61 "client_handshake_done",
89 "server_handshake_done",
154 {
"CERTIFICATE_INVALID_ALGORITHMIDENTIFIER",
189 #define SSL_CONFIG_DEFAULT_JA3 0
191 #define SSL_CONFIG_DEFAULT_JA4 0
213 #define SSLV3_CHANGE_CIPHER_SPEC 20
214 #define SSLV3_ALERT_PROTOCOL 21
215 #define SSLV3_HANDSHAKE_PROTOCOL 22
216 #define SSLV3_APPLICATION_PROTOCOL 23
217 #define SSLV3_HEARTBEAT_PROTOCOL 24
220 #define SSLV3_HS_HELLO_REQUEST 0
221 #define SSLV3_HS_CLIENT_HELLO 1
222 #define SSLV3_HS_SERVER_HELLO 2
223 #define SSLV3_HS_NEW_SESSION_TICKET 4
224 #define SSLV3_HS_CERTIFICATE 11
225 #define SSLV3_HS_SERVER_KEY_EXCHANGE 12
226 #define SSLV3_HS_CERTIFICATE_REQUEST 13
227 #define SSLV3_HS_SERVER_HELLO_DONE 14
228 #define SSLV3_HS_CERTIFICATE_VERIFY 15
229 #define SSLV3_HS_CLIENT_KEY_EXCHANGE 16
230 #define SSLV3_HS_FINISHED 20
231 #define SSLV3_HS_CERTIFICATE_URL 21
232 #define SSLV3_HS_CERTIFICATE_STATUS 22
235 #define SSLV2_MT_ERROR 0
236 #define SSLV2_MT_CLIENT_HELLO 1
237 #define SSLV2_MT_CLIENT_MASTER_KEY 2
238 #define SSLV2_MT_CLIENT_FINISHED 3
239 #define SSLV2_MT_SERVER_HELLO 4
240 #define SSLV2_MT_SERVER_VERIFY 5
241 #define SSLV2_MT_SERVER_FINISHED 6
242 #define SSLV2_MT_REQUEST_CERTIFICATE 7
243 #define SSLV2_MT_CLIENT_CERTIFICATE 8
245 #define SSLV3_RECORD_HDR_LEN 5
247 #define SSLV3_RECORD_MAX_LEN ((1 << 14) + 1024)
249 #define SSLV3_CLIENT_HELLO_VERSION_LEN 2
250 #define SSLV3_CLIENT_HELLO_RANDOM_LEN 32
253 #define TLS_HB_REQUEST 1
254 #define TLS_HB_RESPONSE 2
256 #define SSL_RECORD_MINIMUM_LENGTH 6
258 #define SHA1_STRING_LENGTH 60
260 #define HAS_SPACE(n) ((uint64_t)(input - initial_input) + (uint64_t)(n) <= (uint64_t)(input_len))
266 #define SSL_DECODER_ERROR(e) \
267 (struct SSLDecoderResult) \
271 #define SSL_DECODER_OK(c) \
272 (struct SSLDecoderResult) \
276 #define SSL_DECODER_INCOMPLETE(c, n) \
277 (struct SSLDecoderResult) \
282 static inline int SafeMemcpy(
void *
dst,
size_t dst_offset,
size_t dst_size,
283 const void *
src,
size_t src_offset,
size_t src_size,
size_t src_tocopy)
WARN_UNUSED;
285 static inline int SafeMemcpy(
void *
dst,
size_t dst_offset,
size_t dst_size,
286 const void *
src,
size_t src_offset,
size_t src_size,
size_t src_tocopy)
293 if (dst_offset < dst_size && src_offset < src_size &&
294 src_tocopy <= (src_size - src_offset) &&
295 src_tocopy <= (dst_size - dst_offset)) {
296 memcpy(
dst + dst_offset,
src + src_offset, src_tocopy);
302 #ifdef DEBUG_VALIDATION
303 #define ValidateRecordState(connp) \
305 DEBUG_VALIDATE_BUG_ON(((connp)->record_length + SSLV3_RECORD_HDR_LEN) < \
306 (connp)->bytes_processed); \
309 #define ValidateRecordState(...)
