114 {
"CERTIFICATE_INVALID_ALGORITHMIDENTIFIER",
149 #define SSL_CONFIG_DEFAULT_JA3 0
150 #define SSL_CONFIG_DEFAULT_JA4 0
171 #define SSLV3_CHANGE_CIPHER_SPEC 20
172 #define SSLV3_ALERT_PROTOCOL 21
173 #define SSLV3_HANDSHAKE_PROTOCOL 22
174 #define SSLV3_APPLICATION_PROTOCOL 23
175 #define SSLV3_HEARTBEAT_PROTOCOL 24
178 #define SSLV3_HS_HELLO_REQUEST 0
179 #define SSLV3_HS_CLIENT_HELLO 1
180 #define SSLV3_HS_SERVER_HELLO 2
181 #define SSLV3_HS_NEW_SESSION_TICKET 4
182 #define SSLV3_HS_CERTIFICATE 11
183 #define SSLV3_HS_SERVER_KEY_EXCHANGE 12
184 #define SSLV3_HS_CERTIFICATE_REQUEST 13
185 #define SSLV3_HS_SERVER_HELLO_DONE 14
186 #define SSLV3_HS_CERTIFICATE_VERIFY 15
187 #define SSLV3_HS_CLIENT_KEY_EXCHANGE 16
188 #define SSLV3_HS_FINISHED 20
189 #define SSLV3_HS_CERTIFICATE_URL 21
190 #define SSLV3_HS_CERTIFICATE_STATUS 22
193 #define SSLV2_MT_ERROR 0
194 #define SSLV2_MT_CLIENT_HELLO 1
195 #define SSLV2_MT_CLIENT_MASTER_KEY 2
196 #define SSLV2_MT_CLIENT_FINISHED 3
197 #define SSLV2_MT_SERVER_HELLO 4
198 #define SSLV2_MT_SERVER_VERIFY 5
199 #define SSLV2_MT_SERVER_FINISHED 6
200 #define SSLV2_MT_REQUEST_CERTIFICATE 7
201 #define SSLV2_MT_CLIENT_CERTIFICATE 8
203 #define SSLV3_RECORD_HDR_LEN 5
205 #define SSLV3_RECORD_MAX_LEN ((1 << 14) + 1024)
207 #define SSLV3_CLIENT_HELLO_VERSION_LEN 2
208 #define SSLV3_CLIENT_HELLO_RANDOM_LEN 32
211 #define TLS_HB_REQUEST 1
212 #define TLS_HB_RESPONSE 2
214 #define SSL_RECORD_MINIMUM_LENGTH 6
216 #define SHA1_STRING_LENGTH 60
218 #define HAS_SPACE(n) ((uint64_t)(input - initial_input) + (uint64_t)(n) <= (uint64_t)(input_len))
224 #define SSL_DECODER_ERROR(e) \
225 (struct SSLDecoderResult) \
229 #define SSL_DECODER_OK(c) \
230 (struct SSLDecoderResult) \
234 #define SSL_DECODER_INCOMPLETE(c, n) \
235 (struct SSLDecoderResult) \
240 static inline int SafeMemcpy(
void *
dst,
size_t dst_offset,
size_t dst_size,
241 const void *
src,
size_t src_offset,
size_t src_size,
size_t src_tocopy)
WARN_UNUSED;
243 static inline int SafeMemcpy(
void *
dst,
size_t dst_offset,
size_t dst_size,
244 const void *
src,
size_t src_offset,
size_t src_size,
size_t src_tocopy)
251 if (dst_offset < dst_size && src_offset < src_size &&
252 src_tocopy <= (src_size - src_offset) &&
253 src_tocopy <= (dst_size - dst_offset)) {
254 memcpy(
dst + dst_offset,
src + src_offset, src_tocopy);
260 #ifdef DEBUG_VALIDATION
261 #define ValidateRecordState(connp) \
263 DEBUG_VALIDATE_BUG_ON(((connp)->record_length + SSLV3_RECORD_HDR_LEN) < \
264 (connp)->bytes_processed); \
267 #define ValidateRecordState(...)
