100 {
"CERTIFICATE_INVALID_ALGORITHMIDENTIFIER",
135 #define SSL_CONFIG_DEFAULT_JA3 0
136 #define SSL_CONFIG_DEFAULT_JA4 0
157 #define SSLV3_CHANGE_CIPHER_SPEC 20
158 #define SSLV3_ALERT_PROTOCOL 21
159 #define SSLV3_HANDSHAKE_PROTOCOL 22
160 #define SSLV3_APPLICATION_PROTOCOL 23
161 #define SSLV3_HEARTBEAT_PROTOCOL 24
164 #define SSLV3_HS_HELLO_REQUEST 0
165 #define SSLV3_HS_CLIENT_HELLO 1
166 #define SSLV3_HS_SERVER_HELLO 2
167 #define SSLV3_HS_NEW_SESSION_TICKET 4
168 #define SSLV3_HS_CERTIFICATE 11
169 #define SSLV3_HS_SERVER_KEY_EXCHANGE 12
170 #define SSLV3_HS_CERTIFICATE_REQUEST 13
171 #define SSLV3_HS_SERVER_HELLO_DONE 14
172 #define SSLV3_HS_CERTIFICATE_VERIFY 15
173 #define SSLV3_HS_CLIENT_KEY_EXCHANGE 16
174 #define SSLV3_HS_FINISHED 20
175 #define SSLV3_HS_CERTIFICATE_URL 21
176 #define SSLV3_HS_CERTIFICATE_STATUS 22
179 #define SSLV2_MT_ERROR 0
180 #define SSLV2_MT_CLIENT_HELLO 1
181 #define SSLV2_MT_CLIENT_MASTER_KEY 2
182 #define SSLV2_MT_CLIENT_FINISHED 3
183 #define SSLV2_MT_SERVER_HELLO 4
184 #define SSLV2_MT_SERVER_VERIFY 5
185 #define SSLV2_MT_SERVER_FINISHED 6
186 #define SSLV2_MT_REQUEST_CERTIFICATE 7
187 #define SSLV2_MT_CLIENT_CERTIFICATE 8
189 #define SSLV3_RECORD_HDR_LEN 5
191 #define SSLV3_RECORD_MAX_LEN ((1 << 14) + 1024)
193 #define SSLV3_CLIENT_HELLO_VERSION_LEN 2
194 #define SSLV3_CLIENT_HELLO_RANDOM_LEN 32
197 #define TLS_HB_REQUEST 1
198 #define TLS_HB_RESPONSE 2
200 #define SSL_RECORD_MINIMUM_LENGTH 6
202 #define SHA1_STRING_LENGTH 60
204 #define HAS_SPACE(n) ((uint64_t)(input - initial_input) + (uint64_t)(n) <= (uint64_t)(input_len))
210 #define SSL_DECODER_ERROR(e) \
211 (struct SSLDecoderResult) \
215 #define SSL_DECODER_OK(c) \
216 (struct SSLDecoderResult) \
220 #define SSL_DECODER_INCOMPLETE(c, n) \
221 (struct SSLDecoderResult) \
226 static inline int SafeMemcpy(
void *
dst,
size_t dst_offset,
size_t dst_size,
227 const void *
src,
size_t src_offset,
size_t src_size,
size_t src_tocopy)
WARN_UNUSED;
229 static inline int SafeMemcpy(
void *
dst,
size_t dst_offset,
size_t dst_size,
230 const void *
src,
size_t src_offset,
size_t src_size,
size_t src_tocopy)
237 if (dst_offset < dst_size && src_offset < src_size &&
238 src_tocopy <= (src_size - src_offset) &&
239 src_tocopy <= (dst_size - dst_offset)) {
240 memcpy(
dst + dst_offset,
src + src_offset, src_tocopy);
246 #ifdef DEBUG_VALIDATION
247 #define ValidateRecordState(connp) \
249 DEBUG_VALIDATE_BUG_ON(((connp)->record_length + SSLV3_RECORD_HDR_LEN) < \
250 (connp)->bytes_processed); \
253 #define ValidateRecordState(...)
