wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Sniffer Logging

Browse Source 
1. Capture the SNI in the SSLInfo.
2. Save the private key length and capture it in the SSLInfo.
This commit is contained in:
John Safranek
2019-05-16 10:56:10 -07:00
parent 651087ab5a
commit 1781a9fd76
2 changed files with 34 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
src/sniffer.c
View File

@@ -374,12 +374,16 @@ typedef struct SnifferSession {
FinCaputre finCaputre; /* retain out of order FIN s */ FinCaputre finCaputre; /* retain out of order FIN s */
Flags flags; /* session flags */ Flags flags; /* session flags */
time_t lastUsed; /* last used ticks */ time_t lastUsed; /* last used ticks */
word32 keySz; /* size of the private key */
PacketBuffer* cliReassemblyList; /* client out of order packets */ PacketBuffer* cliReassemblyList; /* client out of order packets */
PacketBuffer* srvReassemblyList; /* server out of order packets */ PacketBuffer* srvReassemblyList; /* server out of order packets */
word32 cliReassemblyMemory; /* client packet memory used */ word32 cliReassemblyMemory; /* client packet memory used */
word32 srvReassemblyMemory; /* server packet memory used */ word32 srvReassemblyMemory; /* server packet memory used */
struct SnifferSession* next; /* for hash table list */ struct SnifferSession* next; /* for hash table list */
byte* ticketID; /* mac ID of session ticket */ byte* ticketID; /* mac ID of session ticket */
#ifdef HAVE_SNI
const char* sni; /* server name indication */
#endif
#ifdef HAVE_EXTENDED_MASTER #ifdef HAVE_EXTENDED_MASTER
HsHashes* hash; HsHashes* hash;
#endif #endif
@@ -1025,12 +1029,20 @@ static void TraceSessionInfo(SSLInfo* sslInfo)
if (TraceOn) { if (TraceOn) {
if (sslInfo != NULL && sslInfo->isValid) { if (sslInfo != NULL && sslInfo->isValid) {
fprintf(TraceFile, fprintf(TraceFile,
"\tver:(%u %u) suiteId:(%02x %02x) suiteName:(%s)\n", "\tver:(%u %u) suiteId:(%02x %02x) suiteName:(%s) "
#ifdef HAVE_SNI
"sni:(%s) "
#endif
"keySize:(%u)\n",
sslInfo->protocolVersionMajor, sslInfo->protocolVersionMajor,
sslInfo->protocolVersionMinor, sslInfo->protocolVersionMinor,
sslInfo->serverCipherSuite0, sslInfo->serverCipherSuite0,
sslInfo->serverCipherSuite, sslInfo->serverCipherSuite,
sslInfo->serverCipherSuiteName); sslInfo->serverCipherSuiteName,
#ifdef HAVE_SNI
sslInfo->serverNameIndication,
#endif
sslInfo->keySize);
} }
} }
} }
@@ -1537,6 +1549,10 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
} }
if (ret == 0) { if (ret == 0) {
session->keySz = length * 8;
/* length is the key size in bytes */
session->sslServer->arrays->preMasterSz = SECRET_LEN;
do { do {
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
ret = wc_AsyncWait(ret, &key.asyncDev, ret = wc_AsyncWait(ret, &key.asyncDev,
@@ -1545,7 +1561,7 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
if (ret >= 0) { if (ret >= 0) {
ret = wc_RsaPrivateDecrypt(input, length, ret = wc_RsaPrivateDecrypt(input, length,
session->sslServer->arrays->preMasterSecret, session->sslServer->arrays->preMasterSecret,
SECRET_LEN, &key); session->sslServer->arrays->preMasterSz, &key);
} }
} while (ret == WC_PENDING_E); } while (ret == WC_PENDING_E);
@@ -1554,8 +1570,6 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
} }
} }
session->sslServer->arrays->preMasterSz = SECRET_LEN;
wc_FreeRsaKey(&key); wc_FreeRsaKey(&key);
} }
@@ -1604,6 +1618,9 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
} }
if (ret == 0) { if (ret == 0) {
session->keySz = (length - 1) * 4;
/* The length is the key size in bytes, times 2 for the (x,y)
* coordinates, plus 1 for the type. */
session->sslServer->arrays->preMasterSz = ENCRYPT_LEN; session->sslServer->arrays->preMasterSz = ENCRYPT_LEN;
do { do {
@@ -1953,6 +1970,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
FATAL_ERROR_STATE); FATAL_ERROR_STATE);
return -1; return -1;
} }
session->sni = namedKey->name;
break; break;
} }
else else
@@ -3608,6 +3626,15 @@ static void CopySessionInfo(SnifferSession* session, SSLInfo* sslInfo)
sslInfo->serverCipherSuiteName sslInfo->serverCipherSuiteName
[sizeof(sslInfo->serverCipherSuiteName) - 1] = '\0'; [sizeof(sslInfo->serverCipherSuiteName) - 1] = '\0';
} }
sslInfo->keySize = session->keySz;
#ifdef HAVE_SNI
if (NULL != session->sni) {
XSTRNCPY((char*)sslInfo->serverNameIndication,
session->sni, sizeof(sslInfo->serverNameIndication));
sslInfo->serverNameIndication
[sizeof(sslInfo->serverNameIndication) - 1] = '\0';
}
#endif
TraceSessionInfo(sslInfo); TraceSessionInfo(sslInfo);
} }
} }

2
wolfssl/sniffer.h
View File

@@ -115,6 +115,8 @@ typedef struct SSLInfo
unsigned char serverCipherSuite; /* second byte, actual suite */ unsigned char serverCipherSuite; /* second byte, actual suite */
unsigned char serverCipherSuiteName[256]; unsigned char serverCipherSuiteName[256];
/* cipher name, e.g., "TLS_RSA_..." */ /* cipher name, e.g., "TLS_RSA_..." */
unsigned char serverNameIndication[128];
unsigned int keySize;
} WOLFSSL_PACK SSLInfo; } WOLFSSL_PACK SSLInfo;