60 "client_handshake_done",
88 "server_handshake_done",
153 {
"CERTIFICATE_INVALID_ALGORITHMIDENTIFIER",
188 #define SSL_CONFIG_DEFAULT_JA3 0
189 #define SSL_CONFIG_DEFAULT_JA4 0
210 #define SSLV3_CHANGE_CIPHER_SPEC 20
211 #define SSLV3_ALERT_PROTOCOL 21
212 #define SSLV3_HANDSHAKE_PROTOCOL 22
213 #define SSLV3_APPLICATION_PROTOCOL 23
214 #define SSLV3_HEARTBEAT_PROTOCOL 24
217 #define SSLV3_HS_HELLO_REQUEST 0
218 #define SSLV3_HS_CLIENT_HELLO 1
219 #define SSLV3_HS_SERVER_HELLO 2
220 #define SSLV3_HS_NEW_SESSION_TICKET 4
221 #define SSLV3_HS_CERTIFICATE 11
222 #define SSLV3_HS_SERVER_KEY_EXCHANGE 12
223 #define SSLV3_HS_CERTIFICATE_REQUEST 13
224 #define SSLV3_HS_SERVER_HELLO_DONE 14
225 #define SSLV3_HS_CERTIFICATE_VERIFY 15
226 #define SSLV3_HS_CLIENT_KEY_EXCHANGE 16
227 #define SSLV3_HS_FINISHED 20
228 #define SSLV3_HS_CERTIFICATE_URL 21
229 #define SSLV3_HS_CERTIFICATE_STATUS 22
232 #define SSLV2_MT_ERROR 0
233 #define SSLV2_MT_CLIENT_HELLO 1
234 #define SSLV2_MT_CLIENT_MASTER_KEY 2
235 #define SSLV2_MT_CLIENT_FINISHED 3
236 #define SSLV2_MT_SERVER_HELLO 4
237 #define SSLV2_MT_SERVER_VERIFY 5
238 #define SSLV2_MT_SERVER_FINISHED 6
239 #define SSLV2_MT_REQUEST_CERTIFICATE 7
240 #define SSLV2_MT_CLIENT_CERTIFICATE 8
242 #define SSLV3_RECORD_HDR_LEN 5
244 #define SSLV3_RECORD_MAX_LEN ((1 << 14) + 1024)
246 #define SSLV3_CLIENT_HELLO_VERSION_LEN 2
247 #define SSLV3_CLIENT_HELLO_RANDOM_LEN 32
250 #define TLS_HB_REQUEST 1
251 #define TLS_HB_RESPONSE 2
253 #define SSL_RECORD_MINIMUM_LENGTH 6
255 #define SHA1_STRING_LENGTH 60
257 #define HAS_SPACE(n) ((uint64_t)(input - initial_input) + (uint64_t)(n) <= (uint64_t)(input_len))
263 #define SSL_DECODER_ERROR(e) \
264 (struct SSLDecoderResult) \
268 #define SSL_DECODER_OK(c) \
269 (struct SSLDecoderResult) \
273 #define SSL_DECODER_INCOMPLETE(c, n) \
274 (struct SSLDecoderResult) \
279 static inline int SafeMemcpy(
void *
dst,
size_t dst_offset,
size_t dst_size,
280 const void *
src,
size_t src_offset,
size_t src_size,
size_t src_tocopy)
WARN_UNUSED;
282 static inline int SafeMemcpy(
void *
dst,
size_t dst_offset,
size_t dst_size,
283 const void *
src,
size_t src_offset,
size_t src_size,
size_t src_tocopy)
290 if (dst_offset < dst_size && src_offset < src_size &&
291 src_tocopy <= (src_size - src_offset) &&
292 src_tocopy <= (dst_size - dst_offset)) {
293 memcpy(
dst + dst_offset,
src + src_offset, src_tocopy);
299 #ifdef DEBUG_VALIDATION
300 #define ValidateRecordState(connp) \
302 DEBUG_VALIDATE_BUG_ON(((connp)->record_length + SSLV3_RECORD_HDR_LEN) < \
303 (connp)->bytes_processed); \
306 #define ValidateRecordState(...)
