rpms / wireshark

Clone
Source Code
GIT

Blame SOURCES/wireshark-1.10.14-tls-cert-verify-msgs.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta
  1.   b1047b6904cbca4c46bff565050a826e67fa13d0
  2.   SOURCES
  3.   wireshark-1.10.14-tls-cert-verify-msgs.patch
Blob History Raw
b1047b 
diff --git a/epan/dissectors/packet-ssl.c b/epan/dissectors/packet-ssl.c
b1047b 
index e97e46e..f70919b 100644
b1047b 
--- a/epan/dissectors/packet-ssl.c
b1047b 
+++ b/epan/dissectors/packet-ssl.c
b1047b 
@@ -202,6 +202,8 @@ static gint hf_ssl_handshake_server_keyex_named_curve = -1;
b1047b 
 static gint hf_ssl_handshake_server_keyex_point     = -1;
b1047b 
 static gint hf_ssl_handshake_client_keyex_epms      = -1;
b1047b 
 static gint hf_ssl_handshake_client_keyex_point     = -1;
b1047b 
+static gint hf_ssl_handshake_client_vrfy_sig_len    = -1;
b1047b 
+static gint hf_ssl_handshake_client_vrfy_sig        = -1;
b1047b 
 static gint hf_ssl_handshake_server_keyex_modulus   = -1;
b1047b 
 static gint hf_ssl_handshake_server_keyex_exponent  = -1;
b1047b 
 static gint hf_ssl_handshake_server_keyex_sig       = -1;
b1047b 
@@ -682,6 +684,10 @@ static gint  ssl_looks_like_valid_pct_handshake(tvbuff_t *tvb,
b1047b 
 static gint  dissect_ssl_hash_alg_list(tvbuff_t *tvb, proto_tree *tree,
b1047b 
                                        guint32 offset, guint16 len);
b1047b
b1047b 
+static void  dissect_ssl3_hnd_cli_cert_verify(tvbuff_t *tvb, proto_tree *tree,
b1047b 
+                                              guint32 offset,
b1047b 
+                                              const SslSession *session);
b1047b 
+
b1047b 
 /*********************************************************************
b1047b 
  *
b1047b 
  * Main dissector
b1047b 
@@ -2070,7 +2076,7 @@ dissect_ssl3_handshake(tvbuff_t *tvb, packet_info *pinfo,
b1047b 
                 break;
b1047b
b1047b 
             case SSL_HND_CERT_VERIFY:
b1047b 
-                /* unimplemented */
b1047b 
+                dissect_ssl3_hnd_cli_cert_verify(tvb, ssl_hand_tree, offset, session);
b1047b 
                 break;
b1047b
b1047b 
             case SSL_HND_CLIENT_KEY_EXCHG:
b1047b 
@@ -3174,8 +3180,9 @@ dissect_ssl3_hnd_cert_req(tvbuff_t *tvb,
b1047b 
 }
b1047b
b1047b 
 static void
b1047b 
-dissect_ssl3_hnd_srv_keyex_sig(tvbuff_t *tvb, proto_tree *tree,
b1047b 
-                               guint32 offset, SslSession *session)
b1047b 
+dissect_ssl3_digitally_signed(tvbuff_t *tvb, proto_tree *tree, guint32 offset,
b1047b 
+                              const SslSession *session, gint hf_sig_len,
b1047b 
+                              gint hf_sig)
b1047b 
 {
b1047b 
     gint        sig_len;
b1047b 
     proto_item *ti_algo;
b1047b 
@@ -3202,10 +3209,40 @@ dissect_ssl3_hnd_srv_keyex_sig(tvbuff_t *tvb, proto_tree *tree,
b1047b
b1047b 
     /* Sig */
b1047b 
     sig_len = tvb_get_ntohs(tvb, offset);
b1047b 
-    proto_tree_add_item(tree, hf_ssl_handshake_server_keyex_sig_len, tvb,
b1047b 
-                        offset, 2, ENC_BIG_ENDIAN);
b1047b 
-    proto_tree_add_item(tree, hf_ssl_handshake_server_keyex_sig, tvb,
b1047b 
-                        offset + 2, sig_len, ENC_NA);
b1047b 
+    proto_tree_add_item(tree, hf_sig_len, tvb, offset, 2, ENC_BIG_ENDIAN);
b1047b 
+    proto_tree_add_item(tree, hf_sig, tvb, offset + 2, sig_len, ENC_NA);
b1047b 
+}
b1047b 
+
b1047b 
+static void
b1047b 
+dissect_ssl3_hnd_cli_cert_verify(tvbuff_t *tvb, proto_tree *tree,
b1047b 
+                                 guint32 offset, const SslSession *session)
b1047b 
+{
b1047b 
+    dissect_ssl3_digitally_signed(tvb, tree, offset, session,
b1047b 
+                                  hf_ssl_handshake_client_vrfy_sig_len,
b1047b 
+                                  hf_ssl_handshake_client_vrfy_sig);
b1047b 
+}
b1047b 
+
b1047b 
+static void
b1047b 
+dissect_ssl3_hnd_srv_keyex_sig(tvbuff_t *tvb, proto_tree *tree,
b1047b 
+                               guint32 offset, SslSession *session)
b1047b 
+{
b1047b 
+    /*
b1047b 
+     * TLSv1.2 (RFC 5246 sec 7.4.8)
b1047b 
+     *  struct {
b1047b 
+     *      digitally-signed struct {
b1047b 
+     *          opaque handshake_messages[handshake_messages_length];
b1047b 
+     *      }
b1047b 
+     *  } CertificateVerify;
b1047b 
+     *
b1047b 
+     * TLSv1.0/TLSv1.1 (RFC 5436 sec 7.4.8 and 7.4.3) works essentially the same
b1047b 
+     * as TLSv1.2, but the hash algorithms are not explicit in digitally-signed.
b1047b 
+     *
b1047b 
+     * SSLv3 (RFC 6101 sec 5.6.8) esseentially works the same as TLSv1.0 but it
b1047b 
+     * does more hashing including the master secret and padding.
b1047b 
+     */
b1047b 
+    dissect_ssl3_digitally_signed(tvb, tree, offset, session,
b1047b 
+                                  hf_ssl_handshake_server_keyex_sig_len,
b1047b 
+                                  hf_ssl_handshake_server_keyex_sig);
b1047b 
 }
b1047b
b1047b 
 static void
b1047b 
@@ -5410,6 +5447,16 @@ proto_register_ssl(void)
b1047b 
             FT_BYTES, BASE_NONE, NULL, 0x0,
b1047b 
             "EC Diffie-Hellman client pubkey", HFILL }
b1047b 
         },
b1047b 
+        { &hf_ssl_handshake_client_vrfy_sig_len,
b1047b 
+          { "signature length", "ssl.handshake.client_cert_vrfy.sig_len",
b1047b 
+            FT_UINT16, BASE_DEC, NULL, 0x0,
b1047b 
+            "Length of CertificateVerify's signature", HFILL }
b1047b 
+        },
b1047b 
+        { &hf_ssl_handshake_client_vrfy_sig,
b1047b 
+          { "signature", "ssl.handshake.client_cert_vrfy.sig",
b1047b 
+            FT_BYTES, BASE_NONE, NULL, 0x0,
b1047b 
+            "CertificateVerify's signature", HFILL }
b1047b 
+        },
b1047b 
         { &hf_ssl_handshake_server_keyex_modulus,
b1047b 
           { "modulus", "ssl.handshake.modulus",
b1047b 
             FT_BYTES, BASE_NONE, NULL, 0x0,

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation