1
/* Copyright (C) 2007-2010 Open Information Security Foundation
1
/* Copyright (C) 2007-2012 Open Information Security Foundation
3
3
* You can copy, redistribute or modify this Program under the terms of
4
4
* the GNU General Public License version 2 as published by the Free
21
21
* \author Anoop Saldanha <anoopsaldanha@gmail.com>
22
* \author Pierre Chifflier <pierre.chifflier@ssi.gouv.fr>
25
26
#ifndef __APP_LAYER_SSL_H__
26
27
#define __APP_LAYER_SSL_H__
29
#include "decode-events.h"
32
/* TLS protocol messages */
33
TLS_DECODER_EVENT_INVALID_SSLV2_HEADER,
34
TLS_DECODER_EVENT_INVALID_TLS_HEADER,
35
TLS_DECODER_EVENT_INVALID_RECORD_TYPE,
36
TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE,
37
/* Certificates decoding messages */
38
TLS_DECODER_EVENT_INVALID_CERTIFICATE,
39
TLS_DECODER_EVENT_CERTIFICATE_MISSING_ELEMENT,
40
TLS_DECODER_EVENT_CERTIFICATE_UNKNOWN_ELEMENT,
41
TLS_DECODER_EVENT_CERTIFICATE_INVALID_LENGTH,
42
TLS_DECODER_EVENT_CERTIFICATE_INVALID_STRING,
43
TLS_DECODER_EVENT_ERROR_MSG_ENCOUNTERED,
28
46
/* Flag to indicate that server will now on send encrypted msgs */
29
47
#define SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC 0x0001
30
48
/* Flag to indicate that client will now on send encrypted msgs */
58
76
TLS_VERSION_12 = 0x0303,
62
* \brief SSLv[2.0|3.[0|1|2|3]] state structure.
64
* Structure to store the SSL state values.
66
typedef struct SSLState_ {
79
typedef struct SSLStateConnp_ {
67
80
/* record length */
68
81
uint32_t record_length;
69
82
/* record length's length for SSLv2 */
70
83
uint32_t record_lengths_length;
72
/* holds some state flags we need */
75
uint16_t client_version;
76
uint16_t server_version;
77
uint8_t client_content_type;
78
uint8_t server_content_type;
80
/* dummy var. You can replace this if you want to */
83
uint8_t cur_content_type;
85
/* offset of the beginning of the current message (including header) */
86
uint32_t message_start;
87
uint32_t message_length;
92
uint8_t handshake_type;
84
93
uint32_t handshake_length;
85
uint16_t handshake_client_hello_ssl_version;
86
uint16_t handshake_server_hello_ssl_version;
87
95
/* the no of bytes processed in the currently parsed record */
88
96
uint16_t bytes_processed;
90
uint16_t cur_ssl_version;
91
uint8_t handshake_type;
93
98
/* sslv2 client hello session id length */
94
99
uint16_t session_id_length;
102
char *cert0_issuerdn;
104
/* buffer for the tls record.
105
* We use a malloced buffer, if the record is fragmented */
112
* \brief SSLv[2.0|3.[0|1|2|3]] state structure.
114
* Structure to store the SSL state values.
116
typedef struct SSLState_ {
119
/* holds some state flags we need */
122
SSLStateConnp *curr_connp;
124
SSLStateConnp client_connp;
125
SSLStateConnp server_connp;
97
128
void RegisterSSLParsers(void);