256 #define SSLParserHSReset(connp) \
258 (connp)->handshake_type = 0; \
259 (connp)->message_length = 0; \
262 #define SSLParserReset(state) \
264 SCLogDebug("resetting state"); \
265 (state)->curr_connp->bytes_processed = 0; \
266 SSLParserHSReset((state)->curr_connp); \
269 #define SSLSetEvent(ssl_state, event) \
271 SCLogDebug("setting event %u", (event)); \
272 if ((ssl_state) == NULL) { \
273 SCLogDebug("could not set decoder event %u", event); \
275 AppLayerDecoderEventsSetEventRaw(&(ssl_state)->tx_data.events, (event)); \
276 (ssl_state)->events++; \
282 static void *SSLGetTx(
void *state, uint64_t tx_id)
288 static uint64_t SSLGetTxCnt(
void *state)
294 static int SSLGetAlstateProgress(
void *tx, uint8_t direction)
310 if (direction == STREAM_TOSERVER &&
326 static AppLayerStateData *SSLGetStateData(
void *vstate)
338 strlcat(buffer,
"UNDETERMINED", 13);
359 strlcat(buffer,
"TLS 1.3 draft-28", 17);
362 strlcat(buffer,
"TLS 1.3 draft-27", 17);
365 strlcat(buffer,
"TLS 1.3 draft-26", 17);
368 strlcat(buffer,
"TLS 1.3 draft-25", 17);
371 strlcat(buffer,
"TLS 1.3 draft-24", 17);
374 strlcat(buffer,
"TLS 1.3 draft-23", 17);
377 strlcat(buffer,
"TLS 1.3 draft-22", 17);
380 strlcat(buffer,
"TLS 1.3 draft-21", 17);
383 strlcat(buffer,
"TLS 1.3 draft-20", 17);
386 strlcat(buffer,
"TLS 1.3 draft-19", 17);
389 strlcat(buffer,
"TLS 1.3 draft-18", 17);
392 strlcat(buffer,
"TLS 1.3 draft-17", 17);
395 strlcat(buffer,
"TLS 1.3 draft-16", 17);
398 strlcat(buffer,
"TLS 1.3 draft-<16", 18);
401 strlcat(buffer,
"TLS 1.3 draft-20-fb", 20);
404 strlcat(buffer,
"TLS 1.3 draft-21-fb", 20);
407 strlcat(buffer,
"TLS 1.3 draft-22-fb", 20);
410 strlcat(buffer,
"TLS 1.3 draft-23-fb", 20);
413 strlcat(buffer,
"TLS 1.3 draft-26-fb", 20);
416 snprintf(buffer, 7,
"0x%04x",
version);
421 static void TlsDecodeHSCertificateErrSetEvent(
SSLState *ssl_state, uint32_t err)
464 static inline int TlsDecodeHSCertificateFingerprint(
465 SSLStateConnp *connp,
const uint8_t *input, uint32_t cert_len)
475 if (SCSha1HashBuffer(input, cert_len, hash,
sizeof(hash)) == 1) {
482 static inline int TlsDecodeHSCertificateAddCertToChain(
483 SSLStateConnp *connp,
const uint8_t *input, uint32_t cert_len)
497 const uint8_t *
const initial_input,
const uint32_t input_len,
const int certn)
499 const uint8_t *input = (uint8_t *)initial_input;
500 uint32_t err_code = 0;
507 uint32_t cert_len = *input << 16 | *(input + 1) << 8 | *(input + 2);
516 x509 = rs_x509_decode(input, cert_len, &err_code);
518 TlsDecodeHSCertificateErrSetEvent(ssl_state, err_code);
522 char *
str = rs_x509_get_subject(x509);
529 str = rs_x509_get_issuer(x509);
542 sans[i] = rs_x509_get_subjectaltname_at(x509, i);
545 str = rs_x509_get_serial(x509);
561 rc = TlsDecodeHSCertificateFingerprint(connp, input, cert_len);
563 SCLogDebug(
"TlsDecodeHSCertificateFingerprint failed with %d", rc);
568 rc = TlsDecodeHSCertificateAddCertToChain(connp, input, cert_len);
570 SCLogDebug(
"TlsDecodeHSCertificateAddCertToChain failed with %d", rc);
576 return (
int)(input - initial_input);
580 TlsDecodeHSCertificateErrSetEvent(ssl_state, err_code);
584 SSLStateCertSANFree(connp);
599 const uint8_t *
const initial_input,
const uint32_t input_len)
601 const uint8_t *input = (uint8_t *)initial_input;
606 const uint32_t cert_chain_len = *input << 16 | *(input + 1) << 8 | *(input + 2);
625 uint32_t processed_len = 0;
627 while (processed_len < cert_chain_len) {
628 int rc = TlsDecodeHSCertificate(ssl_state, connp, connp->
certs_buffer + processed_len,
634 if (processed_len + (uint32_t)rc > cert_chain_len) {
638 processed_len += (uint32_t)rc;
641 return processed_len + 3;
655 static inline int TLSDecodeValueIsGREASE(
const uint16_t value)
681 static inline int TLSDecodeHSHelloVersion(
SSLState *ssl_state,
682 const uint8_t *
const initial_input,
683 const uint32_t input_len)
685 uint8_t *input = (uint8_t *)initial_input;
694 uint16_t
