search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert "TODO epan/dissectors/asn1/kerberos/packet-kerberos-template.c new GSS flags"
[wireshark-sm.git] / epan / dissectors / packet-tls-utils.h
blobfb983b66752628ce76f70aa34d1b68f43c9bc725
1 /* packet-tls-utils.h
2 * ssl manipulation functions
3 * By Paolo Abeni <paolo.abeni@email.com>
4 *
5 * Wireshark - Network traffic analyzer
6 * By Gerald Combs <gerald@wireshark.org>
7 * Copyright 1998 Gerald Combs
8 *
9 * SPDX-License-Identifier: GPL-2.0-or-later
10 */
11
12 #ifndef __PACKET_TLS_UTILS_H__
13 #define __PACKET_TLS_UTILS_H__
14
15 #include <stdio.h> /* some APIs we declare take a stdio stream as an argument */
16
17 #include <glib.h>
18 #include <epan/packet.h>
19 #include <epan/prefs.h>
20 #include <epan/wmem_scopes.h>
21 #include <epan/expert.h>
22 #include <epan/conversation.h>
23 #include <epan/unit_strings.h>
24 #include <wsutil/wsgcrypt.h>
25
26 #ifdef HAVE_LIBGNUTLS
27 #include <gnutls/x509.h>
28 #include <gnutls/pkcs12.h>
29 #endif /* HAVE_LIBGNUTLS */
30
31 /* TODO inline this now that Libgcrypt is mandatory? */
32 #define SSL_CIPHER_CTX gcry_cipher_hd_t
33 #define SSL_DECRYPT_DEBUG
34
35
36 /* other defines */
37 typedef enum {
38 SSL_ID_CHG_CIPHER_SPEC = 0x14,
39 SSL_ID_ALERT = 0x15,
40 SSL_ID_HANDSHAKE = 0x16,
41 SSL_ID_APP_DATA = 0x17,
42 SSL_ID_HEARTBEAT = 0x18,
43 SSL_ID_TLS12_CID = 0x19,
44 SSL_ID_DTLS13_ACK = 0x1A,
45 } ContentType;
46
47 typedef enum {
48 SSL_HND_HELLO_REQUEST = 0,
49 SSL_HND_CLIENT_HELLO = 1,
50 SSL_HND_SERVER_HELLO = 2,
51 SSL_HND_HELLO_VERIFY_REQUEST = 3,
52 SSL_HND_NEWSESSION_TICKET = 4,
53 SSL_HND_END_OF_EARLY_DATA = 5,
54 SSL_HND_HELLO_RETRY_REQUEST = 6,
55 SSL_HND_ENCRYPTED_EXTENSIONS = 8,
56 SSL_HND_CERTIFICATE = 11,
57 SSL_HND_SERVER_KEY_EXCHG = 12,
58 SSL_HND_CERT_REQUEST = 13,
59 SSL_HND_SVR_HELLO_DONE = 14,
60 SSL_HND_CERT_VERIFY = 15,
61 SSL_HND_CLIENT_KEY_EXCHG = 16,
62 SSL_HND_FINISHED = 20,
63 SSL_HND_CERT_URL = 21,
64 SSL_HND_CERT_STATUS = 22,
65 SSL_HND_SUPPLEMENTAL_DATA = 23,
66 SSL_HND_KEY_UPDATE = 24,
67 SSL_HND_COMPRESSED_CERTIFICATE = 25,
68 /* Encrypted Extensions was NextProtocol in draft-agl-tls-nextprotoneg-03
69 * and changed in draft 04. Not to be confused with TLS 1.3 EE. */
70 SSL_HND_ENCRYPTED_EXTS = 67,
71 SSL_HND_MESSAGE_HASH = 254
72 } HandshakeType;
73
74 #define SSL2_HND_ERROR 0x00
75 #define SSL2_HND_CLIENT_HELLO 0x01
76 #define SSL2_HND_CLIENT_MASTER_KEY 0x02
77 #define SSL2_HND_CLIENT_FINISHED 0x03
78 #define SSL2_HND_SERVER_HELLO 0x04
79 #define SSL2_HND_SERVER_VERIFY 0x05
80 #define SSL2_HND_SERVER_FINISHED 0x06
81 #define SSL2_HND_REQUEST_CERTIFICATE 0x07
82 #define SSL2_HND_CLIENT_CERTIFICATE 0x08
83
84 #define SSL_HND_HELLO_EXT_SERVER_NAME 0
85 #define SSL_HND_HELLO_EXT_MAX_FRAGMENT_LENGTH 1
86 #define SSL_HND_HELLO_EXT_CLIENT_CERTIFICATE_URL 2
87 #define SSL_HND_HELLO_EXT_TRUSTED_CA_KEYS 3
88 #define SSL_HND_HELLO_EXT_TRUNCATED_HMAC 4
89 #define SSL_HND_HELLO_EXT_STATUS_REQUEST 5
90 #define SSL_HND_HELLO_EXT_USER_MAPPING 6
91 #define SSL_HND_HELLO_EXT_CLIENT_AUTHZ 7
92 #define SSL_HND_HELLO_EXT_SERVER_AUTHZ 8
93 #define SSL_HND_HELLO_EXT_CERT_TYPE 9
94 #define SSL_HND_HELLO_EXT_SUPPORTED_GROUPS 10 /* renamed from "elliptic_curves" (RFC 7919 / TLS 1.3) */
95 #define SSL_HND_HELLO_EXT_EC_POINT_FORMATS 11
96 #define SSL_HND_HELLO_EXT_SRP 12
97 #define SSL_HND_HELLO_EXT_SIGNATURE_ALGORITHMS 13
98 #define SSL_HND_HELLO_EXT_USE_SRTP 14
99 #define SSL_HND_HELLO_EXT_HEARTBEAT 15
100 #define SSL_HND_HELLO_EXT_ALPN 16
101 #define SSL_HND_HELLO_EXT_STATUS_REQUEST_V2 17
102 #define SSL_HND_HELLO_EXT_SIGNED_CERTIFICATE_TIMESTAMP 18
103 #define SSL_HND_HELLO_EXT_CLIENT_CERT_TYPE 19
104 #define SSL_HND_HELLO_EXT_SERVER_CERT_TYPE 20
105 #define SSL_HND_HELLO_EXT_PADDING 21
106 #define SSL_HND_HELLO_EXT_ENCRYPT_THEN_MAC 22
107 #define SSL_HND_HELLO_EXT_EXTENDED_MASTER_SECRET 23
108 #define SSL_HND_HELLO_EXT_TOKEN_BINDING 24
109 #define SSL_HND_HELLO_EXT_CACHED_INFO 25
110 #define SSL_HND_HELLO_EXT_COMPRESS_CERTIFICATE 27
111 #define SSL_HND_HELLO_EXT_RECORD_SIZE_LIMIT 28
112 /* 26-33 Unassigned*/
113 #define SSL_HND_HELLO_EXT_DELEGATED_CREDENTIALS 34 /* draft-ietf-tls-subcerts-10.txt */
114 #define SSL_HND_HELLO_EXT_SESSION_TICKET_TLS 35
115 /* RFC 8446 (TLS 1.3) */
116 #define SSL_HND_HELLO_EXT_KEY_SHARE_OLD 40 /* draft-ietf-tls-tls13-22 (removed in -23) */
117 #define SSL_HND_HELLO_EXT_PRE_SHARED_KEY 41
118 #define SSL_HND_HELLO_EXT_EARLY_DATA 42
119 #define SSL_HND_HELLO_EXT_SUPPORTED_VERSIONS 43
120 #define SSL_HND_HELLO_EXT_COOKIE 44
121 #define SSL_HND_HELLO_EXT_PSK_KEY_EXCHANGE_MODES 45
122 #define SSL_HND_HELLO_EXT_TICKET_EARLY_DATA_INFO 46 /* draft-ietf-tls-tls13-18 (removed in -19) */
123 #define SSL_HND_HELLO_EXT_CERTIFICATE_AUTHORITIES 47
124 #define SSL_HND_HELLO_EXT_OID_FILTERS 48
125 #define SSL_HND_HELLO_EXT_POST_HANDSHAKE_AUTH 49
126 #define SSL_HND_HELLO_EXT_SIGNATURE_ALGORITHMS_CERT 50
127 #define SSL_HND_HELLO_EXT_KEY_SHARE 51
128 #define SSL_HND_HELLO_EXT_TRANSPARENCY_INFO 52 /* draft-ietf-trans-rfc6962-bis-41 */
129 #define SSL_HND_HELLO_EXT_CONNECTION_ID_DEPRECATED 53 /* draft-ietf-tls-dtls-connection-id-07 */
130 #define SSL_HND_HELLO_EXT_CONNECTION_ID 54
131 #define SSL_HND_HELLO_EXT_EXTERNAL_ID_HASH 55 /* RFC 8844 */
132 #define SSL_HND_HELLO_EXT_EXTERNAL_SESSION_ID 56 /* RFC 8844 */
133 #define SSL_HND_HELLO_EXT_QUIC_TRANSPORT_PARAMETERS_V1 57 /* draft-ietf-quic-tls-33 */
134 #define SSL_HND_HELLO_EXT_TICKET_REQUEST 58 /* draft-ietf-tls-ticketrequests-07 */
135 #define SSL_HND_HELLO_EXT_DNSSEC_CHAIN 59 /* RFC 9102 */
136 #define SSL_HND_HELLO_EXT_GREASE_0A0A 2570
137 #define SSL_HND_HELLO_EXT_GREASE_1A1A 6682
138 #define SSL_HND_HELLO_EXT_GREASE_2A2A 10794
139 #define SSL_HND_HELLO_EXT_NPN 13172 /* 0x3374 */
140 #define SSL_HND_HELLO_EXT_GREASE_3A3A 14906
141 #define SSL_HND_HELLO_EXT_ALPS 17513 /* draft-vvv-tls-alps-01, temporary value used in BoringSSL implementation */
142 #define SSL_HND_HELLO_EXT_GREASE_4A4A 19018
143 #define SSL_HND_HELLO_EXT_GREASE_5A5A 23130
144 #define SSL_HND_HELLO_EXT_GREASE_6A6A 27242
145 #define SSL_HND_HELLO_EXT_CHANNEL_ID_OLD 30031 /* 0x754f */
146 #define SSL_HND_HELLO_EXT_CHANNEL_ID 30032 /* 0x7550 */
147 #define SSL_HND_HELLO_EXT_GREASE_7A7A 31354
148 #define SSL_HND_HELLO_EXT_GREASE_8A8A 35466
149 #define SSL_HND_HELLO_EXT_GREASE_9A9A 39578
150 #define SSL_HND_HELLO_EXT_GREASE_AAAA 43690
151 #define SSL_HND_HELLO_EXT_GREASE_BABA 47802
152 #define SSL_HND_HELLO_EXT_GREASE_CACA 51914
153 #define SSL_HND_HELLO_EXT_GREASE_DADA 56026
154 #define SSL_HND_HELLO_EXT_GREASE_EAEA 60138
155 #define SSL_HND_HELLO_EXT_GREASE_FAFA 64250
156 #define SSL_HND_HELLO_EXT_ECH_OUTER_EXTENSIONS 64768 /* 0xfd00 draft-ietf-tls-esni-16 */
157 #define SSL_HND_HELLO_EXT_ENCRYPTED_CLIENT_HELLO 65037 /* 0xfe0d draft-ietf-tls-esni-16 */
158 #define SSL_HND_HELLO_EXT_RENEGOTIATION_INFO 65281 /* 0xFF01 */
159 #define SSL_HND_HELLO_EXT_QUIC_TRANSPORT_PARAMETERS 65445 /* 0xffa5 draft-ietf-quic-tls-13 */
160 #define SSL_HND_HELLO_EXT_ENCRYPTED_SERVER_NAME 65486 /* 0xffce draft-ietf-tls-esni-01 */
161
162 #define SSL_HND_CERT_URL_TYPE_INDIVIDUAL_CERT 1
163 #define SSL_HND_CERT_URL_TYPE_PKIPATH 2
164 #define SSL_HND_CERT_STATUS_TYPE_OCSP 1
165 #define SSL_HND_CERT_STATUS_TYPE_OCSP_MULTI 2
166 #define SSL_HND_CERT_TYPE_RAW_PUBLIC_KEY 2
167
168 /* https://github.com/quicwg/base-drafts/wiki/Temporary-IANA-Registry#quic-transport-parameters */
169 #define SSL_HND_QUIC_TP_ORIGINAL_DESTINATION_CONNECTION_ID 0x00
170 #define SSL_HND_QUIC_TP_MAX_IDLE_TIMEOUT 0x01
171 #define SSL_HND_QUIC_TP_STATELESS_RESET_TOKEN 0x02
172 #define SSL_HND_QUIC_TP_MAX_UDP_PAYLOAD_SIZE 0x03
173 #define SSL_HND_QUIC_TP_INITIAL_MAX_DATA 0x04
174 #define SSL_HND_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL 0x05
175 #define SSL_HND_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE 0x06
176 #define SSL_HND_QUIC_TP_INITIAL_MAX_STREAM_DATA_UNI 0x07
177 #define SSL_HND_QUIC_TP_INITIAL_MAX_STREAMS_BIDI 0x08
178 #define SSL_HND_QUIC_TP_INITIAL_MAX_STREAMS_UNI 0x09
179 #define SSL_HND_QUIC_TP_ACK_DELAY_EXPONENT 0x0a
180 #define SSL_HND_QUIC_TP_MAX_ACK_DELAY 0x0b
181 #define SSL_HND_QUIC_TP_DISABLE_ACTIVE_MIGRATION 0x0c
182 #define SSL_HND_QUIC_TP_PREFERRED_ADDRESS 0x0d
183 #define SSL_HND_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT 0x0e
184 #define SSL_HND_QUIC_TP_INITIAL_SOURCE_CONNECTION_ID 0x0f
185 #define SSL_HND_QUIC_TP_RETRY_SOURCE_CONNECTION_ID 0x10
186 #define SSL_HND_QUIC_TP_VERSION_INFORMATION 0x11 /* https://tools.ietf.org/html/draft-ietf-quic-version-negotiation-14 */
187 #define SSL_HND_QUIC_TP_MAX_DATAGRAM_FRAME_SIZE 0x20 /* https://datatracker.ietf.org/doc/html/draft-ietf-quic-datagram-06 */
188 #define SSL_HND_QUIC_TP_CIBIR_ENCODING 0x1000 /* https://datatracker.ietf.org/doc/html/draft-banks-quic-cibir-01 */
189 #define SSL_HND_QUIC_TP_LOSS_BITS 0x1057 /* https://tools.ietf.org/html/draft-ferrieuxhamchaoui-quic-lossbits-03 */
190 #define SSL_HND_QUIC_TP_GREASE_QUIC_BIT 0x2ab2 /* RFC 9287 */
191 #define SSL_HND_QUIC_TP_ENABLE_TIME_STAMP 0x7157 /* https://tools.ietf.org/html/draft-huitema-quic-ts-02 */
192 #define SSL_HND_QUIC_TP_ENABLE_TIME_STAMP_V2 0x7158 /* https://tools.ietf.org/html/draft-huitema-quic-ts-03 */
193 #define SSL_HND_QUIC_TP_MIN_ACK_DELAY_OLD 0xde1a /* https://tools.ietf.org/html/draft-iyengar-quic-delayed-ack-00 */
194 /* https://quiche.googlesource.com/quiche/+/refs/heads/master/quic/core/crypto/transport_parameters.cc */
195 #define SSL_HND_QUIC_TP_GOOGLE_USER_AGENT 0x3129
196 #define SSL_HND_QUIC_TP_GOOGLE_KEY_UPDATE_NOT_YET_SUPPORTED 0x312B
197 #define SSL_HND_QUIC_TP_GOOGLE_QUIC_VERSION 0x4752
198 #define SSL_HND_QUIC_TP_GOOGLE_INITIAL_RTT 0x3127
199 #define SSL_HND_QUIC_TP_GOOGLE_SUPPORT_HANDSHAKE_DONE 0x312A
200 #define SSL_HND_QUIC_TP_GOOGLE_QUIC_PARAMS 0x4751
201 #define SSL_HND_QUIC_TP_GOOGLE_CONNECTION_OPTIONS 0x3128
202 /* https://github.com/facebookincubator/mvfst/blob/master/quic/QuicConstants.h */
203 #define SSL_HND_QUIC_TP_FACEBOOK_PARTIAL_RELIABILITY 0xFF00
204 #define SSL_HND_QUIC_TP_MIN_ACK_DELAY_DRAFT_V1 0xFF03DE1A /* https://tools.ietf.org/html/draft-ietf-quic-ack-frequency-01 */
205 #define SSL_HND_QUIC_TP_MIN_ACK_DELAY_DRAFT05 0xff04de1a /* https://tools.ietf.org/html/draft-ietf-quic-ack-frequency-04 / draft-05 */
206 #define SSL_HND_QUIC_TP_MIN_ACK_DELAY 0xff04de1b /* https://tools.ietf.org/html/draft-ietf-quic-ack-frequency-07 */
207 #define SSL_HND_QUIC_TP_ENABLE_MULTIPATH_DRAFT04 0x0f739bbc1b666d04 /* https://tools.ietf.org/html/draft-ietf-quic-multipath-04 */
208 #define SSL_HND_QUIC_TP_ENABLE_MULTIPATH_DRAFT05 0x0f739bbc1b666d05 /* https://tools.ietf.org/html/draft-ietf-quic-multipath-05 */
209 #define SSL_HND_QUIC_TP_ENABLE_MULTIPATH 0x0f739bbc1b666d06 /* https://tools.ietf.org/html/draft-ietf-quic-multipath-06 */
210 #define SSL_HND_QUIC_TP_INITIAL_MAX_PATHS 0x0f739bbc1b666d07 /* https://tools.ietf.org/html/draft-ietf-quic-multipath-07 */
211 #define SSL_HND_QUIC_TP_INITIAL_MAX_PATH_ID_DRAFT09 0x0f739bbc1b666d09 /* https://tools.ietf.org/html/draft-ietf-quic-multipath-09 */
212 #define SSL_HND_QUIC_TP_INITIAL_MAX_PATH_ID 0x0f739bbc1b666d11 /* https://tools.ietf.org/html/draft-ietf-quic-multipath-11 */
213
214 /*
215 * Lookup tables
216 */
217 extern const value_string ssl_version_short_names[];
218 extern const value_string ssl_20_msg_types[];
219 extern value_string_ext ssl_20_cipher_suites_ext;
220 extern const value_string ssl_20_certificate_type[];
221 extern const value_string ssl_31_content_type[];
222 extern const value_string ssl_versions[];
223 extern const value_string ssl_31_change_cipher_spec[];
224 extern const value_string ssl_31_alert_level[];
225 extern const value_string ssl_31_alert_description[];
226 extern const value_string ssl_31_handshake_type[];
227 extern const value_string tls_heartbeat_type[];
228 extern const value_string tls_heartbeat_mode[];
229 extern const value_string ssl_31_compression_method[];
230 extern const value_string ssl_31_key_exchange_algorithm[];
231 extern const value_string ssl_31_signature_algorithm[];
232 extern const value_string ssl_31_client_certificate_type[];
233 extern const value_string ssl_31_public_value_encoding[];
234 extern value_string_ext ssl_31_ciphersuite_ext;
235 extern const value_string tls_hello_extension_types[];
236 extern const value_string tls_hash_algorithm[];
237 extern const value_string tls_signature_algorithm[];
238 extern const value_string tls13_signature_algorithm[];
239 extern const value_string tls_certificate_type[];
240 extern const value_string tls_cert_chain_type[];
241 extern const value_string tls_cert_status_type[];
242 extern const value_string ssl_extension_curves[];
243 extern const value_string ssl_extension_ec_point_formats[];
244 extern const value_string ssl_curve_types[];
245 extern const value_string tls_hello_ext_server_name_type_vs[];
246 extern const value_string tls_hello_ext_max_fragment_length[];
247 extern const value_string tls_hello_ext_psk_ke_mode[];
248 extern const value_string tls_hello_ext_trusted_ca_key_type[];
249 extern const value_string tls13_key_update_request[];
250 extern const value_string compress_certificate_algorithm_vals[];
251 extern const val64_string quic_transport_parameter_id[];
252 extern const range_string quic_version_vals[];
253 extern const val64_string quic_enable_time_stamp_v2_vals[];
254 extern const val64_string quic_enable_multipath_vals[];
255 extern const value_string tls_hello_ext_ech_clienthello_types[];
256 extern const value_string kem_id_type_vals[];
257 extern const value_string kdf_id_type_vals[];
258 extern const value_string aead_id_type_vals[];
259 extern const value_string token_binding_key_parameter_vals[];
260
261 /* XXX Should we use GByteArray instead? */
262 typedef struct _StringInfo {
263 unsigned char *data; /* Backing storage which may be larger than data_len */
264 unsigned data_len; /* Length of the meaningful part of data */
265 } StringInfo;
266
267 #define SSL_WRITE_KEY 1
268
269 #define SSL_VER_UNKNOWN 0
270 #define SSLV2_VERSION 0x0002 /* not in record layer, SSL_CLIENT_SERVER from
271 http://www-archive.mozilla.org/projects/security/pki/nss/ssl/draft02.html */
272 #define SSLV3_VERSION 0x300
273 #define TLSV1_VERSION 0x301
274 #define TLCPV1_VERSION 0x101
275 #define TLSV1DOT1_VERSION 0x302
276 #define TLSV1DOT2_VERSION 0x303
277 #define TLSV1DOT3_VERSION 0x304
278 #define DTLSV1DOT0_VERSION 0xfeff
279 #define DTLSV1DOT0_OPENSSL_VERSION 0x100
280 #define DTLSV1DOT2_VERSION 0xfefd
281 #define DTLSV1DOT3_VERSION 0xfefc
282
283 /* Returns the TLS 1.3 draft version or 0 if not applicable. */
284 static inline uint8_t extract_tls13_draft_version(uint32_t version) {
285 if ((version & 0xff00) == 0x7f00) {
286 return (uint8_t) version;
287 }
288 return 0;
289 }
290
291
292 #define SSL_CLIENT_RANDOM (1<<0)
293 #define SSL_SERVER_RANDOM (1<<1)
294 #define SSL_CIPHER (1<<2)
295 #define SSL_HAVE_SESSION_KEY (1<<3)
296 #define SSL_VERSION (1<<4)
297 #define SSL_MASTER_SECRET (1<<5)
298 #define SSL_PRE_MASTER_SECRET (1<<6)
299 #define SSL_CLIENT_EXTENDED_MASTER_SECRET (1<<7)
300 #define SSL_SERVER_EXTENDED_MASTER_SECRET (1<<8)
301 #define SSL_NEW_SESSION_TICKET (1<<10)
302 #define SSL_ENCRYPT_THEN_MAC (1<<11)
303 #define SSL_SEEN_0RTT_APPDATA (1<<12)
304 #define SSL_QUIC_RECORD_LAYER (1<<13) /* For QUIC (draft >= -13) */
305
306 #define SSL_EXTENDED_MASTER_SECRET_MASK (SSL_CLIENT_EXTENDED_MASTER_SECRET|SSL_SERVER_EXTENDED_MASTER_SECRET)
307
308 /* SSL Cipher Suite modes */
309 typedef enum {
310 MODE_STREAM, /* GenericStreamCipher */
311 MODE_CBC, /* GenericBlockCipher */
312 MODE_GCM, /* GenericAEADCipher */
313 MODE_CCM, /* AEAD_AES_{128,256}_CCM with 16 byte auth tag */
314 MODE_CCM_8, /* AEAD_AES_{128,256}_CCM with 8 byte auth tag */
315 MODE_POLY1305, /* AEAD_CHACHA20_POLY1305 with 16 byte auth tag (RFC 7905) */
316 MODE_ECB, /* ECB: used to perform record seq number encryption in DTLSv1.3 */
317 } ssl_cipher_mode_t;
318
319 /* Explicit and implicit nonce length (RFC 5116 - Section 3.2.1) */
320 #define IMPLICIT_NONCE_LEN 4
321 #define EXPLICIT_NONCE_LEN 8
322 #define TLS13_AEAD_NONCE_LENGTH 12
323
324 /* TLS 1.3 Record type for selecting the appropriate secret. */
325 typedef enum {
326 TLS_SECRET_0RTT_APP,
327 TLS_SECRET_HANDSHAKE,
328 TLS_SECRET_APP,
329 } TLSRecordType;
330
331 #define SSL_DEBUG_USE_STDERR "-"
332
333 #define SSLV2_MAX_SESSION_ID_LENGTH_IN_BYTES 16
334
335 /* Record fragment lengths MUST NOT exceed 2^14 (= 0x4000) */
336 #define TLS_MAX_RECORD_LENGTH 0x4000
337
338 typedef struct _SslCipherSuite {
339 int number;
340 int kex;
341 int enc;
342 int dig;
343 ssl_cipher_mode_t mode;
344 } SslCipherSuite;
345
346 typedef struct _SslFlow {
347 uint32_t byte_seq;
348 uint16_t flags;
349 wmem_tree_t *multisegment_pdus;
350 } SslFlow;
351
352 typedef struct _SslDecompress SslDecompress;
353
354 typedef struct _SslDecoder {
355 const SslCipherSuite *cipher_suite;
356 int compression;
357 unsigned char _mac_key_or_write_iv[48];
358 StringInfo mac_key; /* for block and stream ciphers */
359 StringInfo write_iv; /* for AEAD ciphers (at least GCM, CCM) */
360 SSL_CIPHER_CTX sn_evp; /* used to decrypt serial number in DTLSv1.3 */
361 SSL_CIPHER_CTX evp;
362 SslDecompress *decomp;
363 uint64_t dtls13_epoch;
364 uint64_t seq; /**< Implicit (TLS) or explicit (DTLS) record sequence number. */
365 StringInfo dtls13_aad; /**< Additional Authenticated Data for DTLS 1.3. */
366 uint16_t epoch;
367 SslFlow *flow;
368 StringInfo app_traffic_secret; /**< TLS 1.3 application traffic secret (if applicable), wmem file scope. */
369 } SslDecoder;
370
371 #define KEX_DHE_DSS 0x10
372 #define KEX_DHE_PSK 0x11
373 #define KEX_DHE_RSA 0x12
374 #define KEX_DH_ANON 0x13
375 #define KEX_DH_DSS 0x14
376 #define KEX_DH_RSA 0x15
377 #define KEX_ECDHE_ECDSA 0x16
378 #define KEX_ECDHE_PSK 0x17
379 #define KEX_ECDHE_RSA 0x18
380 #define KEX_ECDH_ANON 0x19
381 #define KEX_ECDH_ECDSA 0x1a
382 #define KEX_ECDH_RSA 0x1b
383 #define KEX_KRB5 0x1c
384 #define KEX_PSK 0x1d
385 #define KEX_RSA 0x1e
386 #define KEX_RSA_PSK 0x1f
387 #define KEX_SRP_SHA 0x20
388 #define KEX_SRP_SHA_DSS 0x21
389 #define KEX_SRP_SHA_RSA 0x22
390 #define KEX_IS_DH(n) ((n) >= KEX_DHE_DSS && (n) <= KEX_ECDH_RSA)
391 #define KEX_TLS13 0x23
392 #define KEX_ECJPAKE 0x24
393
394 #define KEX_ECDHE_SM2 0x25
395 #define KEX_ECC_SM2 0x26
396 #define KEX_IBSDH_SM9 0x27
397 #define KEX_IBC_SM9 0x28
398
399 /* Order is significant, must match "ciphers" array in packet-tls-utils.c */
400
401 #define ENC_START 0x30
402 #define ENC_DES 0x30
403 #define ENC_3DES 0x31
404 #define ENC_RC4 0x32
405 #define ENC_RC2 0x33
406 #define ENC_IDEA 0x34
407 #define ENC_AES 0x35
408 #define ENC_AES256 0x36
409 #define ENC_CAMELLIA128 0x37
410 #define ENC_CAMELLIA256 0x38
411 #define ENC_SEED 0x39
412 #define ENC_CHACHA20 0x3A
413 #define ENC_SM1 0x3B
414 #define ENC_SM4 0x3C
415 #define ENC_NULL 0x3D
416
417
418 #define DIG_MD5 0x40
419 #define DIG_SHA 0x41
420 #define DIG_SHA256 0x42
421 #define DIG_SHA384 0x43
422 #define DIG_SM3 0x44
423 #define DIG_NA 0x45 /* Not Applicable */
424
425 typedef struct {
426 const char *name;
427 unsigned len;
428 } SslDigestAlgo;
429
430 typedef struct _SslRecordInfo {
431 unsigned char *plain_data; /**< Decrypted data. */
432 unsigned data_len; /**< Length of decrypted data. */
433 int id; /**< Identifies the exact record within a frame
434 (there can be multiple records in a frame). */
435 ContentType type; /**< Content type of the decrypted record data. */
436 SslFlow *flow; /**< Flow where this record fragment is a part of.
437 Can be NULL if this record type may not be fragmented. */
438 uint32_t seq; /**< Data offset within the flow. */
439 uint16_t dtls13_seq_suffix; /* < decrypted dtlsv1.3 record number suffix */
440 struct _SslRecordInfo* next;
441 } SslRecordInfo;
442
443 /**
444 * Stored information about a part of a reassembled handshake message. A single
445 * handshake record is uniquely identified by (record_id, reassembly_id).
446 */
447 typedef struct _TlsHsFragment {
448 unsigned record_id; /**< Identifies the exact record within a frame
449 (there can be multiple records in a frame). */
450 unsigned reassembly_id; /**< Identifies the reassembly that this fragment is part of. */
451 uint32_t offset; /**< Offset within a reassembly. */
452 uint8_t type; /**< Handshake type (first byte of the buffer). */
453 int is_last : 1; /**< Whether this fragment completes the message. */
454 struct _TlsHsFragment *next;
455 } TlsHsFragment;
456
457 typedef struct {
458 SslRecordInfo *records; /**< Decrypted records within this frame. */
459 TlsHsFragment *hs_fragments; /**< Handshake records that are part of a reassembly. */
460 uint32_t srcport; /**< Used for Decode As */
461 uint32_t destport;
462 int cipher; /**< Cipher at time of Key Exchange handshake message.
463 Session cipher can change in renegotiation. */
464 } SslPacketInfo;
465
466 typedef struct _SslSession {
467 int cipher;
468 int compression;
469 uint16_t version;
470 unsigned char tls13_draft_version;
471 unsigned char _client_random[32];
472 int8_t client_cert_type;
473 int8_t server_cert_type;
474 uint32_t client_ccs_frame;
475 uint32_t server_ccs_frame;
476 uint32_t first_ch_ech_frame;
477 StringInfo client_random;
478 bool ech;
479 bool hrr_ech_declined;
480 unsigned char ech_confirmation[8];
481 unsigned char hrr_ech_confirmation[8];
482 unsigned char first_ech_auth_tag[16];
483
484 /* The address/proto/port of the server as determined from heuristics
485 * (e.g. ClientHello) or set externally (via ssl_set_master_secret()). */
486 address srv_addr;
487 port_type srv_ptype;
488 unsigned srv_port;
489
490 /* The Application layer protocol if known (for STARTTLS support) */
491 dissector_handle_t app_handle;
492 const char *alpn_name;
493 /* The ALPN the client requested, not necessarily the one chosen */
494 const char *client_alpn_name;
495 uint32_t last_nontls_frame;
496 bool is_session_resumed;
497
498 /* First pass only: track an in-progress handshake reassembly (>0) */
499 uint32_t client_hs_reassembly_id;
500 uint32_t server_hs_reassembly_id;
501
502 /* Connection ID extension
503
504 struct {
505 opaque cid<0..2^8-1>;
506 } ConnectionId;
507 */
508
509 uint8_t *client_cid;
510 uint8_t *server_cid;
511 uint8_t client_cid_len;
512 bool client_cid_len_present;
513 uint8_t server_cid_len;
514 bool server_cid_len_present;
515 bool deprecated_cid; /* Set when handshake is using the deprecated CID extension type */
516 uint64_t dtls13_current_epoch[2]; /* max epoch (for server and client respectively) */
517 uint64_t dtls13_next_seq_num[2]; /* DTLSv1.3 next expected seq number (for server and client respectively) */
518 } SslSession;
519
520 /* RFC 5246, section 8.1 says that the master secret is always 48 bytes */
521 #define SSL_MASTER_SECRET_LENGTH 48
522
523 struct cert_key_id; /* defined in epan/secrets.h */
524
525 /* This holds state information for a SSL conversation */
526 typedef struct _SslDecryptSession {
527 unsigned char _master_secret[SSL_MASTER_SECRET_LENGTH];
528 unsigned char _session_id[256];
529 unsigned char _client_random[32];
530 unsigned char _server_random[32];
531 StringInfo session_id;
532 StringInfo session_ticket;
533 StringInfo server_random;
534 StringInfo client_random;
535 StringInfo master_secret;
536 StringInfo handshake_data;
537 /* the data store for this StringInfo must be allocated explicitly with a capture lifetime scope */
538 StringInfo pre_master_secret;
539 unsigned char _server_data_for_iv[24];
540 StringInfo server_data_for_iv;
541 unsigned char _client_data_for_iv[24];
542 StringInfo client_data_for_iv;
543
544 int state;
545 const SslCipherSuite *cipher_suite;
546 SslDecoder *server;
547 SslDecoder *client;
548 SslDecoder *server_new;
549 SslDecoder *client_new;
550 #if defined(HAVE_LIBGNUTLS)
551 struct cert_key_id *cert_key_id; /**< SHA-1 Key ID of public key in certificate. */
552 #endif
553 StringInfo psk;
554 StringInfo app_data_segment;
555 SslSession session;
556 bool has_early_data;
557 StringInfo ech_transcript;
558
559 } SslDecryptSession;
560
561 /* RecordNumber - RFC 9147 section 4 */
562 typedef struct {
563 uint64_t epoch;
564 uint64_t sequence_number;
565 } SslRecordNumber;
566
567 /* User Access Table */
568 typedef struct _ssldecrypt_assoc_t {
569 char* ipaddr;
570 char* port;
571 char* protocol;
572 char* keyfile;
573 char* password;
574 } ssldecrypt_assoc_t;
575
576 typedef struct ssl_common_options {
577 const char *psk;
578 const char *keylog_filename;
579 } ssl_common_options_t;
580
581 /** Map from something to a (pre-)master secret */
582 typedef struct {
583 GHashTable *session; /* Session ID (1-32 bytes) to master secret. */
584 GHashTable *tickets; /* Session Ticket to master secret. */
585 GHashTable *crandom; /* Client Random to master secret */
586 GHashTable *pre_master; /* First 8 bytes of encrypted pre-master secret to
587 pre-master secret */
588 GHashTable *pms; /* Client Random to unencrypted pre-master secret */
589
590 /* For TLS 1.3: maps Client Random to derived secret. */
591 GHashTable *tls13_client_early;
592 GHashTable *tls13_client_handshake;
593 GHashTable *tls13_server_handshake;
594 GHashTable *tls13_client_appdata;
595 GHashTable *tls13_server_appdata;
596 GHashTable *tls13_early_exporter;
597 GHashTable *tls13_exporter;
598 GHashTable *ech_secret;
599 GHashTable *ech_config;
600
601 /* The hash tables above store the static keylog file contents and secrets
602 * from any DSB, not all of which may be used, in addition to any master
603 * secrets derived at runtime ([D]TLS < 1.3). These store the used
604 * Client Random for exporting master secrets and derived secrets in
605 * TLS Export Sessions or adding a DSB.
606 */
607 GHashTable *used_crandom;
608 } ssl_master_key_map_t;
609
610 int ssl_get_keyex_alg(int cipher);
611
612 void quic_transport_parameter_id_base_custom(char *result, uint64_t parameter_id);
613
614 bool ssldecrypt_uat_fld_ip_chk_cb(void*, const char*, unsigned, const void*, const void*, char** err);
615 bool ssldecrypt_uat_fld_port_chk_cb(void*, const char*, unsigned, const void*, const void*, char** err);
616 bool ssldecrypt_uat_fld_fileopen_chk_cb(void*, const char*, unsigned, const void*, const void*, char** err);
617 bool ssldecrypt_uat_fld_password_chk_cb(void*, const char*, unsigned, const void*, const void*, char** err);
618 char* ssl_association_info(const char* dissector_table_name, const char* table_protocol);
619
620 /** Initialize the list of sessions with connection ID */
621 void ssl_init_cid_list(void);
622
623 /** Release resource allocated for the list of sessions with connection ID */
624 void ssl_cleanup_cid_list(void);
625
626 /** Add a session to the list of sessions using connection ID */
627 void ssl_add_session_by_cid(SslDecryptSession *ssl);
628
629 /**
630 * Return a session with a matching connection ID
631 * @param tvb a buffer containing a connection ID
632 * @param offset offset of the connection ID in tvb
633 */
634 SslDecryptSession *ssl_get_session_by_cid(tvbuff_t *tvb, uint32_t offset);
635
636 /** Retrieve a SslSession, creating it if it did not already exist.
637 * @param conversation The SSL conversation.
638 * @param tls_handle The dissector handle for SSL or DTLS.
639 */
640 extern SslDecryptSession *
641 ssl_get_session(conversation_t *conversation, dissector_handle_t tls_handle);
642
643 /** Resets the decryption parameters for the next decoder. */
644 extern void
645 ssl_reset_session(SslSession *session, SslDecryptSession *ssl, bool is_client);
646
647 /** Set server address and port */
648 extern void
649 ssl_set_server(SslSession *session, address *addr, port_type ptype, uint32_t port);
650
651 /** Sets the application data protocol dissector. Intended to be called by
652 * protocols that encapsulate TLS instead of switching to it using STARTTLS.
653 * @param tls_handle The dissector handle for TLS or DTLS.
654 * @param pinfo Packet Info.
655 * @param app_handle Dissector handle for the protocol inside the decrypted
656 * Application Data record.
657 */
658 WS_DLL_PUBLIC void
659 tls_set_appdata_dissector(dissector_handle_t tls_handle, packet_info *pinfo,
660 dissector_handle_t app_handle);
661
662 /** Marks this packet as the last one before switching to SSL that is supposed
663 * to encapsulate this protocol.
664 * @param tls_handle The dissector handle for SSL or DTLS.
665 * @param pinfo Packet Info.
666 * @param app_handle Dissector handle for the protocol inside the decrypted
667 * Application Data record.
668 * @return 0 for the first STARTTLS acknowledgement (success) or if tls_handle
669 * is NULL. >0 if STARTTLS was started before.
670 */
671 WS_DLL_PUBLIC uint32_t
672 ssl_starttls_ack(dissector_handle_t tls_handle, packet_info *pinfo,
673 dissector_handle_t app_handle);
674
675 /** Marks this packet as belonging to an SSL conversation started with STARTTLS.
676 * @param tls_handle The dissector handle for SSL or DTLS.
677 * @param pinfo Packet Info.
678 * @param app_handle Dissector handle for the protocol inside the decrypted
679 * Application Data record.
680 * @return 0 for the first STARTTLS acknowledgement (success) or if tls_handle
681 * is NULL. >0 if STARTTLS was started before.
682 */
683 WS_DLL_PUBLIC uint32_t
684 ssl_starttls_post_ack(dissector_handle_t tls_handle, packet_info *pinfo,
685 dissector_handle_t app_handle);
686
687 extern dissector_handle_t
688 ssl_find_appdata_dissector(const char *name);
689
690 /** set the data and len for the stringInfo buffer. buf should be big enough to
691 * contain the provided data
692 @param buf the buffer to update
693 @param src the data source
694 @param len the source data len */
695 extern void
696 ssl_data_set(StringInfo* buf, const unsigned char* src, unsigned len);
697
698 /** alloc the data with the specified len for the stringInfo buffer.
699 @param str the data source
700 @param len the source data len */
701 extern int
702 ssl_data_alloc(StringInfo* str, size_t len);
703
704 extern int
705 ssl_cipher_setiv(SSL_CIPHER_CTX *cipher, unsigned char* iv, int iv_len);
706
707 /** Search for the specified cipher suite id
708 @param num the id of the cipher suite to be searched
709 @return pointer to the cipher suite struct (or NULL if not found). */
710 extern const SslCipherSuite *
711 ssl_find_cipher(int num);
712
713
714 /** Returns the Libgcrypt cipher identifier or 0 if unavailable. */
715 int
716 ssl_get_cipher_algo(const SslCipherSuite *cipher_suite);
717
718 /** Obtains the block size for a CBC block cipher.
719 * @param cipher_suite a cipher suite as returned by ssl_find_cipher().
720 * @return the block size of a cipher or 0 if unavailable.
721 */
722 unsigned
723 ssl_get_cipher_blocksize(const SslCipherSuite *cipher_suite);
724
725 bool
726 ssl_generate_pre_master_secret(SslDecryptSession *ssl_session,
727 uint32_t length, tvbuff_t *tvb, uint32_t offset,
728 const char *ssl_psk, packet_info *pinfo,
729 #ifdef HAVE_LIBGNUTLS
730 GHashTable *key_hash,
731 #endif
732 const ssl_master_key_map_t *mk_map);
733
734 /** Expand the pre_master_secret to generate all the session information
735 * (master secret, session keys, ivs)
736 @param ssl_session the store for all the session data
737 @return 0 on success */
738 extern int
739 ssl_generate_keyring_material(SslDecryptSession*ssl_session);
740
741 extern void
742 ssl_change_cipher(SslDecryptSession *ssl_session, bool server);
743
744 /** Try to decrypt an ssl record
745 @param ssl ssl_session the store all the session data
746 @param decoder the stream decoder to be used
747 @param ct the content type of this ssl record
748 @param record_version the version as contained in the record
749 @param ignore_mac_failed whether to ignore MAC or authenticity failures
750 @param in a pointer to the ssl record to be decrypted
751 @param inl the record length
752 @param cid a pointer to the connection ID to use in AEAD or NULL
753 @param cidl the connection ID length or 0 if cid is NULL
754 @param comp_str a pointer to the store the compression data
755 @param out_str a pointer to the store for the decrypted data
756 @param outl the decrypted data len
757 @return 0 on success */
758 extern int
759 ssl_decrypt_record(SslDecryptSession *ssl, SslDecoder *decoder, uint8_t ct, uint16_t record_version,
760 bool ignore_mac_failed,
761 const unsigned char *in, uint16_t inl, const unsigned char *cid, uint8_t cidl,
762 StringInfo *comp_str, StringInfo *out_str, unsigned *outl);
763
764
765 /* Common part between TLS and DTLS dissectors */
766
767 /* handling of association between tls/dtls ports and clear text protocol */
768 extern void
769 ssl_association_add(const char* dissector_table_name, dissector_handle_t main_handle, dissector_handle_t subdissector_handle, unsigned port, bool tcp);
770
771 extern void
772 ssl_association_remove(const char* dissector_table_name, dissector_handle_t main_handle, dissector_handle_t subdissector_handle, unsigned port, bool tcp);
773
774 extern int
775 ssl_packet_from_server(SslSession *session, dissector_table_t table, const packet_info *pinfo);
776
777 /* Obtain information about the current TLS layer. */
778 SslPacketInfo *
779 tls_add_packet_info(int proto, packet_info *pinfo, uint8_t curr_layer_num_ssl);
780
781 /* add to packet data a copy of the specified real data */
782 extern void
783 ssl_add_record_info(int proto, packet_info *pinfo, const unsigned char *data, int data_len, int record_id, SslFlow *flow, ContentType type, uint8_t curr_layer_num_ssl);
784
785 /* search in packet data for the specified id; return a newly created tvb for the associated data */
786 extern tvbuff_t*
787 ssl_get_record_info(tvbuff_t *parent_tvb, int proto, packet_info *pinfo, int record_id, uint8_t curr_layer_num_ssl, SslRecordInfo **matched_record);
788
789 /* initialize/reset per capture state data (ssl sessions cache) */
790 extern void
791 ssl_common_init(ssl_master_key_map_t *master_key_map,
792 StringInfo *decrypted_data, StringInfo *compressed_data);
793 extern void
794 ssl_common_cleanup(ssl_master_key_map_t *master_key_map, FILE **ssl_keylog_file,
795 StringInfo *decrypted_data, StringInfo *compressed_data);
796
797 /**
798 * Access to the keys in the TLS dissector, for use by the DTLS dissector.
799 * (This is a transition function, it would be nice if the static keylog file
800 * contents was separated from keys derived at runtime.)
801 */
802 WS_DLL_PUBLIC ssl_master_key_map_t *
803 tls_get_master_key_map(bool load_secrets);
804
805 /* Process lines from the TLS key log and populate the secrets map. */
806 extern void
807 tls_keylog_process_lines(const ssl_master_key_map_t *mk_map, const uint8_t *data, unsigned len);
808
809 /* tries to update the secrets cache from the given filename */
810 extern void
811 ssl_load_keyfile(const char *ssl_keylog_filename, FILE **keylog_file,
812 const ssl_master_key_map_t *mk_map);
813
814 #ifdef HAVE_LIBGNUTLS
815 /* parse ssl related preferences (private keys and ports association strings) */
816 extern void
817 ssl_parse_key_list(const ssldecrypt_assoc_t * uats, GHashTable *key_hash, const char* dissector_table_name, dissector_handle_t main_handle, bool tcp);
818 #endif
819
820 extern void
821 ssl_finalize_decryption(SslDecryptSession *ssl, ssl_master_key_map_t *mk_map);
822
823 /**
824 * Mark a Client Random as used (not just present in the keylog file),
825 * to enable "Export TLS Sessions Keys" or "Inject Secrets"
826 */
827 extern void
828 tls_save_crandom(SslDecryptSession *ssl, ssl_master_key_map_t *mk_map);
829
830 extern bool
831 tls13_generate_keys(SslDecryptSession *ssl_session, const StringInfo *secret, bool is_from_server);
832
833 extern StringInfo *
834 tls13_load_secret(SslDecryptSession *ssl, ssl_master_key_map_t *mk_map,
835 bool is_from_server, TLSRecordType type);
836
837 extern void
838 tls13_change_key(SslDecryptSession *ssl, ssl_master_key_map_t *mk_map,
839 bool is_from_server, TLSRecordType type);
840
841 extern void
842 tls13_key_update(SslDecryptSession *ssl, bool is_from_server);
843
844 extern bool
845 ssl_is_valid_content_type(uint8_t type);
846
847 extern bool
848 ssl_is_valid_handshake_type(uint8_t hs_type, bool is_dtls);
849
850 extern bool
851 tls_scan_server_hello(tvbuff_t *tvb, uint32_t offset, uint32_t offset_end,
852 uint16_t *server_version, bool *is_hrr);
853
854 extern void
855 ssl_try_set_version(SslSession *session, SslDecryptSession *ssl,
856 uint8_t content_type, uint8_t handshake_type,
857 bool is_dtls, uint16_t version);
858
859 extern void
860 ssl_calculate_handshake_hash(SslDecryptSession *ssl_session, tvbuff_t *tvb, uint32_t offset, uint32_t length);
861
862 /* common header fields, subtrees and expert info for SSL and DTLS dissectors */
863 typedef struct ssl_common_dissect {
864 struct {
865 int change_cipher_spec;
866 int hs_exts_len;
867 int hs_ext_alpn_len;
868 int hs_ext_alpn_list;
869 int hs_ext_alpn_str;
870 int hs_ext_alpn_str_len;
871 int hs_ext_cert_url_item;
872 int hs_ext_cert_url_padding;
873 int hs_ext_cert_url_sha1;
874 int hs_ext_cert_url_type;
875 int hs_ext_cert_url_url;
876 int hs_ext_cert_url_url_hash_list_len;
877 int hs_ext_cert_url_url_len;
878 int hs_ext_cert_status_type;
879 int hs_ext_cert_status_request_len;
880 int hs_ext_cert_status_responder_id_list_len;
881 int hs_ext_cert_status_request_extensions_len;
882 int hs_ext_cert_status_request_list_len;
883 int hs_ocsp_response_list_len;
884 int hs_ocsp_response_len;
885 int hs_ext_cert_type;
886 int hs_ext_cert_types;
887 int hs_ext_cert_types_len;
888 int hs_ext_data;
889 int hs_ext_ec_point_format;
890 int hs_ext_ec_point_formats;
891 int hs_ext_ec_point_formats_len;
892 int hs_ext_srp_len;
893 int hs_ext_srp_username;
894 int hs_ext_supported_group;
895 int hs_ext_supported_groups;
896 int hs_ext_supported_groups_len;
897 int hs_ext_ech_outer_ext;
898 int hs_ext_ech_outer_ext_len;
899 int hs_ech_confirm;
900 int hs_ech_confirm_compute;
901 int hs_ext_heartbeat_mode;
902 int hs_ext_len;
903 int hs_ext_npn_str;
904 int hs_ext_npn_str_len;
905 int hs_ext_reneg_info_len;
906 int hs_ext_reneg_info;
907 int hs_ext_key_share_client_length;
908 int hs_ext_key_share_group;
909 int hs_ext_key_share_key_exchange_length;
910 int hs_ext_key_share_key_exchange;
911 int hs_ext_key_share_selected_group;
912 int hs_ext_psk_identities_length;
913 int hs_ext_psk_identity_identity_length;
914 int hs_ext_psk_identity_identity;
915 int hs_ext_psk_identity_obfuscated_ticket_age;
916 int hs_ext_psk_binders_length;
917 int hs_ext_psk_binders;
918 int hs_ext_psk_identity_selected;
919 int hs_ext_session_ticket;
920 int hs_ext_supported_versions_len;
921 int hs_ext_supported_version;
922 int hs_ext_cookie_len;
923 int hs_ext_cookie;
924 int hs_ext_server_name;
925 int hs_ext_server_name_len;
926 int hs_ext_server_name_list_len;
927 int hs_ext_server_name_type;
928 int hs_ext_max_fragment_length;
929 int hs_ext_padding_data;
930 int hs_ext_type;
931 int hs_ext_connection_id_length;
932 int hs_ext_connection_id;
933 int hs_ext_trusted_ca_keys_len;
934 int hs_ext_trusted_ca_keys_list;
935 int hs_ext_trusted_ca_key;
936 int hs_ext_trusted_ca_key_type;
937 int hs_ext_trusted_ca_key_hash;
938 int hs_ext_trusted_ca_key_dname_len;
939 int hs_ext_trusted_ca_key_dname;
940 int hs_sig_hash_alg;
941 int hs_sig_hash_alg_len;
942 int hs_sig_hash_algs;
943 int hs_sig_hash_hash;
944 int hs_sig_hash_sig;
945 int hs_client_keyex_epms_len;
946 int hs_client_keyex_epms;
947 int hs_server_keyex_modulus_len;
948 int hs_server_keyex_exponent_len;
949 int hs_server_keyex_sig_len;
950 int hs_server_keyex_p_len;
951 int hs_server_keyex_g_len;
952 int hs_server_keyex_ys_len;
953 int hs_client_keyex_yc_len;
954 int hs_client_keyex_point_len;
955 int hs_server_keyex_point_len;
956 int hs_server_keyex_p;
957 int hs_server_keyex_g;
958 int hs_server_keyex_curve_type;
959 int hs_server_keyex_named_curve;
960 int hs_server_keyex_ys;
961 int hs_client_keyex_yc;
962 int hs_server_keyex_point;
963 int hs_client_keyex_point;
964 int hs_server_keyex_xs_len;
965 int hs_client_keyex_xc_len;
966 int hs_server_keyex_xs;
967 int hs_client_keyex_xc;
968 int hs_server_keyex_vs_len;
969 int hs_client_keyex_vc_len;
970 int hs_server_keyex_vs;
971 int hs_client_keyex_vc;
972 int hs_server_keyex_rs_len;
973 int hs_client_keyex_rc_len;
974 int hs_server_keyex_rs;
975 int hs_client_keyex_rc;
976 int hs_server_keyex_modulus;
977 int hs_server_keyex_exponent;
978 int hs_server_keyex_sig;
979 int hs_server_keyex_hint_len;
980 int hs_server_keyex_hint;
981 int hs_client_keyex_identity_len;
982 int hs_client_keyex_identity;
983 int hs_certificates_len;
984 int hs_certificates;
985 int hs_certificate_len;
986 int hs_certificate;
987 int hs_cert_types_count;
988 int hs_cert_types;
989 int hs_cert_type;
990 int hs_dnames_len;
991 int hs_dnames;
992 int hs_dnames_truncated;
993 int hs_dname_len;
994 int hs_dname;
995 int hs_random;
996 int hs_random_time;
997 int hs_random_bytes;
998 int hs_session_id;
999 int hs_session_id_len;
1000 int hs_client_version;
1001 int hs_server_version;
1002 int hs_cipher_suites_len;
1003 int hs_cipher_suites;
1004 int hs_cipher_suite;
1005 int hs_comp_methods_len;
1006 int hs_comp_methods;
1007 int hs_comp_method;
1008 int hs_session_ticket_lifetime_hint;
1009 int hs_session_ticket_age_add;
1010 int hs_session_ticket_nonce_len;
1011 int hs_session_ticket_nonce;
1012 int hs_session_ticket_len;
1013 int hs_session_ticket;
1014 int hs_finished;
1015 int hs_client_cert_vrfy_sig_len;
1016 int hs_client_cert_vrfy_sig;
1017 int hs_ja3_full;
1018 int hs_ja3_hash;
1019 int hs_ja3s_full;
1020 int hs_ja3s_hash;
1021 int hs_ja4;
1022 int hs_ja4_r;
1023
1024 /* TLS 1.3 */
1025 int hs_ext_psk_ke_modes_length;
1026 int hs_ext_psk_ke_mode;
1027 int hs_certificate_request_context_length;
1028 int hs_certificate_request_context;
1029 int hs_key_update_request_update;
1030 int sct_scts_length;
1031 int sct_sct_length;
1032 int sct_sct_version;
1033 int sct_sct_logid;
1034 int sct_sct_timestamp;
1035 int sct_sct_extensions_length;
1036 int sct_sct_extensions;
1037 int sct_sct_signature;
1038 int sct_sct_signature_length;
1039 int hs_ext_max_early_data_size;
1040 int hs_ext_oid_filters_length;
1041 int hs_ext_oid_filters_oid_length;
1042 int hs_ext_oid_filters_oid;
1043 int hs_ext_oid_filters_values_length;
1044 int hs_cred_valid_time;
1045 int hs_cred_pubkey;
1046 int hs_cred_pubkey_len;
1047 int hs_cred_signature;
1048 int hs_cred_signature_len;
1049
1050 /* compress_certificate */
1051 int hs_ext_compress_certificate_algorithms_length;
1052 int hs_ext_compress_certificate_algorithm;
1053 int hs_ext_compress_certificate_uncompressed_length;
1054 int hs_ext_compress_certificate_compressed_certificate_message_length;
1055 int hs_ext_compress_certificate_compressed_certificate_message;
1056
1057 /* Token Binding Negotiation */
1058 int hs_ext_token_binding_version_major;
1059 int hs_ext_token_binding_version_minor;
1060 int hs_ext_token_binding_key_parameters;
1061 int hs_ext_token_binding_key_parameters_length;
1062 int hs_ext_token_binding_key_parameter;
1063
1064 int hs_ext_record_size_limit;
1065
1066 /* QUIC Transport Parameters */
1067 int hs_ext_quictp_len;
1068 int hs_ext_quictp_parameter;
1069 int hs_ext_quictp_parameter_type;
1070 int hs_ext_quictp_parameter_len;
1071 int hs_ext_quictp_parameter_len_old;
1072 int hs_ext_quictp_parameter_value;
1073 int hs_ext_quictp_parameter_original_destination_connection_id;
1074 int hs_ext_quictp_parameter_max_idle_timeout;
1075 int hs_ext_quictp_parameter_stateless_reset_token;
1076 int hs_ext_quictp_parameter_initial_max_data;
1077 int hs_ext_quictp_parameter_initial_max_stream_data_bidi_local;
1078 int hs_ext_quictp_parameter_initial_max_stream_data_bidi_remote;
1079 int hs_ext_quictp_parameter_initial_max_stream_data_uni;
1080 int hs_ext_quictp_parameter_initial_max_streams_bidi;
1081 int hs_ext_quictp_parameter_initial_max_streams_uni;
1082 int hs_ext_quictp_parameter_ack_delay_exponent;
1083 int hs_ext_quictp_parameter_max_ack_delay;
1084 int hs_ext_quictp_parameter_max_udp_payload_size;
1085 int hs_ext_quictp_parameter_pa_ipv4address;
1086 int hs_ext_quictp_parameter_pa_ipv6address;
1087 int hs_ext_quictp_parameter_pa_ipv4port;
1088 int hs_ext_quictp_parameter_pa_ipv6port;
1089 int hs_ext_quictp_parameter_pa_connectionid_length;
1090 int hs_ext_quictp_parameter_pa_connectionid;
1091 int hs_ext_quictp_parameter_pa_statelessresettoken;
1092 int hs_ext_quictp_parameter_active_connection_id_limit;
1093 int hs_ext_quictp_parameter_initial_source_connection_id;
1094 int hs_ext_quictp_parameter_retry_source_connection_id;
1095 int hs_ext_quictp_parameter_max_datagram_frame_size;
1096 int hs_ext_quictp_parameter_cibir_encoding_length;
1097 int hs_ext_quictp_parameter_cibir_encoding_offset;
1098 int hs_ext_quictp_parameter_loss_bits;
1099 int hs_ext_quictp_parameter_enable_time_stamp_v2;
1100 int hs_ext_quictp_parameter_min_ack_delay;
1101 int hs_ext_quictp_parameter_google_user_agent_id;
1102 int hs_ext_quictp_parameter_google_key_update_not_yet_supported;
1103 int hs_ext_quictp_parameter_google_quic_version;
1104 int hs_ext_quictp_parameter_google_initial_rtt;
1105 int hs_ext_quictp_parameter_google_support_handshake_done;
1106 int hs_ext_quictp_parameter_google_quic_params;
1107 int hs_ext_quictp_parameter_google_quic_params_unknown_field;
1108 int hs_ext_quictp_parameter_google_connection_options;
1109 int hs_ext_quictp_parameter_google_supported_versions_length;
1110 int hs_ext_quictp_parameter_google_supported_version;
1111 int hs_ext_quictp_parameter_facebook_partial_reliability;
1112 int hs_ext_quictp_parameter_chosen_version;
1113 int hs_ext_quictp_parameter_other_version;
1114 int hs_ext_quictp_parameter_enable_multipath;
1115 int hs_ext_quictp_parameter_initial_max_paths;
1116 int hs_ext_quictp_parameter_initial_max_path_id;
1117
1118 int esni_suite;
1119 int esni_record_digest_length;
1120 int esni_record_digest;
1121 int esni_encrypted_sni_length;
1122 int esni_encrypted_sni;
1123 int esni_nonce;
1124
1125 int ech_echconfiglist_length;
1126 int ech_echconfiglist;
1127 int ech_echconfig;
1128 int ech_echconfig_version;
1129 int ech_echconfig_length;
1130 int ech_echconfigcontents_maximum_name_length;
1131 int ech_echconfigcontents_public_name_length;
1132 int ech_echconfigcontents_public_name;
1133 int ech_echconfigcontents_extensions_length;
1134 int ech_echconfigcontents_extensions;
1135 int ech_hpke_keyconfig;
1136 int ech_hpke_keyconfig_config_id;
1137 int ech_hpke_keyconfig_kem_id;
1138 int ech_hpke_keyconfig_public_key_length;
1139 int ech_hpke_keyconfig_public_key;
1140 int ech_hpke_keyconfig_cipher_suites;
1141 int ech_hpke_keyconfig_cipher_suites_length;
1142 int ech_hpke_keyconfig_cipher_suite;
1143 int ech_hpke_keyconfig_cipher_suite_kdf_id;
1144 int ech_hpke_keyconfig_cipher_suite_aead_id;
1145 int ech_clienthello_type;
1146 int ech_cipher_suite;
1147 int ech_config_id;
1148 int ech_enc_length;
1149 int ech_enc;
1150 int ech_payload_length;
1151 int ech_payload;
1152 int ech_confirmation;
1153 int ech_retry_configs;
1154 int ech_padding_data;
1155
1156 int hs_ext_alps_len;
1157 int hs_ext_alps_alpn_list;
1158 int hs_ext_alps_alpn_str;
1159 int hs_ext_alps_alpn_str_len;
1160 int hs_ext_alps_settings;
1161
1162 /* do not forget to update SSL_COMMON_HF_LIST! */
1163 } hf;
1164 struct {
1165 int hs_ext;
1166 int hs_ext_alpn;
1167 int hs_ext_cert_types;
1168 int hs_ext_groups;
1169 int hs_ext_curves_point_formats;
1170 int hs_ext_npn;
1171 int hs_ext_reneg_info;
1172 int hs_ext_key_share;
1173 int hs_ext_key_share_ks;
1174 int hs_ext_pre_shared_key;
1175 int hs_ext_psk_identity;
1176 int hs_ext_server_name;
1177 int hs_ext_oid_filter;
1178 int hs_ext_quictp_parameter;
1179 int hs_ext_trusted_ca_keys;
1180 int hs_ext_trusted_ca_key;
1181 int hs_sig_hash_alg;
1182 int hs_sig_hash_algs;
1183 int urlhash;
1184 int keyex_params;
1185 int certificates;
1186 int cert_types;
1187 int dnames;
1188 int hs_random;
1189 int cipher_suites;
1190 int comp_methods;
1191 int session_ticket;
1192 int sct;
1193 int cert_status;
1194 int ocsp_response;
1195 int uncompressed_certificates;
1196 int hs_ext_alps;
1197 int ech_echconfiglist;
1198 int ech_echconfig;
1199 int ech_retry_configs;
1200 int ech_hpke_keyconfig;
1201 int ech_hpke_cipher_suites;
1202 int ech_hpke_cipher_suite;
1203 int ech_decrypt;
1204 int hs_ext_token_binding_key_parameters;
1205
1206 /* do not forget to update SSL_COMMON_ETT_LIST! */
1207 } ett;
1208 struct {
1209 /* Generic expert info for malformed packets. */
1210 expert_field client_version_error;
1211 expert_field server_version_error;
1212 expert_field legacy_version;
1213 expert_field malformed_vector_length;
1214 expert_field malformed_buffer_too_small;
1215 expert_field malformed_trailing_data;
1216
1217 expert_field hs_ext_cert_status_undecoded;
1218 expert_field hs_ciphersuite_undecoded;
1219 expert_field hs_srv_keyex_illegal;
1220 expert_field resumed;
1221 expert_field record_length_invalid;
1222 expert_field decompression_error;
1223
1224 expert_field ech_echconfig_invalid_version;
1225 expert_field ech_accepted;
1226 expert_field ech_rejected;
1227
1228 /* do not forget to update SSL_COMMON_EI_LIST! */
1229 } ei;
1230 } ssl_common_dissect_t;
1231
1232 /* Header fields specific to DTLS. See packet-dtls.c */
1233 typedef struct {
1234 int hf_dtls_handshake_cookie_len;
1235 int hf_dtls_handshake_cookie;
1236
1237 /* Do not forget to initialize dtls_hfs to -1 in packet-dtls.c! */
1238 } dtls_hfs_t;
1239
1240 /* Header fields specific to SSL. See packet-tls.c */
1241 typedef struct {
1242 int hs_md5_hash;
1243 int hs_sha_hash;
1244
1245 /* Do not forget to initialize ssl_hfs to -1 in packet-tls.c! */
1246 } ssl_hfs_t;
1247
1248 typedef struct {
1249 uint32_t max_version;
1250 bool server_name_present;
1251 int num_cipher_suites;
1252 int num_extensions;
1253 wmem_strbuf_t *alpn;
1254 wmem_list_t *cipher_list;
1255 wmem_list_t *extension_list;
1256 wmem_list_t *sighash_list;
1257 } ja4_data_t;
1258
1259
1260 /* Helpers for dissecting Variable-Length Vectors. {{{ */
1261 /* Largest value that fits in a 24-bit number (2^24-1). */
1262 #define G_MAXUINT24 ((1U << 24) - 1)
1263
1264 /**
1265 * Helper for dissection of variable-length vectors (RFC 5246, section 4.3). It
1266 * adds a length field to the tree and writes the validated length value into
1267 * "ret_length" (which is truncated if it exceeds "offset_end").
1268 *
1269 * The size of the field is derived from "max_value" (for example, 8 and 255
1270 * require one byte while 400 needs two bytes). Expert info is added if the
1271 * length field from the tvb is outside the (min_value, max_value) range.
1272 *
1273 * Returns true if there is enough space for the length field and data elements
1274 * and false otherwise.
1275 */
1276 extern bool
1277 ssl_add_vector(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
1278 unsigned offset, unsigned offset_end, uint32_t *ret_length,
1279 int hf_length, uint32_t min_value, uint32_t max_value);
1280
1281 /**
1282 * Helper to check whether the data in a vector with multiple elements is
1283 * correctly dissected. If the current "offset" (normally the value after
1284 * adding all kinds of fields) does not match "offset_end" (the end of the
1285 * vector), expert info is added.
1286 *
1287 * Returns true if the offset matches the end of the vector and false otherwise.
1288 */
1289 extern bool
1290 ssl_end_vector(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
1291 unsigned offset, unsigned offset_end);
1292 /* }}} */
1293
1294
1295 extern void
1296 ssl_check_record_length(ssl_common_dissect_t *hf, packet_info *pinfo,
1297 ContentType content_type,
1298 unsigned record_length, proto_item *length_pi,
1299 uint16_t version, tvbuff_t *decrypted_tvb);
1300
1301 void
1302 ssl_dissect_change_cipher_spec(ssl_common_dissect_t *hf, tvbuff_t *tvb,
1303 packet_info *pinfo, proto_tree *tree,
1304 uint32_t offset, SslSession *session,
1305 bool is_from_server,
1306 const SslDecryptSession *ssl);
1307
1308 extern gint
1309 ssl_dissect_hnd_cli_hello(ssl_common_dissect_t *hf, tvbuff_t *tvb,
1310 packet_info *pinfo, proto_tree *tree, uint32_t offset,
1311 uint32_t offset_end, SslSession *session,
1312 SslDecryptSession *ssl,
1313 dtls_hfs_t *dtls_hfs, ssl_master_key_map_t *mk_map);
1314
1315 extern void
1316 ssl_dissect_hnd_srv_hello(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info* pinfo,
1317 proto_tree *tree, uint32_t offset, uint32_t offset_end,
1318 SslSession *session, SslDecryptSession *ssl,
1319 bool is_dtls, bool is_hrr);
1320
1321 extern void
1322 ssl_dissect_hnd_hello_retry_request(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info* pinfo,
1323 proto_tree *tree, uint32_t offset, uint32_t offset_end,
1324 SslSession *session, SslDecryptSession *ssl,
1325 bool is_dtls);
1326
1327 extern void
1328 ssl_dissect_hnd_encrypted_extensions(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info* pinfo,
1329 proto_tree *tree, uint32_t offset, uint32_t offset_end,
1330 SslSession *session, SslDecryptSession *ssl,
1331 bool is_dtls);
1332
1333 extern void
1334 ssl_dissect_hnd_new_ses_ticket(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info *pinfo,
1335 proto_tree *tree, uint32_t offset, uint32_t offset_end,
1336 SslSession *session, SslDecryptSession *ssl,
1337 bool is_dtls, GHashTable *session_hash);
1338
1339 extern void
1340 ssl_dissect_hnd_cert(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree,
1341 uint32_t offset, uint32_t offset_end, packet_info *pinfo,
1342 SslSession *session, SslDecryptSession *ssl,
1343 bool is_from_server, bool is_dtls);
1344
1345 extern void
1346 ssl_dissect_hnd_cert_req(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info *pinfo,
1347 proto_tree *tree, uint32_t offset, uint32_t offset_end,
1348 SslSession *session, bool is_dtls);
1349
1350 extern void
1351 ssl_dissect_hnd_cli_cert_verify(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info *pinfo,
1352 proto_tree *tree, uint32_t offset, uint32_t offset_end, uint16_t version);
1353
1354 extern void
1355 ssl_dissect_hnd_finished(ssl_common_dissect_t *hf, tvbuff_t *tvb,
1356 proto_tree *tree, uint32_t offset, uint32_t offset_end,
1357 const SslSession *session, ssl_hfs_t *ssl_hfs);
1358
1359 extern void
1360 ssl_dissect_hnd_cert_url(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree, uint32_t offset);
1361
1362 extern uint32_t
1363 tls_dissect_hnd_certificate_status(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info *pinfo,
1364 proto_tree *tree, uint32_t offset, uint32_t offset_end);
1365
1366 extern void
1367 ssl_dissect_hnd_cli_keyex(ssl_common_dissect_t *hf, tvbuff_t *tvb,
1368 proto_tree *tree, uint32_t offset, uint32_t length,
1369 const SslSession *session);
1370
1371 extern void
1372 ssl_dissect_hnd_srv_keyex(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info *pinfo,
1373 proto_tree *tree, uint32_t offset, uint32_t offset_end,
1374 const SslSession *session);
1375
1376 extern void
1377 tls13_dissect_hnd_key_update(ssl_common_dissect_t *hf, tvbuff_t *tvb,
1378 proto_tree *tree, uint32_t offset);
1379
1380 extern uint32_t
1381 tls_dissect_sct_list(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
1382 uint32_t offset, uint32_t offset_end, uint16_t version);
1383
1384 extern bool
1385 tls13_hkdf_expand_label_context(int md, const StringInfo *secret,
1386 const char *label_prefix, const char *label,
1387 const uint8_t *context, uint8_t context_length,
1388 uint16_t out_len, unsigned char **out);
1389
1390 extern bool
1391 tls13_hkdf_expand_label(int md, const StringInfo *secret,
1392 const char *label_prefix, const char *label,
1393 uint16_t out_len, unsigned char **out);
1394
1395 extern void
1396 ssl_dissect_hnd_compress_certificate(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree,
1397 uint32_t offset, uint32_t offset_end, packet_info *pinfo,
1398 SslSession *session _U_, SslDecryptSession *ssl _U_,
1399 bool is_from_server _U_, bool is_dtls _U_);
1400 /* {{{ */
1401 #define SSL_COMMON_LIST_T(name) \
1402 ssl_common_dissect_t name;
1403 /* }}} */
1404
1405 /* {{{ */
1406 #define SSL_COMMON_HF_LIST(name, prefix) \
1407 { & name .hf.change_cipher_spec, \
1408 { "Change Cipher Spec Message", prefix ".change_cipher_spec", \
1409 FT_NONE, BASE_NONE, NULL, 0x0, \
1410 "Signals a change in cipher specifications", HFILL } \
1411 }, \
1412 { & name .hf.hs_exts_len, \
1413 { "Extensions Length", prefix ".handshake.extensions_length", \
1414 FT_UINT16, BASE_DEC, NULL, 0x0, \
1415 "Length of hello extensions", HFILL } \
1416 }, \
1417 { & name .hf.hs_ext_type, \
1418 { "Type", prefix ".handshake.extension.type", \
1419 FT_UINT16, BASE_DEC, VALS(tls_hello_extension_types), 0x0, \
1420 "Hello extension type", HFILL } \
1421 }, \
1422 { & name .hf.hs_ext_len, \
1423 { "Length", prefix ".handshake.extension.len", \
1424 FT_UINT16, BASE_DEC, NULL, 0x0, \
1425 "Length of a hello extension", HFILL } \
1426 }, \
1427 { & name .hf.hs_ext_data, \
1428 { "Data", prefix ".handshake.extension.data", \
1429 FT_BYTES, BASE_NONE, NULL, 0x0, \
1430 "Hello Extension data", HFILL } \
1431 }, \
1432 { & name .hf.hs_ext_ech_outer_ext_len, \
1433 { "Outer Extensions List Length", prefix ".handshake.extensions_ech_outer_extensions_length", \
1434 FT_UINT8, BASE_DEC, NULL, 0x0, \
1435 NULL, HFILL } \
1436 }, \
1437 { & name .hf.hs_ext_ech_outer_ext, \
1438 { "Outer Extensions List", prefix ".handshake.extensions_ech_outer_extensions", \
1439 FT_NONE, BASE_NONE, NULL, 0x0, \
1440 "List of extensions derived from Outer Client Hello", HFILL } \
1441 }, \
1442 { & name .hf.hs_ech_confirm, \
1443 { "ECH Confirmation Bytes", prefix ".handshake.ech_confirm", \
1444 FT_BYTES, BASE_NONE, NULL, 0x0, \
1445 NULL, HFILL } \
1446 }, \
1447 { & name .hf.hs_ech_confirm_compute, \
1448 { "Computed ECH Confirmation Bytes", prefix ".handshake.ech_confirm_compute", \
1449 FT_BYTES, BASE_NONE, NULL, 0x0, \
1450 NULL, HFILL } \
1451 }, \
1452 { & name .hf.hs_ext_supported_groups_len, \
1453 { "Supported Groups List Length", prefix ".handshake.extensions_supported_groups_length", \
1454 FT_UINT16, BASE_DEC, NULL, 0x0, \
1455 NULL, HFILL } \
1456 }, \
1457 { & name .hf.hs_ext_supported_groups, \
1458 { "Supported Groups List", prefix ".handshake.extensions_supported_groups", \
1459 FT_NONE, BASE_NONE, NULL, 0x0, \
1460 "List of supported groups (formerly Supported Elliptic Curves)", HFILL } \
1461 }, \
1462 { & name .hf.hs_ext_supported_group, \
1463 { "Supported Group", prefix ".handshake.extensions_supported_group", \
1464 FT_UINT16, BASE_HEX, VALS(ssl_extension_curves), 0x0, \
1465 NULL, HFILL } \
1466 }, \
1467 { & name .hf.hs_ext_ec_point_formats_len, \
1468 { "EC point formats Length", prefix ".handshake.extensions_ec_point_formats_length", \
1469 FT_UINT8, BASE_DEC, NULL, 0x0, \
1470 "Length of elliptic curves point formats field", HFILL } \
1471 }, \
1472 { & name .hf.hs_ext_ec_point_formats, \
1473 { "EC point formats", prefix ".handshake.extensions_ec_point_formats", \
1474 FT_NONE, BASE_NONE, NULL, 0x0, \
1475 "List of elliptic curves point format", HFILL } \
1476 }, \
1477 { & name .hf.hs_ext_ec_point_format, \
1478 { "EC point format", prefix ".handshake.extensions_ec_point_format", \
1479 FT_UINT8, BASE_DEC, VALS(ssl_extension_ec_point_formats), 0x0, \
1480 "Elliptic curves point format", HFILL } \
1481 }, \
1482 { & name .hf.hs_ext_srp_len, \
1483 { "SRP username length", prefix ".handshake.extensions_srp_len", \
1484 FT_UINT8, BASE_DEC, NULL, 0x0, \
1485 "Length of Secure Remote Password username field", HFILL } \
1486 }, \
1487 { & name .hf.hs_ext_srp_username, \
1488 { "SRP username", prefix ".handshake.extensions_srp_username", \
1489 FT_STRING, BASE_NONE, NULL, 0x0, \
1490 "Secure Remote Password username", HFILL } \
1491 }, \
1492 { & name .hf.hs_ext_alpn_len, \
1493 { "ALPN Extension Length", prefix ".handshake.extensions_alpn_len", \
1494 FT_UINT16, BASE_DEC, NULL, 0x0, \
1495 "Length of the ALPN Extension", HFILL } \
1496 }, \
1497 { & name .hf.hs_ext_alpn_list, \
1498 { "ALPN Protocol", prefix ".handshake.extensions_alpn_list", \
1499 FT_NONE, BASE_NONE, NULL, 0x0, \
1500 NULL, HFILL } \
1501 }, \
1502 { & name .hf.hs_ext_alpn_str_len, \
1503 { "ALPN string length", prefix ".handshake.extensions_alpn_str_len", \
1504 FT_UINT8, BASE_DEC, NULL, 0x0, \
1505 "Length of ALPN string", HFILL } \
1506 }, \
1507 { & name .hf.hs_ext_alpn_str, \
1508 { "ALPN Next Protocol", prefix ".handshake.extensions_alpn_str", \
1509 FT_STRING, BASE_NONE, NULL, 0x00, \
1510 NULL, HFILL } \
1511 }, \
1512 { & name .hf.hs_ext_npn_str_len, \
1513 { "Protocol string length", prefix ".handshake.extensions_npn_str_len", \
1514 FT_UINT8, BASE_DEC, NULL, 0x0, \
1515 "Length of next protocol string", HFILL } \
1516 }, \
1517 { & name .hf.hs_ext_npn_str, \
1518 { "Next Protocol", prefix ".handshake.extensions_npn", \
1519 FT_STRING, BASE_NONE, NULL, 0x0, \
1520 NULL, HFILL } \
1521 }, \
1522 { & name .hf.hs_ext_reneg_info_len, \
1523 { "Renegotiation info extension length", prefix ".handshake.extensions_reneg_info_len", \
1524 FT_UINT8, BASE_DEC, NULL, 0x0, \
1525 NULL, HFILL } \
1526 }, \
1527 { & name .hf.hs_ext_reneg_info, \
1528 { "Renegotiation info", prefix ".handshake.extensions_reneg_info",\
1529 FT_BYTES, BASE_NONE, NULL, 0x0, \
1530 NULL, HFILL } \
1531 }, \
1532 { & name .hf.hs_ext_key_share_client_length, \
1533 { "Client Key Share Length", prefix ".handshake.extensions_key_share_client_length", \
1534 FT_UINT16, BASE_DEC, NULL, 0x00, \
1535 NULL, HFILL } \
1536 }, \
1537 { & name .hf.hs_ext_key_share_group, \
1538 { "Group", prefix ".handshake.extensions_key_share_group", \
1539 FT_UINT16, BASE_DEC, VALS(ssl_extension_curves), 0x00, \
1540 NULL, HFILL } \
1541 }, \
1542 { & name .hf.hs_ext_key_share_key_exchange_length, \
1543 { "Key Exchange Length", prefix ".handshake.extensions_key_share_key_exchange_length", \
1544 FT_UINT16, BASE_DEC, NULL, 0x00, \
1545 NULL, HFILL } \
1546 }, \
1547 { & name .hf.hs_ext_key_share_key_exchange, \
1548 { "Key Exchange", prefix ".handshake.extensions_key_share_key_exchange", \
1549 FT_BYTES, BASE_NONE, NULL, 0x0, \
1550 NULL, HFILL } \
1551 }, \
1552 { & name .hf.hs_ext_key_share_selected_group, \
1553 { "Selected Group", prefix ".handshake.extensions_key_share_selected_group", \
1554 FT_UINT16, BASE_DEC, VALS(ssl_extension_curves), 0x00, \
1555 NULL, HFILL } \
1556 }, \
1557 { & name .hf.hs_ext_psk_identities_length, \
1558 { "Identities Length", prefix ".handshake.extensions.psk.identities.length", \
1559 FT_UINT16, BASE_DEC, NULL, 0x0, \
1560 NULL, HFILL } \
1561 }, \
1562 { & name .hf.hs_ext_psk_identity_identity_length, \
1563 { "Identity Length", prefix ".handshake.extensions.psk.identity.identity_length", \
1564 FT_UINT16, BASE_DEC, NULL, 0x0, \
1565 NULL, HFILL } \
1566 }, \
1567 { & name .hf.hs_ext_psk_identity_identity, \
1568 { "Identity", prefix ".handshake.extensions.psk.identity.identity", \
1569 FT_BYTES, BASE_NONE, NULL, 0x0, \
1570 NULL, HFILL } \
1571 }, \
1572 { & name .hf.hs_ext_psk_identity_obfuscated_ticket_age, \
1573 { "Obfuscated Ticket Age", prefix ".handshake.extensions.psk.identity.obfuscated_ticket_age", \
1574 FT_UINT32, BASE_DEC, NULL, 0x0, \
1575 NULL, HFILL } \
1576 }, \
1577 { & name .hf.hs_ext_psk_binders_length, \
1578 { "PSK Binders length", prefix ".handshake.extensions.psk.binders_len", \
1579 FT_UINT16, BASE_DEC, NULL, 0x0, \
1580 NULL, HFILL } \
1581 }, \
1582 { & name .hf.hs_ext_psk_binders, \
1583 { "PSK Binders", prefix ".handshake.extensions.psk.binders", \
1584 FT_NONE, BASE_NONE, NULL, 0x0, \
1585 NULL, HFILL } \
1586 }, \
1587 { & name .hf.hs_ext_psk_identity_selected, \
1588 { "Selected Identity", prefix ".handshake.extensions.psk.identity.selected", \
1589 FT_UINT16, BASE_DEC, NULL, 0x0, \
1590 NULL, HFILL } \
1591 }, \
1592 { & name .hf.hs_ext_session_ticket, \
1593 { "Session Ticket", prefix ".handshake.extensions.session_ticket", \
1594 FT_BYTES, BASE_NONE, NULL, 0x0, \
1595 NULL, HFILL } \
1596 }, \
1597 { & name .hf.hs_ext_supported_versions_len, \
1598 { "Supported Versions length", prefix ".handshake.extensions.supported_versions_len", \
1599 FT_UINT8, BASE_DEC, NULL, 0x0, \
1600 NULL, HFILL } \
1601 }, \
1602 { & name .hf.hs_ext_supported_version, \
1603 { "Supported Version", prefix ".handshake.extensions.supported_version", \