312 #define SSLParserHSReset(connp) \
314 (connp)->handshake_type = 0; \
315 (connp)->message_length = 0; \
318 #define SSLParserReset(state) \
320 SCLogDebug("resetting state"); \
321 (state)->curr_connp->bytes_processed = 0; \
322 SSLParserHSReset((state)->curr_connp); \
325 #define SSLSetEvent(ssl_state, event) \
327 SCLogDebug("setting event %u", (event)); \
328 if ((ssl_state) == NULL) { \
329 SCLogDebug("could not set decoder event %u", event); \
331 AppLayerDecoderEventsSetEventRaw(&(ssl_state)->tx_data.events, (event)); \
332 (ssl_state)->events++; \
338 static void *SSLGetTx(
void *state, uint64_t tx_id)
344 static uint64_t SSLGetTxCnt(
void *state)
357 SCLogDebug(
"toserver: state updated to %u from %u", s, old);
368 SCLogDebug(
"toclient: state updated to %u from %u", s, old);
372 static int SSLGetAlstateProgress(
void *tx, uint8_t direction)
375 if (direction & STREAM_TOCLIENT) {
394 static void TlsDecodeHSCertificateErrSetEvent(
SSLState *ssl_state, uint32_t err)
437 static inline int TlsDecodeHSCertificateFingerprint(
438 SSLStateConnp *connp,
const uint8_t *input, uint32_t cert_len)
448 if (SCSha1HashBuffer(input, cert_len, hash,
sizeof(hash)) == 1) {
455 static inline int TlsDecodeHSCertificateAddCertToChain(
456 SSLStateConnp *connp,
const uint8_t *input, uint32_t cert_len)
470 const uint8_t *
const initial_input,
const uint32_t input_len,
const int certn)
472 const uint8_t *input = (uint8_t *)initial_input;
473 uint32_t err_code = 0;
480 uint32_t cert_len = *input << 16 | *(input + 1) << 8 | *(input + 2);
489 x509 = SCX509Decode(input, cert_len, &err_code);
491 TlsDecodeHSCertificateErrSetEvent(ssl_state, err_code);
495 char *
str = SCX509GetSubject(x509);
502 str = SCX509GetIssuer(x509);
515 sans[i] = SCX509GetSubjectAltNameAt(x509, i);
518 str = SCX509GetSerial(x509);
534 rc = TlsDecodeHSCertificateFingerprint(connp, input, cert_len);
536 SCLogDebug(
"TlsDecodeHSCertificateFingerprint failed with %d", rc);
541 rc = TlsDecodeHSCertificateAddCertToChain(connp, input, cert_len);
543 SCLogDebug(
"TlsDecodeHSCertificateAddCertToChain failed with %d", rc);
549 return (
int)(input - initial_input);
553 TlsDecodeHSCertificateErrSetEvent(ssl_state, err_code);
557 SSLStateCertSANFree(connp);
572 const uint8_t *
const initial_input,
const uint32_t input_len)
574 const uint8_t *input = (uint8_t *)initial_input;
579 const uint32_t cert_chain_len = *input << 16 | *(input + 1) << 8 | *(input + 2);
598 uint32_t processed_len = 0;
600 while (processed_len < cert_chain_len) {
601 int rc = TlsDecodeHSCertificate(ssl_state, connp, connp->
certs_buffer + processed_len,
607 if (processed_len + (uint32_t)rc > cert_chain_len) {
611 processed_len += (uint32_t)rc;
614 return processed_len + 3;
628 static inline int TLSDecodeValueIsGREASE(
const uint16_t value)
654 static inline int TLSDecodeHSHelloVersion(
SSLState *ssl_state,
655 const uint8_t *
const initial_input,
656 const uint32_t input_len)
658 uint8_t *input = (uint8_t *)initial_input;
667 uint16_t
version = (uint16_t)(*input << 8) | *(input + 1);
709 return (
int)(input - initial_input);
712 static inline int TLSDecodeHSHelloRandom(
SSLState *ssl_state,
713 const uint8_t *
const initial_input,
714 const uint32_t input_len)
716 uint8_t *input = (uint8_t *)initial_input;
736 return (
int)(input - initial_input);
739 static inline int TLSDecodeHSHelloSessionID(
SSLState *ssl_state,
740 const uint8_t *
const initial_input,
741 const uint32_t input_len)
743 uint8_t *input = (uint8_t *)initial_input;
748 uint8_t session_id_length = *input;
762 input, 0, input_len, session_id_length) != 0) {
779 input += session_id_length;
781 return (
int)(input - initial_input);
790 static inline int TLSDecodeHSHelloCipherSuites(
SSLState *ssl_state,
791 const uint8_t *
const initial_input,
792 const uint32_t input_len)
794 const uint8_t *input = initial_input;
799 uint16_t cipher_suites_length;
802 cipher_suites_length = 2;
804 cipher_suites_length = (uint16_t)(*input << 8) | *(input + 1);
814 if ((cipher_suites_length % 2) != 0) {
818 const bool enable_ja3 =
825 if (ja3_cipher_suites == NULL)
829 uint16_t processed_len = 0;
831 while (processed_len < cipher_suites_length) {
