAST PAC-Opaque" /* draft-cam-winget-eap-fast-00.txt */ }, - { 0, NULL } -}; +extern const value_string ssl_20_msg_types[]; +extern const value_string ssl_20_cipher_suites[]; +extern const value_string ssl_20_certificate_type[]; +extern const value_string ssl_31_content_type[]; +extern const value_string ssl_versions[]; +extern const value_string ssl_31_change_cipher_spec[]; +extern const value_string ssl_31_alert_level[]; +extern const value_string ssl_31_alert_description[]; +extern const value_string ssl_31_handshake_type[]; +extern const value_string ssl_31_compression_method[]; +extern const value_string ssl_31_key_exchange_algorithm[]; +extern const value_string ssl_31_signature_algorithm[]; +extern const value_string ssl_31_client_certificate_type[]; +extern const value_string ssl_31_public_value_encoding[]; +extern const value_string ssl_31_ciphersuite[]; +extern const value_string pct_msg_types[]; +extern const value_string pct_cipher_type[]; +extern const value_string pct_hash_type[]; +extern const value_string pct_cert_type[]; +extern const value_string pct_sig_type[]; +extern const value_string pct_exch_type[]; +extern const value_string pct_error_code[]; +extern const value_string tls_hello_extension_types[]; typedef struct _StringInfo { guchar* data; |