Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Parse pre-shared-key extension.

Browse source 
No documentation yet...
This commit is contained in:
Johanna Amann 2019-04-22 23:02:08 +02:00
parent 5ba46eaa71
commit e85a016521
8 changed files with 162 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
scripts/base/init-bare.zeek
View file

@ -4170,6 +4170,10 @@ export {
SignatureAlgorithm: count; ##< Signature algorithm number SignatureAlgorithm: count; ##< Signature algorithm number
}; };
type PSKIdentity: record {
identity: string; ##< PSK identity
obfuscated_ticket_age: count;
};
## Number of non-DTLS frames that can occur in a DTLS connection before ## Number of non-DTLS frames that can occur in a DTLS connection before
## parsing of the connection is suspended. ## parsing of the connection is suspended.
@ -4191,6 +4195,8 @@ module GLOBAL;
## directly and then remove this alias. ## directly and then remove this alias.
type signature_and_hashalgorithm_vec: vector of SSL::SignatureAndHashAlgorithm; type signature_and_hashalgorithm_vec: vector of SSL::SignatureAndHashAlgorithm;
type psk_identity_vec: vector of SSL::PSKIdentity;
module X509; module X509;
export { export {
type Certificate: record { type Certificate: record {

3
src/analyzer/protocol/ssl/events.bif
View file

@ -182,6 +182,9 @@ event ssl_extension_signature_algorithm%(c: connection, is_orig: bool, signature
## ssl_rsa_client_pms ssl_server_signature ## ssl_rsa_client_pms ssl_server_signature
event ssl_extension_key_share%(c: connection, is_orig: bool, curves: index_vec%); event ssl_extension_key_share%(c: connection, is_orig: bool, curves: index_vec%);
event ssl_extension_pre_shared_key_client_hello%(c: connection, is_orig: bool, identities: psk_identity_vec, binders: string_vec%);
event ssl_extension_pre_shared_key_server_hello%(c: connection, is_orig: bool, selected_identity: count%);
## Generated if a named curve is chosen by the server for an SSL/TLS connection. ## Generated if a named curve is chosen by the server for an SSL/TLS connection.
## The curve is sent by the server in the ServerKeyExchange message as defined ## The curve is sent by the server in the ServerKeyExchange message as defined
## in :rfc:`4492`, in case an ECDH or ECDHE cipher suite is chosen. ## in :rfc:`4492`, in case an ECDH or ECDHE cipher suite is chosen.

52
src/analyzer/protocol/ssl/tls-handshake-analyzer.pac
View file

@ -411,6 +411,50 @@ refine connection Handshake_Conn += {
return true; return true;
%} %}
function proc_pre_shared_key_server_hello(rec: HandshakeRecord, identities: PSKIdentitiesList, binders: PSKBindersList) : bool
%{
if ( ! ssl_extension_pre_shared_key_server_hello )
return true;
VectorVal* slist = new VectorVal(internal_type("psk_identity_vec")->AsVectorType());
if ( identities && identities->identities() )
{
uint32 i = 0;
for ( auto&& identity : *(identities->identities()) )
{
RecordVal* el = new RecordVal(BifType::Record::SSL::PSKIdentity);
el->Assign(0, new StringVal(identity->identity().length(), (const char*) identity->identity().data()));
el->Assign(1, val_mgr->GetCount(identity->obfuscated_ticket_age()));
slist->Assign(i++, el);
}
}
VectorVal* blist = new VectorVal(internal_type("string_vec")->AsVectorType());
if ( binders && binders->binders() )
{
uint32 i = 0;
for ( auto&& binder : *(binders->binders()) )
blist->Assign(i++, new StringVal(binder->binder().length(), (const char*) binder->binder().data()));
}
BifEvent::generate_ssl_extension_pre_shared_key_client_hello(bro_analyzer(), bro_analyzer()->Conn(),
${rec.is_orig}, slist, blist);
return true;
%}
function proc_pre_shared_key_client_hello(rec: HandshakeRecord, selected_identity: uint16) : bool
%{
if ( ! ssl_extension_pre_shared_key_client_hello )
return true;
BifEvent::generate_ssl_extension_pre_shared_key_server_hello(bro_analyzer(),
bro_analyzer()->Conn(), ${rec.is_orig}, selected_identity);
return true;
%}
}; };
refine typeattr ClientHello += &let { refine typeattr ClientHello += &let {
@ -520,6 +564,14 @@ refine typeattr PSKKeyExchangeModes += &let {
proc : bool = $context.connection.proc_psk_key_exchange_modes(rec, modes); proc : bool = $context.connection.proc_psk_key_exchange_modes(rec, modes);
}; };
refine typeattr OfferedPsks += &let {
proc : bool = $context.connection.proc_pre_shared_key_server_hello(rec, identities, binders);
};
refine typeattr SelectedPreSharedKeyIdentity += &let {
proc : bool = $context.connection.proc_pre_shared_key_client_hello(rec, selected_identity);
};
refine typeattr Handshake += &let { refine typeattr Handshake += &let {
proc : bool = $context.connection.proc_handshake(rec.is_orig, rec.msg_type, rec.msg_length); proc : bool = $context.connection.proc_handshake(rec.is_orig, rec.msg_type, rec.msg_length);
}; };