309 #define SSLParserHSReset(connp) \
311 (connp)->handshake_type = 0; \
312 (connp)->message_length = 0; \
315 #define SSLParserReset(state) \
317 SCLogDebug("resetting state"); \
318 (state)->curr_connp->bytes_processed = 0; \
319 SSLParserHSReset((state)->curr_connp); \
322 #define SSLSetEvent(ssl_state, event) \
324 SCLogDebug("setting event %u", (event)); \
325 if ((ssl_state) == NULL) { \
326 SCLogDebug("could not set decoder event %u", event); \
328 AppLayerDecoderEventsSetEventRaw(&(ssl_state)->tx_data.events, (event)); \
329 (ssl_state)->events++; \
335 static void *SSLGetTx(
void *state, uint64_t tx_id)
341 static uint64_t SSLGetTxCnt(
void *state)
354 SCLogDebug(
"toserver: state updated to %u from %u", s, old);
365 SCLogDebug(
"toclient: state updated to %u from %u", s, old);
369 static int SSLGetAlstateProgress(
void *tx, uint8_t direction)
372 if (direction & STREAM_TOCLIENT) {
385 static AppLayerStateData *SSLGetStateData(
void *vstate)
397 strlcat(buffer,
"UNDETERMINED", 13);
418 strlcat(buffer,
"TLS 1.3 draft-28", 17);
421 strlcat(buffer,
"TLS 1.3 draft-27", 17);
424 strlcat(buffer,
"TLS 1.3 draft-26", 17);
427 strlcat(buffer,
"TLS 1.3 draft-25", 17);
430 strlcat(buffer,
"TLS 1.3 draft-24", 17);
433 strlcat(buffer,
"TLS 1.3 draft-23", 17);
436 strlcat(buffer,
"TLS 1.3 draft-22", 17);
439 strlcat(buffer,
"TLS 1.3 draft-21", 17);
442 strlcat(buffer,
"TLS 1.3 draft-20", 17);
445 strlcat(buffer,
"TLS 1.3 draft-19", 17);
448 strlcat(buffer,
"TLS 1.3 draft-18", 17);
451 strlcat(buffer,
"TLS 1.3 draft-17", 17);
454 strlcat(buffer,
"TLS 1.3 draft-16", 17);
457 strlcat(buffer,
"TLS 1.3 draft-<16", 18);
460 strlcat(buffer,
"TLS 1.3 draft-20-fb", 20);
463 strlcat(buffer,
"TLS 1.3 draft-21-fb", 20);
466 strlcat(buffer,
"TLS 1.3 draft-22-fb", 20);
469 strlcat(buffer,
"TLS 1.3 draft-23-fb", 20);
472 strlcat(buffer,
"TLS 1.3 draft-26-fb", 20);
475 snprintf(buffer, 7,
"0x%04x",
version);
480 static void TlsDecodeHSCertificateErrSetEvent(
SSLState *ssl_state, uint32_t err)
523 static inline int TlsDecodeHSCertificateFingerprint(
524 SSLStateConnp *connp,
const uint8_t *input, uint32_t cert_len)
534 if (SCSha1HashBuffer(input, cert_len, hash,
sizeof(hash)) == 1) {
541 static inline int TlsDecodeHSCertificateAddCertToChain(
542 SSLStateConnp *connp,
const uint8_t *input, uint32_t cert_len)
556 const uint8_t *
const initial_input,
const uint32_t input_len,
const int certn)
558 const uint8_t *input = (uint8_t *)initial_input;
559 uint32_t err_code = 0;
566 uint32_t cert_len = *input << 16 | *(input + 1) << 8 | *(input + 2);
575 x509 = rs_x509_decode(input, cert_len, &err_code);
577 TlsDecodeHSCertificateErrSetEvent(ssl_state, err_code);
581 char *
str = rs_x509_get_subject(x509);
588 str = rs_x509_get_issuer(x509);
601 sans[i] = rs_x509_get_subjectaltname_at(x509, i);
604 str = rs_x509_get_serial(x509);
620 rc = TlsDecodeHSCertificateFingerprint(connp, input, cert_len);
622 SCLogDebug(
"TlsDecodeHSCertificateFingerprint failed with %d", rc);
627 rc = TlsDecodeHSCertificateAddCertToChain(connp, input, cert_len);
629 SCLogDebug(
"TlsDecodeHSCertificateAddCertToChain failed with %d", rc);
635 return (
int)(input - initial_input);
639 TlsDecodeHSCertificateErrSetEvent(ssl_state, err_code);
643 SSLStateCertSANFree(connp);
658 const uint8_t *
const initial_input,
const uint32_t input_len)
660 const uint8_t *input = (uint8_t *)initial_input;