270 #define SSLParserHSReset(connp) \
272 (connp)->handshake_type = 0; \
273 (connp)->message_length = 0; \
276 #define SSLParserReset(state) \
278 SCLogDebug("resetting state"); \
279 (state)->curr_connp->bytes_processed = 0; \
280 SSLParserHSReset((state)->curr_connp); \
283 #define SSLSetEvent(ssl_state, event) \
285 SCLogDebug("setting event %u", (event)); \
286 if ((ssl_state) == NULL) { \
287 SCLogDebug("could not set decoder event %u", event); \
289 AppLayerDecoderEventsSetEventRaw(&(ssl_state)->tx_data.events, (event)); \
290 (ssl_state)->events++; \
296 static void *SSLGetTx(
void *state, uint64_t tx_id)
302 static uint64_t SSLGetTxCnt(
void *state)
308 static int SSLGetAlstateProgress(
void *tx, uint8_t direction)
324 if (direction == STREAM_TOSERVER &&
340 static AppLayerStateData *SSLGetStateData(
void *vstate)
352 strlcat(buffer,
"UNDETERMINED", 13);
373 strlcat(buffer,
"TLS 1.3 draft-28", 17);
376 strlcat(buffer,
"TLS 1.3 draft-27", 17);
379 strlcat(buffer,
"TLS 1.3 draft-26", 17);
382 strlcat(buffer,
"TLS 1.3 draft-25", 17);
385 strlcat(buffer,
"TLS 1.3 draft-24", 17);
388 strlcat(buffer,
"TLS 1.3 draft-23", 17);
391 strlcat(buffer,
"TLS 1.3 draft-22", 17);
394 strlcat(buffer,
"TLS 1.3 draft-21", 17);
397 strlcat(buffer,
"TLS 1.3 draft-20", 17);
400 strlcat(buffer,
"TLS 1.3 draft-19", 17);
403 strlcat(buffer,
"TLS 1.3 draft-18", 17);
406 strlcat(buffer,
"TLS 1.3 draft-17", 17);
409 strlcat(buffer,
"TLS 1.3 draft-16", 17);
412 strlcat(buffer,
"TLS 1.3 draft-<16", 18);
415 strlcat(buffer,
"TLS 1.3 draft-20-fb", 20);
418 strlcat(buffer,
"TLS 1.3 draft-21-fb", 20);
421 strlcat(buffer,
"TLS 1.3 draft-22-fb", 20);
424 strlcat(buffer,
"TLS 1.3 draft-23-fb", 20);
427 strlcat(buffer,
"TLS 1.3 draft-26-fb", 20);
430 snprintf(buffer, 7,
"0x%04x",
version);
435 static void TlsDecodeHSCertificateErrSetEvent(
SSLState *ssl_state, uint32_t err)
478 static inline int TlsDecodeHSCertificateFingerprint(
479 SSLStateConnp *connp,
const uint8_t *input, uint32_t cert_len)
489 if (SCSha1HashBuffer(input, cert_len, hash,
sizeof(hash)) == 1) {
496 static inline int TlsDecodeHSCertificateAddCertToChain(
497 SSLStateConnp *connp,
const uint8_t *input, uint32_t cert_len)
511 const uint8_t *
const initial_input,
const uint32_t input_len,
const int certn)
513 const uint8_t *input = (uint8_t *)initial_input;
514 uint32_t err_code = 0;
521 uint32_t cert_len = *input << 16 | *(input + 1) << 8 | *(input + 2);
530 x509 = rs_x509_decode(input, cert_len, &err_code);
532 TlsDecodeHSCertificateErrSetEvent(ssl_state, err_code);
536 char *
str = rs_x509_get_subject(x509);
543 str = rs_x509_get_issuer(x509);
556 sans[i] = rs_x509_get_subjectaltname_at(x509, i);
559 str = rs_x509_get_serial(x509);
575 rc = TlsDecodeHSCertificateFingerprint(connp, input, cert_len);
577 SCLogDebug(
"TlsDecodeHSCertificateFingerprint failed with %d", rc);
582 rc = TlsDecodeHSCertificateAddCertToChain(connp, input, cert_len);
584 SCLogDebug(
"TlsDecodeHSCertificateAddCertToChain failed with %d", rc);
590 return (
int)(input - initial_input);
594 TlsDecodeHSCertificateErrSetEvent(ssl_state, err_code);
598 SSLStateCertSANFree(connp);
613 const uint8_t *
const initial_input,
const uint32_t input_len)
615 const uint8_t *input = (uint8_t *)initial_input;
620 const uint32_t cert_chain_len = *input << 16 | *(input + 1) << 8 | *(input + 2);
639 uint32_t processed_len = 0;
641 while (processed_len < cert_chain_len) {
642 int rc = TlsDecodeHSCertificate(ssl_state, connp, connp->
certs_buffer + processed_len,
648 if (processed_len + (uint32_t)rc > cert_chain_len) {
652 processed_len += (uint32_t)rc;
655 return processed_len + 3;
669 static inline int TLSDecodeValueIsGREASE(
const uint16_t value)
695 static inline int TLSDecodeHSHelloVersion(
SSLState *ssl_state,
696 const uint8_t *
const initial_input,
697 const uint32_t input_len)
699 uint8_t *input = (uint8_t *)initial_input;