839 uint16_t cipher_suite = (uint16_t)(*input << 8) | *(input + 1);
842 if (TLSDecodeValueIsGREASE(cipher_suite) != 1) {
845 SCTLSHandshakeAddCipher(ssl_state->
curr_connp->
hs, cipher_suite);
864 return (
int)(input - initial_input);
873 static inline int TLSDecodeHSHelloCompressionMethods(
SSLState *ssl_state,
874 const uint8_t *
const initial_input,
875 const uint32_t input_len)
877 const uint8_t *input = initial_input;
886 uint8_t compression_methods_length = *input;
889 if (!(
HAS_SPACE(compression_methods_length)))
892 input += compression_methods_length;
895 return (
int)(input - initial_input);
904 static inline int TLSDecodeHSHelloExtensionSni(
SSLState *ssl_state,
905 const uint8_t *
const initial_input,
906 const uint32_t input_len)
908 uint8_t *input = (uint8_t *)initial_input;
923 uint8_t sni_type = *input;
938 uint16_t sni_len = (uint16_t)(*input << 8) | *(input + 1);
944 if (!(
HAS_SPACE(sni_len)) || sni_len > 255 || sni_len == 0) {
957 return (
int)(input - initial_input);
960 const size_t sni_strlen = sni_len + 1;
965 const size_t consumed = input - initial_input;
967 initial_input, consumed, input_len, sni_len) != 0) {
976 return (
int)(input - initial_input);
987 static inline int TLSDecodeHSHelloExtensionSupportedVersions(
SSLState *ssl_state,
988 const uint8_t *
const initial_input,
989 const uint32_t input_len)
991 const uint8_t *input = initial_input;
1001 uint8_t supported_ver_len = *input;
1004 if (supported_ver_len < 2)
1005 goto invalid_length;
1008 goto invalid_length;
1013 while (i + 1 < (uint16_t)supported_ver_len) {
1014 uint16_t ver = (uint16_t)(input[i] << 8) | input[i + 1];
1015 if (TLSVersionValid(ver)) {
1017 SCTLSHandshakeSetTLSVersion(ssl_state->
curr_connp->
hs, ver);
1026 input += supported_ver_len;
1030 goto invalid_length;
1032 uint16_t ver = (uint16_t)(*input << 8) | *(input + 1);
1035 (ver > TLS_VERSION_12)) {
1043 return (
int)(input - initial_input);
1053 static inline int TLSDecodeHSHelloExtensionEllipticCurves(
SSLState *ssl_state,
1054 const uint8_t *
const initial_input,
1055 const uint32_t input_len,
1058 const uint8_t *input = initial_input;
1065 goto invalid_length;
1067 uint16_t elliptic_curves_len = (uint16_t)(*input << 8) | *(input + 1);
1071 goto invalid_length;
1074 uint16_t ec_processed_len = 0;
1076 while (ec_processed_len < elliptic_curves_len)
1079 goto invalid_length;
1081 uint16_t elliptic_curve = (uint16_t)(*input << 8) | *(input + 1);
1084 if (TLSDecodeValueIsGREASE(elliptic_curve) != 1) {
1091 ec_processed_len += 2;
1096 input += elliptic_curves_len;
1099 return (
int)(input - initial_input);
1109 static inline int TLSDecodeHSHelloExtensionEllipticCurvePF(
SSLState *ssl_state,
1110 const uint8_t *
const initial_input,
1111 const uint32_t input_len,
1114 const uint8_t *input = initial_input;
1121 goto invalid_length;
1123 uint8_t ec_pf_len = *input;
1127 goto invalid_length;
1130 uint8_t ec_pf_processed_len = 0;
1132 while (ec_pf_processed_len < ec_pf_len)
1134 uint8_t elliptic_curve_pf = *input;
1137 if (TLSDecodeValueIsGREASE(elliptic_curve_pf) != 1) {
1144 ec_pf_processed_len += 1;
1152 return (
int)(input - initial_input);
1162 static inline int TLSDecodeHSHelloExtensionSigAlgorithms(
1163 SSLState *ssl_state,
const uint8_t *
const initial_input,
const uint32_t input_len)
1165 const uint8_t *input = initial_input;
1172 goto invalid_length;
1174 uint16_t sigalgo_len = (uint16_t)(*input << 8) | *(input + 1);
1178 if ((sigalgo_len % 2) != 0) {
1179 goto invalid_length;
1183 goto invalid_length;
1186 uint16_t sigalgo_processed_len = 0;
1187 while (sigalgo_processed_len < sigalgo_len) {
1188 uint16_t sigalgo = (uint16_t)(*input << 8) | *(input + 1);
1190 sigalgo_processed_len += 2;
1192 SCTLSHandshakeAddSigAlgo(ssl_state->
curr_connp->
hs, sigalgo);
1196 input += sigalgo_len;
1199 return (
int)(input - initial_input);
1202 SCLogDebug(
"Signature algorithm list invalid length");
1208 static inline int TLSDecodeHSHelloExtensionALPN(
1209 SSLState *ssl_state,
const uint8_t *
const initial_input,
const uint32_t input_len)
1211 const uint8_t *input = initial_input;
1218 goto invalid_length;
1220 uint16_t alpn_len = (uint16_t)(*input << 8) | *(input + 1);
1224 goto invalid_length;
1228 uint32_t alpn_processed_len = 0;
