mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
TLS: Update cipher consts and keyexchange parsing
Update cipher consts. Furthermore some past updates have been applied to scriptland, but it was not considered that some of these also have to be applied to binpac code, to be able to correcly parse the ServerKeyExchange message. (As a side-note - this was discovered due to a test discrepancy with the Spicy parser)
This commit is contained in:
Johanna Amann
parent
5baa2841e8
commit
7c0f325d1b
6 changed files with 169 additions and 38 deletions
|
|
@ -549,12 +549,18 @@ export {
|
|||
const TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C3;
|
||||
const TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C4;
|
||||
const TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C5;
|
||||
# draft-ietf-tls-tls13-16
|
||||
# RFC8998
|
||||
const TLS_SM4_GCM_SM3 = 0x00C6;
|
||||
const TLS_SM4_CCM_SM3 = 0x00C7;
|
||||
# RFC8446
|
||||
const TLS_AES_128_GCM_SHA256 = 0x1301;
|
||||
const TLS_AES_256_GCM_SHA384 = 0x1302;
|
||||
const TLS_CHACHA20_POLY1305_SHA256 = 0x1303;
|
||||
const TLS_AES_128_CCM_SHA256 = 0x1304;
|
||||
const TLS_AES_128_CCM_8_SHA256 = 0x1305;
|
||||
# draft-irtf-cfrg-aegis-aead-00
|
||||
const TLS_AEGIS_256_SHA384 = 0x1306;
|
||||
const TLS_AEGIS_128L_SHA256 = 0x1307;
|
||||
# Google...
|
||||
const TLS_CECPQ1_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0x16b7;
|
||||
const TLS_CECPQ1_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0x16b8;
|
||||
|
|
@ -741,6 +747,23 @@ export {
|
|||
const TLS_ECDHE_ECDSA_WITH_AES_256_CCM = 0xC0AD;
|
||||
const TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 0xC0AE;
|
||||
const TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 0xC0AF;
|
||||
# RFC8492]
|
||||
const TLS_ECCPWD_WITH_AES_128_GCM_SHA256 = 0xC0B0;
|
||||
const TLS_ECCPWD_WITH_AES_256_GCM_SHA384 = 0xC0B1;
|
||||
const TLS_ECCPWD_WITH_AES_128_CCM_SHA256 = 0xC0B2;
|
||||
const TLS_ECCPWD_WITH_AES_256_CCM_SHA384 = 0xC0B3;
|
||||
# RFC RFC9150
|
||||
const TLS_SHA256_SHA256 = 0xC0B4;
|
||||
const TLS_SHA384_SHA384 = 0xC0B5;
|
||||
# RFC9189
|
||||
const TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC = 0xC100;
|
||||
const TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC = 0xC101;
|
||||
const TLS_GOSTR341112_256_WITH_28147_CNT_IMIT = 0xC102;
|
||||
# RFC9367
|
||||
const TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L = 0xC103;
|
||||
const TLS_GOSTR341112_256_WITH_MAGMA_MGM_L = 0xC104;
|
||||
const TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S = 0xC105;
|
||||
const TLS_GOSTR341112_256_WITH_MAGMA_MGM_S = 0xC106;
|
||||
# draft-agl-tls-chacha20poly1305-02
|
||||
const TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD = 0xCC13;
|
||||
const TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD = 0xCC14;
|
||||
|
|
@ -753,11 +776,13 @@ export {
|
|||
const TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAC;
|
||||
const TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAD;
|
||||
const TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAE;
|
||||
# draft-ietf-tls-ecdhe-psk-aead-05
|
||||
# draft-ietf-tls-ecdhe-psk-aead-05 - didn't make it into RFC8442 like this
|
||||
const TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256_OLD = 0xD004;
|
||||
# RFC8442
|
||||
const TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 = 0xD001;
|
||||
const TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 = 0xD002;
|
||||
const TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256 = 0xD003;
|
||||
const TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 = 0xD004;
|
||||
const TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 = 0xD005;
|
||||
|
||||
const SSL_RSA_FIPS_WITH_DES_CBC_SHA = 0xFEFE;
|
||||
const SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = 0xFEFF;
