suricata: src/util-ja3.h File Reference

suricata

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures
struct	JA3Buffer_

Macros
#define	JA3_BUFFER_INITIAL_SIZE 128

Typedefs
typedef struct JA3Buffer_	JA3Buffer

Functions
JA3Buffer *	Ja3BufferInit (void)
	Allocate new buffer. More...

void	Ja3BufferFree (JA3Buffer **)
	Free allocated buffer. More...

int	Ja3BufferAppendBuffer (JA3Buffer , JA3Buffer )
	Append buffer to buffer. More...

int	Ja3BufferAddValue (JA3Buffer **, uint32_t)
	Add value to buffer. More...

char *	Ja3GenerateHash (JA3Buffer *)
	Generate Ja3 hash string. More...

int	Ja3IsDisabled (const char *)
	Check if JA3 is disabled. More...

Detailed Description

Author: Mats Klepsland mats..nosp@m.klep.nosp@m.sland.nosp@m.@gma.nosp@m.il.co.nosp@m.m

Definition in file util-ja3.h.

Macro Definition Documentation

#define JA3_BUFFER_INITIAL_SIZE 128

Definition at line 27 of file util-ja3.h.

Referenced by Ja3BufferAddValue().

Typedef Documentation

typedef struct JA3Buffer_ JA3Buffer

Function Documentation

int Ja3BufferAddValue	(	JA3Buffer **	buffer,
		uint32_t	value
	)

Add value to buffer.

Parameters

buffer	The buffer.
value	The value.

Return values

0	on success.
-1	on failure.

Definition at line 169 of file util-ja3.c.

References JA3_BUFFER_INITIAL_SIZE, Ja3BufferFree(), SC_ERR_INVALID_ARGUMENT, SC_ERR_MEM_ALLOC, SCLogError, and SCMalloc.

Referenced by SSLVersionToString().

Here is the call graph for this function:

Here is the caller graph for this function:

int Ja3BufferAppendBuffer	(	JA3Buffer **	buffer1,
		JA3Buffer **	buffer2
	)

Append buffer to buffer.

Append the second buffer to the first and then free it.

Parameters

buffer1	The first buffer.
buffer2	The second buffer.

Return values

0	on success.
-1	on failure.

Definition at line 105 of file util-ja3.c.

References Ja3BufferFree(), SC_ERR_INVALID_ARGUMENT, SCFree, SCLogError, and JA3Buffer_::used.

Referenced by SSLVersionToString().

Here is the call graph for this function:

Here is the caller graph for this function:

void Ja3BufferFree ( JA3Buffer ** buffer )

Free allocated buffer.

Parameters

buffer The buffer to free.

Definition at line 53 of file util-ja3.c.

References JA3Buffer_::data, DEBUG_VALIDATE_BUG_ON, len, SC_ERR_MEM_ALLOC, SCFree, SCLogError, SCRealloc, JA3Buffer_::size, and JA3Buffer_::used.

Referenced by Ja3BufferAddValue(), Ja3BufferAppendBuffer(), and SSLVersionToString().

Here is the caller graph for this function:

JA3Buffer* Ja3BufferInit ( void )

Allocate new buffer.

Returns: pointer to buffer on success.; NULL on failure.

Definition at line 38 of file util-ja3.c.

References SCCalloc.

Referenced by SSLVersionToString().

Here is the caller graph for this function:

char* Ja3GenerateHash ( JA3Buffer * buffer )

Generate Ja3 hash string.

Parameters

buffer The Ja3 buffer.

Return values

pointer	to hash string on success.
NULL	on failure.

Definition at line 216 of file util-ja3.c.

References JA3Buffer_::data, MD5_STRING_LENGTH, SC_ERR_INVALID_ARGUMENT, SC_ERR_INVALID_VALUE, SC_ERR_MEM_ALLOC, SCLogError, SCMalloc, and JA3Buffer_::used.

Referenced by SSLVersionToString().

Here is the caller graph for this function:

int Ja3IsDisabled ( const char * type )

Check if JA3 is disabled.

Issue warning if JA3 is disabled or if we are lacking support for JA3.

Parameters

type	Type to add to warning.

Return values

1	if disabled.
0	otherwise.

Definition at line 262 of file util-ja3.c.

References ConfGetBool(), SC_WARN_JA3_DISABLED, SC_WARN_NO_JA3_SUPPORT, and SCLogWarning.

Referenced by DetectTlsJa3HashRegister(), DetectTlsJa3SHashRegister(), DetectTlsJa3SStringRegister(), and DetectTlsJa3StringRegister().

Here is the call graph for this function:

Here is the caller graph for this function:

src
util-ja3.h
Generated on Mon Jun 24 2019 23:30:34 for suricata by 1.8.11