38
src/analyzer/protocol/ssl/tls-handshake-protocol.pac
View file

@ -778,6 +778,7 @@ type SSLExtension(rec: HandshakeRecord) = record {
EXT_KEY_SHARE -> key_share: KeyShare(rec)[] &until($element == 0 || $element != 0); EXT_KEY_SHARE -> key_share: KeyShare(rec)[] &until($element == 0 || $element != 0);
EXT_SUPPORTED_VERSIONS -> supported_versions_selector: SupportedVersionsSelector(rec, data_len)[] &until($element == 0 || $element != 0); EXT_SUPPORTED_VERSIONS -> supported_versions_selector: SupportedVersionsSelector(rec, data_len)[] &until($element == 0 || $element != 0);
EXT_PSK_KEY_EXCHANGE_MODES -> psk_key_exchange_modes: PSKKeyExchangeModes(rec)[] &until($element == 0 || $element != 0); EXT_PSK_KEY_EXCHANGE_MODES -> psk_key_exchange_modes: PSKKeyExchangeModes(rec)[] &until($element == 0 || $element != 0);
EXT_PRE_SHARED_KEY -> pre_shared_key: PreSharedKey(rec)[] &until($element == 0 || $element != 0);
default -> data: bytestring &restofdata; default -> data: bytestring &restofdata;
}; };
} &length=data_len+4 &exportsourcedata; } &length=data_len+4 &exportsourcedata;
@ -864,6 +865,43 @@ type KeyShare(rec: HandshakeRecord) = case rec.msg_type of {
default -> other : bytestring &restofdata &transient; default -> other : bytestring &restofdata &transient;
}; };
type SelectedPreSharedKeyIdentity(rec: HandshakeRecord) = record {
selected_identity: uint16;
};
type PSKIdentity() = record {
length: uint16;
identity: bytestring &length=length;
obfuscated_ticket_age: uint32;
};
type PSKIdentitiesList() = record {
length: uint16;
identities: PSKIdentity[] &until($input.length() == 0);
} &length=length+2;
type PSKBinder() = record {
length: uint8;
binder: bytestring &length=length;
};
type PSKBindersList() = record {
length: uint16;
binders: PSKBinder[] &until($input.length() == 0);
} &length=length+2;
type OfferedPsks(rec: HandshakeRecord) = record {
identities: PSKIdentitiesList;
binders: PSKBindersList;
};
type PreSharedKey(rec: HandshakeRecord) = case rec.msg_type of {
CLIENT_HELLO -> offered_psks : OfferedPsks(rec);
SERVER_HELLO -> selected_identity : SelectedPreSharedKeyIdentity(rec);
# ... well, we don't parse hello retry requests yet, because I don't have an example of them on the wire.
default -> other : bytestring &restofdata &transient;
};
type SignatureAlgorithm(rec: HandshakeRecord) = record { type SignatureAlgorithm(rec: HandshakeRecord) = record {
length: uint16; length: uint16;
supported_signature_algorithms: SignatureAndHashAlgorithm[] &until($input.length() == 0); supported_signature_algorithms: SignatureAndHashAlgorithm[] &until($input.length() == 0);