1229 while (alpn_processed_len < alpn_len) {
1230 uint8_t protolen = *input;
1232 alpn_processed_len += 1;
1235 goto invalid_length;
1239 if (alpn_processed_len + protolen > ((uint32_t)alpn_len)) {
1240 input += alpn_len - alpn_processed_len;
1243 SCTLSHandshakeAddALPN(ssl_state->
curr_connp->
hs, (
const char *)input, protolen);
1245 alpn_processed_len += protolen;
1249 return (
int)(input - initial_input);
1258 static inline int TLSDecodeHSHelloExtensions(
SSLState *ssl_state,
1259 const uint8_t *
const initial_input,
1260 const uint32_t input_len)
1262 const uint8_t *input = initial_input;
1272 JA3Buffer *ja3_elliptic_curves_pf = NULL;
1276 if (ja3_extensions == NULL)
1281 if (ja3_elliptic_curves == NULL)
1285 if (ja3_elliptic_curves_pf == NULL)
1294 uint16_t extensions_len = (uint16_t)(*input << 8) | *(input + 1);
1298 goto invalid_length;
1300 uint16_t processed_len = 0;
1302 while (processed_len < extensions_len)
1305 goto invalid_length;
1307 uint16_t ext_type = (uint16_t)(*input << 8) | *(input + 1);
1311 goto invalid_length;
1313 uint16_t ext_len = (uint16_t)(*input << 8) | *(input + 1);
1317 goto invalid_length;
1323 ret = TLSDecodeHSHelloExtensionSni(ssl_state, input,
1336 ret = TLSDecodeHSHelloExtensionEllipticCurves(ssl_state, input,
1338 ja3_elliptic_curves);
1350 ret = TLSDecodeHSHelloExtensionEllipticCurvePF(ssl_state, input,
1352 ja3_elliptic_curves_pf);
1363 ret = TLSDecodeHSHelloExtensionSigAlgorithms(ssl_state, input, ext_len);
1374 ret = TLSDecodeHSHelloExtensionALPN(ssl_state, input, ext_len);
1398 ret = TLSDecodeHSHelloExtensionSupportedVersions(ssl_state, input,
1429 if (TLSDecodeValueIsGREASE(ext_type) != 1) {
1438 if (TLSDecodeValueIsGREASE(ext_type) != 1) {
1439 SCTLSHandshakeAddExtension(ssl_state->
curr_connp->
hs, ext_type);
1443 processed_len += ext_len + 4;
1455 &ja3_elliptic_curves);
1460 &ja3_elliptic_curves_pf);
1466 return (
int)(input - initial_input);
1474 if (ja3_extensions != NULL)
1476 if (ja3_elliptic_curves != NULL)
1478 if (ja3_elliptic_curves_pf != NULL)
1484 static int TLSDecodeHandshakeHello(
SSLState *ssl_state,
1485 const uint8_t *
const input,
1486 const uint32_t input_len)
1489 uint32_t parsed = 0;
1491 ret = TLSDecodeHSHelloVersion(ssl_state, input, input_len);
1497 ret = TLSDecodeHSHelloRandom(ssl_state, input + parsed, input_len - parsed);
1508 ret = TLSDecodeHSHelloSessionID(ssl_state, input + parsed,
1509 input_len - parsed);
1516 ret = TLSDecodeHSHelloCipherSuites(ssl_state, input + parsed,
1517 input_len - parsed);
1528 ret = TLSDecodeHSHelloCompressionMethods(ssl_state, input + parsed,
1529 input_len - parsed);
1536 ret = TLSDecodeHSHelloExtensions(ssl_state, input + parsed,
1537 input_len - parsed);
1554 #ifdef DEBUG_VALIDATION
1564 const uint8_t *
const initial_input,
const uint32_t input_len)
1566 int rc = TlsDecodeHSCertificates(ssl_state, connp, initial_input, input_len);
1571 }
else if (rc < 0) {
1572 SCLogDebug(
"error parsing cert, reset state");
1584 static int SupportedHandshakeType(
const uint8_t
type)
1614 static int SSLv3ParseHandshakeType(
SSLState *ssl_state,
const uint8_t *input,
1615 uint32_t input_len, uint8_t direction)
1617 const uint8_t *initial_input = input;
1626 rc = TLSDecodeHandshakeHello(ssl_state, input, input_len);
1635 rc = TLSDecodeHandshakeHello(ssl_state, input, input_len);
1649 rc = SSLv3ParseHandshakeTypeCertificate(ssl_state,
1689 static int SSLv3ParseHandshakeProtocol(
SSLState *ssl_state,
const uint8_t *input,
1690 uint32_t input_len, uint8_t direction)
1692 const uint8_t *initial_input = input;
1703 SCLogDebug(
"partial handshake record in place");
1706 const uint32_t add =
MIN(need, input_len);
1712 const uint32_t new_size = avail + (4096 - (avail % 4096));
1713 SCLogDebug(
"new_size %u, avail %u", new_size, avail);
1721 SCLogDebug(
"ssl_state->curr_connp->hs_buffer_offset %u "
1722 "ssl_state->curr_connp->hs_buffer_size %u",
1744 SCLogDebug(
"got all data now: handshake_type %u message_length %u",
1775 SCLogDebug(
"input %p input_len %u", input, input_len);
1777 if (input_len < 4) {
1784 SCLogDebug(
"handshake_type %u message len %u input %p input_len %u",
1794 SCLogDebug(
"supported_type %s handshake_type %u/%02x", supported_type ?
"true" :
"false",
1796 if (!supported_type) {
1797 uint32_t avail_record_len =
MIN(input_len, record_len);
1798 input += avail_record_len;
1799 input_len -= avail_record_len;
1813 if (record_len > input_len) {
1814 const uint32_t avail = input_len;
1815 const uint32_t size = avail + (4096 - (avail % 4096));
1816 SCLogDebug(
"initial buffer size %u, based on input %u", size, avail);
1825 if (input_len > 0) {
1833 SCLogDebug(
"opened record buffer %p size %u offset %u type %u msg_size %u",
1840 return (
int)(input - initial_input);
1844 int retval = SSLv3ParseHandshakeType(
1846 if (retval < 0 || retval > (
int)input_len) {
1850 SCLogDebug(
"retval %d input_len %u", retval, input_len);
1852 input_len -= retval;
1858 return (
int)(input - initial_input);
1872 static int SSLv3ParseAlertProtocol(
1873 SSLState *ssl_state,
const uint8_t *input, uint32_t input_len, uint8_t direction)
1875 if (input_len < 2) {
1881 if (input_len == 2) {
1882 uint8_t level = input[0];
1905 static int SSLv3ParseHeartbeatProtocol(
SSLState *ssl_state,
const uint8_t *input,
1906 uint32_t input_len, uint8_t direction)
1910 uint32_t padding_len;
1913 if (input_len < 3) {
1930 SCLogDebug(
"HeartBeat Record type sent in the toclient direction!");
1933 SCLogDebug(
"HeartBeat Record type sent in the toserver direction!");
1941 SCLogDebug(
"Encrypted HeartBeat Request In-flight. Storing len %u",
1946 payload_len = (uint16_t)(*input << 8) | *(input + 1);
1951 SCLogDebug(
"We have a short record in HeartBeat Request");
1959 if (padding_len < 16) {
1960 SCLogDebug(
"We have a short record in HeartBeat Request");
1974 SCLogDebug(
"Multiple in-flight server initiated HeartBeats");
1980 SCLogDebug(
"Multiple in-flight client initiated HeartBeats");
1998 SCLogDebug(
"My heart is bleeding.. OpenSSL HeartBleed response (%u)",
2017 static int SSLv3ParseRecord(uint8_t direction,
SSLState *ssl_state,
2018 const uint8_t *input, uint32_t input_len)
2020 const uint8_t *initial_input = input;
2022 if (input_len == 0) {
2026 uint8_t skip_version = 0;
2030 if (direction == 0) {
2044 if (input_len >= 5) {
2046 if (!skip_version) {
2055 if (--input_len == 0)
2061 if (!skip_version) {
2066 if (--input_len == 0)
2071 if (!skip_version) {
2076 if (--input_len == 0)
2082 if (--input_len == 0)
2088 if (--input_len == 0)
2096 return (
int)(input - initial_input);
2099 static int SSLv2ParseRecord(uint8_t direction,
SSLState *ssl_state,
2100 const uint8_t *input, uint32_t input_len)
2102 const uint8_t *initial_input = input;
2104 if (input_len == 0) {
2119 if (--input_len == 0)
2126 if (--input_len == 0)
2133 if (--input_len == 0)
2150 if (--input_len == 0)
2157 if (--input_len == 0)
2164 if (--input_len == 0)
2171 if (--input_len == 0)
2180 return (
int)(input - initial_input);
2187 const uint8_t *initial_input = input;
2189 if (ssl_state->curr_connp->bytes_processed == 0) {
2190 if (input[0] & 0x80) {
2191 ssl_state->curr_connp->record_lengths_length = 2;
2193 ssl_state->curr_connp->record_lengths_length = 3;
2201 SCLogDebug(
"direction %u ssl_state->curr_connp->record_lengths_length + 1 %u, "
2202 "ssl_state->curr_connp->bytes_processed %u",
2203 direction, ssl_state->curr_connp->record_lengths_length + 1,
2204 ssl_state->curr_connp->bytes_processed);
2207 if (ssl_state->curr_connp->bytes_processed <
2208 (ssl_state->curr_connp->record_lengths_length + 1)) {
2209 const int retval = SSLv2ParseRecord(direction, ssl_state, input, input_len);
2211 ssl_state->curr_connp->record_length);
2212 if (retval < 0 || retval > (
int)input_len) {
2219 ssl_state->curr_connp->record_lengths_length + ssl_state->curr_connp->record_length,
2228 if (ssl_state->curr_connp->record_lengths_length + ssl_state->curr_connp->record_length >
2229 input_len + ssl_state->curr_connp->bytes_processed) {
2230 uint32_t
needed = ssl_state->curr_connp->record_length;
2231 SCLogDebug(
"record len %u input_len %u parsed %u: need %u bytes more data",