version = (uint16_t)(*input << 8) | *(input + 1);
736 return (
int)(input - initial_input);
739 static inline int TLSDecodeHSHelloRandom(
SSLState *ssl_state,
740 const uint8_t *
const initial_input,
741 const uint32_t input_len)
743 uint8_t *input = (uint8_t *)initial_input;
763 return (
int)(input - initial_input);
766 static inline int TLSDecodeHSHelloSessionID(
SSLState *ssl_state,
767 const uint8_t *
const initial_input,
768 const uint32_t input_len)
770 uint8_t *input = (uint8_t *)initial_input;
775 uint8_t session_id_length = *input;
789 input, 0, input_len, session_id_length) != 0) {
806 input += session_id_length;
808 return (
int)(input - initial_input);
817 static inline int TLSDecodeHSHelloCipherSuites(
SSLState *ssl_state,
818 const uint8_t *
const initial_input,
819 const uint32_t input_len)
821 const uint8_t *input = initial_input;
826 uint16_t cipher_suites_length;
829 cipher_suites_length = 2;
831 cipher_suites_length = (uint16_t)(*input << 8) | *(input + 1);
841 if ((cipher_suites_length % 2) != 0) {
845 const bool enable_ja3 =
853 if (ja3_cipher_suites == NULL)
857 uint16_t processed_len = 0;
859 while (processed_len < cipher_suites_length)
868 uint16_t cipher_suite = (uint16_t)(*input << 8) | *(input + 1);
871 if (TLSDecodeValueIsGREASE(cipher_suite) != 1) {
895 input += cipher_suites_length;
898 return (
int)(input - initial_input);
907 static inline int TLSDecodeHSHelloCompressionMethods(
SSLState *ssl_state,
908 const uint8_t *
const initial_input,
909 const uint32_t input_len)
911 const uint8_t *input = initial_input;
920 uint8_t compression_methods_length = *input;
923 if (!(
HAS_SPACE(compression_methods_length)))
926 input += compression_methods_length;
929 return (
int)(input - initial_input);
938 static inline int TLSDecodeHSHelloExtensionSni(
SSLState *ssl_state,
939 const uint8_t *
const initial_input,
940 const uint32_t input_len)
942 uint8_t *input = (uint8_t *)initial_input;
957 uint8_t sni_type = *input;
972 uint16_t sni_len = (uint16_t)(*input << 8) | *(input + 1);
978 if (!(
HAS_SPACE(sni_len)) || sni_len > 255 || sni_len == 0) {
991 return (
int)(input - initial_input);
994 const size_t sni_strlen = sni_len + 1;
999 const size_t consumed = input - initial_input;
1001 initial_input, consumed, input_len, sni_len) != 0) {
1010 return (
int)(input - initial_input);
1021 static inline int TLSDecodeHSHelloExtensionSupportedVersions(
SSLState *ssl_state,
1022 const uint8_t *
const initial_input,
1023 const uint32_t input_len)
1025 const uint8_t *input = initial_input;
1033 goto invalid_length;
1035 uint8_t supported_ver_len = *input;
1038 if (supported_ver_len < 2)
1039 goto invalid_length;
1042 goto invalid_length;
1047 while (i + 1 < (uint16_t)supported_ver_len) {
1048 uint16_t ver = (uint16_t)(input[i] << 8) | input[i + 1];
1049 if (TLSVersionValid(ver)) {
1063 input += supported_ver_len;
1067 goto invalid_length;
1069 uint16_t ver = (uint16_t)(*input << 8) | *(input + 1);
1080 return (
int)(input - initial_input);
1090 static inline int TLSDecodeHSHelloExtensionEllipticCurves(
SSLState *ssl_state,
1091 const uint8_t *
const initial_input,
1092 const uint32_t input_len,
1095 const uint8_t *input = initial_input;
1102 goto invalid_length;
1104 uint16_t elliptic_curves_len = (uint16_t)(*input << 8) | *(input + 1);
1108 goto invalid_length;
1111 uint16_t ec_processed_len = 0;
1113 while (ec_processed_len < elliptic_curves_len)
1116 goto invalid_length;
1118 uint16_t elliptic_curve = (uint16_t)(*input << 8) | *(input + 1);
1121 if (TLSDecodeValueIsGREASE(elliptic_curve) != 1) {
1128 ec_processed_len += 2;
1133 input += elliptic_curves_len;
1136 return (
int)(input - initial_input);
1146 static inline int TLSDecodeHSHelloExtensionEllipticCurvePF(
SSLState *ssl_state,
1147 const uint8_t *
const initial_input,
1148 const uint32_t input_len,
1151 const uint8_t *input = initial_input;
1158 goto invalid_length;