|
||||
|
|
@ -773,17 +798,16 @@ export {
|
|||
## detecting unknown ciphers and for converting the cipher spec
|
||||
## constants into a human readable format.
|
||||
const cipher_desc: table[count] of string = {
|
||||
[SSLv20_CK_RC4_128_EXPORT40_WITH_MD5] =
|
||||
"SSLv20_CK_RC4_128_EXPORT40_WITH_MD5",
|
||||
# SSLv2
|
||||
[SSLv20_CK_RC4_128_WITH_MD5] = "SSLv20_CK_RC4_128_WITH_MD5",
|
||||
[SSLv20_CK_RC4_128_EXPORT40_WITH_MD5] = "SSLv20_CK_RC4_128_EXPORT40_WITH_MD5",
|
||||
[SSLv20_CK_RC2_128_CBC_WITH_MD5] = "SSLv20_CK_RC2_128_CBC_WITH_MD5",
|
||||
[SSLv20_CK_RC2_128_CBC_EXPORT40_WITH_MD5] =
|
||||
"SSLv20_CK_RC2_128_CBC_EXPORT40_WITH_MD5",
|
||||
[SSLv20_CK_RC2_128_CBC_EXPORT40_WITH_MD5] = "SSLv20_CK_RC2_128_CBC_EXPORT40_WITH_MD5",
|
||||
[SSLv20_CK_IDEA_128_CBC_WITH_MD5] = "SSLv20_CK_IDEA_128_CBC_WITH_MD5",
|
||||
[SSLv20_CK_DES_192_EDE3_CBC_WITH_MD5] =
|
||||
"SSLv20_CK_DES_192_EDE3_CBC_WITH_MD5",
|
||||
[SSLv20_CK_DES_64_CBC_WITH_MD5] = "SSLv20_CK_DES_64_CBC_WITH_MD5",
|
||||
[SSLv20_CK_DES_192_EDE3_CBC_WITH_MD5] = "SSLv20_CK_DES_192_EDE3_CBC_WITH_MD5",
|
||||
|
||||
# TLS
|
||||
[TLS_NULL_WITH_NULL_NULL] = "TLS_NULL_WITH_NULL_NULL",
|
||||
[TLS_RSA_WITH_NULL_MD5] = "TLS_RSA_WITH_NULL_MD5",
|
||||
[TLS_RSA_WITH_NULL_SHA] = "TLS_RSA_WITH_NULL_SHA",
|
||||
|
|
@ -866,6 +890,7 @@ export {
|
|||
[TLS_DHE_RSA_WITH_AES_256_CBC_SHA256] = "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
|
||||
[TLS_DH_ANON_WITH_AES_128_CBC_SHA256] = "TLS_DH_ANON_WITH_AES_128_CBC_SHA256",
|
||||
[TLS_DH_ANON_WITH_AES_256_CBC_SHA256] = "TLS_DH_ANON_WITH_AES_256_CBC_SHA256",
|
||||
# draft-ietf-tls-openpgp-keys-06
|
||||
[TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD] = "TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD",
|
||||
[TLS_DHE_DSS_WITH_AES_128_CBC_RMD] = "TLS_DHE_DSS_WITH_AES_128_CBC_RMD",
|
||||
[TLS_DHE_DSS_WITH_AES_256_CBC_RMD] = "TLS_DHE_DSS_WITH_AES_256_CBC_RMD",
|
||||
|
|
@ -875,6 +900,7 @@ export {
|
|||
[TLS_RSA_WITH_3DES_EDE_CBC_RMD] = "TLS_RSA_WITH_3DES_EDE_CBC_RMD",
|
||||
[TLS_RSA_WITH_AES_128_CBC_RMD] = "TLS_RSA_WITH_AES_128_CBC_RMD",
|
||||
[TLS_RSA_WITH_AES_256_CBC_RMD] = "TLS_RSA_WITH_AES_256_CBC_RMD",
|
||||
# draft-chudov-cryptopro-cptls-04
|
||||
[TLS_GOSTR341094_WITH_28147_CNT_IMIT] = "TLS_GOSTR341094_WITH_28147_CNT_IMIT",
|
||||
[TLS_GOSTR341001_WITH_28147_CNT_IMIT] = "TLS_GOSTR341001_WITH_28147_CNT_IMIT",
|
||||
[TLS_GOSTR341094_WITH_NULL_GOSTR3411] = "TLS_GOSTR341094_WITH_NULL_GOSTR3411",
|
||||
|
|
@ -945,16 +971,26 @@ export {
|
|||
[TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256] = "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256",
|
||||
[TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256] = "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256",
|
||||
[TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA256] = "TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA256",
|
||||
# RFC8998
|
||||
[TLS_SM4_GCM_SM3] = "TLS_SM4_GCM_SM3",
|
||||
[TLS_SM4_CCM_SM3] = "TLS_SM4_CCM_SM3",
|
||||
# RFC8446
|
||||
[TLS_AES_128_GCM_SHA256] = "TLS_AES_128_GCM_SHA256",
|
||||
[TLS_AES_256_GCM_SHA384] = "TLS_AES_256_GCM_SHA384",
|
||||
[TLS_CHACHA20_POLY1305_SHA256] = "TLS_CHACHA20_POLY1305_SHA256",
|
||||
[TLS_AES_128_CCM_SHA256] = "TLS_AES_128_CCM_SHA256",
|
||||
[TLS_AES_128_CCM_8_SHA256] = "TLS_AES_128_CCM_8_SHA256",
|
||||
# draft-irtf-cfrg-aegis-aead-00
|
||||
[TLS_AEGIS_256_SHA384] = "TLS_AEGIS_256_SHA384",
|
||||
