Go to the documentation of this file.
26 #ifndef __APP_LAYER_SSL_H__
27 #define __APP_LAYER_SSL_H__
86 #define SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC BIT_U32(0)
88 #define SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC BIT_U32(1)
89 #define SSL_AL_FLAG_CHANGE_CIPHER_SPEC BIT_U32(2)
92 #define SSL_AL_FLAG_SSL_CLIENT_HS BIT_U32(3)
93 #define SSL_AL_FLAG_SSL_SERVER_HS BIT_U32(4)
94 #define SSL_AL_FLAG_SSL_CLIENT_MASTER_KEY BIT_U32(5)
95 #define SSL_AL_FLAG_SSL_CLIENT_SSN_ENCRYPTED BIT_U32(6)
96 #define SSL_AL_FLAG_SSL_SERVER_SSN_ENCRYPTED BIT_U32(7)
97 #define SSL_AL_FLAG_SSL_NO_SESSION_ID BIT_U32(8)
100 #define SSL_AL_FLAG_STATE_CLIENT_HELLO BIT_U32(9)
101 #define SSL_AL_FLAG_STATE_SERVER_HELLO BIT_U32(10)
102 #define SSL_AL_FLAG_STATE_CLIENT_KEYX BIT_U32(11)
103 #define SSL_AL_FLAG_STATE_SERVER_KEYX BIT_U32(12)
104 #define SSL_AL_FLAG_STATE_UNKNOWN BIT_U32(13)
107 #define SSL_AL_FLAG_STATE_FINISHED BIT_U32(14)
110 #define SSL_AL_FLAG_HB_INFLIGHT BIT_U32(15)
111 #define SSL_AL_FLAG_HB_CLIENT_INIT BIT_U32(16)
112 #define SSL_AL_FLAG_HB_SERVER_INIT BIT_U32(17)
115 #define SSL_AL_FLAG_HANDSHAKE_DONE BIT_U32(18)
119 #define SSL_AL_FLAG_SSL_CLIENT_SESSION_ID BIT_U32(19)
121 #define SSL_AL_FLAG_SESSION_RESUMED BIT_U32(20)
124 #define SSL_AL_FLAG_CH_VERSION_EXTENSION BIT_U32(21)
128 #define SSL_AL_FLAG_LOG_WITHOUT_CERT BIT_U32(22)
132 #define SSL_AL_FLAG_EARLY_DATA BIT_U32(23)
135 #define SSL_TLS_LOG_PEM (1 << 0)
138 #define SSL_EXTENSION_SNI 0x0000
139 #define SSL_EXTENSION_ELLIPTIC_CURVES 0x000a
140 #define SSL_EXTENSION_EC_POINT_FORMATS 0x000b
141 #define SSL_EXTENSION_SESSION_TICKET 0x0023
142 #define SSL_EXTENSION_EARLY_DATA 0x002a
143 #define SSL_EXTENSION_SUPPORTED_VERSIONS 0x002b
146 #define SSL_SNI_TYPE_HOST_NAME 0
149 #define SSL_VERSION_MAX_STRLEN 20
SSLv[2.0|3.[0|1|2|3]] state structure.
void SSLParserRegisterTests(void)
@ TLS_VERSION_13_DRAFT26_FB
@ TLS_VERSION_13_DRAFT21_FB
SSLStateConnp client_connp
@ TLS_DECODER_EVENT_INVALID_SNI_TYPE
struct HtpBodyChunk_ * next
SSLStateConnp server_connp
uint16_t session_id_length
@ TLS_DECODER_EVENT_HEARTBEAT
SSLStateConnp * curr_connp
@ TLS_DECODER_EVENT_INVALID_CERTIFICATE
@ TLS_DECODER_EVENT_INVALID_SNI_LENGTH
@ TLS_DECODER_EVENT_DATALEAK_HEARTBEAT_MISMATCH
@ TLS_DECODER_EVENT_INVALID_SSL_RECORD
void SSLVersionToString(uint16_t, char *)
uint32_t record_lengths_length
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_DER
struct SSLStateConnp_ SSLStateConnp
@ TLS_DECODER_EVENT_MULTIPLE_SNI_EXTENSIONS
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_VALIDITY
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_EXTENSIONS
void SSLEnableJA3(void)
if not explicitly disabled in config, enable ja3 support
uint16_t hs_bytes_processed
void SSLSetEvent(SSLState *ssl_state, uint8_t event)
@ TLS_DECODER_EVENT_INVALID_SSLV2_HEADER
void RegisterSSLParsers(void)
Function to register the SSL protocol parser and other functions.
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_X509NAME
@ TLS_VERSION_13_DRAFT23_FB
@ TLS_DECODER_EVENT_ERROR_MSG_ENCOUNTERED
uint32_t handshake_length
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_DATE
@ TLS_DECODER_EVENT_INVALID_RECORD_TYPE
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_LENGTH
@ TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH
@ TLS_DECODER_EVENT_OVERFLOW_HEARTBEAT
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_ISSUER
@ TLS_DECODER_EVENT_TOO_MANY_RECORDS_IN_PACKET
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_SUBJECT
bool SSLJA3IsEnabled(void)
TAILQ_HEAD(, SSLCertsChain_) certs
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_VERSION
@ TLS_DECODER_EVENT_INVALID_HEARTBEAT
@ TLS_DECODER_EVENT_INVALID_RECORD_VERSION
@ TLS_VERSION_13_DRAFT22_FB
@ TLS_VERSION_13_DRAFT20_FB
TAILQ_ENTRY(SSLCertsChain_) next
struct SSLState_ SSLState
SSLv[2.0|3.[0|1|2|3]] state structure.
struct SSLCertsChain_ SSLCertsChain
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_ALGORITHMIDENTIFIER
@ TLS_DECODER_EVENT_INVALID_TLS_HEADER
@ TLS_VERSION_13_PRE_DRAFT16
@ TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_SERIAL