1160 uint8_t ec_pf_len = *input;
1164 goto invalid_length;
1167 uint8_t ec_pf_processed_len = 0;
1169 while (ec_pf_processed_len < ec_pf_len)
1171 uint8_t elliptic_curve_pf = *input;
1174 if (TLSDecodeValueIsGREASE(elliptic_curve_pf) != 1) {
1181 ec_pf_processed_len += 1;
1189 return (
int)(input - initial_input);
1199 static inline int TLSDecodeHSHelloExtensionSigAlgorithms(
1200 SSLState *ssl_state,
const uint8_t *
const initial_input,
const uint32_t input_len)
1202 const uint8_t *input = initial_input;
1209 goto invalid_length;
1211 uint16_t sigalgo_len = (uint16_t)(*input << 8) | *(input + 1);
1215 if ((sigalgo_len % 2) != 0) {
1216 goto invalid_length;
1220 goto invalid_length;
1224 uint16_t sigalgo_processed_len = 0;
1225 while (sigalgo_processed_len < sigalgo_len) {
1226 uint16_t sigalgo = (uint16_t)(*input << 8) | *(input + 1);
1228 sigalgo_processed_len += 2;
1234 input += sigalgo_len;
1237 return (
int)(input - initial_input);
1240 SCLogDebug(
"Signature algorithm list invalid length");
1246 static void StoreALPN(
SSLStateConnp *connp,
const uint8_t *alpn,
const uint32_t size)
1251 memcpy(a->
alpn, alpn, size);
1258 static inline int TLSDecodeHSHelloExtensionALPN(
1259 SSLState *ssl_state,
const uint8_t *
const initial_input,
const uint32_t input_len)
1261 const uint8_t *input = initial_input;
1268 goto invalid_length;
1270 uint16_t alpn_len = (uint16_t)(*input << 8) | *(input + 1);
1274 goto invalid_length;
1278 uint32_t alpn_processed_len = 0;
1279 while (alpn_processed_len < alpn_len) {
1280 uint8_t protolen = *input;
1282 alpn_processed_len += 1;
1285 goto invalid_length;
1289 if (alpn_processed_len + protolen > ((uint32_t)alpn_len)) {
1290 input += alpn_len - alpn_processed_len;
1297 if (alpn_processed_len == 1) {
1298 SCJA4SetALPN(ssl_state->
curr_connp->
ja4, (
const char *)input, protolen);
1301 StoreALPN(ssl_state->
curr_connp, input, protolen);
1303 alpn_processed_len += protolen;
1307 return (
int)(input - initial_input);
1316 static inline int TLSDecodeHSHelloExtensions(
SSLState *ssl_state,
1317 const uint8_t *
const initial_input,
1318 const uint32_t input_len)
1320 const uint8_t *input = initial_input;
1330 JA3Buffer *ja3_elliptic_curves_pf = NULL;
1334 if (ja3_extensions == NULL)
1339 if (ja3_elliptic_curves == NULL)
1343 if (ja3_elliptic_curves_pf == NULL)
1352 uint16_t extensions_len = (uint16_t)(*input << 8) | *(input + 1);
1356 goto invalid_length;
1358 uint16_t processed_len = 0;
1360 while (processed_len < extensions_len)
1363 goto invalid_length;
1365 uint16_t ext_type = (uint16_t)(*input << 8) | *(input + 1);
1369 goto invalid_length;
1371 uint16_t ext_len = (uint16_t)(*input << 8) | *(input + 1);
1375 goto invalid_length;
1381 ret = TLSDecodeHSHelloExtensionSni(ssl_state, input,
1394 ret = TLSDecodeHSHelloExtensionEllipticCurves(ssl_state, input,
1396 ja3_elliptic_curves);
1408 ret = TLSDecodeHSHelloExtensionEllipticCurvePF(ssl_state, input,
1410 ja3_elliptic_curves_pf);
1421 ret = TLSDecodeHSHelloExtensionSigAlgorithms(ssl_state, input, ext_len);
1432 ret = TLSDecodeHSHelloExtensionALPN(ssl_state, input, ext_len);
1456 ret = TLSDecodeHSHelloExtensionSupportedVersions(ssl_state, input,
1487 if (TLSDecodeValueIsGREASE(ext_type) != 1) {
1496 if (TLSDecodeValueIsGREASE(ext_type) != 1) {
1501 processed_len += ext_len + 4;
1513 &ja3_elliptic_curves);
1518 &ja3_elliptic_curves_pf);
1524 return (
int)(input - initial_input);
1532 if (ja3_extensions != NULL)
1534 if (ja3_elliptic_curves != NULL)
1536 if (ja3_elliptic_curves_pf != NULL)
1542 static int TLSDecodeHandshakeHello(
SSLState *ssl_state,
1543 const uint8_t *
const input,
1544 const uint32_t input_len)
1547 uint32_t parsed = 0;
1558 ret = TLSDecodeHSHelloVersion(ssl_state, input, input_len);
1564 ret = TLSDecodeHSHelloRandom(ssl_state, input + parsed, input_len - parsed);
1575 ret = TLSDecodeHSHelloSessionID(ssl_state, input + parsed,