708 uint16_t
version = (uint16_t)(*input << 8) | *(input + 1);
750 return (
int)(input - initial_input);
753 static inline int TLSDecodeHSHelloRandom(
SSLState *ssl_state,
754 const uint8_t *
const initial_input,
755 const uint32_t input_len)
757 uint8_t *input = (uint8_t *)initial_input;
777 return (
int)(input - initial_input);
780 static inline int TLSDecodeHSHelloSessionID(
SSLState *ssl_state,
781 const uint8_t *
const initial_input,
782 const uint32_t input_len)
784 uint8_t *input = (uint8_t *)initial_input;
789 uint8_t session_id_length = *input;
803 input, 0, input_len, session_id_length) != 0) {
820 input += session_id_length;
822 return (
int)(input - initial_input);
831 static inline int TLSDecodeHSHelloCipherSuites(
SSLState *ssl_state,
832 const uint8_t *
const initial_input,
833 const uint32_t input_len)
835 const uint8_t *input = initial_input;
840 uint16_t cipher_suites_length;
843 cipher_suites_length = 2;
845 cipher_suites_length = (uint16_t)(*input << 8) | *(input + 1);
855 if ((cipher_suites_length % 2) != 0) {
866 if (ja3_cipher_suites == NULL)
870 uint16_t processed_len = 0;
872 while (processed_len < cipher_suites_length)
881 uint16_t cipher_suite = (uint16_t)(*input << 8) | *(input + 1);
884 if (TLSDecodeValueIsGREASE(cipher_suite) != 1) {
908 input += cipher_suites_length;
911 return (
int)(input - initial_input);
920 static inline int TLSDecodeHSHelloCompressionMethods(
SSLState *ssl_state,
921 const uint8_t *
const initial_input,
922 const uint32_t input_len)
924 const uint8_t *input = initial_input;
933 uint8_t compression_methods_length = *input;
936 if (!(
HAS_SPACE(compression_methods_length)))
939 input += compression_methods_length;
942 return (
int)(input - initial_input);
951 static inline int TLSDecodeHSHelloExtensionSni(
SSLState *ssl_state,
952 const uint8_t *
const initial_input,
953 const uint32_t input_len)
955 uint8_t *input = (uint8_t *)initial_input;
970 uint8_t sni_type = *input;
985 uint16_t sni_len = (uint16_t)(*input << 8) | *(input + 1);
991 if (!(
HAS_SPACE(sni_len)) || sni_len > 255 || sni_len == 0) {
1004 return (
int)(input - initial_input);
1007 const size_t sni_strlen = sni_len + 1;
1012 const size_t consumed = input - initial_input;
1014 initial_input, consumed, input_len, sni_len) != 0) {
1023 return (
int)(input - initial_input);
1034 static inline int TLSDecodeHSHelloExtensionSupportedVersions(
SSLState *ssl_state,
1035 const uint8_t *
const initial_input,
1036 const uint32_t input_len)
1038 const uint8_t *input = initial_input;
1046 goto invalid_length;
1048 uint8_t supported_ver_len = *input;
1051 if (supported_ver_len < 2)
1052 goto invalid_length;
1055 goto invalid_length;
1060 while (i + 1 < (uint16_t)supported_ver_len) {
1061 uint16_t ver = (uint16_t)(input[i] << 8) | input[i + 1];
1062 if (TLSVersionValid(ver)) {
1076 input += supported_ver_len;
1080 goto invalid_length;
1082 uint16_t ver = (uint16_t)(*input << 8) | *(input + 1);
1093 return (
int)(input - initial_input);
1103 static inline int TLSDecodeHSHelloExtensionEllipticCurves(
SSLState *ssl_state,
1104 const uint8_t *
const initial_input,
1105 const uint32_t input_len,
1108 const uint8_t *input = initial_input;
1115 goto invalid_length;
1117 uint16_t elliptic_curves_len = (uint16_t)(*input << 8) | *(input + 1);
1121 goto invalid_length;
1125 uint16_t ec_processed_len = 0;
1127 while (ec_processed_len < elliptic_curves_len)
1130 goto invalid_length;
1132 uint16_t elliptic_curve = (uint16_t)(*input << 8) | *(input + 1);
1135 if (TLSDecodeValueIsGREASE(elliptic_curve) != 1) {
1142 ec_processed_len += 2;
1147 input += elliptic_curves_len;
1150 return (
int)(input - initial_input);
1160 static inline int TLSDecodeHSHelloExtensionEllipticCurvePF(
SSLState *ssl_state,
1161 const uint8_t *
const initial_input,
1162 const uint32_t input_len,
1165 const uint8_t *input = initial_input;
1172 goto invalid_length;