[TLS_AEGIS_128L_SHA256] = "TLS_AEGIS_128L_SHA256",
|
||||
# Google...
|
||||
[TLS_CECPQ1_RSA_WITH_CHACHA20_POLY1305_SHA256] = "TLS_CECPQ1_RSA_WITH_CHACHA20_POLY1305_SHA256",
|
||||
[TLS_CECPQ1_ECDSA_WITH_CHACHA20_POLY1305_SHA256] = "TLS_CECPQ1_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
|
||||
[TLS_CECPQ1_RSA_WITH_AES_256_GCM_SHA384] = "TLS_CECPQ1_RSA_WITH_AES_256_GCM_SHA384",
|
||||
[TLS_CECPQ1_ECDSA_WITH_AES_256_GCM_SHA384] = "TLS_CECPQ1_ECDSA_WITH_AES_256_GCM_SHA384",
|
||||
# draft-bmoeller-tls-downgrade-scsv-01
|
||||
[TLS_FALLBACK_SCSV] = "TLS_FALLBACK_SCSV",
|
||||
# RFC 4492
|
||||
[TLS_ECDH_ECDSA_WITH_NULL_SHA] = "TLS_ECDH_ECDSA_WITH_NULL_SHA",
|
||||
[TLS_ECDH_ECDSA_WITH_RC4_128_SHA] = "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
|
||||
[TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA] = "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
|
||||
|
|
@ -1014,6 +1050,7 @@ export {
|
|||
[TLS_ECDHE_PSK_WITH_NULL_SHA] = "TLS_ECDHE_PSK_WITH_NULL_SHA",
|
||||
[TLS_ECDHE_PSK_WITH_NULL_SHA256] = "TLS_ECDHE_PSK_WITH_NULL_SHA256",
|
||||
[TLS_ECDHE_PSK_WITH_NULL_SHA384] = "TLS_ECDHE_PSK_WITH_NULL_SHA384",
|
||||
# RFC 6209
|
||||
[TLS_RSA_WITH_ARIA_128_CBC_SHA256] = "TLS_RSA_WITH_ARIA_128_CBC_SHA256",
|
||||
[TLS_RSA_WITH_ARIA_256_CBC_SHA384] = "TLS_RSA_WITH_ARIA_256_CBC_SHA384",
|
||||
[TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256] = "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256",
|
||||
|
|
@ -1068,6 +1105,7 @@ export {
|
|||
[TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384] = "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384",
|
||||
[TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256] = "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256",
|
||||
[TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384] = "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384",
|
||||
# RFC 6367
|
||||
[TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256] = "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256",
|
||||
[TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384] = "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384",
|
||||
[TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256] = "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256",
|
||||
|
|
@ -1110,6 +1148,7 @@ export {
|
|||
[TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384] = "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384",
|
||||
[TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256] = "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256",
|
||||
[TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384] = "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384",
|
||||
# RFC 6655
|
||||
[TLS_RSA_WITH_AES_128_CCM] = "TLS_RSA_WITH_AES_128_CCM",
|
||||
[TLS_RSA_WITH_AES_256_CCM] = "TLS_RSA_WITH_AES_256_CCM",
|
||||
[TLS_DHE_RSA_WITH_AES_128_CCM] = "TLS_DHE_RSA_WITH_AES_128_CCM",
|
||||
|
|
@ -1130,9 +1169,28 @@ export {
|
|||
[TLS_ECDHE_ECDSA_WITH_AES_256_CCM] = "TLS_ECDHE_ECDSA_WITH_AES_256_CCM",
|
||||
[TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8] = "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8",
|
||||
[TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8] = "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8",
|
||||
# RFC8492]
|
||||
[TLS_ECCPWD_WITH_AES_128_GCM_SHA256] = "TLS_ECCPWD_WITH_AES_128_GCM_SHA256",
|
||||
[TLS_ECCPWD_WITH_AES_256_GCM_SHA384] = "TLS_ECCPWD_WITH_AES_256_GCM_SHA384",