1576 input_len - parsed);
1583 ret = TLSDecodeHSHelloCipherSuites(ssl_state, input + parsed,
1584 input_len - parsed);
1595 ret = TLSDecodeHSHelloCompressionMethods(ssl_state, input + parsed,
1596 input_len - parsed);
1603 ret = TLSDecodeHSHelloExtensions(ssl_state, input + parsed,
1604 input_len - parsed);
1616 #ifdef DEBUG_VALIDATION
1626 const uint8_t *
const initial_input,
const uint32_t input_len)
1628 int rc = TlsDecodeHSCertificates(ssl_state, connp, initial_input, input_len);
1633 }
else if (rc < 0) {
1634 SCLogDebug(
"error parsing cert, reset state");
1641 static int SupportedHandshakeType(
const uint8_t
type)
1670 static int SSLv3ParseHandshakeType(
SSLState *ssl_state,
const uint8_t *input,
1671 uint32_t input_len, uint8_t direction)
1673 const uint8_t *initial_input = input;
1676 if (input_len == 0) {
1685 rc = TLSDecodeHandshakeHello(ssl_state, input, input_len);
1694 rc = TLSDecodeHandshakeHello(ssl_state, input, input_len);
1709 rc = SSLv3ParseHandshakeTypeCertificate(ssl_state,
1746 static int SSLv3ParseHandshakeProtocol(
SSLState *ssl_state,
const uint8_t *input,
1747 uint32_t input_len, uint8_t direction)
1749 const uint8_t *initial_input = input;
1760 SCLogDebug(
"partial handshake record in place");
1763 const uint32_t add =
MIN(need, input_len);
1769 const uint32_t new_size = avail + (4096 - (avail % 4096));
1770 SCLogDebug(
"new_size %u, avail %u", new_size, avail);
1778 SCLogDebug(
"ssl_state->curr_connp->hs_buffer_offset %u "
1779 "ssl_state->curr_connp->hs_buffer_size %u",
1801 SCLogDebug(
"got all data now: handshake_type %u message_length %u",
1832 SCLogDebug(
"input %p input_len %u", input, input_len);
1834 if (input_len < 4) {
1841 SCLogDebug(
"handshake_type %u message len %u input %p input_len %u",
1851 SCLogDebug(
"supported_type %s handshake_type %u/%02x", supported_type ?
"true" :
"false",
1853 if (!supported_type) {
1854 uint32_t avail_record_len =
MIN(input_len, record_len);
1855 input += avail_record_len;
1856 input_len -= avail_record_len;
1870 if (record_len > input_len) {
1871 const uint32_t avail = input_len;
1872 const uint32_t size = avail + (4096 - (avail % 4096));
1873 SCLogDebug(
"initial buffer size %u, based on input %u", size, avail);
1882 if (input_len > 0) {
1890 SCLogDebug(
"opened record buffer %p size %u offset %u type %u msg_size %u",
1897 return (
int)(input - initial_input);
1901 int retval = SSLv3ParseHandshakeType(
1903 if (retval < 0 || retval > (
int)input_len) {
1907 SCLogDebug(
"retval %d input_len %u", retval, input_len);
1909 input_len -= retval;
1915 return (
int)(input - initial_input);
1929 static int SSLv3ParseHeartbeatProtocol(
SSLState *ssl_state,
const uint8_t *input,
1930 uint32_t input_len, uint8_t direction)
1934 uint32_t padding_len;
1937 if (input_len < 3) {
1954 SCLogDebug(
"HeartBeat Record type sent in the toclient direction!");
1957 SCLogDebug(
"HeartBeat Record type sent in the toserver direction!");
1965 SCLogDebug(
"Encrypted HeartBeat Request In-flight. Storing len %u",
1970 payload_len = (uint16_t)(*input << 8) | *(input + 1);
1975 SCLogDebug(
"We have a short record in HeartBeat Request");
1983 if (padding_len < 16) {
1984 SCLogDebug(
"We have a short record in HeartBeat Request");
1998 SCLogDebug(
"Multiple in-flight server initiated HeartBeats");
2004 SCLogDebug(
"Multiple in-flight client initiated HeartBeats");
2022 SCLogDebug(
"My heart is bleeding.. OpenSSL HeartBleed response (%u)",
2041 static int SSLv3ParseRecord(uint8_t direction,
SSLState *ssl_state,
2042 const uint8_t *input, uint32_t input_len)
2044 const uint8_t *initial_input = input;
2046 if (input_len == 0) {
2050 uint8_t skip_version = 0;
2054 if (direction == 0) {
2068 if (input_len >= 5) {
2070 if (!skip_version) {
2079 if (--input_len == 0)
2085 if (!skip_version) {
2090 if (--input_len == 0)
2095 if (!skip_version) {
2100 if (--input_len == 0)
2106 if (--input_len == 0)
2112 if (--input_len == 0)
2120 return (
int)(input - initial_input);
2123 static int SSLv2ParseRecord(uint8_t direction,
SSLState *ssl_state,
2124 const uint8_t *input, uint32_t input_len)
2126 const uint8_t *initial_input = input;
2128 if (input_len == 0) {
2143 if (--input_len == 0)
2150 if (--input_len == 0)
2157 if (--input_len == 0)
2174 if (--input_len == 0)
2181 if (--input_len == 0)
2188 if (--input_len == 0)
2195 if (--input_len == 0)
2204 return (
int)(input - initial_input);
2209 const StreamSlice stream_slice)
2211 const uint8_t *initial_input = input;
2213 if (ssl_state->curr_connp->bytes_processed == 0) {
2214 if (input[0] & 0x80) {
2215 ssl_state->curr_connp->record_lengths_length = 2;
2217 ssl_state->curr_connp->record_lengths_length = 3;
2225 SCLogDebug(
"direction %u ssl_state->curr_connp->record_lengths_length + 1 %u, "
2226 "ssl_state->curr_connp->bytes_processed %u",
2227 direction, ssl_state->curr_connp->record_lengths_length + 1,
2228 ssl_state->curr_connp->bytes_processed);
2231 if (ssl_state->curr_connp->bytes_processed <
2232 (ssl_state->curr_connp->record_lengths_length + 1)) {
2233 const int retval = SSLv2ParseRecord(direction, ssl_state, input, input_len);
2235 ssl_state->curr_connp->record_length);
2236 if (retval < 0 || retval > (
int)input_len) {
2243 ssl_state->curr_connp->record_lengths_length + ssl_state->curr_connp->record_length,
2252 if (ssl_state->curr_connp->record_lengths_length + ssl_state->curr_connp->record_length >
2253 input_len + ssl_state->curr_connp->bytes_processed) {
2254 uint32_t
needed = ssl_state->curr_connp->record_length;
2255 SCLogDebug(
"record len %u input_len %u parsed %u: need %u bytes more data",
2256 ssl_state->curr_connp->record_length, input_len, (uint32_t)(input - initial_input),
2261 if (input_len == 0) {
2266 if (ssl_state->curr_connp->record_length == 0) {
2273 if (ssl_state->curr_connp->record_lengths_length == 0) {
2274 SCLogDebug(
"SSLv2 record lengths length is zero");
2279 switch (ssl_state->curr_connp->content_type) {
2281 SCLogDebug(
"SSLV2_MT_ERROR msg_type received. Error encountered "
2282 "in establishing the sslv2 session, may be version");
2288 if (input_len < 6) {
2296 const uint16_t
version = (uint16_t)(input[0] << 8) | input[1];
2298 ssl_state->curr_connp->version =
version;
2299 uint16_t session_id_length = (input[5]) | (uint16_t)(input[4] << 8);
2302 ssl_state->curr_connp->bytes_processed += 6;
2303 if (session_id_length == 0) {
2310 SCLogDebug(
"Client hello is not seen before master key "
2318 if (direction == 1) {
2319 SCLogDebug(
"Incorrect SSL Record type sent in the toclient "
2328 if (direction == 0 &&
2329 !(ssl_state->curr_connp->content_type &
2331 SCLogDebug(
"Incorrect SSL Record type sent in the toserver "
2342 if (direction == 0) {
2345 SCLogDebug(
"SSLv2 client side has started the encryption");
2348 SCLogDebug(
"SSLv2 client side has started the encryption");
2352 SCLogDebug(
"SSLv2 Server side has started the encryption");
2367 SCLogDebug(
"SSLv2 No reassembly & inspection has been set");
2380 ssl_state->flags |= ssl_state->current_flags;
2382 if (input_len + ssl_state->curr_connp->bytes_processed >=
2383 (ssl_state->curr_connp->record_length +
2384 ssl_state->curr_connp->record_lengths_length)) {
2387 uint32_t diff = ssl_state->curr_connp->record_length +
2388 ssl_state->curr_connp->record_lengths_length + -
2389 ssl_state->curr_connp->bytes_processed;
2397 ssl_state->curr_connp->bytes_processed += input_len;
2404 const StreamSlice stream_slice)
2406 uint32_t parsed = 0;
2407 uint32_t record_len;
2408 const bool first_call = (ssl_state->curr_connp->bytes_processed == 0);
2411 const uint16_t prev_version = ssl_state->curr_connp->version;
2413 int retval = SSLv3ParseRecord(direction, ssl_state, input, input_len);
2414 if (retval < 0 || retval > (
int)input_len) {
2422 SCLogDebug(
"%s input %p record_length %u", (direction == 0) ?
