suricata
Data Structures | Macros | Typedefs | Functions
util-ja3.h File Reference
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  JA3Buffer_
 

Macros

#define JA3_BUFFER_INITIAL_SIZE   128
 

Typedefs

typedef struct JA3Buffer_ JA3Buffer
 

Functions

JA3BufferJa3BufferInit (void)
 Allocate new buffer. More...
 
void Ja3BufferFree (JA3Buffer **)
 Free allocated buffer. More...
 
int Ja3BufferAppendBuffer (JA3Buffer **, JA3Buffer **)
 Append buffer to buffer. More...
 
int Ja3BufferAddValue (JA3Buffer **, uint32_t)
 Add value to buffer. More...
 
char * Ja3GenerateHash (JA3Buffer *)
 Generate Ja3 hash string. More...
 
int Ja3IsDisabled (const char *)
 Check if JA3 is disabled. More...
 

Detailed Description

Author
Mats Klepsland mats..nosp@m.klep.nosp@m.sland.nosp@m.@gma.nosp@m.il.co.nosp@m.m

Definition in file util-ja3.h.

Macro Definition Documentation

#define JA3_BUFFER_INITIAL_SIZE   128

Definition at line 27 of file util-ja3.h.

Referenced by Ja3BufferAddValue().

Typedef Documentation

typedef struct JA3Buffer_ JA3Buffer

Function Documentation

int Ja3BufferAddValue ( JA3Buffer **  buffer,
uint32_t  value 
)

Add value to buffer.

Parameters
bufferThe buffer.
valueThe value.
Return values
0on success.
-1on failure.

Definition at line 170 of file util-ja3.c.

References JA3_BUFFER_INITIAL_SIZE, Ja3BufferFree(), SC_ERR_INVALID_ARGUMENT, SC_ERR_MEM_ALLOC, SCLogError, and SCMalloc.

Referenced by SSLVersionToString().

Here is the call graph for this function:

Here is the caller graph for this function:

int Ja3BufferAppendBuffer ( JA3Buffer **  buffer1,
JA3Buffer **  buffer2 
)

Append buffer to buffer.

Append the second buffer to the first and then free it.

Parameters
buffer1The first buffer.
buffer2The second buffer.
Return values
0on success.
-1on failure.

Definition at line 106 of file util-ja3.c.

References Ja3BufferFree(), SC_ERR_INVALID_ARGUMENT, SCFree, SCLogError, and JA3Buffer_::used.

Referenced by SSLVersionToString().

Here is the call graph for this function:

Here is the caller graph for this function:

void Ja3BufferFree ( JA3Buffer **  buffer)

Free allocated buffer.

Parameters
bufferThe buffer to free.

Definition at line 54 of file util-ja3.c.

References JA3Buffer_::data, DEBUG_VALIDATE_BUG_ON, len, SC_ERR_MEM_ALLOC, SCFree, SCLogError, SCRealloc, JA3Buffer_::size, and JA3Buffer_::used.

Referenced by Ja3BufferAddValue(), Ja3BufferAppendBuffer(), and SSLVersionToString().

Here is the caller graph for this function:

JA3Buffer* Ja3BufferInit ( void  )

Allocate new buffer.

Returns
pointer to buffer on success.
NULL on failure.

Definition at line 39 of file util-ja3.c.

References SCCalloc.

Referenced by SSLVersionToString().

Here is the caller graph for this function:

char* Ja3GenerateHash ( JA3Buffer buffer)

Generate Ja3 hash string.

Parameters
bufferThe Ja3 buffer.
Return values
pointerto hash string on success.
NULLon failure.

Definition at line 217 of file util-ja3.c.

References JA3Buffer_::data, MD5_STRING_LENGTH, SC_ERR_INVALID_ARGUMENT, SC_ERR_INVALID_VALUE, SC_ERR_MEM_ALLOC, SCLogError, SCMalloc, and JA3Buffer_::used.

Referenced by SSLVersionToString().

Here is the caller graph for this function:

int Ja3IsDisabled ( const char *  type)

Check if JA3 is disabled.

Issue warning if JA3 is disabled or if we are lacking support for JA3.

Parameters
typeType to add to warning.
Return values
1if disabled.
0otherwise.

Definition at line 263 of file util-ja3.c.

References SC_WARN_JA3_DISABLED, SC_WARN_NO_JA3_SUPPORT, SCLogWarning, and SSLJA3IsEnabled().

Referenced by DetectTlsJa3HashRegister(), DetectTlsJa3SHashRegister(), DetectTlsJa3SStringRegister(), DetectTlsJa3StringRegister(), and JsonTlsLogJSONExtended().

Here is the call graph for this function:

Here is the caller graph for this function: