diff --git a/CMakeLists.txt b/CMakeLists.txt index 5cd4024e75..2eeb7c2050 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1125,6 +1125,7 @@ set(NETDISSECT_SOURCE_LIST_C print-tftp.c print-timed.c print-tipc.c + print-tls.c print-token.c print-udld.c print-udp.c diff --git a/Makefile.in b/Makefile.in index 074263858a..75cc6269dc 100644 --- a/Makefile.in +++ b/Makefile.in @@ -234,6 +234,7 @@ LIBNETDISSECT_SRC=\ print-tftp.c \ print-timed.c \ print-tipc.c \ + print-tls.c \ print-token.c \ print-udld.c \ print-udp.c \ diff --git a/netdissect.h b/netdissect.h index 7800574e91..be1cf6da1f 100644 --- a/netdissect.h +++ b/netdissect.h @@ -746,6 +746,7 @@ extern void telnet_print(netdissect_options *, const u_char *, u_int); extern void tftp_print(netdissect_options *, const u_char *, u_int); extern void timed_print(netdissect_options *, const u_char *); extern void tipc_print(netdissect_options *, const u_char *, u_int, u_int); +extern void tls_print(netdissect_options *, const u_char *, u_int); extern u_int token_print(netdissect_options *, const u_char *, u_int, u_int); extern void udld_print(netdissect_options *, const u_char *, u_int); extern void udp_print(netdissect_options *, const u_char *, u_int, const u_char *, int, u_int); diff --git a/print-tcp.c b/print-tcp.c index d9ca4a34b9..ec8240f2e3 100644 --- a/print-tcp.c +++ b/print-tcp.c @@ -778,6 +778,9 @@ tcp_print(netdissect_options *ndo, } else if (IS_SRC_OR_DST_PORT(HTTP_PORT) || IS_SRC_OR_DST_PORT(HTTP_PORT_ALT)) { ND_PRINT(": "); http_print(ndo, bp, length); + } else if (IS_SRC_OR_DST_PORT(HTTPS_PORT)) { + ND_PRINT(": "); + tls_print(ndo, bp, length); } else if (IS_SRC_OR_DST_PORT(RTSP_PORT) || IS_SRC_OR_DST_PORT(RTSP_PORT_ALT)) { ND_PRINT(": "); rtsp_print(ndo, bp, length); diff --git a/print-tls.c b/print-tls.c new file mode 100644 index 0000000000..c3ed88e983 --- /dev/null +++ b/print-tls.c @@ -0,0 +1,1433 @@ +/* + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that: (1) source code + * distributions retain the above copyright notice and this paragraph + * in its entirety, and (2) distributions including binary code include + * the above copyright notice and this paragraph in its entirety in + * the documentation or other materials provided with the distribution. + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND + * WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT + * LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE. + */ + +/* \summary: Transport Layer Security (TLS) printer */ +/* + * specification: RFC-2246, RFC-4346, RFC-5246, RFC-8446, + * RFC-6066 (SNI), RFC-7301 + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include "netdissect-stdinc.h" + +#include "netdissect.h" +#include "extract.h" + +/* Generated from the following command: + * + * curl https://www.iana.org/assignments/tls-parameters/tls-parameters-4.csv \ + * | sed 's/\"//g' |grep -v Unassigned |grep -v Reserved | egrep "^0x" | sed 's/,0x//' \ + * | awk 'BEGIN {print "static const struct tok cipher_suites[] = {"} + * { split($0, a, ","); printf "#define %s %s\n { %s, \"%s\" },\n", a[2], a[1], a[2], a[2] } + * END { print " { 0, NULL }\n};" }' + * + * */ +static const struct tok cipher_suites[] = { +#define TLS_NULL_WITH_NULL_NULL 0x0000 + { TLS_NULL_WITH_NULL_NULL, "TLS_NULL_WITH_NULL_NULL" }, +#define TLS_RSA_WITH_NULL_MD5 0x0001 + { TLS_RSA_WITH_NULL_MD5, "TLS_RSA_WITH_NULL_MD5" }, +#define TLS_RSA_WITH_NULL_SHA 0x0002 + { TLS_RSA_WITH_NULL_SHA, "TLS_RSA_WITH_NULL_SHA" }, +#define TLS_RSA_EXPORT_WITH_RC4_40_MD5 0x0003 + { TLS_RSA_EXPORT_WITH_RC4_40_MD5, "TLS_RSA_EXPORT_WITH_RC4_40_MD5" }, +#define TLS_RSA_WITH_RC4_128_MD5 0x0004 + { TLS_RSA_WITH_RC4_128_MD5, "TLS_RSA_WITH_RC4_128_MD5" }, +#define TLS_RSA_WITH_RC4_128_SHA 0x0005 + { TLS_RSA_WITH_RC4_128_SHA, "TLS_RSA_WITH_RC4_128_SHA" }, +#define TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 0x0006 + { TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5" }, +#define TLS_RSA_WITH_IDEA_CBC_SHA 0x0007 + { TLS_RSA_WITH_IDEA_CBC_SHA, "TLS_RSA_WITH_IDEA_CBC_SHA" }, +#define TLS_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0008 + { TLS_RSA_EXPORT_WITH_DES40_CBC_SHA, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA" }, +#define TLS_RSA_WITH_DES_CBC_SHA 0x0009 + { TLS_RSA_WITH_DES_CBC_SHA, "TLS_RSA_WITH_DES_CBC_SHA" }, +#define TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x000A + { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_RSA_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA 0x000B + { TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA" }, +#define TLS_DH_DSS_WITH_DES_CBC_SHA 0x000C + { TLS_DH_DSS_WITH_DES_CBC_SHA, "TLS_DH_DSS_WITH_DES_CBC_SHA" }, +#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA 0x000D + { TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA 0x000E + { TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA" }, +#define TLS_DH_RSA_WITH_DES_CBC_SHA 0x000F + { TLS_DH_RSA_WITH_DES_CBC_SHA, "TLS_DH_RSA_WITH_DES_CBC_SHA" }, +#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA 0x0010 + { TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA 0x0011 + { TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA" }, +#define TLS_DHE_DSS_WITH_DES_CBC_SHA 0x0012 + { TLS_DHE_DSS_WITH_DES_CBC_SHA, "TLS_DHE_DSS_WITH_DES_CBC_SHA" }, +#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA 0x0013 + { TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0014 + { TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA" }, +#define TLS_DHE_RSA_WITH_DES_CBC_SHA 0x0015 + { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS_DHE_RSA_WITH_DES_CBC_SHA" }, +#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x0016 + { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 0x0017 + { TLS_DH_anon_EXPORT_WITH_RC4_40_MD5, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5" }, +#define TLS_DH_anon_WITH_RC4_128_MD5 0x0018 + { TLS_DH_anon_WITH_RC4_128_MD5, "TLS_DH_anon_WITH_RC4_128_MD5" }, +#define TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA 0x0019 + { TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA" }, +#define TLS_DH_anon_WITH_DES_CBC_SHA 0x001A + { TLS_DH_anon_WITH_DES_CBC_SHA, "TLS_DH_anon_WITH_DES_CBC_SHA" }, +#define TLS_DH_anon_WITH_3DES_EDE_CBC_SHA 0x001B + { TLS_DH_anon_WITH_3DES_EDE_CBC_SHA, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_KRB5_WITH_DES_CBC_SHA 0x001E + { TLS_KRB5_WITH_DES_CBC_SHA, "TLS_KRB5_WITH_DES_CBC_SHA" }, +#define TLS_KRB5_WITH_3DES_EDE_CBC_SHA 0x001F + { TLS_KRB5_WITH_3DES_EDE_CBC_SHA, "TLS_KRB5_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_KRB5_WITH_RC4_128_SHA 0x0020 + { TLS_KRB5_WITH_RC4_128_SHA, "TLS_KRB5_WITH_RC4_128_SHA" }, +#define TLS_KRB5_WITH_IDEA_CBC_SHA 0x0021 + { TLS_KRB5_WITH_IDEA_CBC_SHA, "TLS_KRB5_WITH_IDEA_CBC_SHA" }, +#define TLS_KRB5_WITH_DES_CBC_MD5 0x0022 + { TLS_KRB5_WITH_DES_CBC_MD5, "TLS_KRB5_WITH_DES_CBC_MD5" }, +#define TLS_KRB5_WITH_3DES_EDE_CBC_MD5 0x0023 + { TLS_KRB5_WITH_3DES_EDE_CBC_MD5, "TLS_KRB5_WITH_3DES_EDE_CBC_MD5" }, +#define TLS_KRB5_WITH_RC4_128_MD5 0x0024 + { TLS_KRB5_WITH_RC4_128_MD5, "TLS_KRB5_WITH_RC4_128_MD5" }, +#define TLS_KRB5_WITH_IDEA_CBC_MD5 0x0025 + { TLS_KRB5_WITH_IDEA_CBC_MD5, "TLS_KRB5_WITH_IDEA_CBC_MD5" }, +#define TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA 0x0026 + { TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA" }, +#define TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA 0x0027 + { TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA" }, +#define TLS_KRB5_EXPORT_WITH_RC4_40_SHA 0x0028 + { TLS_KRB5_EXPORT_WITH_RC4_40_SHA, "TLS_KRB5_EXPORT_WITH_RC4_40_SHA" }, +#define TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 0x0029 + { TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5" }, +#define TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 0x002A + { TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5" }, +#define TLS_KRB5_EXPORT_WITH_RC4_40_MD5 0x002B + { TLS_KRB5_EXPORT_WITH_RC4_40_MD5, "TLS_KRB5_EXPORT_WITH_RC4_40_MD5" }, +#define TLS_PSK_WITH_NULL_SHA 0x002C + { TLS_PSK_WITH_NULL_SHA, "TLS_PSK_WITH_NULL_SHA" }, +#define TLS_DHE_PSK_WITH_NULL_SHA 0x002D + { TLS_DHE_PSK_WITH_NULL_SHA, "TLS_DHE_PSK_WITH_NULL_SHA" }, +#define TLS_RSA_PSK_WITH_NULL_SHA 0x002E + { TLS_RSA_PSK_WITH_NULL_SHA, "TLS_RSA_PSK_WITH_NULL_SHA" }, +#define TLS_RSA_WITH_AES_128_CBC_SHA 0x002F + { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS_RSA_WITH_AES_128_CBC_SHA" }, +#define TLS_DH_DSS_WITH_AES_128_CBC_SHA 0x0030 + { TLS_DH_DSS_WITH_AES_128_CBC_SHA, "TLS_DH_DSS_WITH_AES_128_CBC_SHA" }, +#define TLS_DH_RSA_WITH_AES_128_CBC_SHA 0x0031 + { TLS_DH_RSA_WITH_AES_128_CBC_SHA, "TLS_DH_RSA_WITH_AES_128_CBC_SHA" }, +#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA 0x0032 + { TLS_DHE_DSS_WITH_AES_128_CBC_SHA, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA" }, +#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x0033 + { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" }, +#define TLS_DH_anon_WITH_AES_128_CBC_SHA 0x0034 + { TLS_DH_anon_WITH_AES_128_CBC_SHA, "TLS_DH_anon_WITH_AES_128_CBC_SHA" }, +#define TLS_RSA_WITH_AES_256_CBC_SHA 0x0035 + { TLS_RSA_WITH_AES_256_CBC_SHA, "TLS_RSA_WITH_AES_256_CBC_SHA" }, +#define TLS_DH_DSS_WITH_AES_256_CBC_SHA 0x0036 + { TLS_DH_DSS_WITH_AES_256_CBC_SHA, "TLS_DH_DSS_WITH_AES_256_CBC_SHA" }, +#define TLS_DH_RSA_WITH_AES_256_CBC_SHA 0x0037 + { TLS_DH_RSA_WITH_AES_256_CBC_SHA, "TLS_DH_RSA_WITH_AES_256_CBC_SHA" }, +#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA 0x0038 + { TLS_DHE_DSS_WITH_AES_256_CBC_SHA, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA" }, +#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x0039 + { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA" }, +#define TLS_DH_anon_WITH_AES_256_CBC_SHA 0x003A + { TLS_DH_anon_WITH_AES_256_CBC_SHA, "TLS_DH_anon_WITH_AES_256_CBC_SHA" }, +#define TLS_RSA_WITH_NULL_SHA256 0x003B + { TLS_RSA_WITH_NULL_SHA256, "TLS_RSA_WITH_NULL_SHA256" }, +#define TLS_RSA_WITH_AES_128_CBC_SHA256 0x003C + { TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS_RSA_WITH_AES_128_CBC_SHA256" }, +#define TLS_RSA_WITH_AES_256_CBC_SHA256 0x003D + { TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS_RSA_WITH_AES_256_CBC_SHA256" }, +#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256 0x003E + { TLS_DH_DSS_WITH_AES_128_CBC_SHA256, "TLS_DH_DSS_WITH_AES_128_CBC_SHA256" }, +#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256 0x003F + { TLS_DH_RSA_WITH_AES_128_CBC_SHA256, "TLS_DH_RSA_WITH_AES_128_CBC_SHA256" }, +#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 0x0040 + { TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256" }, +#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0041 + { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA" }, +#define TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x0042 + { TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA" }, +#define TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0043 + { TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA" }, +#define TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 0x0044 + { TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA" }, +#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0045 + { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA" }, +#define TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA 0x0046 + { TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA" }, +#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x0067 + { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" }, +#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256 0x0068 + { TLS_DH_DSS_WITH_AES_256_CBC_SHA256, "TLS_DH_DSS_WITH_AES_256_CBC_SHA256" }, +#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256 0x0069 + { TLS_DH_RSA_WITH_AES_256_CBC_SHA256, "TLS_DH_RSA_WITH_AES_256_CBC_SHA256" }, +#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 0x006A + { TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256" }, +#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x006B + { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" }, +#define TLS_DH_anon_WITH_AES_128_CBC_SHA256 0x006C + { TLS_DH_anon_WITH_AES_128_CBC_SHA256, "TLS_DH_anon_WITH_AES_128_CBC_SHA256" }, +#define TLS_DH_anon_WITH_AES_256_CBC_SHA256 0x006D + { TLS_DH_anon_WITH_AES_256_CBC_SHA256, "TLS_DH_anon_WITH_AES_256_CBC_SHA256" }, +#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x0084 + { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA" }, +#define TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x0085 + { TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA" }, +#define TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x0086 + { TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA" }, +#define TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x0087 + { TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA" }, +#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x0088 + { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA" }, +#define TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA 0x0089 + { TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA" }, +#define TLS_PSK_WITH_RC4_128_SHA 0x008A + { TLS_PSK_WITH_RC4_128_SHA, "TLS_PSK_WITH_RC4_128_SHA" }, +#define TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x008B + { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS_PSK_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_PSK_WITH_AES_128_CBC_SHA 0x008C + { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS_PSK_WITH_AES_128_CBC_SHA" }, +#define TLS_PSK_WITH_AES_256_CBC_SHA 0x008D + { TLS_PSK_WITH_AES_256_CBC_SHA, "TLS_PSK_WITH_AES_256_CBC_SHA" }, +#define TLS_DHE_PSK_WITH_RC4_128_SHA 0x008E + { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS_DHE_PSK_WITH_RC4_128_SHA" }, +#define TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x008F + { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x0090 + { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA" }, +#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x0091 + { TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA" }, +#define TLS_RSA_PSK_WITH_RC4_128_SHA 0x0092 + { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS_RSA_PSK_WITH_RC4_128_SHA" }, +#define TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x0093 + { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x0094 + { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA" }, +#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x0095 + { TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA" }, +#define TLS_RSA_WITH_SEED_CBC_SHA 0x0096 + { TLS_RSA_WITH_SEED_CBC_SHA, "TLS_RSA_WITH_SEED_CBC_SHA" }, +#define TLS_DH_DSS_WITH_SEED_CBC_SHA 0x0097 + { TLS_DH_DSS_WITH_SEED_CBC_SHA, "TLS_DH_DSS_WITH_SEED_CBC_SHA" }, +#define TLS_DH_RSA_WITH_SEED_CBC_SHA 0x0098 + { TLS_DH_RSA_WITH_SEED_CBC_SHA, "TLS_DH_RSA_WITH_SEED_CBC_SHA" }, +#define TLS_DHE_DSS_WITH_SEED_CBC_SHA 0x0099 + { TLS_DHE_DSS_WITH_SEED_CBC_SHA, "TLS_DHE_DSS_WITH_SEED_CBC_SHA" }, +#define TLS_DHE_RSA_WITH_SEED_CBC_SHA 0x009A + { TLS_DHE_RSA_WITH_SEED_CBC_SHA, "TLS_DHE_RSA_WITH_SEED_CBC_SHA" }, +#define TLS_DH_anon_WITH_SEED_CBC_SHA 0x009B + { TLS_DH_anon_WITH_SEED_CBC_SHA, "TLS_DH_anon_WITH_SEED_CBC_SHA" }, +#define TLS_RSA_WITH_AES_128_GCM_SHA256 0x009C + { TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS_RSA_WITH_AES_128_GCM_SHA256" }, +#define TLS_RSA_WITH_AES_256_GCM_SHA384 0x009D + { TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS_RSA_WITH_AES_256_GCM_SHA384" }, +#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x009E + { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" }, +#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x009F + { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" }, +#define TLS_DH_RSA_WITH_AES_128_GCM_SHA256 0x00A0 + { TLS_DH_RSA_WITH_AES_128_GCM_SHA256, "TLS_DH_RSA_WITH_AES_128_GCM_SHA256" }, +#define