"toserver" :
"toclient",
2423 input, ssl_state->curr_connp->record_length);
2436 "incomplete header, return %u bytes consumed and wait for more data", parsed);
2443 record_len =
MIN(input_len - parsed, ssl_state->curr_connp->record_length);
2445 "record_len %u (input_len %u, parsed %u, ssl_state->curr_connp->record_length %u)",
2446 record_len, input_len, parsed, ssl_state->curr_connp->record_length);
2448 bool unknown_record =
false;
2449 switch (ssl_state->curr_connp->content_type) {
2457 unknown_record =
true;
2464 if (unknown_record) {
2468 ssl_state->curr_connp->bytes_processed = 0;
2469 ssl_state->curr_connp->content_type = 0;
2470 ssl_state->curr_connp->record_length = 0;
2472 ssl_state->curr_connp->version = prev_version;
2476 if (unknown_record) {
2484 if (ssl_state->curr_connp->record_length == 0) {
2490 if (!TLSVersionValid(ssl_state->curr_connp->version)) {
2491 SCLogDebug(
"ssl_state->curr_connp->version %04x", ssl_state->curr_connp->version);
2505 record_len = (ssl_state->curr_connp->record_length +
SSLV3_RECORD_HDR_LEN)- ssl_state->curr_connp->bytes_processed;
2506 record_len =
MIN(input_len, record_len);
2508 SCLogDebug(
"record length %u processed %u got %u",
2509 ssl_state->curr_connp->record_length, ssl_state->curr_connp->bytes_processed, record_len);
2512 if (ssl_state->curr_connp->record_length > input_len - parsed) {
2518 uint32_t
needed = ssl_state->curr_connp->record_length;
2519 SCLogDebug(
"record len %u input_len %u parsed %u: need %u bytes more data",
2520 ssl_state->curr_connp->record_length, input_len, parsed,
needed);
2526 if (record_len == 0) {
2531 ssl_state->curr_connp->record_length, direction,
TLS_FRAME_DATA);
2533 switch (ssl_state->curr_connp->content_type) {
2564 SCLogDebug(
"setting APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD");
2572 SCLogDebug(
"setting APP_LAYER_PARSER_NO_REASSEMBLY");
2597 if (ssl_state->curr_connp->record_length < 4) {
2600 SCLogDebug(
"record len < 4 => %u", ssl_state->curr_connp->record_length);
2604 int retval = SSLv3ParseHandshakeProtocol(ssl_state, input + parsed,
2605 record_len, direction);
2607 if (retval < 0 || retval > (
int)record_len) {
2619 int retval = SSLv3ParseHeartbeatProtocol(ssl_state, input + parsed,
2620 record_len, direction);
2634 parsed += record_len;
2635 ssl_state->curr_connp->bytes_processed += record_len;
2637 if (ssl_state->curr_connp->bytes_processed >=
2641 ssl_state->f, direction == 0 ? STREAM_TOSERVER : STREAM_TOCLIENT);
2672 static AppLayerResult SSLDecode(
Flow *f, uint8_t direction,
void *alstate,
2676 ssl_state->
tx_data.updated_tc =
true;
2677 ssl_state->
tx_data.updated_ts =
true;
2678 uint32_t counter = 0;
2680 const uint8_t *input = StreamSliceGetData(&stream_slice);
2681 const uint8_t *init_input = input;
2682 int32_t input_len = (int32_t)StreamSliceGetDataLen(&stream_slice);
2684 if (input == NULL &&
2691 }
else if (input == NULL || input_len == 0) {
2707 while (input_len > 0) {
2708 if (counter > max_records) {
2709 SCLogDebug(
"Looks like we have looped quite a bit. Reset state "
2710 "and get out of here");
2721 if ((input[0] & 0x80) || (input[0] & 0x40)) {
2730 SCLogDebug(
"record %u: bytes_processed %u, version %02X, input_len %u", counter,
2737 SCLogDebug(
"Continuing parsing SSLv2 record");
2740 SSLv2Decode(direction, ssl_state, pstate, input, input_len, stream_slice);
2743 SCLogDebug(
"Error parsing SSLv2. Resetting parser "
2744 "state. Let's get outta here");
2751 SCLogDebug(
"returning consumed %" PRIuMAX
" needed %u",
2752 (uintmax_t)(input - init_input), r.
needed);
2757 SCLogDebug(
"SSLv2 decoder consumed %d bytes: %u left", r.
retval, input_len);
2760 SCLogDebug(
"New TLS record: record_length %u",
2763 SCLogDebug(
"Continuing parsing TLS record: record_length %u, bytes_processed %u",
2767 SSLv3Decode(direction, ssl_state, pstate, input, input_len, stream_slice);
2770 SCLogDebug(
"Error parsing TLS. Resetting parser "
2771 "state. Let's get outta here");
2776 SCLogDebug(
"returning consumed %" PRIuMAX
" needed %u",
2777 (uintmax_t)(input - init_input), r.