1604 FT_UINT16, BASE_HEX, VALS(ssl_versions), 0x0, \
1605 NULL, HFILL } \
1606 }, \
1607 { & name .hf.hs_ext_cookie_len, \
1608 { "Cookie length", prefix ".handshake.extensions.cookie_len", \
1609 FT_UINT16, BASE_DEC, NULL, 0x0, \
1610 NULL, HFILL } \
1611 }, \
1612 { & name .hf.hs_ext_cookie, \
1613 { "Cookie", prefix ".handshake.extensions.cookie", \
1614 FT_BYTES, BASE_NONE, NULL, 0x0, \
1615 NULL, HFILL } \
1616 }, \
1617 { & name .hf.hs_ext_server_name_list_len, \
1618 { "Server Name list length", prefix ".handshake.extensions_server_name_list_len", \
1619 FT_UINT16, BASE_DEC, NULL, 0x0, \
1620 "Length of server name list", HFILL } \
1621 }, \
1622 { & name .hf.hs_ext_server_name_len, \
1623 { "Server Name length", prefix ".handshake.extensions_server_name_len", \
1624 FT_UINT16, BASE_DEC, NULL, 0x0, \
1625 "Length of server name string", HFILL } \
1626 }, \
1627 { & name .hf.hs_ext_server_name_type, \
1628 { "Server Name Type", prefix ".handshake.extensions_server_name_type", \
1629 FT_UINT8, BASE_DEC, VALS(tls_hello_ext_server_name_type_vs), 0x0, \
1630 NULL, HFILL } \
1631 }, \
1632 { & name .hf.hs_ext_server_name, \
1633 { "Server Name", prefix ".handshake.extensions_server_name", \
1634 FT_STRING, BASE_NONE, NULL, 0x0, \
1635 NULL, HFILL } \
1636 }, \
1637 { & name .hf.hs_ext_max_fragment_length, \
1638 { "Maximum Fragment Length", prefix ".handshake.max_fragment_length", \
1639 FT_UINT8, BASE_DEC, VALS(tls_hello_ext_max_fragment_length), 0x00, \
1640 "Maximum fragment length that an endpoint is willing to receive", HFILL } \
1641 }, \
1642 { & name .hf.hs_ext_padding_data, \
1643 { "Padding Data", prefix ".handshake.extensions_padding_data", \
1644 FT_BYTES, BASE_NONE, NULL, 0x0, \
1645 "Must be zero", HFILL } \
1646 }, \
1647 { & name .hf.hs_ext_cert_url_type, \
1648 { "Certificate Chain Type", prefix ".handshake.cert_url_type", \
1649 FT_UINT8, BASE_DEC, VALS(tls_cert_chain_type), 0x0, \
1650 "Certificate Chain Type for Client Certificate URL", HFILL } \
1651 }, \
1652 { & name .hf.hs_ext_cert_url_url_hash_list_len, \
1653 { "URL and Hash list Length", prefix ".handshake.cert_url.url_hash_len", \
1654 FT_UINT16, BASE_DEC, NULL, 0x0, \
1655 NULL, HFILL } \
1656 }, \
1657 { & name .hf.hs_ext_cert_url_item, \
1658 { "URL and Hash", prefix ".handshake.cert_url.url_hash", \
1659 FT_NONE, BASE_NONE, NULL, 0x0, \
1660 NULL, HFILL } \
1661 }, \
1662 { & name .hf.hs_ext_cert_url_url_len, \
1663 { "URL Length", prefix ".handshake.cert_url.url_len", \
1664 FT_UINT16, BASE_DEC, NULL, 0x0, \
1665 NULL, HFILL } \
1666 }, \
1667 { & name .hf.hs_ext_cert_type, \
1668 { "Certificate Type", prefix ".handshake.cert_type.type", \
1669 FT_UINT8, BASE_HEX, VALS(tls_certificate_type), 0x0, \
1670 NULL, HFILL } \
1671 }, \
1672 { & name .hf.hs_ext_cert_types, \
1673 { "Certificate Type List", prefix ".handshake.cert_type.types", \
1674 FT_NONE, BASE_NONE, NULL, 0x0, \
1675 NULL, HFILL } \
1676 }, \
1677 { & name .hf.hs_ext_cert_types_len, \
1678 { "Certificate Type List Length", prefix ".handshake.cert_type.types_len", \
1679 FT_UINT8, BASE_DEC, NULL, 0x0, \
1680 NULL, HFILL } \
1681 }, \
1682 { & name .hf.hs_ext_cert_url_url, \
1683 { "URL", prefix ".handshake.cert_url.url", \
1684 FT_STRING, BASE_NONE, NULL, 0x0, \
1685 "URL used to fetch the certificate(s)", HFILL } \
1686 }, \
1687 { & name .hf.hs_ext_cert_url_padding, \
1688 { "Padding", prefix ".handshake.cert_url.padding", \
1689 FT_NONE, BASE_NONE, NULL, 0x0, \
1690 "Padding that MUST be 0x01 for backwards compatibility", HFILL } \
1691 }, \
1692 { & name .hf.hs_ext_cert_url_sha1, \
1693 { "SHA1 Hash", prefix ".handshake.cert_url.sha1", \
1694 FT_BYTES, BASE_NONE, NULL, 0x0, \
1695 "SHA1 Hash of the certificate", HFILL } \
1696 }, \
1697 { & name .hf.hs_ext_cert_status_type, \
1698 { "Certificate Status Type", prefix ".handshake.extensions_status_request_type", \
1699 FT_UINT8, BASE_DEC, VALS(tls_cert_status_type), 0x0, \
1700 NULL, HFILL } \
1701 }, \
1702 { & name .hf.hs_ext_cert_status_request_len, \
1703 { "Certificate Status Length", prefix ".handshake.extensions_status_request_len", \
1704 FT_UINT16, BASE_DEC, NULL, 0x0, \
1705 NULL, HFILL } \
1706 }, \
1707 { & name .hf.hs_ext_cert_status_responder_id_list_len, \
1708 { "Responder ID list Length", prefix ".handshake.extensions_status_request_responder_ids_len", \
1709 FT_UINT16, BASE_DEC, NULL, 0x0, \
1710 NULL, HFILL } \
1711 }, \
1712 { & name .hf.hs_ext_cert_status_request_extensions_len, \
1713 { "Request Extensions Length", prefix ".handshake.extensions_status_request_exts_len", \
1714 FT_UINT16, BASE_DEC, NULL, 0x0, \
1715 NULL, HFILL } \
1716 }, \
1717 { & name .hf.hs_ext_cert_status_request_list_len, \
1718 { "Certificate Status List Length", prefix ".handshake.extensions_status_request_list_len", \
1719 FT_UINT16, BASE_DEC, NULL, 0x0, \
1720 "CertificateStatusRequestItemV2 list length", HFILL } \
1721 }, \
1722 { & name .hf.hs_ocsp_response_list_len, \
1723 { "OCSP Response List Length", prefix ".handshake.ocsp_response_list_len", \
1724 FT_UINT24, BASE_DEC, NULL, 0x0, \
1725 "OCSPResponseList length", HFILL } \
1726 }, \
1727 { & name .hf.hs_ocsp_response_len, \
1728 { "OCSP Response Length", prefix ".handshake.ocsp_response_len", \
1729 FT_UINT24, BASE_DEC, NULL, 0x0, \
1730 NULL, HFILL } \
1731 }, \
1732 { & name .hf.hs_sig_hash_alg_len, \
1733 { "Signature Hash Algorithms Length", prefix ".handshake.sig_hash_alg_len", \
1734 FT_UINT16, BASE_DEC, NULL, 0x0, \
1735 "Length of Signature Hash Algorithms", HFILL } \
1736 }, \
1737 { & name .hf.hs_sig_hash_algs, \
1738 { "Signature Algorithms", prefix ".handshake.sig_hash_algs", \
1739 FT_NONE, BASE_NONE, NULL, 0x0, \
1740 "List of supported Signature Algorithms", HFILL } \
1741 }, \
1742 { & name .hf.hs_sig_hash_alg, \
1743 { "Signature Algorithm", prefix ".handshake.sig_hash_alg", \
1744 FT_UINT16, BASE_HEX, VALS(tls13_signature_algorithm), 0x0, \
1745 NULL, HFILL } \
1746 }, \
1747 { & name .hf.hs_sig_hash_hash, \
1748 { "Signature Hash Algorithm Hash", prefix ".handshake.sig_hash_hash", \
1749 FT_UINT8, BASE_DEC, VALS(tls_hash_algorithm), 0x0, \
1750 "Hash algorithm (TLS 1.2)", HFILL } \
1751 }, \
1752 { & name .hf.hs_sig_hash_sig, \
1753 { "Signature Hash Algorithm Signature", prefix ".handshake.sig_hash_sig", \
1754 FT_UINT8, BASE_DEC, VALS(tls_signature_algorithm), 0x0, \
1755 "Signature algorithm (TLS 1.2)", HFILL } \
1756 }, \
1757 { & name .hf.hs_client_keyex_epms_len, \
1758 { "Encrypted PreMaster length", prefix ".handshake.epms_len", \
1759 FT_UINT16, BASE_DEC, NULL, 0x0, \
1760 "Length of encrypted PreMaster secret", HFILL } \
1761 }, \
1762 { & name .hf.hs_client_keyex_epms, \
1763 { "Encrypted PreMaster", prefix ".handshake.epms", \
1764 FT_BYTES, BASE_NONE, NULL, 0x0, \
1765 "Encrypted PreMaster secret", HFILL } \
1766 }, \
1767 { & name .hf.hs_server_keyex_modulus_len, \
1768 { "Modulus Length", prefix ".handshake.modulus_len", \
1769 FT_UINT16, BASE_DEC, NULL, 0x0, \
1770 "Length of RSA-EXPORT modulus", HFILL } \
1771 }, \
1772 { & name .hf.hs_server_keyex_exponent_len, \
1773 { "Exponent Length", prefix ".handshake.exponent_len", \
1774 FT_UINT16, BASE_DEC, NULL, 0x0, \
1775 "Length of RSA-EXPORT exponent", HFILL } \
1776 }, \
1777 { & name .hf.hs_server_keyex_sig_len, \
1778 { "Signature Length", prefix ".handshake.sig_len", \
1779 FT_UINT16, BASE_DEC, NULL, 0x0, \
1780 "Length of Signature", HFILL } \
1781 }, \
1782 { & name .hf.hs_server_keyex_p_len, \
1783 { "p Length", prefix ".handshake.p_len", \
1784 FT_UINT16, BASE_DEC, NULL, 0x0, \
1785 "Length of p", HFILL } \
1786 }, \
1787 { & name .hf.hs_server_keyex_g_len, \
1788 { "g Length", prefix ".handshake.g_len", \
1789 FT_UINT16, BASE_DEC, NULL, 0x0, \
1790 "Length of g", HFILL } \
1791 }, \
1792 { & name .hf.hs_server_keyex_ys_len, \
1793 { "Pubkey Length", prefix ".handshake.ys_len", \
1794 FT_UINT16, BASE_DEC, NULL, 0x0, \
1795 "Length of server's Diffie-Hellman public key", HFILL } \
1796 }, \
1797 { & name .hf.hs_client_keyex_yc_len, \
1798 { "Pubkey Length", prefix ".handshake.yc_len", \
1799 FT_UINT16, BASE_DEC, NULL, 0x0, \
1800 "Length of client's Diffie-Hellman public key", HFILL } \
1801 }, \
1802 { & name .hf.hs_client_keyex_point_len, \
1803 { "Pubkey Length", prefix ".handshake.client_point_len", \
1804 FT_UINT8, BASE_DEC, NULL, 0x0, \
1805 "Length of client's EC Diffie-Hellman public key", HFILL } \
1806 }, \
1807 { & name .hf.hs_server_keyex_point_len, \
1808 { "Pubkey Length", prefix ".handshake.server_point_len", \
1809 FT_UINT8, BASE_DEC, NULL, 0x0, \
1810 "Length of server's EC Diffie-Hellman public key", HFILL } \
1811 }, \
1812 { & name .hf.hs_server_keyex_p, \
1813 { "p", prefix ".handshake.p", \
1814 FT_BYTES, BASE_NONE, NULL, 0x0, \
1815 "Diffie-Hellman p", HFILL } \
1816 }, \
1817 { & name .hf.hs_server_keyex_g, \
1818 { "g", prefix ".handshake.g", \
1819 FT_BYTES, BASE_NONE, NULL, 0x0, \
1820 "Diffie-Hellman g", HFILL } \
1821 }, \
1822 { & name .hf.hs_server_keyex_curve_type, \
1823 { "Curve Type", prefix ".handshake.server_curve_type", \
1824 FT_UINT8, BASE_HEX, VALS(ssl_curve_types), 0x0, \
1825 "Server curve_type", HFILL } \
1826 }, \
1827 { & name .hf.hs_server_keyex_named_curve, \
1828 { "Named Curve", prefix ".handshake.server_named_curve", \
1829 FT_UINT16, BASE_HEX, VALS(ssl_extension_curves), 0x0, \
1830 "Server named_curve", HFILL } \
1831 }, \
1832 { & name .hf.hs_server_keyex_ys, \
1833 { "Pubkey", prefix ".handshake.ys", \
1834 FT_BYTES, BASE_NONE, NULL, 0x0, \
1835 "Diffie-Hellman server pubkey", HFILL } \
1836 }, \
1837 { & name .hf.hs_client_keyex_yc, \
1838 { "Pubkey", prefix ".handshake.yc", \
1839 FT_BYTES, BASE_NONE, NULL, 0x0, \
1840 "Diffie-Hellman client pubkey", HFILL } \
1841 }, \
1842 { & name .hf.hs_server_keyex_point, \
1843 { "Pubkey", prefix ".handshake.server_point", \
1844 FT_BYTES, BASE_NONE, NULL, 0x0, \
1845 "EC Diffie-Hellman server pubkey", HFILL } \
1846 }, \
1847 { & name .hf.hs_client_keyex_point, \
1848 { "Pubkey", prefix ".handshake.client_point", \
1849 FT_BYTES, BASE_NONE, NULL, 0x0, \
1850 "EC Diffie-Hellman client pubkey", HFILL } \
1851 }, \
1852 { & name .hf.hs_server_keyex_xs_len, \
1853 { "Pubkey Length", prefix ".handshake.xs_len", \
1854 FT_UINT8, BASE_DEC, NULL, 0x0, \
1855 "Length of EC J-PAKE server public key", HFILL } \
1856 }, \
1857 { & name .hf.hs_client_keyex_xc_len, \
1858 { "Pubkey Length", prefix ".handshake.xc_len", \
1859 FT_UINT8, BASE_DEC, NULL, 0x0, \
1860 "Length of EC J-PAKE client public key", HFILL } \
1861 }, \
1862 { & name .hf.hs_server_keyex_xs, \
1863 { "Pubkey", prefix ".handshake.xs", \
1864 FT_BYTES, BASE_NONE, NULL, 0x0, \
1865 "EC J-PAKE server public key", HFILL } \
1866 }, \
1867 { & name .hf.hs_client_keyex_xc, \
1868 { "Pubkey", prefix ".handshake.xc", \
1869 FT_BYTES, BASE_NONE, NULL, 0x0, \
1870 "EC J-PAKE client public key", HFILL } \
1871 }, \
1872 { & name .hf.hs_server_keyex_vs_len, \
1873 { "Ephemeral Pubkey Length", prefix ".handshake.vs_len", \
1874 FT_UINT8, BASE_DEC, NULL, 0x0, \
1875 "Length of EC J-PAKE server ephemeral public key", HFILL } \
1876 }, \
1877 { & name .hf.hs_client_keyex_vc_len, \
1878 { "Ephemeral Pubkey Length", prefix ".handshake.vc_len", \
1879 FT_UINT8, BASE_DEC, NULL, 0x0, \
1880 "Length of EC J-PAKE client ephemeral public key", HFILL } \
1881 }, \
1882 { & name .hf.hs_server_keyex_vs, \
1883 { "Ephemeral Pubkey", prefix ".handshake.vs", \
1884 FT_BYTES, BASE_NONE, NULL, 0x0, \
1885 "EC J-PAKE server ephemeral public key", HFILL } \
1886 }, \
1887 { & name .hf.hs_client_keyex_vc, \
1888 { "Ephemeral Pubkey", prefix ".handshake.vc", \
1889 FT_BYTES, BASE_NONE, NULL, 0x0, \
1890 "EC J-PAKE client ephemeral public key", HFILL } \
1891 }, \
1892 { & name .hf.hs_server_keyex_rs_len, \
1893 { "Schnorr signature Length", prefix ".handshake.rs_len", \
1894 FT_UINT8, BASE_DEC, NULL, 0x0, \
1895 "Length of EC J-PAKE server Schnorr signature", HFILL } \
1896 }, \
1897 { & name .hf.hs_client_keyex_rc_len, \
1898 { "Schnorr signature Length", prefix ".handshake.rc_len", \
1899 FT_UINT8, BASE_DEC, NULL, 0x0, \
1900 "Length of EC J-PAKE client Schnorr signature", HFILL } \
1901 }, \
1902 { & name .hf.hs_server_keyex_rs, \
1903 { "Schnorr signature", prefix ".handshake.rs", \
1904 FT_BYTES, BASE_NONE, NULL, 0x0, \
1905 "EC J-PAKE server Schnorr signature", HFILL } \
1906 }, \
1907 { & name .hf.hs_client_keyex_rc, \
1908 { "Schnorr signature", prefix ".handshake.rc", \
1909 FT_BYTES, BASE_NONE, NULL, 0x0, \
1910 "EC J-PAKE client Schnorr signature", HFILL } \
1911 }, \
1912 { & name .hf.hs_server_keyex_modulus, \
1913 { "Modulus", prefix ".handshake.modulus", \
1914 FT_BYTES, BASE_NONE, NULL, 0x0, \
1915 "RSA-EXPORT modulus", HFILL } \
1916 }, \
1917 { & name .hf.hs_server_keyex_exponent, \
1918 { "Exponent", prefix ".handshake.exponent", \
1919 FT_BYTES, BASE_NONE, NULL, 0x0, \
1920 "RSA-EXPORT exponent", HFILL } \
1921 }, \
1922 { & name .hf.hs_server_keyex_sig, \
1923 { "Signature", prefix ".handshake.sig", \
1924 FT_BYTES, BASE_NONE, NULL, 0x0, \
1925 "Diffie-Hellman server signature", HFILL } \
1926 }, \
1927 { & name .hf.hs_server_keyex_hint_len, \
1928 { "Hint Length", prefix ".handshake.hint_len", \
1929 FT_UINT16, BASE_DEC, NULL, 0x0, \
1930 "Length of PSK Hint", HFILL } \
1931 }, \
1932 { & name .hf.hs_server_keyex_hint, \
1933 { "Hint", prefix ".handshake.hint", \
1934 FT_BYTES, BASE_NONE, NULL, 0x0, \
1935 "PSK Hint", HFILL } \
1936 }, \
1937 { & name .hf.hs_client_keyex_identity_len, \
1938 { "Identity Length", prefix ".handshake.identity_len", \
1939 FT_UINT16, BASE_DEC, NULL, 0x0, \
1940 "Length of PSK Identity", HFILL } \
1941 }, \
1942 { & name .hf.hs_client_keyex_identity, \
1943 { "Identity", prefix ".handshake.identity", \
1944 FT_BYTES, BASE_NONE, NULL, 0x0, \
1945 "PSK Identity", HFILL } \
1946 }, \
1947 { & name .hf.hs_ext_heartbeat_mode, \
1948 { "Mode", prefix ".handshake.extension.heartbeat.mode", \
1949 FT_UINT8, BASE_DEC, VALS(tls_heartbeat_mode), 0x0, \
1950 "Heartbeat extension mode", HFILL } \
1951 }, \
1952 { & name .hf.hs_certificates_len, \
1953 { "Certificates Length", prefix ".handshake.certificates_length", \
1954 FT_UINT24, BASE_DEC, NULL, 0x0, \
1955 "Length of certificates field", HFILL } \
1956 }, \
1957 { & name .hf.hs_certificates, \
1958 { "Certificates", prefix ".handshake.certificates", \
1959 FT_NONE, BASE_NONE, NULL, 0x0, \
1960 "List of certificates", HFILL } \
1961 }, \
1962 { & name .hf.hs_certificate, \
1963 { "Certificate", prefix ".handshake.certificate", \
1964 FT_BYTES, BASE_NONE, NULL, 0x0, \
1965 NULL, HFILL } \
1966 }, \
1967 { & name .hf.hs_certificate_len, \
1968 { "Certificate Length", prefix ".handshake.certificate_length", \
1969 FT_UINT24, BASE_DEC, NULL, 0x0, \
1970 "Length of certificate", HFILL } \
1971 }, \
1972 { & name .hf.hs_cert_types_count, \
1973 { "Certificate types count", prefix ".handshake.cert_types_count",\
1974 FT_UINT8, BASE_DEC, NULL, 0x0, \
1975 "Count of certificate types", HFILL } \
1976 }, \
1977 { & name .hf.hs_cert_types, \
1978 { "Certificate types", prefix ".handshake.cert_types", \
1979 FT_NONE, BASE_NONE, NULL, 0x0, \
1980 "List of certificate types", HFILL } \
1981 }, \
1982 { & name .hf.hs_cert_type, \
1983 { "Certificate type", prefix ".handshake.cert_type", \
1984 FT_UINT8, BASE_DEC, VALS(ssl_31_client_certificate_type), 0x0, \
1985 NULL, HFILL } \
1986 }, \
1987 { & name .hf.hs_dnames_len, \
1988 { "Distinguished Names Length", prefix ".handshake.dnames_len", \
1989 FT_UINT16, BASE_DEC, NULL, 0x0, \
1990 "Length of list of CAs that server trusts", HFILL } \
1991 }, \
1992 { & name .hf.hs_dnames, \
1993 { "Distinguished Names", prefix ".handshake.dnames", \
1994 FT_NONE, BASE_NONE, NULL, 0x0, \
1995 "List of CAs that server trusts", HFILL } \
1996 }, \
1997 { & name .hf.hs_dname_len, \
1998 { "Distinguished Name Length", prefix ".handshake.dname_len", \
1999 FT_UINT16, BASE_DEC, NULL, 0x0, \
2000 "Length of distinguished name", HFILL } \
2001 }, \
2002 { & name .hf.hs_dnames_truncated, \
2003 { "Tree view truncated", prefix ".handshake.dnames_truncated", \
2004 FT_NONE, BASE_NONE, NULL, 0x00, \
2005 "Some Distinguished Names are not added to tree pane to limit resources", HFILL } \
2006 }, \
2007 { & name .hf.hs_dname, \
2008 { "Distinguished Name", prefix ".handshake.dname", \
2009 FT_NONE, BASE_NONE, NULL, 0x0, \
2010 "Distinguished name of a CA that server trusts", HFILL } \
2011 }, \
2012 { & name .hf.hs_random, \
2013 { "Random", prefix ".handshake.random", \
2014 FT_BYTES, BASE_NONE, NULL, 0x0, \
2015 "Random values used for deriving keys", HFILL } \
2016 }, \
2017 { & name .hf.hs_random_time, \
2018 { "GMT Unix Time", prefix ".handshake.random_time", \
2019 FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x0, \
2020 "Unix time field of random structure", HFILL } \
2021 }, \
2022 { & name .hf.hs_random_bytes, \
2023 { "Random Bytes", prefix ".handshake.random_bytes", \
2024 FT_BYTES, BASE_NONE, NULL, 0x0, \
2025 "Random values used for deriving keys", HFILL } \
2026 }, \
2027 { & name .hf.hs_session_id, \
2028 { "Session ID", prefix ".handshake.session_id", \
2029 FT_BYTES, BASE_NONE, NULL, 0x0, \
2030 "Identifies the SSL session, allowing later resumption", HFILL }\
2031 }, \
2032 { & name .hf.hs_session_id_len, \
2033 { "Session ID Length", prefix ".handshake.session_id_length", \
2034 FT_UINT8, BASE_DEC, NULL, 0x0, \
2035 "Length of Session ID field", HFILL } \
2036 }, \
2037 { & name .hf.hs_client_version, \
2038 { "Version", prefix ".handshake.version", \
2039 FT_UINT16, BASE_HEX, VALS(ssl_versions), 0x0, \
2040 "Maximum version supported by client [legacy_version if supported_versions ext is present]", HFILL } \
2041 }, \
2042 { & name .hf.hs_server_version, \
2043 { "Version", prefix ".handshake.version", \
2044 FT_UINT16, BASE_HEX, VALS(ssl_versions), 0x0, \
2045 "Version selected by server [legacy_version if supported_versions ext is present]", HFILL } \
2046 }, \
2047 { & name .hf.hs_cipher_suites_len, \
2048 { "Cipher Suites Length", prefix ".handshake.cipher_suites_length", \
2049 FT_UINT16, BASE_DEC, NULL, 0x0, \
2050 "Length of cipher suites field", HFILL } \
2051 }, \
2052 { & name .hf.hs_cipher_suites, \
2053 { "Cipher Suites", prefix ".handshake.ciphersuites", \
2054 FT_NONE, BASE_NONE, NULL, 0x0, \
2055 "List of cipher suites supported by client", HFILL } \
2056 }, \
2057 { & name .hf.hs_cipher_suite, \
2058 { "Cipher Suite", prefix ".handshake.ciphersuite", \
2059 FT_UINT16, BASE_HEX|BASE_EXT_STRING, &ssl_31_ciphersuite_ext, 0x0, \
2060 NULL, HFILL } \
2061 }, \
2062 { & name .hf.hs_comp_methods_len, \
2063 { "Compression Methods Length", prefix ".handshake.comp_methods_length", \
2064 FT_UINT8, BASE_DEC, NULL, 0x0, \
2065 "Length of compression methods field", HFILL } \
2066 }, \
2067 { & name .hf.hs_comp_methods, \
2068 { "Compression Methods", prefix ".handshake.comp_methods", \
2069 FT_NONE, BASE_NONE, NULL, 0x0, \
2070 "List of compression methods supported by client", HFILL } \
2071 }, \
2072 { & name .hf.hs_comp_method, \
2073 { "Compression Method", prefix ".handshake.comp_method", \
2074 FT_UINT8, BASE_DEC, VALS(ssl_31_compression_method), 0x0, \
2075 NULL, HFILL } \
2076 }, \
2077 { & name .hf.hs_session_ticket_lifetime_hint, \
2078 { "Session Ticket Lifetime Hint", \
2079 prefix ".handshake.session_ticket_lifetime_hint", \
2080 FT_UINT32, BASE_DEC|BASE_UNIT_STRING, UNS(&units_second_seconds), 0x0, \
2081 "New Session Ticket Lifetime Hint", HFILL } \
2082 }, \
2083 { & name .hf.hs_session_ticket_age_add, \
2084 { "Session Ticket Age Add", \
2085 prefix ".handshake.session_ticket_age_add", \
2086 FT_UINT32, BASE_DEC, NULL, 0x0, \
2087 "Random 32-bit value to obscure age of ticket", HFILL } \
2088 }, \
2089 { & name .hf.hs_session_ticket_nonce_len, \
2090 { "Session Ticket Nonce Length", prefix ".handshake.session_ticket_nonce_length", \
2091 FT_UINT8, BASE_DEC, NULL, 0x0, \
2092 NULL, HFILL } \
2093 }, \
2094 { & name .hf.hs_session_ticket_nonce, \
2095 { "Session Ticket Nonce", prefix ".handshake.session_ticket_nonce", \
2096 FT_BYTES, BASE_NONE, NULL, 0x0, \
2097 "A unique per-ticket value", HFILL } \
2098 }, \
2099 { & name .hf.hs_session_ticket_len, \
2100 { "Session Ticket Length", prefix ".handshake.session_ticket_length", \
2101 FT_UINT16, BASE_DEC, NULL, 0x0, \
2102 "New Session Ticket Length", HFILL } \
2103 }, \
2104 { & name .hf.hs_session_ticket, \
2105 { "Session Ticket", prefix ".handshake.session_ticket", \
2106 FT_BYTES, BASE_NONE, NULL, 0x0, \
2107 "New Session Ticket", HFILL } \
2108 }, \
2109 { & name .hf.hs_finished, \
2110 { "Verify Data", prefix ".handshake.verify_data", \
2111 FT_NONE, BASE_NONE, NULL, 0x0, \
2112 "Opaque verification data", HFILL } \
2113 }, \
2114 { & name .hf.hs_client_cert_vrfy_sig_len, \
2115 { "Signature length", prefix ".handshake.client_cert_vrfy.sig_len", \
2116 FT_UINT16, BASE_DEC, NULL, 0x0, \
2117 "Length of CertificateVerify's signature", HFILL } \
2118 }, \
2119 { & name .hf.hs_client_cert_vrfy_sig, \
2120 { "Signature", prefix ".handshake.client_cert_vrfy.sig", \
2121 FT_BYTES, BASE_NONE, NULL, 0x0, \
2122 "CertificateVerify's signature", HFILL } \
2123 }, \
2124 { & name .hf.hs_ja3_full, \
2125 { "JA3 Fullstring", prefix ".handshake.ja3_full", \
2126 FT_STRING, BASE_NONE, NULL, 0x0, \
2127 NULL, HFILL } \
2128 }, \
2129 { & name .hf.hs_ja3_hash, \
2130 { "JA3", prefix ".handshake.ja3", \
2131 FT_STRING, BASE_NONE, NULL, 0x0, \
2132 NULL, HFILL } \
2133 }, \
2134 { & name .hf.hs_ja3s_full, \
2135 { "JA3S Fullstring", prefix ".handshake.ja3s_full", \
2136 FT_STRING, BASE_NONE, NULL, 0x0, \
2137 NULL, HFILL } \
2138 }, \
2139 { & name .hf.hs_ja3s_hash, \
2140 { "JA3S", prefix ".handshake.ja3s", \
2141 FT_STRING, BASE_NONE, NULL, 0x0, \
2142 NULL, HFILL } \
2143 }, \
2144 { & name .hf.hs_ja4, \
2145 { "JA4", prefix ".handshake.ja4", \
2146 FT_STRING, BASE_NONE, NULL, 0x0, \
2147 NULL, HFILL } \
2148 }, \
2149 { & name .hf.hs_ja4_r, \
2150 { "JA4_r", prefix ".handshake.ja4_r", \
2151 FT_STRING, BASE_NONE, NULL, 0x0, \
2152 NULL, HFILL } \
2153 }, \
2154 { & name .hf.hs_ext_psk_ke_modes_length, \
2155 { "PSK Key Exchange Modes Length", prefix ".extension.psk_ke_modes_length", \
2156 FT_UINT8, BASE_DEC, NULL, 0x0, \
2157 NULL, HFILL } \
2158 }, \
2159 { & name .hf.hs_ext_psk_ke_mode, \
2160 { "PSK Key Exchange Mode", prefix ".extension.psk_ke_mode", \
2161 FT_UINT8, BASE_DEC, VALS(tls_hello_ext_psk_ke_mode), 0x0, \
2162 "Key exchange modes where the client supports use of PSKs", HFILL } \
2163 }, \
2164 { & name .hf.hs_certificate_request_context_length, \
2165 { "Certificate Request Context Length", prefix ".handshake.certificate_request_context_length", \
2166 FT_UINT8, BASE_DEC, NULL, 0x0, \
2167 NULL, HFILL } \
2168 }, \
2169 { & name .hf.hs_certificate_request_context, \
2170 { "Certificate Request Context", prefix ".handshake.certificate_request_context", \
2171 FT_BYTES, BASE_NONE, NULL, 0x0, \
2172 "Value from CertificateRequest or empty for server auth", HFILL } \
2173 }, \
2174 { & name .hf.hs_key_update_request_update, \
2175 { "Key Update Request", prefix ".handshake.key_update.request_update", \
2176 FT_UINT8, BASE_DEC, VALS(tls13_key_update_request), 0x00, \
2177 "Whether the receiver should also update its keys", HFILL } \
2178 }, \
2179 { & name .hf.sct_scts_length, \
2180 { "Serialized SCT List Length", prefix ".sct.scts_length", \
2181 FT_UINT16, BASE_DEC, NULL, 0x00, \
2182 NULL, HFILL } \
2183 }, \
2184 { & name .hf.sct_sct_length, \
2185 { "Serialized SCT Length", prefix ".sct.sct_length", \
2186 FT_UINT16, BASE_DEC, NULL, 0x00, \
2187 NULL, HFILL } \
2188 }, \
2189 { & name .hf.sct_sct_version, \
2190 { "SCT Version", prefix ".sct.sct_version", \
2191 FT_UINT8, BASE_DEC, NULL, 0x00, \
2192 "SCT Protocol version (v1 (0) is defined in RFC 6962)", HFILL } \
2193 }, \
2194 { & name .hf.sct_sct_logid, \
2195 { "Log ID", prefix ".sct.sct_logid", \
2196 FT_BYTES, BASE_NONE, NULL, 0x00, \
2197 "SHA-256 hash of log's public key", HFILL } \
2198 }, \
2199 { & name .hf.sct_sct_timestamp, \
2200 { "Timestamp", prefix ".sct.sct_timestamp", \
2201 FT_ABSOLUTE_TIME, ABSOLUTE_TIME_UTC, NULL, 0x00, \
2202 "Timestamp of issuance", HFILL } \
2203 }, \
2204 { & name .hf.sct_sct_extensions_length, \
2205 { "Extensions length", prefix ".sct.sct_extensions_length", \
2206 FT_UINT16, BASE_DEC, NULL, 0x00, \
2207 "Length of future extensions to this protocol (currently none)", HFILL } \
2208 }, \
2209 { & name .hf.sct_sct_extensions, \
2210 { "Extensions", prefix ".sct.sct_extensions", \
2211 FT_NONE, BASE_NONE, NULL, 0x00, \
2212 "Future extensions to this protocol (currently none)", HFILL } \
2213 }, \
2214 { & name .hf.sct_sct_signature_length, \
2215 { "Signature Length", prefix ".sct.sct_signature_length", \
2216 FT_UINT16, BASE_DEC, NULL, 0x00, \
2217 NULL, HFILL } \
2218 }, \
2219 { & name .hf.sct_sct_signature, \
2220 { "Signature", prefix ".sct.sct_signature", \
2221 FT_BYTES, BASE_NONE, NULL, 0x00, \
2222 NULL, HFILL } \
2223 }, \
2224 { & name .hf.hs_ext_max_early_data_size, \
2225 { "Maximum Early Data Size", prefix ".early_data.max_early_data_size", \
2226 FT_UINT32, BASE_DEC, NULL, 0x00, \
2227 "Maximum amount of 0-RTT data that the client may send", HFILL } \
2228 }, \
2229 { & name .hf.hs_ext_oid_filters_length, \
2230 { "OID Filters Length", prefix ".extension.oid_filters_length", \
2231 FT_UINT16, BASE_DEC, NULL, 0x00, \
2232 NULL, HFILL } \
2233 }, \
2234 { & name .hf.hs_ext_oid_filters_oid_length, \
2235 { "Certificate Extension OID Length", prefix ".extension.oid_filters.oid_length", \
2236 FT_UINT8, BASE_DEC, NULL, 0x00, \
2237 NULL, HFILL } \
2238 }, \
2239 { & name .hf.hs_ext_oid_filters_oid, \
2240 { "Certificate Extension OID", prefix ".extension.oid_filters.oid", \
2241 FT_OID, BASE_NONE, NULL, 0x00, \
2242 NULL, HFILL } \