665 const uint32_t cert_chain_len = *input << 16 | *(input + 1) << 8 | *(input + 2);
684 uint32_t processed_len = 0;
686 while (processed_len < cert_chain_len) {
687 int rc = TlsDecodeHSCertificate(ssl_state, connp, connp->
certs_buffer + processed_len,
693 if (processed_len + (uint32_t)rc > cert_chain_len) {
697 processed_len += (uint32_t)rc;
700 return processed_len + 3;
714 static inline int TLSDecodeValueIsGREASE(
const uint16_t value)
740 static inline int TLSDecodeHSHelloVersion(
SSLState *ssl_state,
741 const uint8_t *
const initial_input,
742 const uint32_t input_len)
744 uint8_t *input = (uint8_t *)initial_input;
753 uint16_t
version = (uint16_t)(*input << 8) | *(input + 1);
795 return (
int)(input - initial_input);
798 static inline int TLSDecodeHSHelloRandom(
SSLState *ssl_state,
799 const uint8_t *
const initial_input,
800 const uint32_t input_len)
802 uint8_t *input = (uint8_t *)initial_input;
822 return (
int)(input - initial_input);
825 static inline int TLSDecodeHSHelloSessionID(
SSLState *ssl_state,
826 const uint8_t *
const initial_input,
827 const uint32_t input_len)
829 uint8_t *input = (uint8_t *)initial_input;
834 uint8_t session_id_length = *input;
848 input, 0, input_len, session_id_length) != 0) {
865 input += session_id_length;
867 return (
int)(input - initial_input);
876 static inline int TLSDecodeHSHelloCipherSuites(
SSLState *ssl_state,
877 const uint8_t *
const initial_input,
878 const uint32_t input_len)
880 const uint8_t *input = initial_input;
885 uint16_t cipher_suites_length;
888 cipher_suites_length = 2;
890 cipher_suites_length = (uint16_t)(*input << 8) | *(input + 1);
900 if ((cipher_suites_length % 2) != 0) {
904 const bool enable_ja3 =
912 if (ja3_cipher_suites == NULL)
916 uint16_t processed_len = 0;
918 while (processed_len < cipher_suites_length)
927 uint16_t cipher_suite = (uint16_t)(*input << 8) | *(input + 1);
930 if (TLSDecodeValueIsGREASE(cipher_suite) != 1) {
954 input += cipher_suites_length;
957 return (
int)(input - initial_input);
966 static inline int TLSDecodeHSHelloCompressionMethods(
SSLState *ssl_state,
967 const uint8_t *
const initial_input,
968 const uint32_t input_len)
970 const uint8_t *input = initial_input;
979 uint8_t compression_methods_length = *input;
982 if (!(
HAS_SPACE(compression_methods_length)))
985 input += compression_methods_length;
988 return (
int)(input - initial_input);
997 static inline int TLSDecodeHSHelloExtensionSni(
SSLState *ssl_state,
998 const uint8_t *
const initial_input,
999 const uint32_t input_len)
1001 uint8_t *input = (uint8_t *)initial_input;
1008 goto invalid_length;
1014 goto invalid_length;
1016 uint8_t sni_type = *input;
1029 goto invalid_length;
1031 uint16_t sni_len = (uint16_t)(*input << 8) | *(input + 1);
1037 if (!(
HAS_SPACE(sni_len)) || sni_len > 255 || sni_len == 0) {
1050 return (
int)(input - initial_input);
1053 const size_t sni_strlen = sni_len + 1;
1058 const size_t consumed = input - initial_input;
1060 initial_input, consumed, input_len, sni_len) != 0) {
1069 return (
int)(input - initial_input);
1080 static inline int TLSDecodeHSHelloExtensionSupportedVersions(
SSLState *ssl_state,
1081 const uint8_t *
const initial_input,
1082 const uint32_t input_len)
1084 const uint8_t *input = initial_input;
1092 goto invalid_length;
1094 uint8_t supported_ver_len = *input;
1097 if (supported_ver_len < 2)
1098 goto invalid_length;
1101 goto invalid_length;
1106 while (i + 1 < (uint16_t)supported_ver_len) {