TLS_DH_RSA_WITH_AES_256_GCM_SHA384 0x00A1 + { TLS_DH_RSA_WITH_AES_256_GCM_SHA384, "TLS_DH_RSA_WITH_AES_256_GCM_SHA384" }, +#define TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 0x00A2 + { TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256" }, +#define TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 0x00A3 + { TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384" }, +#define TLS_DH_DSS_WITH_AES_128_GCM_SHA256 0x00A4 + { TLS_DH_DSS_WITH_AES_128_GCM_SHA256, "TLS_DH_DSS_WITH_AES_128_GCM_SHA256" }, +#define TLS_DH_DSS_WITH_AES_256_GCM_SHA384 0x00A5 + { TLS_DH_DSS_WITH_AES_256_GCM_SHA384, "TLS_DH_DSS_WITH_AES_256_GCM_SHA384" }, +#define TLS_DH_anon_WITH_AES_128_GCM_SHA256 0x00A6 + { TLS_DH_anon_WITH_AES_128_GCM_SHA256, "TLS_DH_anon_WITH_AES_128_GCM_SHA256" }, +#define TLS_DH_anon_WITH_AES_256_GCM_SHA384 0x00A7 + { TLS_DH_anon_WITH_AES_256_GCM_SHA384, "TLS_DH_anon_WITH_AES_256_GCM_SHA384" }, +#define TLS_PSK_WITH_AES_128_GCM_SHA256 0x00A8 + { TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS_PSK_WITH_AES_128_GCM_SHA256" }, +#define TLS_PSK_WITH_AES_256_GCM_SHA384 0x00A9 + { TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS_PSK_WITH_AES_256_GCM_SHA384" }, +#define TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0x00AA + { TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256" }, +#define TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0x00AB + { TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384" }, +#define TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0x00AC + { TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256" }, +#define TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0x00AD + { TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384" }, +#define TLS_PSK_WITH_AES_128_CBC_SHA256 0x00AE + { TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS_PSK_WITH_AES_128_CBC_SHA256" }, +#define TLS_PSK_WITH_AES_256_CBC_SHA384 0x00AF + { TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS_PSK_WITH_AES_256_CBC_SHA384" }, +#define TLS_PSK_WITH_NULL_SHA256 0x00B0 + { TLS_PSK_WITH_NULL_SHA256, "TLS_PSK_WITH_NULL_SHA256" }, +#define TLS_PSK_WITH_NULL_SHA384 0x00B1 + { TLS_PSK_WITH_NULL_SHA384, "TLS_PSK_WITH_NULL_SHA384" }, +#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0x00B2 + { TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256" }, +#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0x00B3 + { TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384" }, +#define TLS_DHE_PSK_WITH_NULL_SHA256 0x00B4 + { TLS_DHE_PSK_WITH_NULL_SHA256, "TLS_DHE_PSK_WITH_NULL_SHA256" }, +#define TLS_DHE_PSK_WITH_NULL_SHA384 0x00B5 + { TLS_DHE_PSK_WITH_NULL_SHA384, "TLS_DHE_PSK_WITH_NULL_SHA384" }, +#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0x00B6 + { TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256" }, +#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0x00B7 + { TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384" }, +#define TLS_RSA_PSK_WITH_NULL_SHA256 0x00B8 + { TLS_RSA_PSK_WITH_NULL_SHA256, "TLS_RSA_PSK_WITH_NULL_SHA256" }, +#define TLS_RSA_PSK_WITH_NULL_SHA384 0x00B9 + { TLS_RSA_PSK_WITH_NULL_SHA384, "TLS_RSA_PSK_WITH_NULL_SHA384" }, +#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x00BA + { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256" }, +#define TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x00BB + { TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256" }, +#define TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x00BC + { TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256" }, +#define TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x00BD + { TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256" }, +#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x00BE + { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256" }, +#define TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 0x00BF + { TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256" }, +#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x00C0 + { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256" }, +#define TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x00C1 + { TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256" }, +#define TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x00C2 + { TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256" }, +#define TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x00C3 + { TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256" }, +#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x00C4 + { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256" }, +#define TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 0x00C5 + { TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256" }, +#define TLS_SM4_GCM_SM3 0x00C6 + { TLS_SM4_GCM_SM3, "TLS_SM4_GCM_SM3" }, +#define TLS_SM4_CCM_SM3 0x00C7 + { TLS_SM4_CCM_SM3, "TLS_SM4_CCM_SM3" }, +#define TLS_EMPTY_RENEGOTIATION_INFO_SCSV 0x00FF + { TLS_EMPTY_RENEGOTIATION_INFO_SCSV, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV" }, +#define TLS_AES_128_GCM_SHA256 0x1301 + { TLS_AES_128_GCM_SHA256, "TLS_AES_128_GCM_SHA256" }, +#define TLS_AES_256_GCM_SHA384 0x1302 + { TLS_AES_256_GCM_SHA384, "TLS_AES_256_GCM_SHA384" }, +#define TLS_CHACHA20_POLY1305_SHA256 0x1303 + { TLS_CHACHA20_POLY1305_SHA256, "TLS_CHACHA20_POLY1305_SHA256" }, +#define TLS_AES_128_CCM_SHA256 0x1304 + { TLS_AES_128_CCM_SHA256, "TLS_AES_128_CCM_SHA256" }, +#define TLS_AES_128_CCM_8_SHA256 0x1305 + { TLS_AES_128_CCM_8_SHA256, "TLS_AES_128_CCM_8_SHA256" }, +#define TLS_FALLBACK_SCSV 0x5600 + { TLS_FALLBACK_SCSV, "TLS_FALLBACK_SCSV" }, +#define TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 + { TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS_ECDH_ECDSA_WITH_NULL_SHA" }, +#define TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002 + { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA" }, +#define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003 + { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 + { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA" }, +#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 + { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA" }, +#define TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 + { TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS_ECDHE_ECDSA_WITH_NULL_SHA" }, +#define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007 + { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA" }, +#define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008 + { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 + { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA" }, +#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A + { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA" }, +#define TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B + { TLS_ECDH_RSA_WITH_NULL_SHA, "TLS_ECDH_RSA_WITH_NULL_SHA" }, +#define TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C + { TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS_ECDH_RSA_WITH_RC4_128_SHA" }, +#define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D + { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E + { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA" }, +#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F + { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA" }, +#define TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 + { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS_ECDHE_RSA_WITH_NULL_SHA" }, +#define TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011 + { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS_ECDHE_RSA_WITH_RC4_128_SHA" }, +#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 + { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 + { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA" }, +#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 + { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA" }, +#define TLS_ECDH_anon_WITH_NULL_SHA 0xC015 + { TLS_ECDH_anon_WITH_NULL_SHA, "TLS_ECDH_anon_WITH_NULL_SHA" }, +#define TLS_ECDH_anon_WITH_RC4_128_SHA 0xC016 + { TLS_ECDH_anon_WITH_RC4_128_SHA, "TLS_ECDH_anon_WITH_RC4_128_SHA" }, +#define TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA 0xC017 + { TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_ECDH_anon_WITH_AES_128_CBC_SHA 0xC018 + { TLS_ECDH_anon_WITH_AES_128_CBC_SHA, "TLS_ECDH_anon_WITH_AES_128_CBC_SHA" }, +#define TLS_ECDH_anon_WITH_AES_256_CBC_SHA 0xC019 + { TLS_ECDH_anon_WITH_AES_256_CBC_SHA, "TLS_ECDH_anon_WITH_AES_256_CBC_SHA" }, +#define TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0xC01A + { TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA, "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0xC01B + { TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0xC01C + { TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_SRP_SHA_WITH_AES_128_CBC_SHA 0xC01D + { TLS_SRP_SHA_WITH_AES_128_CBC_SHA, "TLS_SRP_SHA_WITH_AES_128_CBC_SHA" }, +#define TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0xC01E + { TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA" }, +#define TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0xC01F + { TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA" }, +#define TLS_SRP_SHA_WITH_AES_256_CBC_SHA 0xC020 + { TLS_SRP_SHA_WITH_AES_256_CBC_SHA, "TLS_SRP_SHA_WITH_AES_256_CBC_SHA" }, +#define TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0xC021 + { TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA" }, +#define TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0xC022 + { TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA" }, +#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 + { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256" }, +#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 + { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" }, +#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025 + { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256" }, +#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026 + { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384" }, +#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 + { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" }, +#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 + { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" }, +#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029 + { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256" }, +#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A + { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384" }, +#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B + { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" }, +#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C + { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" }, +#define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D + { TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256" }, +#define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E + { TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384" }, +#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F + { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" }, +#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 + { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" }, +#define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 + { TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256" }, +#define TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 + { TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384" }, +#define TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033 + { TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS_ECDHE_PSK_WITH_RC4_128_SHA" }, +#define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034 + { TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA" }, +#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 + { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA" }, +#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036 + { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA" }, +#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037 + { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256" }, +#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038 + { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384" }, +#define TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039 + { TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS_ECDHE_PSK_WITH_NULL_SHA" }, +#define TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A + { TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS_ECDHE_PSK_WITH_NULL_SHA256" }, +#define TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B + { TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS_ECDHE_PSK_WITH_NULL_SHA384" }, +#define TLS_RSA_WITH_ARIA_128_CBC_SHA256 0xC03C + { TLS_RSA_WITH_ARIA_128_CBC_SHA256, "TLS_RSA_WITH_ARIA_128_CBC_SHA256" }, +#define TLS_RSA_WITH_ARIA_256_CBC_SHA384 0xC03D + { TLS_RSA_WITH_ARIA_256_CBC_SHA384, "TLS_RSA_WITH_ARIA_256_CBC_SHA384" }, +#define TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256 0xC03E + { TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256, "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256" }, +#define TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384 0xC03F + { TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384, "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384" }, +#define TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256 0xC040 + { TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256, "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256" }, +#define TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384 0xC041 + { TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384, "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384" }, +#define TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256 0xC042 + { TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256, "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256" }, +#define TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384 0xC043 + { TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384, "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384" }, +#define TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC044 + { TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256" }, +#define TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC045 + { TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384" }, +#define TLS_DH_anon_WITH_ARIA_128_CBC_SHA256 0xC046 + { TLS_DH_anon_WITH_ARIA_128_CBC_SHA256, "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256" }, +#define TLS_DH_anon_WITH_ARIA_256_CBC_SHA384 0xC047 + { TLS_DH_anon_WITH_ARIA_256_CBC_SHA384, "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384" }, +#define TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC048 + { TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256" }, +#define TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC049 + { TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384" }, +#define TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC04A + { TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256" }, +#define TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC04B + { TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384" }, +#define TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC04C + { TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256" }, +#define TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC04D + { TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384" }, +#define TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 0xC04E + { TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256" }, +#define TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 0xC04F + { TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384" }, +#define TLS_RSA_WITH_ARIA_128_GCM_SHA256 0xC050 + { TLS_RSA_WITH_ARIA_128_GCM_SHA256, "TLS_RSA_WITH_ARIA_128_GCM_SHA256" }, +#define TLS_RSA_WITH_ARIA_256_GCM_SHA384 0xC051 + { TLS_RSA_WITH_ARIA_256_GCM_SHA384, "TLS_RSA_WITH_ARIA_256_GCM_SHA384" }, +#define TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC052 + { TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256" }, +#define TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC053 + { TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384" }, +#define TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256 0xC054 + { TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256, "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256" }, +#define TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384 0xC055 + { TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384, "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384" }, +#define TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 0xC056 + { TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256, "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256" }, +#define TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 0xC057 + { TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384, "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384" }, +#define TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256 0xC058 + { TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256, "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256" }, +#define TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384 0xC059 + { TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384, "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384" }, +#define TLS_DH_anon_WITH_ARIA_128_GCM_SHA256 0xC05A + { TLS_DH_anon_WITH_ARIA_128_GCM_SHA256, "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256" }, +#define TLS_DH_anon_WITH_ARIA_256_GCM_SHA384 0xC05B + { TLS_DH_anon_WITH_ARIA_256_GCM_SHA384, "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384" }, +#define TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05C + { TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256" }, +#define TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05D + { TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384" }, +#define TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05E + { TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256" }, +#define TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05F + { TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384" }, +#define TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC060 + { TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256" }, +#define TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC061 + { TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384" }, +#define TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 0xC062 + { TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256" }, +#define TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 0xC063 + { TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384" }, +#define TLS_PSK_WITH_ARIA_128_CBC_SHA256 0xC064 + { TLS_PSK_WITH_ARIA_128_CBC_SHA256, "TLS_PSK_WITH_ARIA_128_CBC_SHA256" }, +#define TLS_PSK_WITH_ARIA_256_CBC_SHA384 0xC065 + { TLS_PSK_WITH_ARIA_256_CBC_SHA384, "TLS_PSK_WITH_ARIA_256_CBC_SHA384" }, +#define TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC066 + { TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256" }, +#define TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC067 + { TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384" }, +#define TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 0xC068 + { TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256" }, +#define TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 0xC069 + { TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384" }, +#define TLS_PSK_WITH_ARIA_128_GCM_SHA256 0xC06A + { TLS_PSK_WITH_ARIA_128_GCM_SHA256, "TLS_PSK_WITH_ARIA_128_GCM_SHA256" }, +#define TLS_PSK_WITH_ARIA_256_GCM_SHA384 0xC06B + { TLS_PSK_WITH_ARIA_256_GCM_SHA384, "TLS_PSK_WITH_ARIA_256_GCM_SHA384" }, +#define TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 0xC06C + { TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256" }, +#define TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 0xC06D + { TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384" }, +#define TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 0xC06E + { TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256" }, +#define TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 0xC06F + { TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384" }, +#define TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC070 + { TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256" }, +#define TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC071 + { TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384" }, +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 + { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256" }, +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 + { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384" }, +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074 + { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256" }, +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075 + { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384" }, +#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076 + { TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256" }, +#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077 + { TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384" }, +#define TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078 + { TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256" }, +#define TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079 + { TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384" }, +#define TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A + { TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256" }, +#define TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B + { TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384" }, +#define TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C + { TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256" }, +#define TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D + { TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384" }, +#define TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07E + { TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256" }, +#define TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07F + { TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384" }, +#define TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 0xC080 + { TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256, "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256" }, +#define TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 0xC081 + { TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384, "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384" }, +#define TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 0xC082 + { TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256, "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256" }, +#define TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 0xC083 + { TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384, "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384" }, +#define TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 0xC084 + { TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256, "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256" }, +#define TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 0xC085 + { TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384, "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384" }, +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086 + { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256" }, +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087 + { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384" }, +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088 + { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256" }, +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089 + { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384" }, +#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A + { TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256" }, +#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B + { TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384" }, +#define TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C + { TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256" }, +#define TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D + { TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384" }, +#define TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E + { TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256" }, +#define TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F + { TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384" }, +#define TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090 + { TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256" }, +#define TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091 + { TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384" }, +#define TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092 + { TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256" }, +#define TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093 + { TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384" }, +#define TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094 + { TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256" }, +#define TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095 + { TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384" }, +#define TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096 + { TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256" }, +#define TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097 + { TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384" }, +#define TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098 + { TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256" }, +#define TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099 + { TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384" }, +#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A + { TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256" }, +#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B + { TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384" }, +#define TLS_RSA_WITH_AES_128_CCM 0xC09C + { TLS_RSA_WITH_AES_128_CCM, "TLS_RSA_WITH_AES_128_CCM" }, +#define TLS_RSA_WITH_AES_256_CCM 0xC09D + { TLS_RSA_WITH_AES_256_CCM, "TLS_RSA_WITH_AES_256_CCM" }, +#define TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E + { TLS_DHE_RSA_WITH_AES_128_CCM, "TLS_DHE_RSA_WITH_AES_128_CCM" }, +#define TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F + { TLS_DHE_RSA_WITH_AES_256_CCM, "TLS_DHE_RSA_WITH_AES_256_CCM" }, +#define TLS_RSA_WITH_AES_128_CCM_8 0xC0A0 + { TLS_RSA_WITH_AES_128_CCM_8, "TLS_RSA_WITH_AES_128_CCM_8" }, +#define TLS_RSA_WITH_AES_256_CCM_8 0xC0A1 + { TLS_RSA_WITH_AES_256_CCM_8, "TLS_RSA_WITH_AES_256_CCM_8" }, +#define TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2 + { TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS_DHE_RSA_WITH_AES_128_CCM_8" }, +#define TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3 + { TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS_DHE_RSA_WITH_AES_256_CCM_8" }, +#define TLS_PSK_WITH_AES_128_CCM 0xC0A4 + { TLS_PSK_WITH_AES_128_CCM, "TLS_PSK_WITH_AES_128_CCM" }, +#define TLS_PSK_WITH_AES_256_CCM 0xC0A5 + { TLS_PSK_WITH_AES_256_CCM, "TLS_PSK_WITH_AES_256_CCM" }, +#define TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6 + { TLS_DHE_PSK_WITH_AES_128_CCM, "TLS_DHE_PSK_WITH_AES_128_CCM" }, +#define TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7 + { TLS_DHE_PSK_WITH_AES_256_CCM, "TLS_DHE_PSK_WITH_AES_256_CCM" }, +#define TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 + { TLS_PSK_WITH_AES_128_CCM_8, "TLS_PSK_WITH_AES_128_CCM_8" }, +#define TLS_PSK_WITH_AES_256_CCM_8 0xC0A9 + { TLS_PSK_WITH_AES_256_CCM_8, "TLS_PSK_WITH_AES_256_CCM_8" }, +#define TLS_PSK_DHE_WITH_AES_128_CCM_8 0xC0AA + { TLS_PSK_DHE_WITH_AES_128_CCM_8, "TLS_PSK_DHE_WITH_AES_128_CCM_8" }, +#define TLS_PSK_DHE_WITH_AES_256_CCM_8 0xC0AB + { TLS_PSK_DHE_WITH_AES_256_CCM_8, "TLS_PSK_DHE_WITH_AES_256_CCM_8" }, +#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC + { TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM" }, +#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD + { TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM" }, +#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE + { TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8" }, +#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF + { TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8" }, +#define TLS_ECCPWD_WITH_AES_128_GCM_SHA256 0xC0B0 + { TLS_ECCPWD_WITH_AES_128_GCM_SHA256, "TLS_ECCPWD_WITH_AES_128_GCM_SHA256" }, +#define TLS_ECCPWD_WITH_AES_256_GCM_SHA384 0xC0B1 + { TLS_ECCPWD_WITH_AES_256_GCM_SHA384, "TLS_ECCPWD_WITH_AES_256_GCM_SHA384" }, +#define TLS_ECCPWD_WITH_AES_128_CCM_SHA256 0xC0B2 + { TLS_ECCPWD_WITH_AES_128_CCM_SHA256, "TLS_ECCPWD_WITH_AES_128_CCM_SHA256" }, +#define TLS_ECCPWD_WITH_AES_256_CCM_SHA384 0xC0B3 + { TLS_ECCPWD_WITH_AES_256_CCM_SHA384, "TLS_ECCPWD_WITH_AES_256_CCM_SHA384" }, +#define TLS_SHA256_SHA256 0xC0B4 + { TLS_SHA256_SHA256, "TLS_SHA256_SHA256" }, +#define TLS_SHA384_SHA384 0xC0B5 + { TLS_SHA384_SHA384, "TLS_SHA384_SHA384" }, +#define TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC 0xC100 + { TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC, "TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC" }, +#define TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC 0xC101 + { TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC, "TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC" }, +#define TLS_GOSTR341112_256_WITH_28147_CNT_IMIT 0xC102 + { TLS_GOSTR341112_256_WITH_28147_CNT_IMIT, "TLS_GOSTR341112_256_WITH_28147_CNT_IMIT" }, +#define TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L 0xC103 + { TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L, "TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L" }, +#define TLS_GOSTR341112_256_WITH_MAGMA_MGM_L 0xC104 + { TLS_GOSTR341112_256_WITH_MAGMA_MGM_L, "TLS_GOSTR341112_256_WITH_MAGMA_MGM_L" }, +#define TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S 0xC105 + { TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S, "TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S" }, +#define TLS_GOSTR341112_256_WITH_MAGMA_MGM_S 0xC106 + { TLS_GOSTR341112_256_WITH_MAGMA_MGM_S, "TLS_GOSTR341112_256_WITH_MAGMA_MGM_S" }, +#define TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA8 + { TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256" }, +#define TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA9 + { TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256" }, +#define TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCAA + { TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256" }, +#define TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAB + { TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256" }, +#define TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAC + { TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256" }, +#define TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAD + { TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256" }, +#define TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAE + { TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256, "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256" }, +#define TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 0xD001 + { TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256, "TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256" }, +#define TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 0xD002 + { TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384" }, +#define TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256 0xD003 + { TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256, "TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256" }, +#define TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 0xD005 + { TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256, "TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256" }, + { 0, NULL } +}; + +/* TLS Extensions, derived from: + * + * curl https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values-1.csv \ + * | grep -v Reserved |grep -v Unassigned | egrep "^[0-9]" | sed 's/\"//g' \ + * | awk 'BEGIN {print "static const struct tok tls_extensions[] = {"} + * { split($0, a, ","); printf "#define TLS_EXTENSION_%s %s\n { TLS_EXTENSION_%s, \"%s\" },\n", toupper(a[2]), a[1], toupper(a[2]), a[2] } + * END { print " { 0, NULL }\n};" }' + * */ +static const struct tok tls_extensions[] = { +#define TLS_EXTENSION_SERVER_NAME 0 + { TLS_EXTENSION_SERVER_NAME, "server_name" }, +#define TLS_EXTENSION_MAX_FRAGMENT_LENGTH 1 + { TLS_EXTENSION_MAX_FRAGMENT_LENGTH, "max_fragment_length" }, +#define TLS_EXTENSION_CLIENT_CERTIFICATE_URL 2 + { TLS_EXTENSION_CLIENT_CERTIFICATE_URL, "client_certificate_url" }, +#define TLS_EXTENSION_TRUSTED_CA_KEYS 3 + { TLS_EXTENSION_TRUSTED_CA_KEYS, "trusted_ca_keys" }, +#define TLS_EXTENSION_TRUNCATED_HMAC 4 + { TLS_EXTENSION_TRUNCATED_HMAC, "truncated_hmac" }, +#define TLS_EXTENSION_STATUS_REQUEST 5 + { TLS_EXTENSION_STATUS_REQUEST, "status_request" }, +#define TLS_EXTENSION_USER_MAPPING 6 + { TLS_EXTENSION_USER_MAPPING, "user_mapping" }, +#define TLS_EXTENSION_CLIENT_AUTHZ 7 + { TLS_EXTENSION_CLIENT_AUTHZ, "client_authz" }, +#define TLS_EXTENSION_SERVER_AUTHZ 8 + { TLS_EXTENSION_SERVER_AUTHZ, "server_authz" }, +#define TLS_EXTENSION_CERT_TYPE 9 + { TLS_EXTENSION_CERT_TYPE, "cert_type" }, +#define TLS_EXTENSION_SUPPORTED_GROUPS 10 + { TLS_EXTENSION_SUPPORTED_GROUPS, "supported_groups (renamed from elliptic_curves)" }, +#define TLS_EXTENSION_EC_POINT_FORMATS 11 + { TLS_EXTENSION_EC_POINT_FORMATS, "ec_point_formats" }, +#define TLS_EXTENSION_SRP 12 + { TLS_EXTENSION_SRP, "srp" }, +#define TLS_EXTENSION_SIGNATURE_ALGORITHMS 13 + { TLS_EXTENSION_SIGNATURE_ALGORITHMS, "signature_algorithms" }, +#define TLS_EXTENSION_USE_SRTP 14 + { TLS_EXTENSION_USE_SRTP, "use_srtp" }, +#define TLS_EXTENSION_HEARTBEAT 15 + { TLS_EXTENSION_HEARTBEAT, "heartbeat" }, +#define TLS_EXTENSION_APPLICATION_LAYER_PROTOCOL_NEGOTIATION 16 + { TLS_EXTENSION_APPLICATION_LAYER_PROTOCOL_NEGOTIATION, "application_layer_protocol_negotiation" }, +#define TLS_EXTENSION_STATUS_REQUEST_V2 17 + { TLS_EXTENSION_STATUS_REQUEST_V2, "status_request_v2" }, +#define TLS_EXTENSION_SIGNED_CERTIFICATE_TIMESTAMP 18 + { TLS_EXTENSION_SIGNED_CERTIFICATE_TIMESTAMP, "signed_certificate_timestamp" }, +#define TLS_EXTENSION_CLIENT_CERTIFICATE_TYPE 19 + { TLS_EXTENSION_CLIENT_CERTIFICATE_TYPE, "client_certificate_type" }, +#define TLS_EXTENSION_SERVER_CERTIFICATE_TYPE 20 + { TLS_EXTENSION_SERVER_CERTIFICATE_TYPE, "server_certificate_type" }, +#define TLS_EXTENSION_PADDING 21 + { TLS_EXTENSION_PADDING, "padding" }, +#define TLS_EXTENSION_ENCRYPT_THEN_MAC 22 + { TLS_EXTENSION_ENCRYPT_THEN_MAC, "encrypt_then_mac" }, +#define TLS_EXTENSION_EXTENDED_MASTER_SECRET 23 + { TLS_EXTENSION_EXTENDED_MASTER_SECRET, "extended_master_secret" }, +#define TLS_EXTENSION_TOKEN_BINDING 24 + { TLS_EXTENSION_TOKEN_BINDING, "token_binding" }, +#define TLS_EXTENSION_CACHED_INFO 25 + { TLS_EXTENSION_CACHED_INFO, "cached_info" }, +#define TLS_EXTENSION_TLS_LTS 26 + { TLS_EXTENSION_TLS_LTS, "tls_lts" }, +#define TLS_EXTENSION_COMPRESS_CERTIFICATE 27 + { TLS_EXTENSION_COMPRESS_CERTIFICATE, "compress_certificate" }, +#define TLS_EXTENSION_RECORD_SIZE_LIMIT 28 + { TLS_EXTENSION_RECORD_SIZE_LIMIT, "record_size_limit" }, +#define TLS_EXTENSION_PWD_PROTECT 29 + { TLS_EXTENSION_PWD_PROTECT, "pwd_protect" }, +#define TLS_EXTENSION_PWD_CLEAR 30 + { TLS_EXTENSION_PWD_CLEAR, "pwd_clear" }, +#define TLS_EXTENSION_PASSWORD_SALT 31 + { TLS_EXTENSION_PASSWORD_SALT, "password_salt" }, +#define TLS_EXTENSION_TICKET_PINNING 32 + { TLS_EXTENSION_TICKET_PINNING, "ticket_pinning" }, +#define TLS_EXTENSION_TLS_CERT_WITH_EXTERN_PSK 33 + { TLS_EXTENSION_TLS_CERT_WITH_EXTERN_PSK, "tls_cert_with_extern_psk" }, +#define TLS_EXTENSION_DELEGATED_CREDENTIALS 34 + { TLS_EXTENSION_DELEGATED_CREDENTIALS, "delegated_credentials" }, +#define TLS_EXTENSION_SESSION_TICKET 35 + { TLS_EXTENSION_SESSION_TICKET, "session_ticket (renamed from SessionTicket TLS)" }, +#define TLS_EXTENSION_TLMSP 36 + { TLS_EXTENSION_TLMSP, "TLMSP" }, +#define TLS_EXTENSION_TLMSP_PROXYING 37 + { TLS_EXTENSION_TLMSP_PROXYING, "TLMSP_proxying" }, +#define TLS_EXTENSION_TLMSP_DELEGATE 38 + { TLS_EXTENSION_TLMSP_DELEGATE, "TLMSP_delegate" }, +#define TLS_EXTENSION_SUPPORTED_EKT_CIPHERS 39 + { TLS_EXTENSION_SUPPORTED_EKT_CIPHERS, "supported_ekt_ciphers" }, +#define TLS_EXTENSION_PRE_SHARED_KEY 41 + { TLS_EXTENSION_PRE_SHARED_KEY, "pre_shared_key" }, +#define TLS_EXTENSION_EARLY_DATA 42 + { TLS_EXTENSION_EARLY_DATA, "early_data" }, +#define TLS_EXTENSION_SUPPORTED_VERSIONS 43 + { TLS_EXTENSION_SUPPORTED_VERSIONS, "supported_versions" }, +#define TLS_EXTENSION_COOKIE 44 + { TLS_EXTENSION_COOKIE, "cookie" }, +#define TLS_EXTENSION_PSK_KEY_EXCHANGE_MODES 45 + { TLS_EXTENSION_PSK_KEY_EXCHANGE_MODES, "psk_key_exchange_modes" }, +#define TLS_EXTENSION_CERTIFICATE_AUTHORITIES 47 + { TLS_EXTENSION_CERTIFICATE_AUTHORITIES, "certificate_authorities" }, +#define TLS_EXTENSION_OID_FILTERS 48 + { TLS_EXTENSION_OID_FILTERS, "oid_filters" }, +#define TLS_EXTENSION_POST_HANDSHAKE_AUTH 49 + { TLS_EXTENSION_POST_HANDSHAKE_AUTH, "post_handshake_auth" }, +#define TLS_EXTENSION_SIGNATURE_ALGORITHMS_CERT 50 + { TLS_EXTENSION_SIGNATURE_ALGORITHMS_CERT, "signature_algorithms_cert" }, +#define TLS_EXTENSION_KEY_SHARE 51 + { TLS_EXTENSION_KEY_SHARE, "key_share" }, +#define TLS_EXTENSION_TRANSPARENCY_INFO 52 + { TLS_EXTENSION_TRANSPARENCY_INFO, "transparency_info" }, +#define TLS_EXTENSION_CONNECTION_ID_DEPRECATED 53 + { TLS_EXTENSION_CONNECTION_ID_DEPRECATED, "connection_id (deprecated)" }, +#define TLS_EXTENSION_CONNECTION_ID 54 + { TLS_EXTENSION_CONNECTION_ID, "connection_id" }, +#define TLS_EXTENSION_EXTERNAL_ID_HASH 55 + { TLS_EXTENSION_EXTERNAL_ID_HASH, "external_id_hash" }, +#define TLS_EXTENSION_EXTERNAL_SESSION_ID 56 + { TLS_EXTENSION_EXTERNAL_SESSION_ID, "external_session_id" }, +#define TLS_EXTENSION_QUIC_TRANSPORT_PARAMETERS 57 + { TLS_EXTENSION_QUIC_TRANSPORT_PARAMETERS, "quic_transport_parameters" }, +#define TLS_EXTENSION_TICKET_REQUEST 58 + { TLS_EXTENSION_TICKET_REQUEST, "ticket_request" }, +#define TLS_EXTENSION_DNSSEC_CHAIN 59 + { TLS_EXTENSION_DNSSEC_CHAIN, "dnssec_chain" }, +#define TLS_EXTENSION_RENEGOTIATION_INFO 65281 + { TLS_EXTENSION_RENEGOTIATION_INFO, "renegotiation_info" }, + { 0, NULL } +}; + +#define TLS_EXTENSION_SERVERNAME_NAME_TYPE_HOSTNAME 0 +#define TLS_EXTENSION_SERVERNAME_NAME_LIST_LENGTH 2 + +static const struct tok compression_methods[] = { + { 0, "NULL" }, + { 1, "DEFLATE" }, + { 0, NULL }, +}; + +#define PROTOCOL_VERSION_SSL_V3 0x0300 +#define PROTOCOL_VERSION_TLS_V1_0 0x0301 +#define PROTOCOL_VERSION_TLS_V1_1 0x0302 +#define PROTOCOL_VERSION_TLS_V1_2 0x0303 +#define PROTOCOL_VERSION_TLS_V1_3 0x0304 +typedef struct { + nd_uint8_t major; + nd_uint8_t minor; +} ProtocolVersion; + +#define TLS_RANDOM_BYTE_LENGTH 32 +#define MAX_SESSION_LENGTH 32 + +typedef struct { + ProtocolVersion client_version; + nd_byte random_bytes[TLS_RANDOM_BYTE_LENGTH]; + nd_uint8_t session_id_length; + + /* We don't know the size of the rest of the PDU */ + nd_byte the_rest[1]; +} ClientHello; + + +typedef struct { + ProtocolVersion client_version; + nd_byte random_bytes[TLS_RANDOM_BYTE_LENGTH]; + nd_uint8_t session_id_length; + + /* We don't know the size of the rest of the PDU */ + nd_byte the_rest[1]; +} ServerHello; + +static const struct tok handshake_types[] = { +#define HANDSHAKE_HELLO_REQUEST 0 + { HANDSHAKE_HELLO_REQUEST, "HelloRequest" }, +#define HANDSHAKE_CLIENT_HELLO 1 + { HANDSHAKE_CLIENT_HELLO, "ClientHello" }, +#define HANDSHAKE_SERVER_HELLO 2 + { HANDSHAKE_SERVER_HELLO, "ServerHello" }, +#define HANDSHAKE_NEW_SESSION_TICKET 4 + { HANDSHAKE_NEW_SESSION_TICKET, "NewSessionTicket" }, +#define HANDSHAKE_CERTIFICATE 11 + { HANDSHAKE_CERTIFICATE, "Certificate" }, +#define HANDSHAKE_SERVER_KEY_EXCHANGE 12 + { HANDSHAKE_SERVER_KEY_EXCHANGE, "ServerKeyExchange" }, +#define HANDSHAKE_CERTIFICATE_REQUEST 13 + { HANDSHAKE_CERTIFICATE_REQUEST, "CertificateRequest" }, +#define HANDSHAKE_SERVER_HELLO_DONE 14 + { HANDSHAKE_SERVER_HELLO_DONE, "ServerHelloDone" }, +#define HANDSHAKE_CERTIFICATE_VERIFY 15 + { HANDSHAKE_CERTIFICATE_VERIFY, "CertificateVerify" }, +#define HANDSHAKE_CLIENT_KEY_EXCHANGE 16 + { HANDSHAKE_CLIENT_KEY_EXCHANGE, "ClientKeyExchange" }, +#define HANDSHAKE_FINISHED 20 + { HANDSHAKE_FINISHED, "Finished" }, + { 0, NULL } +}; + +typedef enum { + ClientHelloType, + ServerHelloType, +} HelloType; + +typedef struct { + nd_uint8_t msg_type; + nd_uint24_t length; + union { + ClientHello client_hello; + ServerHello server_hello; + } body; +} HandshakeProtocol; + + +typedef struct { + nd_uint8_t alert_level; + nd_uint8_t alert_description; +} Alert; + +static const struct tok alert_levels[] = { +#define TLS_ALERT_LEVEL_WARNING 1 + { TLS_ALERT_LEVEL_WARNING, "warn"}, +#define TLS_ALERT_LEVEL_FATAL 2 + { TLS_ALERT_LEVEL_FATAL, "fatal" }, + { 0, NULL } +}; + + +static const struct tok alert_descriptions[] = { +#define TLS_ALERT_DESCRIPTION_CLOSE_NOTIFY 0 + { TLS_ALERT_DESCRIPTION_CLOSE_NOTIFY, "close_notify" }, +#define TLS_ALERT_DESCRIPTION_UNEXPECTED_MESSAGE 10 + { TLS_ALERT_DESCRIPTION_UNEXPECTED_MESSAGE, "unexpected_message" }, +#define TLS_ALERT_DESCRIPTION_BAD_RECORD_MAC 20 + { TLS_ALERT_DESCRIPTION_BAD_RECORD_MAC, "bad_record_mac" }, +#define TLS_ALERT_DESCRIPTION_DECRYPTION_FAILED_RESERVED 21 + { TLS_ALERT_DESCRIPTION_DECRYPTION_FAILED_RESERVED, "decryption_failed_RESERVED" }, +#define TLS_ALERT_DESCRIPTION_RECORD_OVERFLOW 22 + { TLS_ALERT_DESCRIPTION_RECORD_OVERFLOW, "record_overflow" }, +#define TLS_ALERT_DESCRIPTION_DECOMPRESSION_FAILURE 30 + { TLS_ALERT_DESCRIPTION_DECOMPRESSION_FAILURE, "decompression_failure" }, +#define TLS_ALERT_DESCRIPTION_HANDSHAKE_FAILURE 40 + { TLS_ALERT_DESCRIPTION_HANDSHAKE_FAILURE, "handshake_failure" }, +#define TLS_ALERT_DESCRIPTION_NO_CERTIFICATE_RESERVED 41 + { TLS_ALERT_DESCRIPTION_NO_CERTIFICATE_RESERVED, "no_certificate_RESERVED" }, +#define TLS_ALERT_DESCRIPTION_BAD_CERTIFICATE 42 + { TLS_ALERT_DESCRIPTION_BAD_CERTIFICATE, "bad_certificate" }, +#define TLS_ALERT_DESCRIPTION_UNSUPPORTED_CERTIFICATE 43 + { TLS_ALERT_DESCRIPTION_UNSUPPORTED_CERTIFICATE, "unsupported_certificate" }, +#define TLS_ALERT_DESCRIPTION_CERTIFICATE_REVOKED 44 + { TLS_ALERT_DESCRIPTION_CERTIFICATE_REVOKED, "certificate_revoked" }, +#define TLS_ALERT_DESCRIPTION_CERTIFICATE_EXPIRED 45 + { TLS_ALERT_DESCRIPTION_CERTIFICATE_EXPIRED, "certificate_expired" }, +#define TLS_ALERT_DESCRIPTION_CERTIFICATE_UNKNOWN 46 + { TLS_ALERT_DESCRIPTION_CERTIFICATE_UNKNOWN, "certificate_unknown" }, +#define TLS_ALERT_DESCRIPTION_ILLEGAL_PARAMETER 47 + { TLS_ALERT_DESCRIPTION_ILLEGAL_PARAMETER, "illegal_parameter" }, +#define TLS_ALERT_DESCRIPTION_UNKNOWN_CA 48 + { TLS_ALERT_DESCRIPTION_UNKNOWN_CA, "unknown_ca" }, +#define TLS_ALERT_DESCRIPTION_ACCESS_DENIED 49 + { TLS_ALERT_DESCRIPTION_ACCESS_DENIED, "access_denied" }, +#define TLS_ALERT_DESCRIPTION_DECODE_ERROR 50 + { TLS_ALERT_DESCRIPTION_DECODE_ERROR, "decode_error" }, +#define TLS_ALERT_DESCRIPTION_DECRYPT_ERROR 51 + { TLS_ALERT_DESCRIPTION_DECRYPT_ERROR, "decrypt_error" }, +#define TLS_ALERT_DESCRIPTION_EXPORT_RESTRICTION_RESERVED 52 + { TLS_ALERT_DESCRIPTION_EXPORT_RESTRICTION_RESERVED, "export_restriction_RESERVED" }, +#define TLS_ALERT_DESCRIPTION_PROTOCOL_VERSION 70 + { TLS_ALERT_DESCRIPTION_PROTOCOL_VERSION, "protocol_version" }, +#define TLS_ALERT_DESCRIPTION_INSUFFICIENT_SECURITY 71 + { TLS_ALERT_DESCRIPTION_INSUFFICIENT_SECURITY, "insufficient_security" }, +#define TLS_ALERT_DESCRIPTION_INTERNAL_ERROR 80 + { TLS_ALERT_DESCRIPTION_INTERNAL_ERROR, "internal_error" }, +#define TLS_ALERT_DESCRIPTION_USER_CANCELED 90 + { TLS_ALERT_DESCRIPTION_USER_CANCELED, "user_canceled" }, +#define TLS_ALERT_DESCRIPTION_NO_RENEGOTIATION 100 + { TLS_ALERT_DESCRIPTION_NO_RENEGOTIATION, "no_renegotiation" }, +#define TLS_ALERT_DESCRIPTION_UNSUPPORTED_EXTENSION 110 + { TLS_ALERT_DESCRIPTION_UNSUPPORTED_EXTENSION, "unsupported_extension" }, + { 0, NULL } +}; + +#define SIZE_OF_TLS_RECORD_HEADER 5 +struct TLSRecord { + nd_uint8_t content_type; + ProtocolVersion version; + nd_uint16_t length; + union { + HandshakeProtocol handshake_protocol; + Alert alert; + } fragment; +}; + +static const struct tok protocol_versions[] = { + { PROTOCOL_VERSION_SSL_V3, "SSLv3" }, + { PROTOCOL_VERSION_TLS_V1_0, "TLSv1.0" }, + { PROTOCOL_VERSION_TLS_V1_1, "TLSv1.1" }, + { PROTOCOL_VERSION_TLS_V1_2, "TLSv1.2" }, + { PROTOCOL_VERSION_TLS_V1_3, "TLSv1.3" }, + { 0, NULL } +}; + + +static const struct tok content_types[] = { +#define CONTENT_TYPE_CHANGE_CIPHER_SPEC 20 + { CONTENT_TYPE_CHANGE_CIPHER_SPEC, "ChangeCipherSpec" }, +#define CONTENT_TYPE_ALERT 21 + { CONTENT_TYPE_ALERT, "Alert" }, +#define CONTENT_TYPE_HANDSHAKE_PROTOCOL 22 + { CONTENT_TYPE_HANDSHAKE_PROTOCOL, "Handshake" }, +#define CONTENT_TYPE_APPLICATION_DATA 23 + { CONTENT_TYPE_APPLICATION_DATA, "ApplicationData" }, + { 0, NULL } +}; + +/* Helpers for this printer */ +#define VERBOSE_ANY (ndo->ndo_vflag) +#define VERBOSE (ndo->ndo_vflag == 1) +#define VERBOSE_VERY (ndo->ndo_vflag == 2) + +static int tok_exists(const struct tok *lp, u_int v) { + while (lp != NULL) { + if (lp->s == NULL) { + return 0; + } + if (lp->v == v) { + return 1; + } + lp++; + } + return 0; +} + +#define TRUNCATE 1 +#define DONT_TRUNCATE 0 +static void print_byte_array(netdissect_options *ndo, const uint8_t *bytes, uint length, int truncate) { + uint i; + + /* If it's small or we don't want to truncate, just print it out */ + if (length <= 8 || !truncate) { + for (i = 0; i < length; i++) { + ND_PRINT("%x", GET_U_1(bytes + i)); + } + return; + } + + /* Print first 4 bytes, ..., and last 4 bytes */ + for (i = 0; i < 4; i++) { + ND_PRINT("%x", GET_U_1(bytes + i)); + } + ND_PRINT("..."); + for (i = (length - 4); i < length; i++) { + ND_PRINT("%x", GET_U_1(bytes + i)); + } +} + +static void tls_print_extensions(netdissect_options *ndo, const nd_byte *buffer, uint length, HelloType helloType) { + uint offset = 0; + uint16_t extension_type, extension_length; + + while (offset < length) { + extension_type = GET_BE_U_2(buffer + offset); + offset += 2; + extension_length = GET_BE_U_2(buffer + offset); + offset += 2; + if (VERBOSE_VERY) { + ND_PRINT("\n\t\t %s, length: %d", tok2str(tls_extensions, "unknown TLS extension %d", extension_type), extension_length); + } + switch (extension_type) { + case TLS_EXTENSION_SERVER_NAME: + { + uint8_t sni_name_type; + uint16_t hostname_length; + size_t i; + + /* Theoretically, there can exist multiple ServerName records, however the current spec only has one + * name_type, and you can only have a single name_type per ServerNameList. For more, see + * https://datatracker.ietf.org/doc/html/rfc6066#section-3 */ + sni_name_type = GET_U_1(buffer + offset + TLS_EXTENSION_SERVERNAME_NAME_LIST_LENGTH); + if (sni_name_type != TLS_EXTENSION_SERVERNAME_NAME_TYPE_HOSTNAME) { + ND_PRINT("unknown SNI NameType %d", sni_name_type); + break; + } + hostname_length = GET_BE_U_2(buffer + offset + 2 + 1); + ND_PRINT(", name: "); + for (i = 0; i < hostname_length; i++) { + ND_PRINT("%c", GET_U_1(buffer + offset + 2 + 1 + 2 + i)); + } + break; + } + case TLS_EXTENSION_APPLICATION_LAYER_PROTOCOL_NEGOTIATION: + { + uint alpn_offset = 0, i; + uint16_t alpn_length = GET_BE_U_2(buffer + offset); + uint8_t alpn_string_length; + + ND_PRINT(" ["); + while (alpn_offset < alpn_length) { + alpn_string_length = GET_U_1(buffer + offset + 2 + alpn_offset); + alpn_offset += 1; + for (i = 0; i < alpn_string_length; i++) { + ND_PRINT("%c", GET_U_1(buffer + offset + 2 + alpn_offset + i)); + } + alpn_offset += alpn_string_length; + /* If this isn't the last protocol name, print a trailing comma */ + if (alpn_offset < alpn_length) { + ND_PRINT(","); + } + + } + ND_PRINT("]"); + break; + } + case TLS_EXTENSION_SUPPORTED_VERSIONS: + { + uint8_t supported_versions_length; + uint16_t client_version, supported_version; + int i; + + if (helloType == ClientHelloType) { + ND_PRINT(", versions: "); + supported_versions_length = GET_U_1(buffer + offset); + for (i = 0; i < supported_versions_length; i+=2) { + /* First supported version, we need to add a leading space */ + client_version = GET_BE_U_2(buffer + offset + 1 + i); + ND_PRINT("%s", tok2str(protocol_versions, "unknown TLS version (0x%x)", client_version)); + /* Don't leave a trailing comma */ + if (i < supported_versions_length - 2) { + ND_PRINT(","); + } + } + } else if (helloType == ServerHelloType) { + supported_version = GET_BE_U_2(buffer + offset); + ND_PRINT(", version: %s", tok2str(protocol_versions, "unknown TLS version (0x%x)", supported_version)); + } + } + default: + break; + } + offset += extension_length; + } +} + +static void tls_print_handshake_random(netdissect_options *ndo, const nd_byte *random) { + if (VERBOSE) { + ND_PRINT(" random: 0x"); + print_byte_array(ndo, random, TLS_RANDOM_BYTE_LENGTH, TRUNCATE); + } else if (VERBOSE_VERY) { + ND_PRINT("\n\t\trandom: 0x"); + print_byte_array(ndo, random, TLS_RANDOM_BYTE_LENGTH, DONT_TRUNCATE); + } +} + +static void tls_print_session_id(netdissect_options *ndo, uint8_t session_id_length, const nd_byte *session_id) { + + if (session_id_length > MAX_SESSION_LENGTH) { + ND_PRINT("invalid session length: %d", session_id_length); + return; + } + + if (VERBOSE) { + ND_PRINT(", session id: 0x"); + print_byte_array(ndo, session_id, session_id_length, TRUNCATE); + } else if (VERBOSE_VERY) { + ND_PRINT("\n\t\tsession id: 0x"); + print_byte_array(ndo, session_id, session_id_length, DONT_TRUNCATE); + } +} + +static inline uint16_t tls_get_version(netdissect_options *ndo, const ProtocolVersion *version) { + return (GET_U_1(version->major) << 8) | GET_U_1(version->minor); +} + +static void tls_print_handshake_client_hello(netdissect_options *ndo, const ClientHello *client_hello, uint32_t client_hello_length) { + uint8_t session_id_length, compression_method_length; + uint16_t client_version, cipher_suite_length, extensions_length; + size_t data_consumed_so_far, offset, i; + + client_version = tls_get_version(ndo, &client_hello->client_version); + if (VERBOSE_ANY) { + ND_PRINT(" client version: %s", tok2str(protocol_versions, "unknown TLS version (0x%x)", client_version)); + } + + tls_print_handshake_random(ndo, &client_hello->random_bytes[0]); + + session_id_length = GET_U_1(client_hello->session_id_length); + /* Offset to extra data in client_hello->the_rest[] */ + offset = 0; + if (session_id_length > 0) { + tls_print_session_id(ndo, session_id_length, client_hello->the_rest); + offset += session_id_length; + } + + /* Cipher suites */ + cipher_suite_length = GET_BE_U_2(client_hello->the_rest + offset); + if (cipher_suite_length < 2 || cipher_suite_length % 2 != 0) { + ND_PRINT("invalid cipher suite length: %d", cipher_suite_length); + return; + } + /* Cipher suite length */ + offset += 2; + if (VERBOSE) { + ND_PRINT(", %d cipher suites", cipher_suite_length / 2); + } else if (VERBOSE_VERY) { + ND_PRINT("\n\t\tcipher suites: %d", cipher_suite_length / 2); + for (i = 0; i < cipher_suite_length; i += 2) { + ND_PRINT("\n\t\t %s", tok2str(cipher_suites, "unknown cipher suite 0x%x", GET_BE_U_2(client_hello->the_rest + offset + i))); + } + } + offset += cipher_suite_length; + + /* Compression methods. This is always null in modern TLS version */ + compression_method_length = GET_U_1(client_hello->the_rest + offset); + offset += 1; + if (compression_method_length == 0) { + ND_PRINT("invalid compression method length: %d", compression_method_length); + return; + } + /* This is null for all modern use cases, so only print this out if we're very verbose */ + if (VERBOSE_VERY) { + ND_PRINT("\n\t\tcompression methods: length %d", compression_method_length); + for (i = 0; i < compression_method_length; i++) { + ND_PRINT(", %s", tok2str(compression_methods, "unknown compression method %d", GET_U_1(client_hello->the_rest + offset + i))); + } + } + offset += compression_method_length; + + /* Extensions */ + /* First, determine how much data we have printed/consumed. It's not very elegant as part of the hello is defined in the struct and part is dynamic */ + data_consumed_so_far = offset + sizeof(client_hello->client_version) + sizeof(client_hello->random_bytes) + sizeof(client_hello->session_id_length); + /* If there's more data in the request, that data is extensions */ + if (client_hello_length > data_consumed_so_far) { + extensions_length = GET_BE_U_2(client_hello->the_rest + offset); + offset += 2; + if (VERBOSE_VERY) { + ND_PRINT("\n\t\textensions length: %d", extensions_length); + } + tls_print_extensions(ndo, client_hello->the_rest + offset, extensions_length, ClientHelloType); + } +} + +static void tls_print_handshake_server_hello(netdissect_options *ndo, const ServerHello *server_hello, uint32_t server_hello_length) { + uint8_t session_id_length, compression_method; + uint16_t server_version, cipher_suite, extensions_length; + size_t data_consumed_so_far, offset; + + server_version = tls_get_version(ndo, &server_hello->client_version); + if (VERBOSE_ANY) { + ND_PRINT(" server version: %s", tok2str(protocol_versions, "unknown TLS version (0x%x)", server_version)); + } + + tls_print_handshake_random(ndo, &server_hello->random_bytes[0]); + + session_id_length = GET_U_1(server_hello->session_id_length); + /* Offset to extra data in client_hello->the_rest[] */ + offset = 0; + if (session_id_length > 0) { + tls_print_session_id(ndo, session_id_length, server_hello->the_rest); + offset += session_id_length; + } + + /* Cipher suite chosen */ + cipher_suite = GET_BE_U_2(server_hello->the_rest + offset); + offset += 2; + if (VERBOSE) { + ND_PRINT(", cipher %s", tok2str(cipher_suites, "unknown cipher 0x%x", cipher_suite)); + } else if (VERBOSE_VERY) { + ND_PRINT("\n\t\tcipher suite: %s", tok2str(cipher_suites, "unknown cipher 0x%x", cipher_suite)); + } + + /* Compression method. This is always null in modern TLS version */ + compression_method = GET_U_1(server_hello->the_rest + offset); + offset += 1; + /* This is null for all modern use cases, so only print this out if we're very verbose */ + if (VERBOSE_VERY) { + ND_PRINT("\n\t\tcompression method: %s", tok2str(compression_methods, "unknown compression method %d", compression_method)); + } + + /* Extensions */ + /* First, determine how much data we have printed/consumed. It's not very elegant as part of the hello is defined in the struct and part is dynamic */ + data_consumed_so_far = offset + sizeof(server_hello->client_version) + sizeof(server_hello->random_bytes) + sizeof(server_hello->session_id_length); + /* If there's more data in the request, that data is extensions */ + if (server_hello_length > data_consumed_so_far) { + extensions_length = GET_BE_U_2(server_hello->the_rest + offset); + offset += 2; + if (VERBOSE_VERY) { + ND_PRINT("\n\t\textensions length: %d", extensions_length); + } + tls_print_extensions(ndo, server_hello->the_rest + offset, extensions_length, ServerHelloType); + } +} + +static void tls_print_handshake_protocol(netdissect_options *ndo, const HandshakeProtocol *handshake) { + uint8_t handshake_type = GET_U_1(handshake->msg_type); + + /* Print out the handshake type. If it's an unknown handshake type, it's likely it's an encrypted handshake message */ + if (VERBOSE_ANY) { + ND_PRINT("\n\t %s", tok2str(handshake_types, "(likely encrypted)", handshake_type)); + } else { + ND_PRINT(" %s", tok2str(handshake_types, "(likely encrypted)", handshake_type)); + } + if (!tok_exists(handshake_types, handshake_type)) { + return; + } + + if (VERBOSE_VERY) { + ND_PRINT(" length: %d", GET_BE_U_3(handshake->length)); + } + + switch (handshake_type) { + case HANDSHAKE_HELLO_REQUEST: + return; + case HANDSHAKE_CLIENT_HELLO: + tls_print_handshake_client_hello(ndo, &handshake->body.client_hello, GET_BE_U_3(handshake->length)); + return; + case HANDSHAKE_SERVER_HELLO: + tls_print_handshake_server_hello(ndo, &handshake->body.server_hello, GET_BE_U_3(handshake->length)); + return; + default: + return; + } +} + +static void tls_print_alert(netdissect_options *ndo, const Alert *alert, uint16_t record_length) { + uint8_t alert_level, alert_description; + const char *alert_level_str, *alert_description_str; + + alert_level = GET_U_1(alert->alert_level); + alert_description = GET_U_1(alert->alert_description); + + /* We don't have state to know if we've completed a TLS handshake yet, so if alert records are not two bytes, + * we can assume they are encrypted, and (but probably not) compressed */ + if (record_length == 2) { + alert_level_str = tok2str(alert_levels, "unknown alert level(%d)", alert_level); + alert_description_str = tok2str(alert_descriptions, "unknown alert description(%d)", alert_description); + ND_PRINT(" %s: %s", alert_level_str, alert_description_str); + } else if (record_length < 2) { + nd_print_invalid(ndo); + } else { + ND_PRINT(" (likely encrypted)"); + } +} + +void tls_print(netdissect_options *ndo, const u_char *bp, u_int len) { + const struct TLSRecord *record; + uint8_t content_type; + uint16_t protocol_version, record_length; + u_int offset = 0; + + ndo->ndo_protocol = "tls"; + nd_print_protocol_caps(ndo); + + while (offset < len) { + record = (const struct TLSRecord *) (bp + offset); + content_type = GET_U_1(record->content_type); + + if (VERBOSE_ANY) { + ND_PRINT("\n\t%s", tok2str(content_types, "TLS Fragment or unknown record type(%d)", content_type)); + } else { + ND_PRINT(" %s", tok2str(content_types, "TLS Fragment or unknown record type(%d)", content_type)); + } + if (!tok_exists(content_types, content_type)) { + return; + } + + protocol_version = tls_get_version(ndo, &record->version); + ND_PRINT(" %s", tok2str(protocol_versions, "unknown TLS version (0x%x)", protocol_version)); + + record_length = GET_BE_U_2(record->length); + if (VERBOSE_ANY) { + ND_PRINT(", length: %u", record_length); + } + offset += SIZE_OF_TLS_RECORD_HEADER; + + + switch (content_type) { + case CONTENT_TYPE_HANDSHAKE_PROTOCOL: + tls_print_handshake_protocol(ndo, &record->fragment.handshake_protocol); + break; + case CONTENT_TYPE_ALERT: + tls_print_alert(ndo, &record->fragment.alert, record_length); + break; + default: + break; + } + offset += record_length; + /* Trailing comma if we have more records */ + if (!VERBOSE_ANY && offset < len) { + ND_PRINT(","); + } + } + + +} diff --git a/tcp.h b/tcp.h index a4c28b61c2..02aaf231e1 100644 --- a/tcp.h +++ b/tcp.h @@ -122,6 +122,9 @@ extern const struct tok tcp_flag_values[]; #ifndef RPKI_RTR_PORT #define RPKI_RTR_PORT 323 #endif +#ifndef HTTPS_PORT +#define HTTPS_PORT 443 +#endif #ifndef SMB_PORT #define SMB_PORT 445 #endif diff --git a/tests/TESTLIST b/tests/TESTLIST index 51cd519316..5fc2215e96 100644 --- a/tests/TESTLIST +++ b/tests/TESTLIST @@ -897,3 +897,10 @@ quic_handshake quic_handshake.pcap quic_handshake.out -v quic_handshake_truncated quic_handshake_truncated.pcap quic_handshake_truncated.out -v quic_retry quic_retry.pcap quic_retry.out -v gquic gquic.pcap gquic.out -v + +# TLS Tests +tls-13-https tls-1.3-https.pcap tls-1.3-https.out +tls-13-https-v tls-1.3-https.pcap tls-1.3-https-v.out -v +tls-13-https-vv tls-1.3-https.pcap tls-1.3-https-vv.out -vv +tls-trunc tls-trunc.pcap tls-trunc.out -vv +tls-10-unencrypted-alert tls-v1.0-alert.pcap tls-v1.0-alert.out -vv \ No newline at end of file diff --git a/tests/tls-1.3-https-v.out b/tests/tls-1.3-https-v.out new file mode 100644 index 0000000000..bebac99917 --- /dev/null +++ b/tests/tls-1.3-https-v.out @@ -0,0 +1,107 @@ + 1 08:46:29.784434 IP (tos 0x0, ttl 64, id 51353, offset 0, flags [DF], proto TCP (6), length 60) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [S], cksum 0xfde5 (correct), seq 4032104602, win 64240, options [mss 1460,sackOK,TS val 349023283 ecr 0,nop,wscale 7], length 0 + 2 08:46:30.067408 IP (tos 0x0, ttl 54, id 30546, offset 0, flags [none], proto TCP (6), length 60) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [S.], cksum 0xf796 (correct), seq 1112285027, ack 4032104603, win 65535, options [mss 1460,sackOK,TS val 2452491599 ecr 349023283,nop,wscale 9], length 0 + 3 08:46:30.067546 IP (tos 0x0, ttl 64, id 51354, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], cksum 0x2354 (correct), ack 1, win 502, options [nop,nop,TS val 349023566 ecr 2452491599], length 0 + 4 08:46:30.078638 IP (tos 0x0, ttl 64, id 51355, offset 0, flags [DF], proto TCP (6), length 569) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], cksum 0xb803 (correct), seq 1:518, ack 1, win 502, options [nop,nop,TS val 349023577 ecr 2452491599], length 517: TLS + Handshake TLSv1.0, length: 512 + ClientHello client version: TLSv1.2 random: 0xf32bab8e...94c2e6f4, session id: 0x33a54bb5...33e5a0da, 36 cipher suites, name: example.com [h2,http/1.1], versions: TLSv1.3,TLSv1.2 + 5 08:46:30.272139 IP (tos 0x0, ttl 54, id 30570, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0x2197 (correct), ack 518, win 131, options [nop,nop,TS val 2452491887 ecr 349023577], length 0 + 6 08:46:30.272202 IP (tos 0x0, ttl 54, id 30571, offset 0, flags [none], proto TCP (6), length 151) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], cksum 0x3f2e (correct), seq 1:100, ack 518, win 131, options [nop,nop,TS val 2452491887 ecr 349023577], length 99: TLS + Handshake TLSv1.2, length: 88 + ServerHello server version: TLSv1.2 random: 0xcf21ad74...c8a8339c, session id: 0x33a54bb5...33e5a0da, cipher TLS_AES_256_GCM_SHA384, version: TLSv1.3 + ChangeCipherSpec TLSv1.2, length: 1 + 7 08:46:30.272271 IP (tos 0x0, ttl 64, id 51356, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], cksum 0x1eff (correct), ack 100, win 502, options [nop,nop,TS val 349023771 ecr 2452491887], length 0 + 8 08:46:30.272922 IP (tos 0x0, ttl 64, id 51357, offset 0, flags [DF], proto TCP (6), length 575) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], cksum 0x601a (correct), seq 518:1041, ack 100, win 502, options [nop,nop,TS val 349023772 ecr 2452491887], length 523: TLS + ChangeCipherSpec TLSv1.2, length: 1 + Handshake TLSv1.2, length: 512 + ClientHello client version: TLSv1.2 random: 0xf32bab8e...94c2e6f4, session id: 0x33a54bb5...33e5a0da, 36 cipher suites, name: example.com [h2,http/1.1], versions: TLSv1.3,TLSv1.2 + 9 08:46:30.477422 IP (tos 0x0, ttl 54, id 30618, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0x1da0 (correct), ack 1041, win 133, options [nop,nop,TS val 2452492083 ecr 349023772], length 0 + 10 08:46:30.477486 IP (tos 0x0, ttl 54, id 30619, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0x1da0 (correct), ack 1041, win 133, options [nop,nop,TS val 2452492083 ecr 349023772], length 0 + 11 08:46:30.477497 IP (tos 0x0, ttl 54, id 30620, offset 0, flags [none], proto TCP (6), length 2948) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], cksum 0x707b (correct), seq 100:2996, ack 1041, win 133, options [nop,nop,TS val 2452492084 ecr 349023772], length 2896: TLS + Handshake TLSv1.2, length: 155 + ServerHello server version: TLSv1.2 random: 0xb46c4b7c...15efc18f, session id: 0x33a54bb5...33e5a0da, cipher TLS_AES_256_GCM_SHA384, version: TLSv1.3 + ApplicationData TLSv1.2, length: 32 + ApplicationData TLSv1.2, length: 3120 + 12 08:46:30.477525 IP (tos 0x0, ttl 64, id 51358, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], cksum 0x1028 (correct), ack 2996, win 480, options [nop,nop,TS val 349023976 ecr 2452492084], length 0 + 13 08:46:30.477582 IP (tos 0x0, ttl 54, id 30622, offset 0, flags [none], proto TCP (6), length 838) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], cksum 0x174a (correct), seq 2996:3782, ack 1041, win 133, options [nop,nop,TS val 2452492084 ecr 349023772], length 786: TLS + TLS Fragment or unknown record type(231) + 14 08:46:30.477611 IP (tos 0x0, ttl 64, id 51359, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], cksum 0x0d1c (correct), ack 3782, win 474, options [nop,nop,TS val 349023976 ecr 2452492084], length 0 + 15 08:46:30.480046 IP (tos 0x0, ttl 64, id 51360, offset 0, flags [DF], proto TCP (6), length 126) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], cksum 0xab78 (correct), seq 1041:1115, ack 3782, win 501, options [nop,nop,TS val 349023979 ecr 2452492084], length 74: TLS + ApplicationData TLSv1.2, length: 69 + 16 08:46:30.480350 IP (tos 0x0, ttl 64, id 51361, offset 0, flags [DF], proto TCP (6), length 147) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], cksum 0x7cda (correct), seq 1115:1210, ack 3782, win 501, options [nop,nop,TS val 349023979 ecr 2452492084], length 95: TLS + ApplicationData TLSv1.2, length: 41 + ApplicationData TLSv1.2, length: 44 + 17 08:46:30.480450 IP (tos 0x0, ttl 64, id 51362, offset 0, flags [DF], proto TCP (6), length 87) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], cksum 0xdd52 (correct), seq 1210:1245, ack 3782, win 501, options [nop,nop,TS val 349023979 ecr 2452492084], length 35: TLS + ApplicationData TLSv1.2, length: 30 + 18 08:46:30.480775 IP (tos 0x0, ttl 64, id 51363, offset 0, flags [DF], proto TCP (6), length 111) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], cksum 0xf6ed (correct), seq 1245:1304, ack 3782, win 501, options [nop,nop,TS val 349023979 ecr 2452492084], length 59: TLS + ApplicationData TLSv1.2, length: 54 + 19 08:46:30.681894 IP (tos 0x0, ttl 54, id 30658, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0x0d55 (correct), ack 1115, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 0 + 20 08:46:30.681957 IP (tos 0x0, ttl 54, id 30659, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0x0cf6 (correct), ack 1210, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 0 + 21 08:46:30.681968 IP (tos 0x0, ttl 54, id 30660, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0x0cd3 (correct), ack 1245, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 0 + 22 08:46:30.681976 IP (tos 0x0, ttl 54, id 30661, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0x0c98 (correct), ack 1304, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 0 + 23 08:46:30.681985 IP (tos 0x0, ttl 54, id 30662, offset 0, flags [none], proto TCP (6), length 307) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], cksum 0x86cc (correct), seq 3782:4037, ack 1304, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 255: TLS + ApplicationData TLSv1.2, length: 250 + 24 08:46:30.682014 IP (tos 0x0, ttl 64, id 51364, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], cksum 0x0960 (correct), ack 4037, win 500, options [nop,nop,TS val 349024181 ecr 2452492291], length 0 + 25 08:46:30.682072 IP (tos 0x0, ttl 54, id 30663, offset 0, flags [none], proto TCP (6), length 307) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], cksum 0x8399 (correct), seq 4037:4292, ack 1304, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 255: TLS + ApplicationData TLSv1.2, length: 250 + 26 08:46:30.682095 IP (tos 0x0, ttl 64, id 51365, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], cksum 0x0862 (correct), ack 4292, win 499, options [nop,nop,TS val 349024181 ecr 2452492291], length 0 + 27 08:46:30.682109 IP (tos 0x0, ttl 54, id 30664, offset 0, flags [none], proto TCP (6), length 179) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], cksum 0x79ee (correct), seq 4292:4419, ack 1304, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 127: TLS + ApplicationData TLSv1.2, length: 56 + ApplicationData TLSv1.2, length: 26 + ApplicationData TLSv1.2, length: 30 + 28 08:46:30.682128 IP (tos 0x0, ttl 64, id 51366, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], cksum 0x07e3 (correct), ack 4419, win 499, options [nop,nop,TS val 349024181 ecr 2452492291], length 0 + 29 08:46:30.682139 IP (tos 0x0, ttl 54, id 30665, offset 0, flags [none], proto TCP (6), length 1567) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], cksum 0x91ad (correct), seq 4419:5934, ack 1304, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 1515: TLS + ApplicationData TLSv1.2, length: 201 + ApplicationData TLSv1.2, length: 26 + ApplicationData TLSv1.2, length: 1273 + 30 08:46:30.682156 IP (tos 0x0, ttl 64, id 51367, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], cksum 0x0203 (correct), ack 5934, win 488, options [nop,nop,TS val 349024181 ecr 2452492291], length 0 + 31 08:46:30.682608 IP (tos 0x0, ttl 64, id 51368, offset 0, flags [DF], proto TCP (6), length 83) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], cksum 0xb77e (correct), seq 1304:1335, ack 5934, win 488, options [nop,nop,TS val 349024181 ecr 2452492291], length 31: TLS + ApplicationData TLSv1.2, length: 26 + 32 08:46:30.683272 IP (tos 0x0, ttl 64, id 51369, offset 0, flags [DF], proto TCP (6), length 76) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], cksum 0x3d21 (correct), seq 1335:1359, ack 5934, win 501, options [nop,nop,TS val 349024182 ecr 2452492291], length 24: TLS + ApplicationData TLSv1.2, length: 19 + 33 08:46:30.685033 IP (tos 0x0, ttl 64, id 51370, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [F.], cksum 0x01bb (correct), seq 1359, ack 5934, win 501, options [nop,nop,TS val 349024184 ecr 2452492291], length 0 + 34 08:46:30.886272 IP (tos 0x0, ttl 54, id 30713, offset 0, flags [none], proto TCP (6), length 64) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0xcfe1 (correct), ack 1335, win 133, options [nop,nop,TS val 2452492498 ecr 349024181,nop,nop,sack 1 {1359:1360}], length 0 + 35 08:46:30.886345 IP (tos 0x0, ttl 54, id 30714, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0x025e (correct), ack 1360, win 133, options [nop,nop,TS val 2452492498 ecr 349024182], length 0 + 36 08:46:30.886407 IP (tos 0x0, ttl 54, id 30715, offset 0, flags [none], proto TCP (6), length 76) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], cksum 0xfa6b (correct), seq 5934:5958, ack 1360, win 133, options [nop,nop,TS val 2452492498 ecr 349024182], length 24: TLS + ApplicationData TLSv1.2, length: 19 + 37 08:46:30.886452 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [R], cksum 0x1c68 (correct), seq 4032105962, win 0, length 0 + 38 08:46:30.886494 IP (tos 0x0, ttl 54, id 30716, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [F.], cksum 0x0245 (correct), seq 5958, ack 1360, win 133, options [nop,nop,TS val 2452492498 ecr 349024182], length 0 + 39 08:46:30.886512 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [R], cksum 0x1c68 (correct), seq 4032105962, win 0, length 0 diff --git a/tests/tls-1.3-https-vv.out b/tests/tls-1.3-https-vv.out new file mode 100644 index 0000000000..77eef8d54e --- /dev/null +++ b/tests/tls-1.3-https-vv.out @@ -0,0 +1,229 @@ + 1 08:46:29.784434 IP (tos 0x0, ttl 64, id 51353, offset 0, flags [DF], proto TCP (6), length 60) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [S], cksum 0xfde5 (correct), seq 4032104602, win 64240, options [mss 1460,sackOK,TS val 349023283 ecr 0,nop,wscale 7], length 0 + 2 08:46:30.067408 IP (tos 0x0, ttl 54, id 30546, offset 0, flags [none], proto TCP (6), length 60) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [S.], cksum 0xf796 (correct), seq 1112285027, ack 4032104603, win 65535, options [mss 1460,sackOK,TS val 2452491599 ecr 349023283,nop,wscale 9], length 0 + 3 08:46:30.067546 IP (tos 0x0, ttl 64, id 51354, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], cksum 0x2354 (correct), seq 1, ack 1, win 502, options [nop,nop,TS val 349023566 ecr 2452491599], length 0 + 4 08:46:30.078638 IP (tos 0x0, ttl 64, id 51355, offset 0, flags [DF], proto TCP (6), length 569) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], cksum 0xb803 (correct), seq 1:518, ack 1, win 502, options [nop,nop,TS val 349023577 ecr 2452491599], length 517: TLS + Handshake TLSv1.0, length: 512 + ClientHello length: 508 client version: TLSv1.2 + random: 0xf32bab8eabbe9aedaf7feacdc69f4c6e9c845e08d67ce2328c3549194c2e6f4 + session id: 0x33a54bb56c19cfd71e5f1ccb8c2f41ac4f934133efc271c9b3f2489333e5a0da + cipher suites: 36 + TLS_AES_256_GCM_SHA384 + TLS_CHACHA20_POLY1305_SHA256 + TLS_AES_128_GCM_SHA256 + TLS_AES_128_CCM_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 + TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_256_CCM + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_128_CCM + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + TLS_RSA_WITH_AES_256_GCM_SHA384 + TLS_RSA_WITH_AES_256_CCM + TLS_RSA_WITH_AES_128_GCM_SHA256 + TLS_RSA_WITH_AES_128_CCM + TLS_RSA_WITH_AES_256_CBC_SHA256 + TLS_RSA_WITH_AES_128_CBC_SHA256 + TLS_RSA_WITH_AES_256_CBC_SHA + TLS_RSA_WITH_AES_128_CBC_SHA + TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + TLS_DHE_RSA_WITH_AES_256_CCM + TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + TLS_DHE_RSA_WITH_AES_128_CCM + TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + TLS_EMPTY_RENEGOTIATION_INFO_SCSV + compression methods: length 1, NULL + extensions length: 363 + server_name, length: 16, name: example.com + ec_point_formats, length: 4 + supported_groups (renamed from elliptic_curves), length: 12 + unknown TLS extension 13172, length: 0 + application_layer_protocol_negotiation, length: 14 [h2,http/1.1] + encrypt_then_mac, length: 0 + extended_master_secret, length: 0 + post_handshake_auth, length: 0 + signature_algorithms, length: 34 + supported_versions, length: 5, versions: TLSv1.3,TLSv1.2 + psk_key_exchange_modes, length: 2 + key_share, length: 38 + padding, length: 186 + 5 08:46:30.272139 IP (tos 0x0, ttl 54, id 30570, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0x2197 (correct), seq 1, ack 518, win 131, options [nop,nop,TS val 2452491887 ecr 349023577], length 0 + 6 08:46:30.272202 IP (tos 0x0, ttl 54, id 30571, offset 0, flags [none], proto TCP (6), length 151) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], cksum 0x3f2e (correct), seq 1:100, ack 518, win 131, options [nop,nop,TS val 2452491887 ecr 349023577], length 99: TLS + Handshake TLSv1.2, length: 88 + ServerHello length: 84 server version: TLSv1.2 + random: 0xcf21ad74e59a6111be1d8c21e65b891c2a211167abb8c5e79e9e2c8a8339c + session id: 0x33a54bb56c19cfd71e5f1ccb8c2f41ac4f934133efc271c9b3f2489333e5a0da + cipher suite: TLS_AES_256_GCM_SHA384 + compression method: NULL + extensions length: 12 + supported_versions, length: 2, version: TLSv1.3 + key_share, length: 2 + ChangeCipherSpec TLSv1.2, length: 1 + 7 08:46:30.272271 IP (tos 0x0, ttl 64, id 51356, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], cksum 0x1eff (correct), seq 518, ack 100, win 502, options [nop,nop,TS val 349023771 ecr 2452491887], length 0 + 8 08:46:30.272922 IP (tos 0x0, ttl 64, id 51357, offset 0, flags [DF], proto TCP (6), length 575) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], cksum 0x601a (correct), seq 518:1041, ack 100, win 502, options [nop,nop,TS val 349023772 ecr 2452491887], length 523: TLS + ChangeCipherSpec TLSv1.2, length: 1 + Handshake TLSv1.2, length: 512 + ClientHello length: 508 client version: TLSv1.2 + random: 0xf32bab8eabbe9aedaf7feacdc69f4c6e9c845e08d67ce2328c3549194c2e6f4 + session id: 0x33a54bb56c19cfd71e5f1ccb8c2f41ac4f934133efc271c9b3f2489333e5a0da + cipher suites: 36 + TLS_AES_256_GCM_SHA384 + TLS_CHACHA20_POLY1305_SHA256 + TLS_AES_128_GCM_SHA256 + TLS_AES_128_CCM_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 + TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_256_CCM + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_128_CCM + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + TLS_RSA_WITH_AES_256_GCM_SHA384 + TLS_RSA_WITH_AES_256_CCM + TLS_RSA_WITH_AES_128_GCM_SHA256 + TLS_RSA_WITH_AES_128_CCM + TLS_RSA_WITH_AES_256_CBC_SHA256 + TLS_RSA_WITH_AES_128_CBC_SHA256 + TLS_RSA_WITH_AES_256_CBC_SHA + TLS_RSA_WITH_AES_128_CBC_SHA + TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + TLS_DHE_RSA_WITH_AES_256_CCM + TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + TLS_DHE_RSA_WITH_AES_128_CCM + TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + TLS_EMPTY_RENEGOTIATION_INFO_SCSV + compression methods: length 1, NULL + extensions length: 363 + server_name, length: 16, name: example.com + ec_point_formats, length: 4 + supported_groups (renamed from elliptic_curves), length: 12 + unknown TLS extension 13172, length: 0 + application_layer_protocol_negotiation, length: 14 [h2,http/1.1] + encrypt_then_mac, length: 0 + extended_master_secret, length: 0 + post_handshake_auth, length: 0 + signature_algorithms, length: 34 + supported_versions, length: 5, versions: TLSv1.3,TLSv1.2 + psk_key_exchange_modes, length: 2 + key_share, length: 71 + padding, length: 153 + 9 08:46:30.477422 IP (tos 0x0, ttl 54, id 30618, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0x1da0 (correct), seq 100, ack 1041, win 133, options [nop,nop,TS val 2452492083 ecr 349023772], length 0 + 10 08:46:30.477486 IP (tos 0x0, ttl 54, id 30619, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0x1da0 (correct), seq 100, ack 1041, win 133, options [nop,nop,TS val 2452492083 ecr 349023772], length 0 + 11 08:46:30.477497 IP (tos 0x0, ttl 54, id 30620, offset 0, flags [none], proto TCP (6), length 2948) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], cksum 0x707b (correct), seq 100:2996, ack 1041, win 133, options [nop,nop,TS val 2452492084 ecr 349023772], length 2896: TLS + Handshake TLSv1.2, length: 155 + ServerHello length: 151 server version: TLSv1.2 + random: 0xb46c4b7c285a587da8f4b3e0464b568fad9348371350e72d234ec47115efc18f + session id: 0x33a54bb56c19cfd71e5f1ccb8c2f41ac4f934133efc271c9b3f2489333e5a0da + cipher suite: TLS_AES_256_GCM_SHA384 + compression method: NULL + extensions length: 79 + supported_versions, length: 2, version: TLSv1.3 + key_share, length: 69 + ApplicationData TLSv1.2, length: 32 + ApplicationData TLSv1.2, length: 3120 + 12 08:46:30.477525 IP (tos 0x0, ttl 64, id 51358, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], cksum 0x1028 (correct), seq 1041, ack 2996, win 480, options [nop,nop,TS val 349023976 ecr 2452492084], length 0 + 13 08:46:30.477582 IP (tos 0x0, ttl 54, id 30622, offset 0, flags [none], proto TCP (6), length 838) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], cksum 0x174a (correct), seq 2996:3782, ack 1041, win 133, options [nop,nop,TS val 2452492084 ecr 349023772], length 786: TLS + TLS Fragment or unknown record type(231) + 14 08:46:30.477611 IP (tos 0x0, ttl 64, id 51359, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], cksum 0x0d1c (correct), seq 1041, ack 3782, win 474, options [nop,nop,TS val 