1174 uint8_t ec_pf_len = *input;
1178 goto invalid_length;
1182 uint8_t ec_pf_processed_len = 0;
1184 while (ec_pf_processed_len < ec_pf_len)
1186 uint8_t elliptic_curve_pf = *input;
1189 if (TLSDecodeValueIsGREASE(elliptic_curve_pf) != 1) {
1196 ec_pf_processed_len += 1;
1204 return (
int)(input - initial_input);
1214 static inline int TLSDecodeHSHelloExtensionSigAlgorithms(
1215 SSLState *ssl_state,
const uint8_t *
const initial_input,
const uint32_t input_len)
1217 const uint8_t *input = initial_input;
1224 goto invalid_length;
1226 uint16_t sigalgo_len = (uint16_t)(*input << 8) | *(input + 1);
1230 if ((sigalgo_len % 2) != 0) {
1231 goto invalid_length;
1235 goto invalid_length;
1239 uint16_t sigalgo_processed_len = 0;
1240 while (sigalgo_processed_len < sigalgo_len) {
1241 uint16_t sigalgo = (uint16_t)(*input << 8) | *(input + 1);
1243 sigalgo_processed_len += 2;
1249 input += sigalgo_len;
1252 return (
int)(input - initial_input);
1255 SCLogDebug(
"Signature algorithm list invalid length");
1261 static void StoreALPN(
SSLStateConnp *connp,
const uint8_t *alpn,
const uint32_t size)
1266 memcpy(a->
alpn, alpn, size);
1273 static inline int TLSDecodeHSHelloExtensionALPN(
1274 SSLState *ssl_state,
const uint8_t *
const initial_input,
const uint32_t input_len)
1276 const uint8_t *input = initial_input;
1283 goto invalid_length;
1285 uint16_t alpn_len = (uint16_t)(*input << 8) | *(input + 1);
1289 goto invalid_length;
1293 uint32_t alpn_processed_len = 0;
1294 while (alpn_processed_len < alpn_len) {
1295 uint8_t protolen = *input;
1297 alpn_processed_len += 1;
1300 goto invalid_length;
1304 if (alpn_processed_len + protolen > ((uint32_t)alpn_len)) {
1305 input += alpn_len - alpn_processed_len;
1312 if (alpn_processed_len == 1) {
1313 SCJA4SetALPN(ssl_state->
curr_connp->
ja4, (
const char *)input, protolen);
1316 StoreALPN(ssl_state->
curr_connp, input, protolen);
1318 alpn_processed_len += protolen;
1322 return (
int)(input - initial_input);
1331 static inline int TLSDecodeHSHelloExtensions(
SSLState *ssl_state,
1332 const uint8_t *
const initial_input,
1333 const uint32_t input_len)
1335 const uint8_t *input = initial_input;
1343 JA3Buffer *ja3_elliptic_curves_pf = NULL;
1347 if (ja3_extensions == NULL)
1352 if (ja3_elliptic_curves == NULL)
1356 if (ja3_elliptic_curves_pf == NULL)
1365 uint16_t extensions_len = (uint16_t)(*input << 8) | *(input + 1);
1369 goto invalid_length;
1371 uint16_t processed_len = 0;
1373 while (processed_len < extensions_len)
1376 goto invalid_length;
1378 uint16_t ext_type = (uint16_t)(*input << 8) | *(input + 1);
1382 goto invalid_length;
1384 uint16_t ext_len = (uint16_t)(*input << 8) | *(input + 1);
1388 goto invalid_length;
1394 ret = TLSDecodeHSHelloExtensionSni(ssl_state, input,
1407 ret = TLSDecodeHSHelloExtensionEllipticCurves(ssl_state, input,
1409 ja3_elliptic_curves);
1421 ret = TLSDecodeHSHelloExtensionEllipticCurvePF(ssl_state, input,
1423 ja3_elliptic_curves_pf);
1434 ret = TLSDecodeHSHelloExtensionSigAlgorithms(ssl_state, input, ext_len);
1445 ret = TLSDecodeHSHelloExtensionALPN(ssl_state, input, ext_len);
1469 ret = TLSDecodeHSHelloExtensionSupportedVersions(ssl_state, input,
1500 if (TLSDecodeValueIsGREASE(ext_type) != 1) {
1509 if (TLSDecodeValueIsGREASE(ext_type) != 1) {
1514 processed_len += ext_len + 4;
1526 &ja3_elliptic_curves);
1531 &ja3_elliptic_curves_pf);
1537 return (
int)(input - initial_input);
1545 if (ja3_extensions != NULL)
1547 if (ja3_elliptic_curves != NULL)
1549 if (ja3_elliptic_curves_pf != NULL)
1555 static int TLSDecodeHandshakeHello(
SSLState *ssl_state,
1556 const uint8_t *
const input,
1557 const uint32_t input_len)
1560 uint32_t parsed = 0;
1571 ret = TLSDecodeHSHelloVersion(ssl_state, input, input_len);
1577 ret = TLSDecodeHSHelloRandom(ssl_state, input + parsed, input_len - parsed);
1588 ret = TLSDecodeHSHelloSessionID(ssl_state, input + parsed,