1107 uint16_t ver = (uint16_t)(input[i] << 8) | input[i + 1];
1108 if (TLSVersionValid(ver)) {
1122 input += supported_ver_len;
1126 goto invalid_length;
1128 uint16_t ver = (uint16_t)(*input << 8) | *(input + 1);
1139 return (
int)(input - initial_input);
1149 static inline int TLSDecodeHSHelloExtensionEllipticCurves(
SSLState *ssl_state,
1150 const uint8_t *
const initial_input,
1151 const uint32_t input_len,
1154 const uint8_t *input = initial_input;
1161 goto invalid_length;
1163 uint16_t elliptic_curves_len = (uint16_t)(*input << 8) | *(input + 1);
1167 goto invalid_length;
1170 uint16_t ec_processed_len = 0;
1172 while (ec_processed_len < elliptic_curves_len)
1175 goto invalid_length;
1177 uint16_t elliptic_curve = (uint16_t)(*input << 8) | *(input + 1);
1180 if (TLSDecodeValueIsGREASE(elliptic_curve) != 1) {
1187 ec_processed_len += 2;
1192 input += elliptic_curves_len;
1195 return (
int)(input - initial_input);
1205 static inline int TLSDecodeHSHelloExtensionEllipticCurvePF(
SSLState *ssl_state,
1206 const uint8_t *
const initial_input,
1207 const uint32_t input_len,
1210 const uint8_t *input = initial_input;
1217 goto invalid_length;
1219 uint8_t ec_pf_len = *input;
1223 goto invalid_length;
1226 uint8_t ec_pf_processed_len = 0;
1228 while (ec_pf_processed_len < ec_pf_len)
1230 uint8_t elliptic_curve_pf = *input;
1233 if (TLSDecodeValueIsGREASE(elliptic_curve_pf) != 1) {
1240 ec_pf_processed_len += 1;
1248 return (
int)(input - initial_input);
1258 static inline int TLSDecodeHSHelloExtensionSigAlgorithms(
1259 SSLState *ssl_state,
const uint8_t *
const initial_input,
const uint32_t input_len)
1261 const uint8_t *input = initial_input;
1268 goto invalid_length;
1270 uint16_t sigalgo_len = (uint16_t)(*input << 8) | *(input + 1);
1274 if ((sigalgo_len % 2) != 0) {
1275 goto invalid_length;
1279 goto invalid_length;
1283 uint16_t sigalgo_processed_len = 0;
1284 while (sigalgo_processed_len < sigalgo_len) {
1285 uint16_t sigalgo = (uint16_t)(*input << 8) | *(input + 1);
1287 sigalgo_processed_len += 2;
1293 input += sigalgo_len;
1296 return (
int)(input - initial_input);
1299 SCLogDebug(
"Signature algorithm list invalid length");
1305 static void StoreALPN(
SSLStateConnp *connp,
const uint8_t *alpn,
const uint32_t size)
1310 memcpy(a->
alpn, alpn, size);
1317 static inline int TLSDecodeHSHelloExtensionALPN(
1318 SSLState *ssl_state,
const uint8_t *
const initial_input,
const uint32_t input_len)
1320 const uint8_t *input = initial_input;
1327 goto invalid_length;
1329 uint16_t alpn_len = (uint16_t)(*input << 8) | *(input + 1);
1333 goto invalid_length;
1337 uint32_t alpn_processed_len = 0;
1338 while (alpn_processed_len < alpn_len) {
1339 uint8_t protolen = *input;
1341 alpn_processed_len += 1;
1344 goto invalid_length;
1348 if (alpn_processed_len + protolen > ((uint32_t)alpn_len)) {
1349 input += alpn_len - alpn_processed_len;
1356 if (alpn_processed_len == 1) {
1357 SCJA4SetALPN(ssl_state->
curr_connp->
ja4, (
const char *)input, protolen);
1360 StoreALPN(ssl_state->
curr_connp, input, protolen);
1362 alpn_processed_len += protolen;
1366 return (
int)(input - initial_input);
1375 static inline int TLSDecodeHSHelloExtensions(
SSLState *ssl_state,
1376 const uint8_t *
const initial_input,
1377 const uint32_t input_len)
1379 const uint8_t *input = initial_input;
1389 JA3Buffer *ja3_elliptic_curves_pf = NULL;
1393 if (ja3_extensions == NULL)
1398 if (ja3_elliptic_curves == NULL)
1402 if (ja3_elliptic_curves_pf == NULL)
1411 uint16_t extensions_len = (uint16_t)(*input << 8) | *(input + 1);
1415 goto invalid_length;
1417 uint16_t processed_len = 0;
1419 while (processed_len < extensions_len)
1422 goto invalid_length;
1424 uint16_t ext_type = (uint16_t)(*input << 8) | *(input + 1);
1428 goto invalid_length;
1430 uint16_t ext_len = (uint16_t)(*input << 8) | *(input + 1);
1434 goto invalid_length;
1440 ret = TLSDecodeHSHelloExtensionSni(ssl_state, input,
1453 ret = TLSDecodeHSHelloExtensionEllipticCurves(ssl_state, input,
1455 ja3_elliptic_curves);
1467 ret = TLSDecodeHSHelloExtensionEllipticCurvePF(ssl_state, input,
1469 ja3_elliptic_curves_pf);
1480 ret = TLSDecodeHSHelloExtensionSigAlgorithms(ssl_state, input, ext_len);
1491 ret = TLSDecodeHSHelloExtensionALPN(ssl_state, input, ext_len);
1515 ret = TLSDecodeHSHelloExtensionSupportedVersions(ssl_state, input,
1546 if (TLSDecodeValueIsGREASE(ext_type) != 1) {
1555 if (TLSDecodeValueIsGREASE(ext_type) != 1) {
1560 processed_len += ext_len + 4;
1572 &ja3_elliptic_curves);
1577 &ja3_elliptic_curves_pf);
1583 return (
int)(input - initial_input);
1591 if (ja3_extensions != NULL)
1593 if (ja3_elliptic_curves != NULL)
1595 if (ja3_elliptic_curves_pf != NULL)
1601 static int TLSDecodeHandshakeHello(
SSLState *ssl_state,
1602 const uint8_t *
const input,
1603 const uint32_t input_len)
1606 uint32_t parsed = 0;
1617 ret = TLSDecodeHSHelloVersion(ssl_state, input, input_len);
1623 ret = TLSDecodeHSHelloRandom(ssl_state, input + parsed, input_len - parsed);
1634 ret = TLSDecodeHSHelloSessionID(ssl_state, input + parsed,
1635 input_len - parsed);
1642 ret = TLSDecodeHSHelloCipherSuites(ssl_state, input + parsed,
1643 input_len - parsed);
1654 ret = TLSDecodeHSHelloCompressionMethods(ssl_state, input + parsed,
1655 input_len - parsed);
1662 ret = TLSDecodeHSHelloExtensions(ssl_state, input + parsed,
1663 input_len - parsed);
1680 #ifdef DEBUG_VALIDATION
1690 const uint8_t *
const initial_input,
const uint32_t input_len)
1692 int rc = TlsDecodeHSCertificates(ssl_state, connp, initial_input, input_len);
1697 }
else if (rc < 0) {
1698 SCLogDebug(
"error parsing cert, reset state");
1710 static int SupportedHandshakeType(
const uint8_t
type)
1740 static int SSLv3ParseHandshakeType(
SSLState *ssl_state,
const uint8_t *input,
1741 uint32_t input_len, uint8_t direction)
1743 const uint8_t *initial_input = input;
1752 rc = TLSDecodeHandshakeHello(ssl_state, input, input_len);
1761 rc = TLSDecodeHandshakeHello(ssl_state, input, input_len);
1775 rc = SSLv3ParseHandshakeTypeCertificate(ssl_state,
1815 static int SSLv3ParseHandshakeProtocol(
SSLState *ssl_state,
const uint8_t *input,
1816 uint32_t input_len, uint8_t direction)
1818 const uint8_t *initial_input = input;
1829 SCLogDebug(
"partial handshake record in place");
1832 const uint32_t add =
MIN(need, input_len);
1838 const uint32_t new_size = avail + (4096 - (avail % 4096));
1839 SCLogDebug(
"new_size %u, avail %u", new_size, avail);
1847 SCLogDebug(
"ssl_state->curr_connp->hs_buffer_offset %u "
1848 "ssl_state->curr_connp->hs_buffer_size %u",
1870 SCLogDebug(
"got all data now: handshake_type %u message_length %u",
1901 SCLogDebug(
"input %p input_len %u", input, input_len);
1903 if (input_len < 4) {
1910 SCLogDebug(
"handshake_type %u message len %u input %p input_len %u",
1920 SCLogDebug(
"supported_type %s handshake_type %u/%02x", supported_type ?