2232 ssl_state->curr_connp->record_length, input_len, (uint32_t)(input - initial_input),
2237 if (input_len == 0) {
2242 if (ssl_state->curr_connp->record_length == 0) {
2249 if (ssl_state->curr_connp->record_lengths_length == 0) {
2250 SCLogDebug(
"SSLv2 record lengths length is zero");
2255 switch (ssl_state->curr_connp->content_type) {
2257 SCLogDebug(
"SSLV2_MT_ERROR msg_type received. Error encountered "
2258 "in establishing the sslv2 session, may be version");
2264 if (input_len < 6) {
2273 const uint16_t
version = (uint16_t)(input[0] << 8) | input[1];
2275 ssl_state->curr_connp->version =
version;
2276 uint16_t session_id_length = (input[5]) | (uint16_t)(input[4] << 8);
2279 ssl_state->curr_connp->bytes_processed += 6;
2280 if (session_id_length == 0) {
2287 SCLogDebug(
"Client hello is not seen before master key "
2295 if (direction == 1) {
2296 SCLogDebug(
"Incorrect SSL Record type sent in the toclient "
2306 if (direction == 0 &&
2307 !(ssl_state->curr_connp->content_type &
2309 SCLogDebug(
"Incorrect SSL Record type sent in the toserver "
2320 if (direction == 0) {
2323 SCLogDebug(
"SSLv2 client side has started the encryption");
2326 SCLogDebug(
"SSLv2 client side has started the encryption");
2330 SCLogDebug(
"SSLv2 Server side has started the encryption");
2344 SCLogDebug(
"SSLv2 No reassembly & inspection has been set");
2358 ssl_state->flags |= ssl_state->current_flags;
2360 if (input_len + ssl_state->curr_connp->bytes_processed >=
2361 (ssl_state->curr_connp->record_length +
2362 ssl_state->curr_connp->record_lengths_length)) {
2365 uint32_t diff = ssl_state->curr_connp->record_length +
2366 ssl_state->curr_connp->record_lengths_length + -
2367 ssl_state->curr_connp->bytes_processed;
2375 ssl_state->curr_connp->bytes_processed += input_len;
2384 uint32_t parsed = 0;
2385 uint32_t record_len;
2386 const bool first_call = (ssl_state->curr_connp->bytes_processed == 0);
2389 const uint16_t prev_version = ssl_state->curr_connp->version;
2391 int retval = SSLv3ParseRecord(direction, ssl_state, input, input_len);
2392 if (retval < 0 || retval > (
int)input_len) {
2400 SCLogDebug(
"%s input %p record_length %u", (direction == 0) ?
"toserver" :
"toclient",
2401 input, ssl_state->curr_connp->record_length);
2414 "incomplete header, return %u bytes consumed and wait for more data", parsed);
2421 record_len =
MIN(input_len - parsed, ssl_state->curr_connp->record_length);
2423 "record_len %u (input_len %u, parsed %u, ssl_state->curr_connp->record_length %u)",
2424 record_len, input_len, parsed, ssl_state->curr_connp->record_length);
2426 bool unknown_record =
false;
2427 switch (ssl_state->curr_connp->content_type) {
2435 unknown_record =
true;
2441 if (prev_version == TLS_VERSION_10 || prev_version == TLS_VERSION_11) {
2442 if (unknown_record) {
2446 ssl_state->curr_connp->bytes_processed = 0;
2447 ssl_state->curr_connp->content_type = 0;
2448 ssl_state->curr_connp->record_length = 0;
2450 ssl_state->curr_connp->version = prev_version;
2454 if (unknown_record) {
2462 if (ssl_state->curr_connp->record_length == 0) {
2468 if (!TLSVersionValid(ssl_state->curr_connp->version)) {
2469 SCLogDebug(
"ssl_state->curr_connp->version %04x", ssl_state->curr_connp->version);
2483 record_len = (ssl_state->curr_connp->record_length +
SSLV3_RECORD_HDR_LEN)- ssl_state->curr_connp->bytes_processed;
2484 record_len =
MIN(input_len, record_len);
2486 SCLogDebug(
"record length %u processed %u got %u",
2487 ssl_state->curr_connp->record_length, ssl_state->curr_connp->bytes_processed, record_len);
2490 if (ssl_state->curr_connp->record_length > input_len - parsed) {
2496 uint32_t
needed = ssl_state->curr_connp->record_length;
2497 SCLogDebug(
"record len %u input_len %u parsed %u: need %u bytes more data",
2498 ssl_state->curr_connp->record_length, input_len, parsed,
needed);
2504 if (record_len == 0) {