1
src/analyzer/protocol/ssl/types.bif
View file

@ -1,5 +1,6 @@
module SSL; module SSL;
type SignatureAndHashAlgorithm: record; type SignatureAndHashAlgorithm: record;
type PSKIdentity: record;
module GLOBAL; module GLOBAL;

51
testing/btest/Baseline/scripts.base.protocols.ssl.tls-extension-events/.stdout
View file

@ -45,7 +45,7 @@ sha1, dsa
sha256, dsa sha256, dsa
sha384, dsa sha384, dsa
sha512, dsa sha512, dsa
supported_versions(, 192.168.6.240, 139.162.123.134 supported_versions, 192.168.6.240, 139.162.123.134
TLSv13-draft19 TLSv13-draft19
TLSv12 TLSv12
TLSv11 TLSv11
@ -78,7 +78,7 @@ sha1, dsa
sha256, dsa sha256, dsa
sha384, dsa sha384, dsa
sha512, dsa sha512, dsa
supported_versions(, 192.168.6.240, 139.162.123.134 supported_versions, 192.168.6.240, 139.162.123.134
TLSv13-draft19 TLSv13-draft19
TLSv12 TLSv12
TLSv11 TLSv11
@ -86,3 +86,50 @@ TLSv10
psk_key_exchange_modes, 192.168.6.240, 139.162.123.134 psk_key_exchange_modes, 192.168.6.240, 139.162.123.134
1 1
0 0
pre_shared_key client hello, 192.168.6.240, 139.162.123.134, [[identity=\x01\xf3\x88\x12\xae\xeb\x13\x01\xed]\xcf\x0b\x8f\xad\xf2\xc1I\x9f-\xfa\xe1\x98\x9f\xb7\x82@\x81Or\x0e\xbe\xfc\xa3\xbc\x8f\x03\x86\xf1\x8e\xae\xd7\xe5\xa2\xee\xf3\xde\xb7\xa5\xf6\\xeb\x18^ICPm!|\x09\xe0NE\xe8\x0f\xda\xf8\xf2\xa8s\x84\x17>\xe5\xd9!\x19\x09\xfe\xdb\xa87\x05\xd7\xd06JG\xeb\xad\xf9\xf8\x13?#\xdc\xe7J\xad\x14\xbfS.\x98\xd8\xd2r\x01\xef\xc5\x0c_\xdf\xc9[7\xa7l\xa7\xa0\xb5\xda\x83\x16\x10\xa1\xdb\xe2<j\xfeN=uU\xd3\xf3[\x021\xb1\xff\xcc\xbbZ\x1d\xab\x14=\xca\x80\x07!d\x06\xbe\xc6\x90\x94\x92S\xcfu\x8e\x92_/\xc9\xf0H\xf3\xd0\xfa\xeb\xb6&, obfuscated_ticket_age=1415540021]], [\xdcJ$\x00L\x12\x87\x929wEed\xbd\xf6\xcb4\x04ip5\x95\xe2X\xca[Kx}\xadHY\xae\xab\xedz\xb3\xcaK=\xa0\x09ER\x0a\x8dO\xe4]
pre_shared_key server hello, 192.168.6.240, 139.162.123.134, 0
Point formats, 192.168.178.80, 174.138.9.219, T
uncompressed
ansiX962_compressed_prime
ansiX962_compressed_char2
Curves, 192.168.178.80, 174.138.9.219
x25519
secp256r1
x448
secp521r1
secp384r1
signature_algorithm, 192.168.178.80, 174.138.9.219
sha256, ecdsa
sha384, ecdsa
sha512, ecdsa
Intrinsic, ed25519
Intrinsic, ed448
Intrinsic, rsa_pss_sha256
Intrinsic, rsa_pss_sha384
Intrinsic, rsa_pss_sha512
Intrinsic, rsa_pss_sha256
Intrinsic, rsa_pss_sha384
Intrinsic, rsa_pss_sha512
sha256, rsa
sha384, rsa
sha512, rsa
sha224, ecdsa
sha1, ecdsa
sha224, rsa
sha1, rsa
sha224, dsa
sha1, dsa
sha256, dsa
sha384, dsa
sha512, dsa
supported_versions, 192.168.178.80, 174.138.9.219
TLSv13
TLSv12
TLSv11
TLSv10
psk_key_exchange_modes, 192.168.178.80, 174.138.9.219
1
pre_shared_key client hello, 192.168.178.80, 174.138.9.219, [[identity=Client_identity, obfuscated_ticket_age=0]], [\xdbm7\xb6\xb9\xa3\xb29C\xb5\xa3\xa4\8\x95\x94o\x8d'\xd7\x99\x91R\xea\xcb\xa82\x9cb$e\xe9]
supported_versions, 192.168.178.80, 174.138.9.219
TLSv13
pre_shared_key server hello, 192.168.178.80, 174.138.9.219, 0