"true" :
"false",
1922 if (!supported_type) {
1923 uint32_t avail_record_len =
MIN(input_len, record_len);
1924 input += avail_record_len;
1925 input_len -= avail_record_len;
1939 if (record_len > input_len) {
1940 const uint32_t avail = input_len;
1941 const uint32_t size = avail + (4096 - (avail % 4096));
1942 SCLogDebug(
"initial buffer size %u, based on input %u", size, avail);
1951 if (input_len > 0) {
1959 SCLogDebug(
"opened record buffer %p size %u offset %u type %u msg_size %u",
1966 return (
int)(input - initial_input);
1970 int retval = SSLv3ParseHandshakeType(
1972 if (retval < 0 || retval > (
int)input_len) {
1976 SCLogDebug(
"retval %d input_len %u", retval, input_len);
1978 input_len -= retval;
1984 return (
int)(input - initial_input);
1998 static int SSLv3ParseAlertProtocol(
1999 SSLState *ssl_state,
const uint8_t *input, uint32_t input_len, uint8_t direction)
2001 if (input_len < 2) {
2007 if (input_len == 2) {
2008 uint8_t level = input[0];
2031 static int SSLv3ParseHeartbeatProtocol(
SSLState *ssl_state,
const uint8_t *input,
2032 uint32_t input_len, uint8_t direction)
2036 uint32_t padding_len;
2039 if (input_len < 3) {
2056 SCLogDebug(
"HeartBeat Record type sent in the toclient direction!");
2059 SCLogDebug(
"HeartBeat Record type sent in the toserver direction!");
2067 SCLogDebug(
"Encrypted HeartBeat Request In-flight. Storing len %u",
2072 payload_len = (uint16_t)(*input << 8) | *(input + 1);
2077 SCLogDebug(
"We have a short record in HeartBeat Request");
2085 if (padding_len < 16) {
2086 SCLogDebug(
"We have a short record in HeartBeat Request");
2100 SCLogDebug(
"Multiple in-flight server initiated HeartBeats");
2106 SCLogDebug(
"Multiple in-flight client initiated HeartBeats");
2124 SCLogDebug(
"My heart is bleeding.. OpenSSL HeartBleed response (%u)",
2143 static int SSLv3ParseRecord(uint8_t direction,
SSLState *ssl_state,
2144 const uint8_t *input, uint32_t input_len)
2146 const uint8_t *initial_input = input;
2148 if (input_len == 0) {
2152 uint8_t skip_version = 0;
2156 if (direction == 0) {
2170 if (input_len >= 5) {
2172 if (!skip_version) {
2181 if (--input_len == 0)
2187 if (!skip_version) {
2192 if (--input_len == 0)
2197 if (!skip_version) {
2202 if (--input_len == 0)
2208 if (--input_len == 0)
2214 if (--input_len == 0)
2222 return (
int)(input - initial_input);
2225 static int SSLv2ParseRecord(uint8_t direction,
SSLState *ssl_state,
2226 const uint8_t *input, uint32_t input_len)
2228 const uint8_t *initial_input = input;
2230 if (input_len == 0) {
2245 if (--input_len == 0)
2252 if (--input_len == 0)
2259 if (--input_len == 0)
2276 if (--input_len == 0)
2283 if (--input_len == 0)
2290 if (--input_len == 0)
2297 if (--input_len == 0)
2306 return (
int)(input - initial_input);
2311 const StreamSlice stream_slice)
2313 const uint8_t *initial_input = input;
2315 if (ssl_state->curr_connp->bytes_processed == 0) {
2316 if (input[0] & 0x80) {
2317 ssl_state->curr_connp->record_lengths_length = 2;
2319 ssl_state->curr_connp->record_lengths_length = 3;
2327 SCLogDebug(
"direction %u ssl_state->curr_connp->record_lengths_length + 1 %u, "
2328 "ssl_state->curr_connp->bytes_processed %u",
2329 direction, ssl_state->curr_connp->record_lengths_length + 1,
2330 ssl_state->curr_connp->bytes_processed);
2333 if (ssl_state->curr_connp->bytes_processed <
2334 (ssl_state->curr_connp->record_lengths_length + 1)) {
2335 const int retval = SSLv2ParseRecord(direction, ssl_state, input, input_len);
2337 ssl_state->curr_connp->record_length);
2338 if (retval < 0 || retval > (
int)input_len) {
2345 ssl_state->curr_connp->record_lengths_length + ssl_state->curr_connp->record_length,
2354 if (ssl_state->curr_connp->record_lengths_length + ssl_state->curr_connp->record_length >
2355 input_len + ssl_state->curr_connp->bytes_processed) {
2356 uint32_t
needed = ssl_state->curr_connp->record_length;
2357 SCLogDebug(
"record len %u input_len %u parsed %u: need %u bytes more data",
2358 ssl_state->curr_connp->record_length, input_len, (uint32_t)(input - initial_input),
2363 if (input_len == 0) {
2368 if (ssl_state->curr_connp->record_length == 0) {
2375 if (ssl_state->curr_connp->record_lengths_length == 0) {
2376 SCLogDebug(
"SSLv2 record lengths length is zero");
2381 switch (ssl_state->curr_connp->content_type) {
2383 SCLogDebug(
"SSLV2_MT_ERROR msg_type received. Error encountered "
2384 "in establishing the sslv2 session, may be version");
2390 if (input_len < 6) {
2399 const uint16_t
version = (uint16_t)(input[0] << 8) | input[1];
2401 ssl_state->curr_connp->version =
version;
2402 uint16_t session_id_length = (input[5]) | (uint16_t)(input[4] << 8);
2405 ssl_state->curr_connp->bytes_processed += 6;
2406 if (session_id_length == 0) {
2413 SCLogDebug(
"Client hello is not seen before master key "
2421 if (direction == 1) {
2422 SCLogDebug(
"Incorrect SSL Record type sent in the toclient "
2432 if (direction == 0 &&
2433 !(ssl_state->curr_connp->content_type &
2435 SCLogDebug(
"Incorrect SSL Record type sent in the toserver "
2446 if (direction == 0) {
2449 SCLogDebug(
"SSLv2 client side has started the encryption");
2452 SCLogDebug(
"SSLv2 client side has started the encryption");
2456 SCLogDebug(
"SSLv2 Server side has started the encryption");
2471 SCLogDebug(
"SSLv2 No reassembly & inspection has been set");
2485 ssl_state->flags |= ssl_state->current_flags;
2487 if (input_len + ssl_state->curr_connp->bytes_processed >=
2488 (ssl_state->curr_connp->record_length +
2489 ssl_state->curr_connp->record_lengths_length)) {
2492 uint32_t diff = ssl_state->curr_connp->record_length +
2493 ssl_state->curr_connp->record_lengths_length + -
2494 ssl_state->curr_connp->bytes_processed;
2502 ssl_state->curr_connp->bytes_processed += input_len;
2509 const StreamSlice stream_slice)
2511 uint32_t parsed = 0;
2512 uint32_t record_len;
2513 const bool first_call = (ssl_state->curr_connp->bytes_processed == 0);
2516 const uint16_t prev_version = ssl_state->curr_connp->version;
2518 int retval = SSLv3ParseRecord(direction, ssl_state, input, input_len);
2519 if (retval < 0 || retval > (
int)input_len) {
2527 SCLogDebug(
"%s input %p record_length %u", (direction == 0) ?