2509 ssl_state->curr_connp->record_length, direction,
TLS_FRAME_DATA);
2511 switch (ssl_state->curr_connp->content_type) {
2530 int retval = SSLv3ParseAlertProtocol(ssl_state, input + parsed, record_len, direction);
2548 if (ssl_state->curr_connp == &ssl_state->client_connp) {
2555 SCLogDebug(
"setting APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD");
2562 SCLogDebug(
"setting APP_LAYER_PARSER_NO_REASSEMBLY");
2575 (ssl_state->client_connp.version > TLS_VERSION_12) &&
2584 if (ssl_state->curr_connp->record_length < 4) {
2587 SCLogDebug(
"record len < 4 => %u", ssl_state->curr_connp->record_length);
2591 int retval = SSLv3ParseHandshakeProtocol(ssl_state, input + parsed,
2592 record_len, direction);
2594 if (retval < 0 || retval > (
int)record_len) {
2606 int retval = SSLv3ParseHeartbeatProtocol(ssl_state, input + parsed,
2607 record_len, direction);
2621 parsed += record_len;
2622 ssl_state->curr_connp->bytes_processed += record_len;
2624 if (ssl_state->curr_connp->bytes_processed >=
2628 ssl_state->f, direction == 0 ? STREAM_TOSERVER : STREAM_TOCLIENT);
2663 ssl_state->
tx_data.updated_tc =
true;
2664 ssl_state->
tx_data.updated_ts =
true;
2665 uint32_t counter = 0;
2667 const uint8_t *input = StreamSliceGetData(&stream_slice);
2668 const uint8_t *init_input = input;
2669 int32_t input_len = (int32_t)StreamSliceGetDataLen(&stream_slice);
2671 if ((input == NULL || input_len == 0) &&
2681 }
else if (input == NULL || input_len == 0) {
2697 while (input_len > 0) {
2698 if (counter > max_records) {
2699 SCLogDebug(
"Looks like we have looped quite a bit. Reset state "
2700 "and get out of here");
2711 if ((input[0] & 0x80) || (input[0] & 0x40)) {
2720 SCLogDebug(
"record %u: bytes_processed %u, version %02X, input_len %u", counter,
2727 SCLogDebug(
"Continuing parsing SSLv2 record");
2730 SSLv2Decode(direction, ssl_state, pstate, input, input_len, stream_slice);
2733 SCLogDebug(
"Error parsing SSLv2. Resetting parser "
2734 "state. Let's get outta here");
2741 SCLogDebug(
"returning consumed %" PRIuMAX
" needed %u",
2742 (uintmax_t)(input - init_input), r.
needed);
2747 SCLogDebug(
"SSLv2 decoder consumed %d bytes: %u left", r.
retval, input_len);
2750 SCLogDebug(
"New TLS record: record_length %u",
2753 SCLogDebug(
"Continuing parsing TLS record: record_length %u, bytes_processed %u",
2757 SSLv3Decode(direction, ssl_state, pstate, input, input_len, stream_slice);
2760 SCLogDebug(
"Error parsing TLS. Resetting parser "
2761 "state. Let's get outta here");
2766 SCLogDebug(
"returning consumed %" PRIuMAX
" needed %u",
2767 (uintmax_t)(input - init_input), r.
needed);
2811 return SSLDecode(f, 0 , alstate, pstate, stream_slice);
2817 return SSLDecode(f, 1 , alstate, pstate, stream_slice);
2824 static void *SSLStateAlloc(
void *orig_state,
AppProto proto_orig)
2838 return (
void *)ssl_state;
2855 static void SSLStateFree(
void *p)
2906 SCAppLayerTxDataCleanup(&ssl_state->
tx_data);
2928 static void SSLStateTransactionFree(
void *state, uint64_t tx_id)
2934 const Flow *f, uint8_t direction,
const uint8_t *input, uint32_t ilen, uint8_t *rdir)
2942 if ((input[0] & 0x80) && (input[2] == 0x01)) {
2949 static int SSLStateGetStateIdByName(
const char *
name,
const uint8_t direction)
2952 direction == STREAM_TOSERVER ? tls_state_client_table : tls_state_server_table;
2961 static const char *SSLStateGetStateNameById(
const int id,
const uint8_t direction)
2964 direction == STREAM_TOSERVER ? tls_state_client_table : tls_state_server_table;
2969 static int SSLStateGetFrameIdByName(
const char *frame_name)
2978 static const char *SSLStateGetFrameNameById(
const uint8_t frame_id)
2984 static int SSLStateGetEventInfo(
2988 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
2994 static int SSLStateGetEventInfoById(
2998 if (*event_name == NULL) {
3000 "ssl's enum map table.",
3006 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