1589 input_len - parsed);
1596 ret = TLSDecodeHSHelloCipherSuites(ssl_state, input + parsed,
1597 input_len - parsed);
1608 ret = TLSDecodeHSHelloCompressionMethods(ssl_state, input + parsed,
1609 input_len - parsed);
1616 ret = TLSDecodeHSHelloExtensions(ssl_state, input + parsed,
1617 input_len - parsed);
1629 #ifdef DEBUG_VALIDATION
1639 const uint8_t *
const initial_input,
const uint32_t input_len)
1641 int rc = TlsDecodeHSCertificates(ssl_state, connp, initial_input, input_len);
1646 }
else if (rc < 0) {
1647 SCLogDebug(
"error parsing cert, reset state");
1654 static int SupportedHandshakeType(
const uint8_t
type)
1683 static int SSLv3ParseHandshakeType(
SSLState *ssl_state,
const uint8_t *input,
1684 uint32_t input_len, uint8_t direction)
1686 const uint8_t *initial_input = input;
1689 if (input_len == 0) {
1698 rc = TLSDecodeHandshakeHello(ssl_state, input, input_len);
1707 rc = TLSDecodeHandshakeHello(ssl_state, input, input_len);
1722 rc = SSLv3ParseHandshakeTypeCertificate(ssl_state,
1759 static int SSLv3ParseHandshakeProtocol(
SSLState *ssl_state,
const uint8_t *input,
1760 uint32_t input_len, uint8_t direction)
1762 const uint8_t *initial_input = input;
1773 SCLogDebug(
"partial handshake record in place");
1776 const uint32_t add =
MIN(need, input_len);
1782 const uint32_t new_size = avail + (4096 - (avail % 4096));
1783 SCLogDebug(
"new_size %u, avail %u", new_size, avail);
1791 SCLogDebug(
"ssl_state->curr_connp->hs_buffer_offset %u "
1792 "ssl_state->curr_connp->hs_buffer_size %u",
1814 SCLogDebug(
"got all data now: handshake_type %u message_length %u",
1845 SCLogDebug(
"input %p input_len %u", input, input_len);
1847 if (input_len < 4) {
1854 SCLogDebug(
"handshake_type %u message len %u input %p input_len %u",
1864 SCLogDebug(
"supported_type %s handshake_type %u/%02x", supported_type ?
"true" :
"false",
1866 if (!supported_type) {
1867 uint32_t avail_record_len =
MIN(input_len, record_len);
1868 input += avail_record_len;
1869 input_len -= avail_record_len;
1883 if (record_len > input_len) {
1884 const uint32_t avail = input_len;
1885 const uint32_t size = avail + (4096 - (avail % 4096));
1886 SCLogDebug(
"initial buffer size %u, based on input %u", size, avail);
1895 if (input_len > 0) {
1903 SCLogDebug(
"opened record buffer %p size %u offset %u type %u msg_size %u",
1910 return (
int)(input - initial_input);
1914 int retval = SSLv3ParseHandshakeType(
1916 if (retval < 0 || retval > (
int)input_len) {
1920 SCLogDebug(
"retval %d input_len %u", retval, input_len);
1922 input_len -= retval;
1928 return (
int)(input - initial_input);
1942 static int SSLv3ParseHeartbeatProtocol(
SSLState *ssl_state,
const uint8_t *input,
1943 uint32_t input_len, uint8_t direction)
1947 uint32_t padding_len;
1950 if (input_len < 3) {
1967 SCLogDebug(
"HeartBeat Record type sent in the toclient direction!");
1970 SCLogDebug(
"HeartBeat Record type sent in the toserver direction!");
1978 SCLogDebug(
"Encrypted HeartBeat Request In-flight. Storing len %u",
1983 payload_len = (uint16_t)(*input << 8) | *(input + 1);
1988 SCLogDebug(
"We have a short record in HeartBeat Request");
1996 if (padding_len < 16) {
1997 SCLogDebug(
"We have a short record in HeartBeat Request");
2011 SCLogDebug(
"Multiple in-flight server initiated HeartBeats");
2017 SCLogDebug(
"Multiple in-flight client initiated HeartBeats");
2035 SCLogDebug(
"My heart is bleeding.. OpenSSL HeartBleed response (%u)",
2054 static int SSLv3ParseRecord(uint8_t direction,
SSLState *ssl_state,
2055 const uint8_t *input, uint32_t input_len)
2057 const uint8_t *initial_input = input;
2059 if (input_len == 0) {
2063 uint8_t skip_version = 0;
2067 if (direction == 0) {
2081 if (input_len >= 5) {
2083 if (!skip_version) {
2092 if (--input_len == 0)
2098 if (!skip_version) {
2103 if (--input_len == 0)
2108 if (!skip_version) {
2113 if (--input_len == 0)
2119 if (--input_len == 0)