"toserver" :
"toclient",
2528 input, ssl_state->curr_connp->record_length);
2541 "incomplete header, return %u bytes consumed and wait for more data", parsed);
2548 record_len =
MIN(input_len - parsed, ssl_state->curr_connp->record_length);
2550 "record_len %u (input_len %u, parsed %u, ssl_state->curr_connp->record_length %u)",
2551 record_len, input_len, parsed, ssl_state->curr_connp->record_length);
2553 bool unknown_record =
false;
2554 switch (ssl_state->curr_connp->content_type) {
2562 unknown_record =
true;
2569 if (unknown_record) {
2573 ssl_state->curr_connp->bytes_processed = 0;
2574 ssl_state->curr_connp->content_type = 0;
2575 ssl_state->curr_connp->record_length = 0;
2577 ssl_state->curr_connp->version = prev_version;
2581 if (unknown_record) {
2589 if (ssl_state->curr_connp->record_length == 0) {
2595 if (!TLSVersionValid(ssl_state->curr_connp->version)) {
2596 SCLogDebug(
"ssl_state->curr_connp->version %04x", ssl_state->curr_connp->version);
2610 record_len = (ssl_state->curr_connp->record_length +
SSLV3_RECORD_HDR_LEN)- ssl_state->curr_connp->bytes_processed;
2611 record_len =
MIN(input_len, record_len);
2613 SCLogDebug(
"record length %u processed %u got %u",
2614 ssl_state->curr_connp->record_length, ssl_state->curr_connp->bytes_processed, record_len);
2617 if (ssl_state->curr_connp->record_length > input_len - parsed) {
2623 uint32_t
needed = ssl_state->curr_connp->record_length;
2624 SCLogDebug(
"record len %u input_len %u parsed %u: need %u bytes more data",
2625 ssl_state->curr_connp->record_length, input_len, parsed,
needed);
2631 if (record_len == 0) {
2636 ssl_state->curr_connp->record_length, direction,
TLS_FRAME_DATA);
2638 switch (ssl_state->curr_connp->content_type) {
2657 int retval = SSLv3ParseAlertProtocol(ssl_state, input + parsed, record_len, direction);
2675 if (ssl_state->curr_connp == &ssl_state->client_connp) {
2682 SCLogDebug(
"setting APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD");
2690 SCLogDebug(
"setting APP_LAYER_PARSER_NO_REASSEMBLY");
2715 if (ssl_state->curr_connp->record_length < 4) {
2718 SCLogDebug(
"record len < 4 => %u", ssl_state->curr_connp->record_length);
2722 int retval = SSLv3ParseHandshakeProtocol(ssl_state, input + parsed,
2723 record_len, direction);
2725 if (retval < 0 || retval > (
int)record_len) {
2737 int retval = SSLv3ParseHeartbeatProtocol(ssl_state, input + parsed,
2738 record_len, direction);
2752 parsed += record_len;
2753 ssl_state->curr_connp->bytes_processed += record_len;
2755 if (ssl_state->curr_connp->bytes_processed >=
2759 ssl_state->f, direction == 0 ? STREAM_TOSERVER : STREAM_TOCLIENT);
2790 static AppLayerResult SSLDecode(
Flow *f, uint8_t direction,
void *alstate,
2794 ssl_state->
tx_data.updated_tc =
true;
2795 ssl_state->
tx_data.updated_ts =
true;
2796 uint32_t counter = 0;
2798 const uint8_t *input = StreamSliceGetData(&stream_slice);
2799 const uint8_t *init_input = input;
2800 int32_t input_len = (int32_t)StreamSliceGetDataLen(&stream_slice);
2802 if ((input == NULL || input_len == 0) &&
2812 }
else if (input == NULL || input_len == 0) {
2828 while (input_len > 0) {
2829 if (counter > max_records) {
2830 SCLogDebug(
"Looks like we have looped quite a bit. Reset state "
2831 "and get out of here");
2842 if ((input[0] & 0x80) || (input[0] & 0x40)) {
2851 SCLogDebug(
"record %u: bytes_processed %u, version %02X, input_len %u", counter,
2858 SCLogDebug(
"Continuing parsing SSLv2 record");
2861 SSLv2Decode(direction, ssl_state, pstate, input, input_len, stream_slice);
2864 SCLogDebug(
"Error parsing SSLv2. Resetting parser "
2865 "state. Let's get outta here");
2872 SCLogDebug(
"returning consumed %" PRIuMAX
" needed %u",
2873 (uintmax_t)(input - init_input), r.
needed);
2878 SCLogDebug(
"SSLv2 decoder consumed %d bytes: %u left", r.
retval, input_len);
2881 SCLogDebug(
"New TLS record: record_length %u",
2884 SCLogDebug(
"Continuing parsing TLS record: record_length %u, bytes_processed %u",
2888 SSLv3Decode(direction, ssl_state, pstate, input, input_len, stream_slice);
2891 SCLogDebug(
"Error parsing TLS. Resetting parser "
2892 "state. Let's get outta here");
2897 SCLogDebug(
"returning consumed %" PRIuMAX
" needed %u",
2898 (uintmax_t)(input - init_input), r.