349023976 ecr 2452492084], length 0 + 15 08:46:30.480046 IP (tos 0x0, ttl 64, id 51360, offset 0, flags [DF], proto TCP (6), length 126) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], cksum 0xab78 (correct), seq 1041:1115, ack 3782, win 501, options [nop,nop,TS val 349023979 ecr 2452492084], length 74: TLS + ApplicationData TLSv1.2, length: 69 + 16 08:46:30.480350 IP (tos 0x0, ttl 64, id 51361, offset 0, flags [DF], proto TCP (6), length 147) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], cksum 0x7cda (correct), seq 1115:1210, ack 3782, win 501, options [nop,nop,TS val 349023979 ecr 2452492084], length 95: TLS + ApplicationData TLSv1.2, length: 41 + ApplicationData TLSv1.2, length: 44 + 17 08:46:30.480450 IP (tos 0x0, ttl 64, id 51362, offset 0, flags [DF], proto TCP (6), length 87) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], cksum 0xdd52 (correct), seq 1210:1245, ack 3782, win 501, options [nop,nop,TS val 349023979 ecr 2452492084], length 35: TLS + ApplicationData TLSv1.2, length: 30 + 18 08:46:30.480775 IP (tos 0x0, ttl 64, id 51363, offset 0, flags [DF], proto TCP (6), length 111) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], cksum 0xf6ed (correct), seq 1245:1304, ack 3782, win 501, options [nop,nop,TS val 349023979 ecr 2452492084], length 59: TLS + ApplicationData TLSv1.2, length: 54 + 19 08:46:30.681894 IP (tos 0x0, ttl 54, id 30658, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0x0d55 (correct), seq 3782, ack 1115, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 0 + 20 08:46:30.681957 IP (tos 0x0, ttl 54, id 30659, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0x0cf6 (correct), seq 3782, ack 1210, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 0 + 21 08:46:30.681968 IP (tos 0x0, ttl 54, id 30660, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0x0cd3 (correct), seq 3782, ack 1245, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 0 + 22 08:46:30.681976 IP (tos 0x0, ttl 54, id 30661, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0x0c98 (correct), seq 3782, ack 1304, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 0 + 23 08:46:30.681985 IP (tos 0x0, ttl 54, id 30662, offset 0, flags [none], proto TCP (6), length 307) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], cksum 0x86cc (correct), seq 3782:4037, ack 1304, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 255: TLS + ApplicationData TLSv1.2, length: 250 + 24 08:46:30.682014 IP (tos 0x0, ttl 64, id 51364, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], cksum 0x0960 (correct), seq 1304, ack 4037, win 500, options [nop,nop,TS val 349024181 ecr 2452492291], length 0 + 25 08:46:30.682072 IP (tos 0x0, ttl 54, id 30663, offset 0, flags [none], proto TCP (6), length 307) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], cksum 0x8399 (correct), seq 4037:4292, ack 1304, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 255: TLS + ApplicationData TLSv1.2, length: 250 + 26 08:46:30.682095 IP (tos 0x0, ttl 64, id 51365, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], cksum 0x0862 (correct), seq 1304, ack 4292, win 499, options [nop,nop,TS val 349024181 ecr 2452492291], length 0 + 27 08:46:30.682109 IP (tos 0x0, ttl 54, id 30664, offset 0, flags [none], proto TCP (6), length 179) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], cksum 0x79ee (correct), seq 4292:4419, ack 1304, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 127: TLS + ApplicationData TLSv1.2, length: 56 + ApplicationData TLSv1.2, length: 26 + ApplicationData TLSv1.2, length: 30 + 28 08:46:30.682128 IP (tos 0x0, ttl 64, id 51366, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], cksum 0x07e3 (correct), seq 1304, ack 4419, win 499, options [nop,nop,TS val 349024181 ecr 2452492291], length 0 + 29 08:46:30.682139 IP (tos 0x0, ttl 54, id 30665, offset 0, flags [none], proto TCP (6), length 1567) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], cksum 0x91ad (correct), seq 4419:5934, ack 1304, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 1515: TLS + ApplicationData TLSv1.2, length: 201 + ApplicationData TLSv1.2, length: 26 + ApplicationData TLSv1.2, length: 1273 + 30 08:46:30.682156 IP (tos 0x0, ttl 64, id 51367, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], cksum 0x0203 (correct), seq 1304, ack 5934, win 488, options [nop,nop,TS val 349024181 ecr 2452492291], length 0 + 31 08:46:30.682608 IP (tos 0x0, ttl 64, id 51368, offset 0, flags [DF], proto TCP (6), length 83) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], cksum 0xb77e (correct), seq 1304:1335, ack 5934, win 488, options [nop,nop,TS val 349024181 ecr 2452492291], length 31: TLS + ApplicationData TLSv1.2, length: 26 + 32 08:46:30.683272 IP (tos 0x0, ttl 64, id 51369, offset 0, flags [DF], proto TCP (6), length 76) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], cksum 0x3d21 (correct), seq 1335:1359, ack 5934, win 501, options [nop,nop,TS val 349024182 ecr 2452492291], length 24: TLS + ApplicationData TLSv1.2, length: 19 + 33 08:46:30.685033 IP (tos 0x0, ttl 64, id 51370, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [F.], cksum 0x01bb (correct), seq 1359, ack 5934, win 501, options [nop,nop,TS val 349024184 ecr 2452492291], length 0 + 34 08:46:30.886272 IP (tos 0x0, ttl 54, id 30713, offset 0, flags [none], proto TCP (6), length 64) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0xcfe1 (correct), seq 5934, ack 1335, win 133, options [nop,nop,TS val 2452492498 ecr 349024181,nop,nop,sack 1 {1359:1360}], length 0 + 35 08:46:30.886345 IP (tos 0x0, ttl 54, id 30714, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], cksum 0x025e (correct), seq 5934, ack 1360, win 133, options [nop,nop,TS val 2452492498 ecr 349024182], length 0 + 36 08:46:30.886407 IP (tos 0x0, ttl 54, id 30715, offset 0, flags [none], proto TCP (6), length 76) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], cksum 0xfa6b (correct), seq 5934:5958, ack 1360, win 133, options [nop,nop,TS val 2452492498 ecr 349024182], length 24: TLS + ApplicationData TLSv1.2, length: 19 + 37 08:46:30.886452 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [R], cksum 0x1c68 (correct), seq 4032105962, win 0, length 0 + 38 08:46:30.886494 IP (tos 0x0, ttl 54, id 30716, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42836: Flags [F.], cksum 0x0245 (correct), seq 5958, ack 1360, win 133, options [nop,nop,TS val 2452492498 ecr 349024182], length 0 + 39 08:46:30.886512 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40) + 172.16.10.62.42836 > 93.184.216.34.443: Flags [R], cksum 0x1c68 (correct), seq 4032105962, win 0, length 0 diff --git a/tests/tls-1.3-https.out b/tests/tls-1.3-https.out new file mode 100644 index 0000000000..f19691be49 --- /dev/null +++ b/tests/tls-1.3-https.out @@ -0,0 +1,39 @@ + 1 08:46:29.784434 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [S], seq 4032104602, win 64240, options [mss 1460,sackOK,TS val 349023283 ecr 0,nop,wscale 7], length 0 + 2 08:46:30.067408 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [S.], seq 1112285027, ack 4032104603, win 65535, options [mss 1460,sackOK,TS val 2452491599 ecr 349023283,nop,wscale 9], length 0 + 3 08:46:30.067546 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], ack 1, win 502, options [nop,nop,TS val 349023566 ecr 2452491599], length 0 + 4 08:46:30.078638 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], seq 1:518, ack 1, win 502, options [nop,nop,TS val 349023577 ecr 2452491599], length 517: TLS Handshake TLSv1.0 ClientHello, name: example.com [h2,http/1.1], versions: TLSv1.3,TLSv1.2 + 5 08:46:30.272139 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], ack 518, win 131, options [nop,nop,TS val 2452491887 ecr 349023577], length 0 + 6 08:46:30.272202 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], seq 1:100, ack 518, win 131, options [nop,nop,TS val 2452491887 ecr 349023577], length 99: TLS Handshake TLSv1.2 ServerHello, version: TLSv1.3, ChangeCipherSpec TLSv1.2 + 7 08:46:30.272271 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], ack 100, win 502, options [nop,nop,TS val 349023771 ecr 2452491887], length 0 + 8 08:46:30.272922 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], seq 518:1041, ack 100, win 502, options [nop,nop,TS val 349023772 ecr 2452491887], length 523: TLS ChangeCipherSpec TLSv1.2, Handshake TLSv1.2 ClientHello, name: example.com [h2,http/1.1], versions: TLSv1.3,TLSv1.2 + 9 08:46:30.477422 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], ack 1041, win 133, options [nop,nop,TS val 2452492083 ecr 349023772], length 0 + 10 08:46:30.477486 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], ack 1041, win 133, options [nop,nop,TS val 2452492083 ecr 349023772], length 0 + 11 08:46:30.477497 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], seq 100:2996, ack 1041, win 133, options [nop,nop,TS val 2452492084 ecr 349023772], length 2896: TLS Handshake TLSv1.2 ServerHello, version: TLSv1.3, ApplicationData TLSv1.2, ApplicationData TLSv1.2 + 12 08:46:30.477525 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], ack 2996, win 480, options [nop,nop,TS val 349023976 ecr 2452492084], length 0 + 13 08:46:30.477582 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], seq 2996:3782, ack 1041, win 133, options [nop,nop,TS val 2452492084 ecr 349023772], length 786: TLS TLS Fragment or unknown record type(231) + 14 08:46:30.477611 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], ack 3782, win 474, options [nop,nop,TS val 349023976 ecr 2452492084], length 0 + 15 08:46:30.480046 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], seq 1041:1115, ack 3782, win 501, options [nop,nop,TS val 349023979 ecr 2452492084], length 74: TLS ApplicationData TLSv1.2 + 16 08:46:30.480350 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], seq 1115:1210, ack 3782, win 501, options [nop,nop,TS val 349023979 ecr 2452492084], length 95: TLS ApplicationData TLSv1.2, ApplicationData TLSv1.2 + 17 08:46:30.480450 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], seq 1210:1245, ack 3782, win 501, options [nop,nop,TS val 349023979 ecr 2452492084], length 35: TLS ApplicationData TLSv1.2 + 18 08:46:30.480775 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], seq 1245:1304, ack 3782, win 501, options [nop,nop,TS val 349023979 ecr 2452492084], length 59: TLS ApplicationData TLSv1.2 + 19 08:46:30.681894 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], ack 1115, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 0 + 20 08:46:30.681957 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], ack 1210, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 0 + 21 08:46:30.681968 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], ack 1245, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 0 + 22 08:46:30.681976 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], ack 1304, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 0 + 23 08:46:30.681985 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], seq 3782:4037, ack 1304, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 255: TLS ApplicationData TLSv1.2 + 24 08:46:30.682014 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], ack 4037, win 500, options [nop,nop,TS val 349024181 ecr 2452492291], length 0 + 25 08:46:30.682072 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], seq 4037:4292, ack 1304, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 255: TLS ApplicationData TLSv1.2 + 26 08:46:30.682095 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], ack 4292, win 499, options [nop,nop,TS val 349024181 ecr 2452492291], length 0 + 27 08:46:30.682109 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], seq 4292:4419, ack 1304, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 127: TLS ApplicationData TLSv1.2, ApplicationData TLSv1.2, ApplicationData TLSv1.2 + 28 08:46:30.682128 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], ack 4419, win 499, options [nop,nop,TS val 349024181 ecr 2452492291], length 0 + 29 08:46:30.682139 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], seq 4419:5934, ack 1304, win 133, options [nop,nop,TS val 2452492291 ecr 349023979], length 1515: TLS ApplicationData TLSv1.2, ApplicationData TLSv1.2, ApplicationData TLSv1.2 + 30 08:46:30.682156 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [.], ack 5934, win 488, options [nop,nop,TS val 349024181 ecr 2452492291], length 0 + 31 08:46:30.682608 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], seq 1304:1335, ack 5934, win 488, options [nop,nop,TS val 349024181 ecr 2452492291], length 31: TLS ApplicationData TLSv1.2 + 32 08:46:30.683272 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [P.], seq 1335:1359, ack 5934, win 501, options [nop,nop,TS val 349024182 ecr 2452492291], length 24: TLS ApplicationData TLSv1.2 + 33 08:46:30.685033 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [F.], seq 1359, ack 5934, win 501, options [nop,nop,TS val 349024184 ecr 2452492291], length 0 + 34 08:46:30.886272 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], ack 1335, win 133, options [nop,nop,TS val 2452492498 ecr 349024181,nop,nop,sack 1 {1359:1360}], length 0 + 35 08:46:30.886345 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [.], ack 1360, win 133, options [nop,nop,TS val 2452492498 ecr 349024182], length 0 + 36 08:46:30.886407 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [P.], seq 5934:5958, ack 1360, win 133, options [nop,nop,TS val 2452492498 ecr 349024182], length 24: TLS ApplicationData TLSv1.2 + 37 08:46:30.886452 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [R], seq 4032105962, win 0, length 0 + 38 08:46:30.886494 IP 93.184.216.34.443 > 172.16.10.62.42836: Flags [F.], seq 5958, ack 1360, win 133, options [nop,nop,TS val 2452492498 ecr 349024182], length 0 + 39 08:46:30.886512 IP 172.16.10.62.42836 > 93.184.216.34.443: Flags [R], seq 4032105962, win 0, length 0 diff --git a/tests/tls-1.3-https.pcap b/tests/tls-1.3-https.pcap new file mode 100644 index 0000000000..4f8f41af36 Binary files /dev/null and b/tests/tls-1.3-https.pcap differ diff --git a/tests/tls-trunc.out b/tests/tls-trunc.out new file mode 100644 index 0000000000..0389029982 --- /dev/null +++ b/tests/tls-trunc.out @@ -0,0 +1,215 @@ + 1 07:35:32.276779 IP (tos 0x0, ttl 64, id 29601, offset 0, flags [DF], proto TCP (6), length 60) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [S], cksum 0x48b8 (correct), seq 1439015052, win 64240, options [mss 1460,sackOK,TS val 324035980 ecr 0,nop,wscale 7], length 0 + 2 07:35:32.474179 IP (tos 0x0, ttl 54, id 45545, offset 0, flags [none], proto TCP (6), length 60) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [S.], cksum 0xd12a (correct), seq 2297638209, ack 1439015053, win 65535, options [mss 1460,sackOK,TS val 2688621557 ecr 324035980,nop,wscale 9], length 0 + 3 07:35:32.474294 IP (tos 0x0, ttl 64, id 29602, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [.], cksum 0xfd3c (correct), seq 1, ack 1, win 502, options [nop,nop,TS val 324036178 ecr 2688621557], length 0 + 4 07:35:32.495389 IP (tos 0x0, ttl 64, id 29603, offset 0, flags [DF], proto TCP (6), length 569) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [P.], seq 1:518, ack 1, win 502, options [nop,nop,TS val 324036199 ecr 2688621557], length 517: TLS + Handshake TLSv1.0, length: 512 + ClientHello length: 508 client version: TLSv1.2 + random: 0x727ec5312a0fe37a73ea2ffb5e7ad04f26abc4ce66e7427814ff24acc89f7 + session id: 0xfcbd9a1782dd3fcddcb2dfb736f54bcfbba4678239fd369d4e056903f7a6bbc + cipher suites: 36 + TLS_AES_256_GCM_SHA384 + TLS_CHACHA20_POLY1305_SHA256 + TLS_AES_128_GCM_SHA256 + TLS_AES_128_CCM_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 + TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_256_CCM + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_128_CCM + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + TLS_RSA_WITH_AES_256_GCM_SHA384 + TLS_RSA_WITH_AES_256_CCM + TLS_RSA_WITH_AES_128_GCM_SHA256 + TLS_RSA_WITH_AES_128_CCM + TLS_RSA_WITH_AES_256_CBC_SHA256 + TLS_RSA_WITH_AES_128_CBC_SHA256 + TLS_RSA_WITH_AES_256_CBC_SHA + TLS_RSA_WITH_AES_128_CBC_SHA + TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + TLS_DHE_RSA_WITH_AES_256_CCM + TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + TLS_DHE_RSA_WITH_AES_128_CCM + TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + TLS_EMPTY_RENEGOTIATION_INFO_SCSV + compression methods: length 1, NULL + extensions length: 363 + server_name, length: 16, name: example.com + ec_point_formats, length: 4 + supported_groups (renamed from elliptic_curves), length: 12 + unknown TLS extension 13172, length: 0 + application_layer_protocol_negotiation, length: 14 [h2,http/1.1] + encrypt_then_mac, length: 0 + extended_master_secret, length: 0 + post_handshake_auth, length: 0 [|tls] + 5 07:35:32.679007 IP (tos 0x0, ttl 54, id 45561, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [.], cksum 0xfbb7 (correct), seq 1, ack 518, win 131, options [nop,nop,TS val 2688621779 ecr 324036199], length 0 + 6 07:35:32.679064 IP (tos 0x0, ttl 54, id 45562, offset 0, flags [none], proto TCP (6), length 151) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [P.], cksum 0xf09b (correct), seq 1:100, ack 518, win 131, options [nop,nop,TS val 2688621782 ecr 324036199], length 99: TLS + Handshake TLSv1.2, length: 88 + ServerHello length: 84 server version: TLSv1.2 + random: 0xcf21ad74e59a6111be1d8c21e65b891c2a211167abb8c5e79e9e2c8a8339c + session id: 0xfcbd9a1782dd3fcddcb2dfb736f54bcfbba4678239fd369d4e056903f7a6bbc + cipher suite: TLS_AES_256_GCM_SHA384 + compression method: NULL + extensions length: 12 + supported_versions, length: 2, version: TLSv1.3 + key_share, length: 2 + ChangeCipherSpec TLSv1.2, length: 1 + 7 07:35:32.679121 IP (tos 0x0, ttl 64, id 29604, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [.], cksum 0xf926 (correct), seq 518, ack 100, win 502, options [nop,nop,TS val 324036383 ecr 2688621782], length 0 + 8 07:35:32.679904 IP (tos 0x0, ttl 64, id 29605, offset 0, flags [DF], proto TCP (6), length 575) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [P.], seq 518:1041, ack 100, win 502, options [nop,nop,TS val 324036383 ecr 2688621782], length 523: TLS + ChangeCipherSpec TLSv1.2, length: 1 + Handshake TLSv1.2, length: 512 + ClientHello length: 508 client version: TLSv1.2 + random: 0x727ec5312a0fe37a73ea2ffb5e7ad04f26abc4ce66e7427814ff24acc89f7 + session id: 0xfcbd9a1782dd3fcddcb2dfb736f54bcfbba4678239fd369d4e056903f7a6bbc + cipher suites: 36 + TLS_AES_256_GCM_SHA384 + TLS_CHACHA20_POLY1305_SHA256 + TLS_AES_128_GCM_SHA256 + TLS_AES_128_CCM_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 + TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_256_CCM + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_128_CCM + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + TLS_RSA_WITH_AES_256_GCM_SHA384 + TLS_RSA_WITH_AES_256_CCM + TLS_RSA_WITH_AES_128_GCM_SHA256 + TLS_RSA_WITH_AES_128_CCM + TLS_RSA_WITH_AES_256_CBC_SHA256 + TLS_RSA_WITH_AES_128_CBC_SHA256 + TLS_RSA_WITH_AES_256_CBC_SHA + TLS_RSA_WITH_AES_128_CBC_SHA + TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + TLS_DHE_RSA_WITH_AES_256_CCM + TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + TLS_DHE_RSA_WITH_AES_128_CCM + TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + TLS_EMPTY_RENEGOTIATION_INFO_SCSV + compression methods: length 1, NULL + extensions length: 363 + server_name, length: 16, name: example.com + ec_point_formats, length: 4 + supported_groups (renamed from elliptic_curves), length: 12 + unknown TLS extension 13172, length: 0 + application_layer_protocol_negotiation, length: 14 [h2,http/1.1] + encrypt_then_mac, length: 0 + extended_master_secret, length: 0 [|tls] + 9 07:35:32.849377 IP (tos 0x0, ttl 54, id 45573, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [.], cksum 0xf7d9 (correct), seq 100, ack 1041, win 133, options [nop,nop,TS val 2688621961 ecr 324036383], length 0 + 10 07:35:32.849433 IP (tos 0x0, ttl 54, id 45574, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [.], cksum 0xf7d9 (correct), seq 100, ack 1041, win 133, options [nop,nop,TS val 2688621961 ecr 324036383], length 0 + 11 07:35:32.850814 IP (tos 0x0, ttl 54, id 45575, offset 0, flags [none], proto TCP (6), length 2948) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [P.], seq 100:2996, ack 1041, win 133, options [nop,nop,TS val 2688621962 ecr 324036383], length 2896: TLS + Handshake TLSv1.2, length: 155 + ServerHello length: 151 server version: TLSv1.2 + random: 0x94785f1a9fbefc34fb2ab335362675a0451a4d5d35e9c3cf527633e439d84 + session id: 0xfcbd9a1782dd3fcddcb2dfb736f54bcfbba4678239fd369d4e056903f7a6bbc + cipher suite: TLS_AES_256_GCM_SHA384 + compression method: NULL + extensions length: 79 + supported_versions, length: 2, version: TLSv1.3 + key_share, length: 69 + ApplicationData TLSv1.2, length: 32 + ApplicationData TLSv1.2, length: 3120 + 12 07:35:32.850877 IP (tos 0x0, ttl 64, id 29606, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [.], cksum 0xea82 (correct), seq 1041, ack 2996, win 480, options [nop,nop,TS val 324036554 ecr 2688621962], length 0 + 13 07:35:32.850935 IP (tos 0x0, ttl 54, id 45577, offset 0, flags [none], proto TCP (6), length 838) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [P.], seq 2996:3782, ack 1041, win 133, options [nop,nop,TS val 2688621962 ecr 324036383], length 786: TLS + TLS Fragment or unknown record type(185) + 14 07:35:32.850960 IP (tos 0x0, ttl 64, id 29607, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [.], cksum 0xe776 (correct), seq 1041, ack 3782, win 474, options [nop,nop,TS val 324036554 ecr 2688621962], length 0 + 15 07:35:32.853527 IP (tos 0x0, ttl 64, id 29608, offset 0, flags [DF], proto TCP (6), length 126) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [P.], cksum 0x19c2 (correct), seq 1041:1115, ack 3782, win 501, options [nop,nop,TS val 324036557 ecr 2688621962], length 74: TLS + ApplicationData TLSv1.2, length: 69 + 16 07:35:32.854060 IP (tos 0x0, ttl 64, id 29609, offset 0, flags [DF], proto TCP (6), length 98) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [P.], cksum 0x56ac (correct), seq 1115:1161, ack 3782, win 501, options [nop,nop,TS val 324036558 ecr 2688621962], length 46: TLS + ApplicationData TLSv1.2, length: 41 + 17 07:35:32.854111 IP (tos 0x0, ttl 64, id 29610, offset 0, flags [DF], proto TCP (6), length 101) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [P.], cksum 0x13d6 (correct), seq 1161:1210, ack 3782, win 501, options [nop,nop,TS val 324036558 ecr 2688621962], length 49: TLS + ApplicationData TLSv1.2, length: 44 + 18 07:35:32.854455 IP (tos 0x0, ttl 64, id 29611, offset 0, flags [DF], proto TCP (6), length 146) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [P.], cksum 0x4aa3 (correct), seq 1210:1304, ack 3782, win 501, options [nop,nop,TS val 324036558 ecr 2688621962], length 94: TLS + ApplicationData TLSv1.2, length: 30 + ApplicationData TLSv1.2, length: 54 + 19 07:35:33.088899 IP (tos 0x0, ttl 54, id 45590, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [.], cksum 0xe7d1 (correct), seq 3782, ack 1115, win 133, options [nop,nop,TS val 2688622135 ecr 324036557], length 0 + 20 07:35:33.088955 IP (tos 0x0, ttl 54, id 45591, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [.], cksum 0xe7a2 (correct), seq 3782, ack 1161, win 133, options [nop,nop,TS val 2688622135 ecr 324036558], length 0 + 21 07:35:33.088965 IP (tos 0x0, ttl 54, id 45592, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [.], cksum 0xe711 (correct), seq 3782, ack 1304, win 135, options [nop,nop,TS val 2688622135 ecr 324036558], length 0 + 22 07:35:33.088977 IP (tos 0x0, ttl 54, id 45593, offset 0, flags [none], proto TCP (6), length 307) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [P.], seq 3782:4037, ack 1304, win 135, options [nop,nop,TS val 2688622136 ecr 324036558], length 255: TLS + ApplicationData TLSv1.2, length: 250 + 23 07:35:33.089001 IP (tos 0x0, ttl 64, id 29612, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [.], cksum 0xe3b9 (correct), seq 1304, ack 4037, win 500, options [nop,nop,TS val 324036793 ecr 2688622136], length 0 + 24 07:35:33.089056 IP (tos 0x0, ttl 54, id 45594, offset 0, flags [none], proto TCP (6), length 307) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [P.], seq 4037:4292, ack 1304, win 135, options [nop,nop,TS val 2688622136 ecr 324036558], length 255: TLS + ApplicationData TLSv1.2, length: 250 + 25 07:35:33.089071 IP (tos 0x0, ttl 64, id 29613, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [.], cksum 0xe2bb (correct), seq 1304, ack 4292, win 499, options [nop,nop,TS val 324036793 ecr 2688622136], length 0 + 26 07:35:33.089080 IP (tos 0x0, ttl 54, id 45595, offset 0, flags [none], proto TCP (6), length 179) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [P.], cksum 0x7d5f (correct), seq 4292:4419, ack 1304, win 135, options [nop,nop,TS val 2688622136 ecr 324036558], length 127: TLS + ApplicationData TLSv1.2, length: 56 + ApplicationData TLSv1.2, length: 26 + ApplicationData TLSv1.2, length: 30 + 27 07:35:33.089090 IP (tos 0x0, ttl 64, id 29614, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [.], cksum 0xe23c (correct), seq 1304, ack 4419, win 499, options [nop,nop,TS val 324036793 ecr 2688622136], length 0 + 28 07:35:33.089097 IP (tos 0x0, ttl 54, id 45596, offset 0, flags [none], proto TCP (6), length 1573) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [P.], seq 4419:5940, ack 1304, win 135, options [nop,nop,TS val 2688622136 ecr 324036558], length 1521: TLS + ApplicationData TLSv1.2, length: 207 + ApplicationData TLSv1.2, length: 26 [|tls] + 29 07:35:33.089108 IP (tos 0x0, ttl 64, id 29615, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [.], cksum 0xdc56 (correct), seq 1304, ack 5940, win 488, options [nop,nop,TS val 324036793 ecr 2688622136], length 0 + 30 07:35:33.089707 IP (tos 0x0, ttl 64, id 29616, offset 0, flags [DF], proto TCP (6), length 83) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [P.], cksum 0xce13 (correct), seq 1304:1335, ack 5940, win 488, options [nop,nop,TS val 324036793 ecr 2688622136], length 31: TLS + ApplicationData TLSv1.2, length: 26 + 31 07:35:33.090554 IP (tos 0x0, ttl 64, id 29617, offset 0, flags [DF], proto TCP (6), length 76) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [P.], cksum 0xa4ec (correct), seq 1335:1359, ack 5940, win 501, options [nop,nop,TS val 324036794 ecr 2688622136], length 24: TLS + ApplicationData TLSv1.2, length: 19 + 32 07:35:33.092039 IP (tos 0x0, ttl 64, id 29618, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [F.], cksum 0xdc0e (correct), seq 1359, ack 5940, win 501, options [nop,nop,TS val 324036796 ecr 2688622136], length 0 + 33 07:35:33.293644 IP (tos 0x0, ttl 54, id 45647, offset 0, flags [none], proto TCP (6), length 64) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [.], cksum 0xaf4f (correct), seq 5940, ack 1335, win 135, options [nop,nop,TS val 2688622375 ecr 324036793,nop,nop,sack 1 {1359:1360}], length 0 + 34 07:35:33.293718 IP (tos 0x0, ttl 54, id 45648, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [.], cksum 0xdc8f (correct), seq 5940, ack 1360, win 135, options [nop,nop,TS val 2688622375 ecr 324036794], length 0 + 35 07:35:33.293767 IP (tos 0x0, ttl 54, id 45649, offset 0, flags [none], proto TCP (6), length 76) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [P.], cksum 0x29bd (correct), seq 5940:5964, ack 1360, win 135, options [nop,nop,TS val 2688622375 ecr 324036794], length 24: TLS + ApplicationData TLSv1.2, length: 19 + 36 07:35:33.293810 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [R], cksum 0x1f16 (correct), seq 1439016412, win 0, length 0 + 37 07:35:33.293850 IP (tos 0x0, ttl 54, id 45650, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.42820: Flags [F.], cksum 0xdc76 (correct), seq 5964, ack 1360, win 135, options [nop,nop,TS val 2688622375 ecr 324036794], length 0 + 38 07:35:33.293868 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40) + 172.16.10.62.42820 > 93.184.216.34.443: Flags [R], cksum 0x1f16 (correct), seq 1439016412, win 0, length 0 diff --git a/tests/tls-trunc.pcap b/tests/tls-trunc.pcap new file mode 100644 index 0000000000..0f2bb4928c Binary files /dev/null and b/tests/tls-trunc.pcap differ diff --git a/tests/tls-v1.0-alert.out b/tests/tls-v1.0-alert.out new file mode 100644 index 0000000000..887aaa7aaf --- /dev/null +++ b/tests/tls-v1.0-alert.out @@ -0,0 +1,24 @@ + 1 03:01:52.675146 IP (tos 0x0, ttl 63, id 63543, offset 0, flags [DF], proto TCP (6), length 60) + 172.16.10.62.35704 > 93.184.216.34.443: Flags [S], cksum 0x3226 (correct), seq 4147264741, win 64240, options [mss 1460,sackOK,TS val 2360008905 ecr 0,nop,wscale 7], length 0 + 2 03:01:52.942787 IP (tos 0x0, ttl 54, id 44313, offset 0, flags [none], proto TCP (6), length 60) + 93.184.216.34.443 > 172.16.10.62.35704: Flags [S.], cksum 0x56fa (correct), seq 1962483114, ack 4147264742, win 65535, options [mss 1460,sackOK,TS val 267989869 ecr 2360008905,nop,wscale 9], length 0 + 3 03:01:52.942879 IP (tos 0x0, ttl 63, id 63544, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.35704 > 93.184.216.34.443: Flags [.], cksum 0x82c7 (correct), seq 1, ack 1, win 502, options [nop,nop,TS val 2360009172 ecr 267989869], length 0 + 4 03:01:52.943029 IP (tos 0x0, ttl 63, id 63545, offset 0, flags [DF], proto TCP (6), length 59) + 172.16.10.62.35704 > 93.184.216.34.443: Flags [P.], cksum 0x1ab2 (correct), seq 1:8, ack 1, win 502, options [nop,nop,TS val 2360009173 ecr 267989869], length 7: TLS + Alert TLSv1.0, length: 2 fatal: internal_error + 5 03:01:52.943151 IP (tos 0x0, ttl 63, id 63546, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.35704 > 93.184.216.34.443: Flags [F.], cksum 0x82be (correct), seq 8, ack 1, win 502, options [nop,nop,TS val 2360009173 ecr 267989869], length 0 + 6 03:01:53.147552 IP (tos 0x0, ttl 54, id 44356, offset 0, flags [none], proto TCP (6), length 64) + 93.184.216.34.443 > 172.16.10.62.35704: Flags [.], cksum 0xe4d5 (correct), seq 1, ack 1, win 128, options [nop,nop,TS val 267990140 ecr 2360009172,nop,nop,sack 1 {8:9}], length 0 + 7 03:01:53.147596 IP (tos 0x0, ttl 54, id 44357, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.35704: Flags [.], cksum 0x8325 (correct), seq 1, ack 9, win 128, options [nop,nop,TS val 267990140 ecr 2360009173], length 0 + 8 03:01:53.147602 IP (tos 0x0, ttl 54, id 44358, offset 0, flags [none], proto TCP (6), length 59) + 93.184.216.34.443 > 172.16.10.62.35704: Flags [P.], cksum 0x6111 (correct), seq 1:8, ack 9, win 128, options [nop,nop,TS val 267990140 ecr 2360009173], length 7: TLS + Alert TLSv1.0, length: 2 fatal: unexpected_message + 9 03:01:53.147606 IP (tos 0x0, ttl 54, id 44359, offset 0, flags [none], proto TCP (6), length 52) + 93.184.216.34.443 > 172.16.10.62.35704: Flags [F.], cksum 0x831d (correct), seq 8, ack 9, win 128, options [nop,nop,TS val 267990140 ecr 2360009173], length 0 + 10 03:01:53.147670 IP (tos 0x0, ttl 63, id 63547, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.35704 > 93.184.216.34.443: Flags [.], cksum 0x80dc (correct), seq 9, ack 8, win 502, options [nop,nop,TS val 2360009377 ecr 267990140], length 0 + 11 03:01:53.147693 IP (tos 0x0, ttl 63, id 63548, offset 0, flags [DF], proto TCP (6), length 52) + 172.16.10.62.35704 > 93.184.216.34.443: Flags [.], cksum 0x80db (correct), seq 9, ack 9, win 502, options [nop,nop,TS val 2360009377 ecr 267990140], length 0 diff --git a/tests/tls-v1.0-alert.pcap b/tests/tls-v1.0-alert.pcap new file mode 100644 index 0000000000..e0529cdfce Binary files /dev/null and b/tests/tls-v1.0-alert.pcap differ