2125 if (--input_len == 0)
2133 return (
int)(input - initial_input);
2136 static int SSLv2ParseRecord(uint8_t direction,
SSLState *ssl_state,
2137 const uint8_t *input, uint32_t input_len)
2139 const uint8_t *initial_input = input;
2141 if (input_len == 0) {
2156 if (--input_len == 0)
2163 if (--input_len == 0)
2170 if (--input_len == 0)
2187 if (--input_len == 0)
2194 if (--input_len == 0)
2201 if (--input_len == 0)
2208 if (--input_len == 0)
2217 return (
int)(input - initial_input);
2222 const StreamSlice stream_slice)
2224 const uint8_t *initial_input = input;
2226 if (ssl_state->curr_connp->bytes_processed == 0) {
2227 if (input[0] & 0x80) {
2228 ssl_state->curr_connp->record_lengths_length = 2;
2230 ssl_state->curr_connp->record_lengths_length = 3;
2238 SCLogDebug(
"direction %u ssl_state->curr_connp->record_lengths_length + 1 %u, "
2239 "ssl_state->curr_connp->bytes_processed %u",
2240 direction, ssl_state->curr_connp->record_lengths_length + 1,
2241 ssl_state->curr_connp->bytes_processed);
2244 if (ssl_state->curr_connp->bytes_processed <
2245 (ssl_state->curr_connp->record_lengths_length + 1)) {
2246 const int retval = SSLv2ParseRecord(direction, ssl_state, input, input_len);
2248 ssl_state->curr_connp->record_length);
2249 if (retval < 0 || retval > (
int)input_len) {
2256 ssl_state->curr_connp->record_lengths_length + ssl_state->curr_connp->record_length,
2265 if (ssl_state->curr_connp->record_lengths_length + ssl_state->curr_connp->record_length >
2266 input_len + ssl_state->curr_connp->bytes_processed) {
2267 uint32_t
needed = ssl_state->curr_connp->record_length;
2268 SCLogDebug(
"record len %u input_len %u parsed %u: need %u bytes more data",
2269 ssl_state->curr_connp->record_length, input_len, (uint32_t)(input - initial_input),
2274 if (input_len == 0) {
2279 if (ssl_state->curr_connp->record_length == 0) {
2286 if (ssl_state->curr_connp->record_lengths_length == 0) {
2287 SCLogDebug(
"SSLv2 record lengths length is zero");
2292 switch (ssl_state->curr_connp->content_type) {
2294 SCLogDebug(
"SSLV2_MT_ERROR msg_type received. Error encountered "
2295 "in establishing the sslv2 session, may be version");
2301 if (input_len < 6) {
2309 const uint16_t
version = (uint16_t)(input[0] << 8) | input[1];
2311 ssl_state->curr_connp->version =
version;
2312 uint16_t session_id_length = (input[5]) | (uint16_t)(input[4] << 8);
2315 ssl_state->curr_connp->bytes_processed += 6;
2316 if (session_id_length == 0) {
2323 SCLogDebug(
"Client hello is not seen before master key "
2331 if (direction == 1) {
2332 SCLogDebug(
"Incorrect SSL Record type sent in the toclient "
2341 if (direction == 0 &&
2342 !(ssl_state->curr_connp->content_type &
2344 SCLogDebug(
"Incorrect SSL Record type sent in the toserver "
2355 if (direction == 0) {
2358 SCLogDebug(
"SSLv2 client side has started the encryption");
2361 SCLogDebug(
"SSLv2 client side has started the encryption");
2365 SCLogDebug(
"SSLv2 Server side has started the encryption");
2380 SCLogDebug(
"SSLv2 No reassembly & inspection has been set");
2393 ssl_state->flags |= ssl_state->current_flags;
2395 if (input_len + ssl_state->curr_connp->bytes_processed >=
2396 (ssl_state->curr_connp->record_length +
2397 ssl_state->curr_connp->record_lengths_length)) {
2400 uint32_t diff = ssl_state->curr_connp->record_length +
2401 ssl_state->curr_connp->record_lengths_length + -
2402 ssl_state->curr_connp->bytes_processed;
2410 ssl_state->curr_connp->bytes_processed += input_len;
2417 const StreamSlice stream_slice)
2419 uint32_t parsed = 0;
2420 uint32_t record_len;
2421 const bool first_call = (ssl_state->curr_connp->bytes_processed == 0);
2424 const uint16_t prev_version = ssl_state->curr_connp->version;
2426 int retval = SSLv3ParseRecord(direction, ssl_state, input, input_len);
2427 if (retval < 0 || retval > (
int)input_len) {
2435 SCLogDebug(
"%s input %p record_length %u", (direction == 0) ?