3011 static int SSLRegisterPatternsForProtocolDetection(
void)
3014 STREAM_TOSERVER, SSLProbingParser, 0, 3) < 0) {
3020 IPPROTO_TCP,
ALPROTO_TLS,
"|01 03 00|", 3, 0, STREAM_TOSERVER) < 0) {
3024 IPPROTO_TCP,
ALPROTO_TLS,
"|16 03 00|", 3, 0, STREAM_TOSERVER) < 0) {
3030 IPPROTO_TCP,
ALPROTO_TLS,
"|01 03 01|", 3, 0, STREAM_TOSERVER) < 0) {
3034 IPPROTO_TCP,
ALPROTO_TLS,
"|16 03 01|", 3, 0, STREAM_TOSERVER) < 0) {
3040 IPPROTO_TCP,
ALPROTO_TLS,
"|01 03 02|", 3, 0, STREAM_TOSERVER) < 0) {
3044 IPPROTO_TCP,
ALPROTO_TLS,
"|16 03 02|", 3, 0, STREAM_TOSERVER) < 0) {
3050 IPPROTO_TCP,
ALPROTO_TLS,
"|01 03 03|", 3, 0, STREAM_TOSERVER) < 0) {
3054 IPPROTO_TCP,
ALPROTO_TLS,
"|16 03 03|", 3, 0, STREAM_TOSERVER) < 0) {
3061 IPPROTO_TCP,
ALPROTO_TLS,
"|15 03 00|", 3, 0, STREAM_TOCLIENT) < 0) {
3065 IPPROTO_TCP,
ALPROTO_TLS,
"|16 03 00|", 3, 0, STREAM_TOCLIENT) < 0) {
3069 IPPROTO_TCP,
ALPROTO_TLS,
"|17 03 00|", 3, 0, STREAM_TOCLIENT) < 0) {
3075 IPPROTO_TCP,
ALPROTO_TLS,
"|15 03 01|", 3, 0, STREAM_TOCLIENT) < 0) {
3079 IPPROTO_TCP,
ALPROTO_TLS,
"|16 03 01|", 3, 0, STREAM_TOCLIENT) < 0) {
3083 IPPROTO_TCP,
ALPROTO_TLS,
"|17 03 01|", 3, 0, STREAM_TOCLIENT) < 0) {
3089 IPPROTO_TCP,
ALPROTO_TLS,
"|15 03 02|", 3, 0, STREAM_TOCLIENT) < 0) {
3093 IPPROTO_TCP,
ALPROTO_TLS,
"|16 03 02|", 3, 0, STREAM_TOCLIENT) < 0) {
3097 IPPROTO_TCP,
ALPROTO_TLS,
"|17 03 02|", 3, 0, STREAM_TOCLIENT) < 0) {
3103 IPPROTO_TCP,
ALPROTO_TLS,
"|15 03 03|", 3, 0, STREAM_TOCLIENT) < 0) {
3107 IPPROTO_TCP,
ALPROTO_TLS,
"|16 03 03|", 3, 0, STREAM_TOCLIENT) < 0) {
3111 IPPROTO_TCP,
ALPROTO_TLS,
"|17 03 03|", 3, 0, STREAM_TOCLIENT) < 0) {
3121 "|01 03 00|", 5, 2, STREAM_TOSERVER) < 0)
3126 "|00 02|", 7, 5, STREAM_TOCLIENT) < 0)
3136 static void CheckJA3Enabled(
void)
3138 const char *strval = NULL;
3141 if (
SCConfGet(
"app-layer.protocols.tls.ja3-fingerprints", &strval) != 1) {
3143 }
else if (strcmp(strval,
"auto") == 0) {
3161 static void CheckJA4Enabled(
void)
3163 const char *strval = NULL;
3165 int enable_ja4 = SSL_CONFIG_DEFAULT_JA4;
3166 if (
SCConfGet(
"app-layer.protocols.tls.ja4-fingerprints", &strval) != 1) {
3167 enable_ja4 = SSL_CONFIG_DEFAULT_JA4;
3168 }
else if (strcmp(strval,
"auto") == 0) {
3169 enable_ja4 = SSL_CONFIG_DEFAULT_JA4;
3190 const char *proto_name =
"tls";
3198 if (SSLRegisterPatternsForProtocolDetection() < 0)
3203 IPPROTO_TCP,
"443",
ALPROTO_TLS, 0, 3, STREAM_TOSERVER, SSLProbingParser, NULL);
3206 0, 3, SSLProbingParser, NULL) == 0) {
3208 "enabling TLS detection on port 443.");
3210 STREAM_TOSERVER, SSLProbingParser, NULL);
3214 SCLogConfig(
"Protocol detection and parser disabled for %s protocol",
3221 SSLParseClientRecord);
3224 SSLParseServerRecord);
3226 IPPROTO_TCP,
ALPROTO_TLS, SSLStateGetStateIdByName, SSLStateGetStateNameById);
3228 IPPROTO_TCP,
ALPROTO_TLS, SSLStateGetFrameIdByName, SSLStateGetFrameNameById);
3251 if (enc_handle != NULL && enc_handle->
val != NULL) {
3252 SCLogDebug(
"have app-layer.protocols.tls.encryption-handling = %s", enc_handle->
val);
3253 if (strcmp(enc_handle->
val,
"full") == 0) {
3255 }
else if (strcmp(enc_handle->
val,
"bypass") == 0) {
3257 }
else if (strcmp(enc_handle->
val,
"track-only") == 0) {
3259 }
else if (strcmp(enc_handle->
val,
"default") == 0) {
3260 SCLogWarning(
"app-layer.protocols.tls.encryption-handling = default is deprecated "
3261 "and will be removed in Suricata 9, use \"track-only\" instead, "
3262 "(see ticket #7642)");
3269 if (
SCConfGetNode(
"app-layer.protocols.tls.no-reassemble") == NULL) {
3271 if (
SCConfGetBool(
"tls.no-reassemble", &value) == 1 && value == 1)
3275 if (
SCConfGetBool(
"app-layer.protocols.tls.no-reassemble", &value) == 1 &&
3291 SCLogWarning(
"MD5 calculation has been disabled, disabling JA3");
3295 SCLogWarning(
"Hashing has been disabled, disabling JA4");
3309 SCLogConfig(
"Parser disabled for %s protocol. Protocol detection still on.", proto_name);