needed);
2816 StreamSlice stream_slice,
void *local_data)
2818 return SSLDecode(f, 0 , alstate, pstate, stream_slice);
2822 StreamSlice stream_slice,
void *local_data)
2824 return SSLDecode(f, 1 , alstate, pstate, stream_slice);
2831 static void *SSLStateAlloc(
void *orig_state,
AppProto proto_orig)
2845 return (
void *)ssl_state;
2862 static void SSLStateFree(
void *p)
2913 if (ssl_state->
tx_data.de_state != NULL) {
2949 static void SSLStateTransactionFree(
void *state, uint64_t tx_id)
2954 static AppProto SSLProbingParser(
Flow *f, uint8_t direction,
2955 const uint8_t *input, uint32_t ilen, uint8_t *rdir)
2963 if ((input[0] & 0x80) && (input[2] == 0x01)) {
2970 static int SSLStateGetFrameIdByName(
const char *frame_name)
2979 static const char *SSLStateGetFrameNameById(
const uint8_t frame_id)
2985 static int SSLStateGetEventInfo(
2986 const char *event_name, uint8_t *event_id, AppLayerEventType *event_type)
2989 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
2995 static int SSLStateGetEventInfoById(
2996 uint8_t event_id,
const char **event_name, AppLayerEventType *event_type)
2999 if (*event_name == NULL) {
3001 "ssl's enum map table.",
3007 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
3012 static int SSLRegisterPatternsForProtocolDetection(
void)
3015 STREAM_TOSERVER, SSLProbingParser, 0, 3) < 0) {
3021 "|01 03 00|", 3, 0, STREAM_TOSERVER) < 0)
3026 "|16 03 00|", 3, 0, STREAM_TOSERVER) < 0)
3033 "|01 03 01|", 3, 0, STREAM_TOSERVER) < 0)
3038 "|16 03 01|", 3, 0, STREAM_TOSERVER) < 0)
3045 "|01 03 02|", 3, 0, STREAM_TOSERVER) < 0)
3050 "|16 03 02|", 3, 0, STREAM_TOSERVER) < 0)
3057 "|01 03 03|", 3, 0, STREAM_TOSERVER) < 0)
3062 "|16 03 03|", 3, 0, STREAM_TOSERVER) < 0)
3070 "|15 03 00|", 3, 0, STREAM_TOCLIENT) < 0)
3075 "|16 03 00|", 3, 0, STREAM_TOCLIENT) < 0)
3080 "|17 03 00|", 3, 0, STREAM_TOCLIENT) < 0)
3087 "|15 03 01|", 3, 0, STREAM_TOCLIENT) < 0)
3092 "|16 03 01|", 3, 0, STREAM_TOCLIENT) < 0)
3097 "|17 03 01|", 3, 0, STREAM_TOCLIENT) < 0)
3104 "|15 03 02|", 3, 0, STREAM_TOCLIENT) < 0)
3109 "|16 03 02|", 3, 0, STREAM_TOCLIENT) < 0)
3114 "|17 03 02|", 3, 0, STREAM_TOCLIENT) < 0)
3121 "|15 03 03|", 3, 0, STREAM_TOCLIENT) < 0)
3126 "|16 03 03|", 3, 0, STREAM_TOCLIENT) < 0)
3131 "|17 03 03|", 3, 0, STREAM_TOCLIENT) < 0)
3142 "|01 03 00|", 5, 2, STREAM_TOSERVER) < 0)
3147 "|00 02|", 7, 5, STREAM_TOCLIENT) < 0)
3157 static void CheckJA3Enabled(
void)
3159 const char *strval = NULL;
3162 if (
ConfGet(
"app-layer.protocols.tls.ja3-fingerprints", &strval) != 1) {
3164 }
else if (strcmp(strval,
"auto") == 0) {
3182 static void CheckJA4Enabled(
void)
3184 const char *strval = NULL;
3187 if (
ConfGet(
"app-layer.protocols.tls.ja4-fingerprints", &strval) != 1) {
3189 }
else if (strcmp(strval,
"auto") == 0) {
3211 const char *proto_name =
"tls";
3219 if (SSLRegisterPatternsForProtocolDetection() < 0)
3228 SSLProbingParser, NULL);
3233 SSLProbingParser, NULL) == 0) {
3235 "enabling TLS detection on port 443.");
3241 SSLProbingParser, NULL);
3245 SCLogConfig(
"Protocol detection and parser disabled for %s protocol",
3252 SSLParseClientRecord);
3255 SSLParseServerRecord);
3258 IPPROTO_TCP,
ALPROTO_TLS, SSLStateGetFrameIdByName, SSLStateGetFrameNameById);
3280 if (enc_handle != NULL && enc_handle->
val != NULL) {
3281 SCLogDebug(
"have app-layer.protocols.tls.encryption-handling = %s", enc_handle->
val);
3282 if (strcmp(enc_handle->
val,
"full") == 0) {
3284 }
else if (strcmp(enc_handle->
val,
"bypass") == 0) {
3286 }
else if (strcmp(enc_handle->
val,
"default") == 0) {
3293 if (
ConfGetNode(
"app-layer.protocols.tls.no-reassemble") == NULL) {
3295 if (
ConfGetBool(
"tls.no-reassemble", &value) == 1 && value == 1)
3299 if (
ConfGetBool(
"app-layer.protocols.tls.no-reassemble", &value) == 1 && value == 1)
3314 SCLogWarning(
"MD5 calculation has been disabled, disabling JA3");
3318 SCLogWarning(
"Hashing has been disabled, disabling JA4");
3332 SCLogConfig(
"Parser disabled for %s protocol. Protocol detection still on.", proto_name);