needed);
2940 StreamSlice stream_slice,
void *local_data)
2942 return SSLDecode(f, 0 , alstate, pstate, stream_slice);
2946 StreamSlice stream_slice,
void *local_data)
2948 return SSLDecode(f, 1 , alstate, pstate, stream_slice);
2955 static void *SSLStateAlloc(
void *orig_state,
AppProto proto_orig)
2969 return (
void *)ssl_state;
2986 static void SSLStateFree(
void *p)
3035 SCAppLayerTxDataCleanup(&ssl_state->
tx_data);
3069 static void SSLStateTransactionFree(
void *state, uint64_t tx_id)
3074 static AppProto SSLProbingParser(
Flow *f, uint8_t direction,
3075 const uint8_t *input, uint32_t ilen, uint8_t *rdir)
3083 if ((input[0] & 0x80) && (input[2] == 0x01)) {
3090 static int SSLStateGetStateIdByName(
const char *
name,
const uint8_t direction)
3093 direction == STREAM_TOSERVER ? tls_state_client_table : tls_state_server_table;
3102 static const char *SSLStateGetStateNameById(
const int id,
const uint8_t direction)
3105 direction == STREAM_TOSERVER ? tls_state_client_table : tls_state_server_table;
3110 static int SSLStateGetFrameIdByName(
const char *frame_name)
3119 static const char *SSLStateGetFrameNameById(
const uint8_t frame_id)
3125 static int SSLStateGetEventInfo(
3126 const char *event_name, uint8_t *event_id, AppLayerEventType *event_type)
3129 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
3135 static int SSLStateGetEventInfoById(
3136 uint8_t event_id,
const char **event_name, AppLayerEventType *event_type)
3139 if (*event_name == NULL) {
3141 "ssl's enum map table.",
3147 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
3152 static int SSLRegisterPatternsForProtocolDetection(
void)
3155 STREAM_TOSERVER, SSLProbingParser, 0, 3) < 0) {
3161 "|01 03 00|", 3, 0, STREAM_TOSERVER) < 0)
3166 "|16 03 00|", 3, 0, STREAM_TOSERVER) < 0)
3173 "|01 03 01|", 3, 0, STREAM_TOSERVER) < 0)
3178 "|16 03 01|", 3, 0, STREAM_TOSERVER) < 0)
3185 "|01 03 02|", 3, 0, STREAM_TOSERVER) < 0)
3190 "|16 03 02|", 3, 0, STREAM_TOSERVER) < 0)
3197 "|01 03 03|", 3, 0, STREAM_TOSERVER) < 0)
3202 "|16 03 03|", 3, 0, STREAM_TOSERVER) < 0)
3210 "|15 03 00|", 3, 0, STREAM_TOCLIENT) < 0)
3215 "|16 03 00|", 3, 0, STREAM_TOCLIENT) < 0)
3220 "|17 03 00|", 3, 0, STREAM_TOCLIENT) < 0)
3227 "|15 03 01|", 3, 0, STREAM_TOCLIENT) < 0)
3232 "|16 03 01|", 3, 0, STREAM_TOCLIENT) < 0)
3237 "|17 03 01|", 3, 0, STREAM_TOCLIENT) < 0)
3244 "|15 03 02|", 3, 0, STREAM_TOCLIENT) < 0)
3249 "|16 03 02|", 3, 0, STREAM_TOCLIENT) < 0)
3254 "|17 03 02|", 3, 0, STREAM_TOCLIENT) < 0)
3261 "|15 03 03|", 3, 0, STREAM_TOCLIENT) < 0)
3266 "|16 03 03|", 3, 0, STREAM_TOCLIENT) < 0)
3271 "|17 03 03|", 3, 0, STREAM_TOCLIENT) < 0)
3282 "|01 03 00|", 5, 2, STREAM_TOSERVER) < 0)
3287 "|00 02|", 7, 5, STREAM_TOCLIENT) < 0)
3297 static void CheckJA3Enabled(
void)
3299 const char *strval = NULL;
3302 if (
SCConfGet(
"app-layer.protocols.tls.ja3-fingerprints", &strval) != 1) {
3304 }
else if (strcmp(strval,
"auto") == 0) {
3322 static void CheckJA4Enabled(
void)
3324 const char *strval = NULL;
3327 if (
SCConfGet(
"app-layer.protocols.tls.ja4-fingerprints", &strval) != 1) {
3329 }
else if (strcmp(strval,
"auto") == 0) {
3351 const char *proto_name =
"tls";
3359 if (SSLRegisterPatternsForProtocolDetection() < 0)
3368 SSLProbingParser, NULL);
3373 SSLProbingParser, NULL) == 0) {
3375 "enabling TLS detection on port 443.");
3381 SSLProbingParser, NULL);
3385 SCLogConfig(
"Protocol detection and parser disabled for %s protocol",
3392 SSLParseClientRecord);
3395 SSLParseServerRecord);
3397 IPPROTO_TCP,
ALPROTO_TLS, SSLStateGetStateIdByName, SSLStateGetStateNameById);
3399 IPPROTO_TCP,
ALPROTO_TLS, SSLStateGetFrameIdByName, SSLStateGetFrameNameById);
3421 if (enc_handle != NULL && enc_handle->
val != NULL) {
3422 SCLogDebug(
"have app-layer.protocols.tls.encryption-handling = %s", enc_handle->
val);
3423 if (strcmp(enc_handle->
val,
"full") == 0) {
3425 }
else if (strcmp(enc_handle->
val,
"bypass") == 0) {
3427 }
else if (strcmp(enc_handle->
val,
"track-only") == 0) {
3429 }
else if (strcmp(enc_handle->
val,
"default") == 0) {
3430 SCLogWarning(
"app-layer.protocols.tls.encryption-handling = default is deprecated "
3431 "and will be removed in Suricata 9, use \"track-only\" instead, "
3432 "(see ticket #7642)");
3439 if (
SCConfGetNode(
"app-layer.protocols.tls.no-reassemble") == NULL) {
3441 if (
SCConfGetBool(
"tls.no-reassemble", &value) == 1 && value == 1)
3445 if (
SCConfGetBool(
"app-layer.protocols.tls.no-reassemble", &value) == 1 &&
3461 SCLogWarning(
"MD5 calculation has been disabled, disabling JA3");
3465 SCLogWarning(
"Hashing has been disabled, disabling JA4");
3479 SCLogConfig(
"Parser disabled for %s protocol. Protocol detection still on.", proto_name);