|
||||
[TLS_ECCPWD_WITH_AES_128_CCM_SHA256] = "TLS_ECCPWD_WITH_AES_128_CCM_SHA256",
|
||||
[TLS_ECCPWD_WITH_AES_256_CCM_SHA384] = "TLS_ECCPWD_WITH_AES_256_CCM_SHA384",
|
||||
# RFC RFC9150
|
||||
[TLS_SHA256_SHA256] = "TLS_SHA256_SHA256",
|
||||
[TLS_SHA384_SHA384] = "TLS_SHA384_SHA384",
|
||||
# RFC9189
|
||||
[TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC] = "TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC",
|
||||
[TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC] = "TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC",
|
||||
[TLS_GOSTR341112_256_WITH_28147_CNT_IMIT] = "TLS_GOSTR341112_256_WITH_28147_CNT_IMIT",
|
||||
# RFC9367
|
||||
[TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L] = "TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L",
|
||||
[TLS_GOSTR341112_256_WITH_MAGMA_MGM_L] = "TLS_GOSTR341112_256_WITH_MAGMA_MGM_L",
|
||||
[TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S] = "TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S",
|
||||
[TLS_GOSTR341112_256_WITH_MAGMA_MGM_S] = "TLS_GOSTR341112_256_WITH_MAGMA_MGM_S",
|
||||
# draft-agl-tls-chacha20poly1305-02
|
||||
[TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD] = "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD",
|
||||
[TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD] = "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD",
|
||||
[TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD] = "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD",
|
||||
# RFC 7905
|
||||
[TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256] = "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
|
||||
[TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256] = "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
|
||||
[TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256] = "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
|
||||
|
|
@ -1140,10 +1198,14 @@ export {
|
|||
[TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256] = "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
|
||||
[TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256] = "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
|
||||
[TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256] = "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256",
|
||||
# draft-ietf-tls-ecdhe-psk-aead-05 - didn't make it into RFC8442 like this
|
||||
[TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256_OLD] = "TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256_OLD",
|
||||
# RFC8442
|
||||
[TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256] = "TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256",
|
||||
[TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384] = "TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384",
|
||||
[TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256] = "TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256",
|
||||
[TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256] = "TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256",
|
||||
|
||||
[SSL_RSA_FIPS_WITH_DES_CBC_SHA] = "SSL_RSA_FIPS_WITH_DES_CBC_SHA",
|
||||
[SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA] = "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA",
|
||||
[SSL_RSA_FIPS_WITH_DES_CBC_SHA_2] = "SSL_RSA_FIPS_WITH_DES_CBC_SHA_2",
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue