From de6b9bc6be738046839bf34411fe09ca70775d06 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 28 Oct 2013 17:18:41 -0700 Subject: [PATCH] fix sniffer with new decrypt/verify code --- src/sniffer.c | 13 +++++++++++-- sslSniffer/sslSnifferTest/snifftest.c | 2 +- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/src/sniffer.c b/src/sniffer.c index 73c4ae003..7eb272f87 100644 --- a/src/sniffer.c +++ b/src/sniffer.c @@ -1593,10 +1593,19 @@ static void Decrypt(SSL* ssl, byte* output, const byte* input, word32 sz) static const byte* DecryptMessage(SSL* ssl, const byte* input, word32 sz, byte* output) { + int ivExtra = 0; + Decrypt(ssl, output, input, sz); ssl->keys.encryptSz = sz; - if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) - return output + ssl->specs.block_size; /* go past TLSv1.1 IV */ + if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) { + output += ssl->specs.block_size; /* go past TLSv1.1 IV */ + ivExtra = ssl->specs.block_size; + } + + ssl->keys.padSz = ssl->specs.hash_size; + + if (ssl->specs.cipher_type == block) + ssl->keys.padSz += *(output + sz - ivExtra - 1) + 1; return output; } diff --git a/sslSniffer/sslSnifferTest/snifftest.c b/sslSniffer/sslSnifferTest/snifftest.c index 3f9160902..0febe7317 100755 --- a/sslSniffer/sslSnifferTest/snifftest.c +++ b/sslSniffer/sslSnifferTest/snifftest.c @@ -278,7 +278,7 @@ int main(int argc, char** argv) printf("ssl_Decode ret = %d, %s\n", ret, err); if (ret > 0) { data[ret] = 0; - printf("SSL App Data:%s\n", data); + printf("SSL App Data(%d):%s\n", ret, data); } } else if (saveFile)