BIN
testing/btest/Traces/tls/tls13_psk_succesfull.pcap Normal file
View file

Binary file not shown.

14
testing/btest/scripts/base/protocols/ssl/tls-extension-events.test
View file

@ -1,5 +1,6 @@
# @TEST-EXEC: bro -C -r $TRACES/tls/chrome-34-google.trace %INPUT # @TEST-EXEC: bro -C -r $TRACES/tls/chrome-34-google.trace %INPUT
# @TEST-EXEC: bro -C -r $TRACES/tls/tls-13draft19-early-data.pcap %INPUT # @TEST-EXEC: bro -C -r $TRACES/tls/tls-13draft19-early-data.pcap %INPUT
# @TEST-EXEC: bro -C -r $TRACES/tls/tls13_psk_succesfull.pcap %INPUT
# @TEST-EXEC: btest-diff .stdout # @TEST-EXEC: btest-diff .stdout
event ssl_extension_elliptic_curves(c: connection, is_orig: bool, curves: index_vec) event ssl_extension_elliptic_curves(c: connection, is_orig: bool, curves: index_vec)
@ -37,7 +38,7 @@ event ssl_extension_signature_algorithm(c: connection, is_orig: bool, signature_
event ssl_extension_supported_versions(c: connection, is_orig: bool, versions: index_vec) event ssl_extension_supported_versions(c: connection, is_orig: bool, versions: index_vec)
{ {
print "supported_versions(", c$id$orig_h, c$id$resp_h; print "supported_versions", c$id$orig_h, c$id$resp_h;
for ( i in versions ) for ( i in versions )
print SSL::version_strings[versions[i]]; print SSL::version_strings[versions[i]];
} }
@ -48,3 +49,14 @@ event ssl_extension_psk_key_exchange_modes(c: connection, is_orig: bool, modes:
for ( i in modes ) for ( i in modes )
print modes[i]; print modes[i];
} }
event ssl_extension_pre_shared_key_client_hello(c: connection, is_orig: bool, identities: psk_identity_vec, binders: string_vec)
{
print "pre_shared_key client hello", c$id$orig_h, c$id$resp_h, identities, binders;
}
event ssl_extension_pre_shared_key_server_hello(c: connection, is_orig: bool, selected_identity: count)
{
print "pre_shared_key server hello", c$id$orig_h, c$id$resp_h, selected_identity;
}