"toserver" :
"toclient",
2436 input, ssl_state->curr_connp->record_length);
2449 "incomplete header, return %u bytes consumed and wait for more data", parsed);
2456 record_len =
MIN(input_len - parsed, ssl_state->curr_connp->record_length);
2458 "record_len %u (input_len %u, parsed %u, ssl_state->curr_connp->record_length %u)",
2459 record_len, input_len, parsed, ssl_state->curr_connp->record_length);
2461 bool unknown_record =
false;
2462 switch (ssl_state->curr_connp->content_type) {
2470 unknown_record =
true;
2477 if (unknown_record) {
2481 ssl_state->curr_connp->bytes_processed = 0;
2482 ssl_state->curr_connp->content_type = 0;
2483 ssl_state->curr_connp->record_length = 0;
2485 ssl_state->curr_connp->version = prev_version;
2489 if (unknown_record) {
2497 if (ssl_state->curr_connp->record_length == 0) {
2503 if (!TLSVersionValid(ssl_state->curr_connp->version)) {
2504 SCLogDebug(
"ssl_state->curr_connp->version %04x", ssl_state->curr_connp->version);
2518 record_len = (ssl_state->curr_connp->record_length +
SSLV3_RECORD_HDR_LEN)- ssl_state->curr_connp->bytes_processed;
2519 record_len =
MIN(input_len, record_len);
2521 SCLogDebug(
"record length %u processed %u got %u",
2522 ssl_state->curr_connp->record_length, ssl_state->curr_connp->bytes_processed, record_len);
2525 if (ssl_state->curr_connp->record_length > input_len - parsed) {
2531 uint32_t
needed = ssl_state->curr_connp->record_length;
2532 SCLogDebug(
"record len %u input_len %u parsed %u: need %u bytes more data",
2533 ssl_state->curr_connp->record_length, input_len, parsed,
needed);
2539 if (record_len == 0) {
2544 ssl_state->curr_connp->record_length, direction,
TLS_FRAME_DATA);
2546 switch (ssl_state->curr_connp->content_type) {
2577 SCLogDebug(
"setting APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD");
2585 SCLogDebug(
"setting APP_LAYER_PARSER_NO_REASSEMBLY");
2610 if (ssl_state->curr_connp->record_length < 4) {
2613 SCLogDebug(
"record len < 4 => %u", ssl_state->curr_connp->record_length);
2617 int retval = SSLv3ParseHandshakeProtocol(ssl_state, input + parsed,
2618 record_len, direction);
2620 if (retval < 0 || retval > (
int)record_len) {
2632 int retval = SSLv3ParseHeartbeatProtocol(ssl_state, input + parsed,
2633 record_len, direction);
2647 parsed += record_len;
2648 ssl_state->curr_connp->bytes_processed += record_len;
2650 if (ssl_state->curr_connp->bytes_processed >=
2654 ssl_state->f, direction == 0 ? STREAM_TOSERVER : STREAM_TOCLIENT);
2685 static AppLayerResult SSLDecode(
Flow *f, uint8_t direction,
void *alstate,
2689 uint32_t counter = 0;
2691 const uint8_t *input = StreamSliceGetData(&stream_slice);
2692 const uint8_t *init_input = input;
2693 int32_t input_len = (int32_t)StreamSliceGetDataLen(&stream_slice);
2695 if (input == NULL &&
2702 }
else if (input == NULL || input_len == 0) {
2718 while (input_len > 0) {
2719 if (counter > max_records) {
2720 SCLogDebug(
"Looks like we have looped quite a bit. Reset state "
2721 "and get out of here");
2732 if ((input[0] & 0x80) || (input[0] & 0x40)) {
2741 SCLogDebug(
"record %u: bytes_processed %u, version %02X, input_len %u", counter,
2748 SCLogDebug(
"Continuing parsing SSLv2 record");
2751 SSLv2Decode(direction, ssl_state, pstate, input, input_len, stream_slice);
2754 SCLogDebug(
"Error parsing SSLv2. Resetting parser "
2755 "state. Let's get outta here");
2762 SCLogDebug(
"returning consumed %" PRIuMAX
" needed %u",
2763 (uintmax_t)(input - init_input), r.
needed);
2768 SCLogDebug(
"SSLv2 decoder consumed %d bytes: %u left", r.
retval, input_len);
2771 SCLogDebug(
"New TLS record: record_length %u",
2774 SCLogDebug(
"Continuing parsing TLS record: record_length %u, bytes_processed %u",
2778 SSLv3Decode(direction, ssl_state, pstate, input, input_len, stream_slice);
2781 SCLogDebug(
"Error parsing TLS. Resetting parser "
2782 "state. Let's get outta here");
2787 SCLogDebug(
"returning consumed %" PRIuMAX
" needed %u",
2788 (uintmax_t)(input - init_input), r.
needed);
2827 StreamSlice stream_slice,
void *local_data)
2829 return SSLDecode(f, 0 , alstate, pstate, stream_slice);
2833 StreamSlice stream_slice,
void *local_data)
2835 return SSLDecode(f, 1 , alstate, pstate, stream_slice);
2842 static void *SSLStateAlloc(
void *orig_state,
AppProto proto_orig)
2856 return (
void *)ssl_state;
2873 static void SSLStateFree(
void *p)
2924 if (ssl_state->
tx_data.de_state != NULL) {
2960 static void SSLStateTransactionFree(
void *state, uint64_t tx_id)
2965 static AppProto SSLProbingParser(
Flow *f, uint8_t direction,
2966 const uint8_t *input, uint32_t ilen, uint8_t *rdir)
2974 if ((input[0] & 0x80) && (input[2] == 0x01)) {
2981 static int SSLStateGetFrameIdByName(
const char *frame_name)
2990 static const char *SSLStateGetFrameNameById(
const uint8_t frame_id)
2996 static int SSLStateGetEventInfo(
const char *event_name,
2997 int *event_id, AppLayerEventType *event_type)
3000 if (*event_id == -1) {
3002 "ssl's enum map table.",
3008 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
3013 static int SSLStateGetEventInfoById(
int event_id,
const char **event_name,
3014 AppLayerEventType *event_type)
3017 if (*event_name == NULL) {
3019 "ssl's enum map table.",
3025 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
3030 static int SSLRegisterPatternsForProtocolDetection(
void)
3033 STREAM_TOSERVER, SSLProbingParser, 0, 3) < 0) {
3039 "|01 03 00|", 3, 0, STREAM_TOSERVER) < 0)
3044 "|16 03 00|", 3, 0, STREAM_TOSERVER) < 0)
3051 "|01 03 01|", 3, 0, STREAM_TOSERVER) < 0)
3056 "|16 03 01|", 3, 0, STREAM_TOSERVER) < 0)
3063 "|01 03 02|", 3, 0, STREAM_TOSERVER) < 0)
3068 "|16 03 02|", 3, 0, STREAM_TOSERVER) < 0)
3075 "|01 03 03|", 3, 0, STREAM_TOSERVER) < 0)
3080 "|16 03 03|", 3, 0, STREAM_TOSERVER) < 0)
3088 "|15 03 00|", 3, 0, STREAM_TOCLIENT) < 0)
3093 "|16 03 00|", 3, 0, STREAM_TOCLIENT) < 0)
3098 "|17 03 00|", 3, 0, STREAM_TOCLIENT) < 0)
3105 "|15 03 01|", 3, 0, STREAM_TOCLIENT) < 0)
3110 "|16 03 01|", 3, 0, STREAM_TOCLIENT) < 0)
3115 "|17 03 01|", 3, 0, STREAM_TOCLIENT) < 0)
3122 "|15 03 02|", 3, 0, STREAM_TOCLIENT) < 0)
3127 "|16 03 02|", 3, 0, STREAM_TOCLIENT) < 0)
3132 "|17 03 02|", 3, 0, STREAM_TOCLIENT) < 0)
3139 "|15 03 03|", 3, 0, STREAM_TOCLIENT) < 0)
3144 "|16 03 03|", 3, 0, STREAM_TOCLIENT) < 0)
3149 "|17 03 03|", 3, 0, STREAM_TOCLIENT) < 0)
3160 "|01 03 00|", 5, 2, STREAM_TOSERVER) < 0)
3165 "|00 02|", 7, 5, STREAM_TOCLIENT) < 0)
3175 static void CheckJA3Enabled(
void)
3177 const char *strval = NULL;
3180 if (
ConfGet(
"app-layer.protocols.tls.ja3-fingerprints", &strval) != 1) {
3182 }
else if (strcmp(strval,
"auto") == 0) {
3200 static void CheckJA4Enabled(
void)
3202 const char *strval = NULL;
3205 if (
ConfGet(
"app-layer.protocols.tls.ja4-fingerprints", &strval) != 1) {
3207 }
else if (strcmp(strval,
"auto") == 0) {
3229 const char *proto_name =
"tls";
3237 if (SSLRegisterPatternsForProtocolDetection() < 0)
3246 SSLProbingParser, NULL);
3251 SSLProbingParser, NULL) == 0) {
3253 "enabling TLS detection on port 443.");
3259 SSLProbingParser, NULL);
3263 SCLogConfig(
"Protocol detection and parser disabled for %s protocol",
3270 SSLParseClientRecord);
3273 SSLParseServerRecord);
3276 IPPROTO_TCP,
ALPROTO_TLS, SSLStateGetFrameIdByName, SSLStateGetFrameNameById);
3298 if (enc_handle != NULL && enc_handle->
val != NULL) {
3299 SCLogDebug(
"have app-layer.protocols.tls.encryption-handling = %s", enc_handle->
val);
3300 if (strcmp(enc_handle->
val,
"full") == 0) {
3302 }
else if (strcmp(enc_handle->
val,
"bypass") == 0) {
3304 }
else if (strcmp(enc_handle->
val,
"default") == 0) {
3311 if (
ConfGetNode(
"app-layer.protocols.tls.no-reassemble") == NULL) {
3313 if (
ConfGetBool(
"tls.no-reassemble", &value) == 1 && value == 1)
3317 if (
ConfGetBool(
"app-layer.protocols.tls.no-reassemble", &value) == 1 && value == 1)
3332 SCLogWarning(
"MD5 calculation has been disabled, disabling JA3");
3336 SCLogWarning(
"Hashing has been disabled, disabling JA4");
3350 SCLogConfig(
"Parser disabled for %s protocol. Protocol detection still on.", proto_name);