2243 }, \
2244 { & name .hf.hs_ext_oid_filters_values_length, \
2245 { "Certificate Extension Values Length", prefix ".extension.oid_filters.values_length", \
2246 FT_UINT16, BASE_DEC, NULL, 0x00, \
2247 NULL, HFILL } \
2248 }, \
2249 { & name .hf.hs_cred_valid_time, \
2250 { "Valid Time", prefix ".handshake.cred.valid_time", \
2251 FT_UINT16, BASE_DEC, NULL, 0x0, \
2252 "Delegated Credentials Valid Time", HFILL } \
2253 }, \
2254 { & name .hf.hs_cred_pubkey, \
2255 { "Subject Public Key Info", prefix ".handshake.cred.pubkey", \
2256 FT_BYTES, BASE_NONE, NULL, 0x0, \
2257 "Delegated Credentials Subject Public Key Info", HFILL } \
2258 }, \
2259 { & name .hf.hs_cred_pubkey_len, \
2260 { "Subject Public Key Info Length", prefix ".handshake.cred.pubkey_len", \
2261 FT_UINT24, BASE_DEC, NULL, 0x0, \
2262 "Delegated Credentials Subject Public Key Info Length", HFILL } \
2263 }, \
2264 { & name .hf.hs_cred_signature, \
2265 { "Signature", prefix ".handshake.cred.signature", \
2266 FT_BYTES, BASE_NONE, NULL, 0x0, \
2267 "Delegated Credentials Signature", HFILL } \
2268 }, \
2269 { & name .hf.hs_cred_signature_len, \
2270 { "Signature Length", prefix ".handshake.cred.signature_len", \
2271 FT_UINT16, BASE_DEC, NULL, 0x0, \
2272 "Delegated Credentials Signature Length", HFILL } \
2273 }, \
2274 { & name .hf.hs_ext_compress_certificate_algorithms_length, \
2275 { "Algorithms Length", prefix ".compress_certificate.algorithms_length", \
2276 FT_UINT8, BASE_DEC, NULL, 0x00, \
2277 NULL, HFILL } \
2278 }, \
2279 { & name .hf.hs_ext_compress_certificate_algorithm, \
2280 { "Algorithm", prefix ".compress_certificate.algorithm", \
2281 FT_UINT16, BASE_DEC, VALS(compress_certificate_algorithm_vals), 0x00, \
2282 NULL, HFILL } \
2283 }, \
2284 { & name .hf.hs_ext_compress_certificate_uncompressed_length, \
2285 { "Uncompressed Length", prefix ".compress_certificate.uncompressed_length", \
2286 FT_UINT24, BASE_DEC, NULL, 0x00, \
2287 NULL, HFILL } \
2288 }, \
2289 { & name .hf.hs_ext_compress_certificate_compressed_certificate_message_length, \
2290 { "Length", prefix ".compress_certificate.compressed_certificate_message.length", \
2291 FT_UINT24, BASE_DEC, NULL, 0x00, \
2292 NULL, HFILL } \
2293 }, \
2294 { & name .hf.hs_ext_compress_certificate_compressed_certificate_message, \
2295 { "Compressed Certificate Message", prefix ".compress_certificate.compressed_certificate_message", \
2296 FT_BYTES, BASE_NONE, NULL, 0x00, \
2297 NULL, HFILL } \
2298 }, \
2299 { & name .hf.hs_ext_token_binding_version_major, \
2300 { "Protocol Major Version", prefix ".token_binding.version_major", \
2301 FT_UINT8, BASE_HEX, NULL, 0x00, \
2302 "Major version of the Token Binding protocol", HFILL } \
2303 }, \
2304 { & name .hf.hs_ext_token_binding_version_minor, \
2305 { "Protocol Minor Version", prefix ".token_binding.version_minor", \
2306 FT_UINT8, BASE_HEX, NULL, 0x00, \
2307 "Minor version of the Token Binding protocol", HFILL } \
2308 }, \
2309 { & name .hf.hs_ext_token_binding_key_parameters, \
2310 { "Key Parameters", prefix ".token_binding.key_parameters", \
2311 FT_NONE, BASE_NONE, NULL, 0x0, \
2312 NULL, HFILL } \
2313 }, \
2314 { & name .hf.hs_ext_token_binding_key_parameters_length, \
2315 { "Key Parameters Length", prefix ".token_binding.key_parameters_length", \
2316 FT_UINT8, BASE_DEC, NULL, 0x00, \
2317 "Length of the key parameters list", HFILL } \
2318 }, \
2319 { & name .hf.hs_ext_token_binding_key_parameter, \
2320 { "Key Parameter", prefix ".token_binding.key_parameter", \
2321 FT_UINT8, BASE_DEC, VALS(token_binding_key_parameter_vals), 0x00, \
2322 "Identifier of the Token Binding key parameter", HFILL } \
2323 }, \
2324 { & name .hf.hs_ext_record_size_limit, \
2325 { "Record Size Limit", prefix ".record_size_limit", \
2326 FT_UINT16, BASE_DEC, NULL, 0x00, \
2327 "Maximum record size that an endpoint is willing to receive", HFILL } \
2328 }, \
2329 { & name .hf.hs_ext_quictp_len, \
2330 { "Parameters Length", prefix ".quic.len", \
2331 FT_UINT16, BASE_DEC, NULL, 0x00, \
2332 NULL, HFILL } \
2333 }, \
2334 { & name .hf.hs_ext_quictp_parameter, \
2335 { "Parameter", prefix ".quic.parameter", \
2336 FT_NONE, BASE_NONE, NULL, 0x00, \
2337 NULL, HFILL } \
2338 }, \
2339 { & name .hf.hs_ext_quictp_parameter_type, \
2340 { "Type", prefix ".quic.parameter.type", \
2341 FT_UINT64, BASE_CUSTOM, CF_FUNC(quic_transport_parameter_id_base_custom), 0x00, \
2342 NULL, HFILL } \
2343 }, \
2344 { & name .hf.hs_ext_quictp_parameter_len, \
2345 { "Length", prefix ".quic.parameter.length", \
2346 FT_UINT64, BASE_DEC, NULL, 0x00, \
2347 NULL, HFILL } \
2348 }, \
2349 { & name .hf.hs_ext_quictp_parameter_len_old, \
2350 { "Length", prefix ".quic.parameter.length.old", \
2351 FT_UINT16, BASE_DEC, NULL, 0x00, \
2352 NULL, HFILL } \
2353 }, \
2354 { & name .hf.hs_ext_quictp_parameter_value, \
2355 { "Value", prefix ".quic.parameter.value", \
2356 FT_BYTES, BASE_NONE, NULL, 0x00, \
2357 NULL, HFILL } \
2358 }, \
2359 { & name .hf.hs_ext_quictp_parameter_original_destination_connection_id, \
2360 { "original_destination_connection_id", prefix ".quic.parameter.original_destination_connection_id", \
2361 FT_BYTES, BASE_NONE, NULL, 0x00, \
2362 "Destination Connection ID from the first Initial packet sent by the client", HFILL } \
2363 }, \
2364 { & name .hf.hs_ext_quictp_parameter_max_idle_timeout, \
2365 { "max_idle_timeout", prefix ".quic.parameter.max_idle_timeout", \
2366 FT_UINT64, BASE_DEC, NULL, 0x00, \
2367 "In milliseconds", HFILL } \
2368 }, \
2369 { & name .hf.hs_ext_quictp_parameter_stateless_reset_token, \
2370 { "stateless_reset_token", prefix ".quic.parameter.stateless_reset_token", \
2371 FT_BYTES, BASE_NONE, NULL, 0x00, \
2372 "Used in verifying a stateless reset", HFILL } \
2373 }, \
2374 { & name .hf.hs_ext_quictp_parameter_max_udp_payload_size, \
2375 { "max_udp_payload_size", prefix ".quic.parameter.max_udp_payload_size", \
2376 FT_UINT64, BASE_DEC, NULL, 0x00, \
2377 "Maximum UDP payload size that the endpoint is willing to receive", HFILL } \
2378 }, \
2379 { & name .hf.hs_ext_quictp_parameter_initial_max_data, \
2380 { "initial_max_data", prefix ".quic.parameter.initial_max_data", \
2381 FT_UINT64, BASE_DEC, NULL, 0x00, \
2382 "Contains the initial value for the maximum amount of data that can be sent on the connection", HFILL } \
2383 }, \
2384 { & name .hf.hs_ext_quictp_parameter_initial_max_stream_data_bidi_local, \
2385 { "initial_max_stream_data_bidi_local", prefix ".quic.parameter.initial_max_stream_data_bidi_local", \
2386 FT_UINT64, BASE_DEC, NULL, 0x00, \
2387 "Initial stream maximum data for bidirectional, locally-initiated streams", HFILL } \
2388 }, \
2389 { & name .hf.hs_ext_quictp_parameter_initial_max_stream_data_bidi_remote, \
2390 { "initial_max_stream_data_bidi_remote", prefix ".quic.parameter.initial_max_stream_data_bidi_remote", \
2391 FT_UINT64, BASE_DEC, NULL, 0x00, \
2392 "Initial stream maximum data for bidirectional, peer-initiated streams", HFILL } \
2393 }, \
2394 { & name .hf.hs_ext_quictp_parameter_initial_max_stream_data_uni, \
2395 { "initial_max_stream_data_uni", prefix ".quic.parameter.initial_max_stream_data_uni", \
2396 FT_UINT64, BASE_DEC, NULL, 0x00, \
2397 "Initial stream maximum data for unidirectional streams parameter", HFILL } \
2398 }, \
2399 { & name .hf.hs_ext_quictp_parameter_initial_max_streams_bidi, \
2400 { "initial_max_streams_bidi", prefix ".quic.parameter.initial_max_streams_bidi", \
2401 FT_UINT64, BASE_DEC, NULL, 0x00, \
2402 "Initial maximum number of application-owned bidirectional streams", HFILL } \
2403 }, \
2404 { & name .hf.hs_ext_quictp_parameter_initial_max_streams_uni, \
2405 { "initial_max_streams_uni", prefix ".quic.parameter.initial_max_streams_uni", \
2406 FT_UINT64, BASE_DEC, NULL, 0x00, \
2407 "Initial maximum number of application-owned unidirectional streams", HFILL } \
2408 }, \
2409 { & name .hf.hs_ext_quictp_parameter_ack_delay_exponent, \
2410 { "ack_delay_exponent", prefix ".quic.parameter.ack_delay_exponent", \
2411 FT_UINT64, BASE_DEC, NULL, 0x00, \
2412 "Indicating an exponent used to decode the ACK Delay field in the ACK frame,", HFILL } \
2413 }, \
2414 { & name .hf.hs_ext_quictp_parameter_max_ack_delay, \
2415 { "max_ack_delay", prefix ".quic.parameter.max_ack_delay", \
2416 FT_UINT64, BASE_DEC, NULL, 0x00, \
2417 "Indicating the maximum amount of time in milliseconds by which it will delay sending of acknowledgments", HFILL } \
2418 }, \
2419 { & name .hf.hs_ext_quictp_parameter_pa_ipv4address, \
2420 { "ipv4Address", prefix ".quic.parameter.preferred_address.ipv4address", \
2421 FT_IPv4, BASE_NONE, NULL, 0x00, \
2422 NULL, HFILL } \
2423 }, \
2424 { & name .hf.hs_ext_quictp_parameter_pa_ipv6address, \
2425 { "ipv6Address", prefix ".quic.parameter.preferred_address.ipv6address", \
2426 FT_IPv6, BASE_NONE, NULL, 0x00, \
2427 NULL, HFILL } \
2428 }, \
2429 { & name .hf.hs_ext_quictp_parameter_pa_ipv4port, \
2430 { "ipv4Port", prefix ".quic.parameter.preferred_address.ipv4port", \
2431 FT_UINT16, BASE_DEC, NULL, 0x00, \
2432 NULL, HFILL } \
2433 }, \
2434 { & name .hf.hs_ext_quictp_parameter_pa_ipv6port, \
2435 { "ipv6Port", prefix ".quic.parameter.preferred_address.ipv6port", \
2436 FT_UINT16, BASE_DEC, NULL, 0x00, \
2437 NULL, HFILL } \
2438 }, \
2439 { & name .hf.hs_ext_quictp_parameter_pa_connectionid_length, \
2440 { "Length", prefix ".quic.parameter.preferred_address.connectionid.length", \
2441 FT_UINT8, BASE_DEC, NULL, 0x00, \
2442 "Length of connectionId Field", HFILL } \
2443 }, \
2444 { & name .hf.hs_ext_quictp_parameter_pa_connectionid, \
2445 { "connectionId", prefix ".quic.parameter.preferred_address.connectionid", \
2446 FT_BYTES, BASE_NONE, NULL, 0x00, \
2447 NULL, HFILL } \
2448 }, \
2449 { & name .hf.hs_ext_quictp_parameter_pa_statelessresettoken, \
2450 { "statelessResetToken", prefix ".quic.parameter.preferred_address.statelessresettoken", \
2451 FT_BYTES, BASE_NONE, NULL, 0x00, \
2452 NULL, HFILL } \
2453 }, \
2454 { & name .hf.hs_ext_quictp_parameter_active_connection_id_limit, \
2455 { "Active Connection ID Limit", prefix ".quic.parameter.active_connection_id_limit", \
2456 FT_UINT64, BASE_DEC, NULL, 0x00, \
2457 NULL, HFILL } \
2458 }, \
2459 { & name .hf.hs_ext_quictp_parameter_initial_source_connection_id, \
2460 { "Initial Source Connection ID", prefix ".quic.parameter.initial_source_connection_id", \
2461 FT_BYTES, BASE_NONE, NULL, 0x00, \
2462 NULL, HFILL } \
2463 }, \
2464 { & name .hf.hs_ext_quictp_parameter_retry_source_connection_id, \
2465 { "Retry Source Connection ID", prefix ".quic.parameter.retry_source_connection_id", \
2466 FT_BYTES, BASE_NONE, NULL, 0x00, \
2467 NULL, HFILL } \
2468 }, \
2469 { & name .hf.hs_ext_quictp_parameter_max_datagram_frame_size, \
2470 { "max_datagram_frame_size", prefix ".quic.parameter.max_datagram_frame_size", \
2471 FT_UINT64, BASE_DEC, NULL, 0x00, \
2472 NULL, HFILL } \
2473 }, \
2474 { & name .hf.hs_ext_quictp_parameter_cibir_encoding_length, \
2475 { "length", prefix ".quic.parameter.cibir_encoding.length", \
2476 FT_UINT64, BASE_DEC, NULL, 0x00, \
2477 NULL, HFILL } \
2478 }, \
2479 { & name .hf.hs_ext_quictp_parameter_cibir_encoding_offset, \
2480 { "offset", prefix ".quic.parameter.cibir_encoding.offset", \
2481 FT_UINT64, BASE_DEC, NULL, 0x00, \
2482 NULL, HFILL } \
2483 }, \
2484 { & name .hf.hs_ext_quictp_parameter_loss_bits, \
2485 { "loss_bits", prefix ".quic.parameter.loss_bits", \
2486 FT_UINT64, BASE_DEC, NULL, 0x00, \
2487 NULL, HFILL } \
2488 }, \
2489 { & name .hf.hs_ext_quictp_parameter_enable_time_stamp_v2, \
2490 { "Enable TimestampV2", prefix ".quic.parameter.enable_time_stamp_v2", \
2491 FT_UINT64, BASE_DEC|BASE_VAL64_STRING, VALS64(quic_enable_time_stamp_v2_vals), 0x00, \
2492 NULL, HFILL } \
2493 }, \
2494 { & name .hf.hs_ext_quictp_parameter_min_ack_delay, \
2495 { "min_ack_delay", prefix ".quic.parameter.min_ack_delay", \
2496 FT_UINT64, BASE_DEC, NULL, 0x00, \
2497 NULL, HFILL } \
2498 }, \
2499 { & name .hf.hs_ext_quictp_parameter_google_user_agent_id, \
2500 { "Google UserAgent", prefix ".quic.parameter.google.user_agent", \
2501 FT_STRING, BASE_NONE, NULL, 0x00, \
2502 NULL, HFILL } \
2503 }, \
2504 { & name .hf.hs_ext_quictp_parameter_google_key_update_not_yet_supported, \
2505 { "Google Key Update not yet supported", prefix ".quic.parameter.google.key_update_not_yet_supported", \
2506 FT_NONE, BASE_NONE, NULL, 0x00, \
2507 NULL, HFILL } \
2508 }, \
2509 { & name .hf.hs_ext_quictp_parameter_google_quic_version, \
2510 { "Google QUIC version", prefix ".quic.parameter.google.quic_version", \
2511 FT_UINT32, BASE_RANGE_STRING | BASE_HEX, RVALS(quic_version_vals), 0x00, \
2512 NULL, HFILL } \
2513 }, \
2514 { & name .hf.hs_ext_quictp_parameter_google_initial_rtt, \
2515 { "Google Initial RTT", prefix ".quic.parameter.google.initial_rtt", \
2516 FT_UINT64, BASE_DEC, NULL, 0x00, \
2517 NULL, HFILL } \
2518 }, \
2519 { & name .hf.hs_ext_quictp_parameter_google_support_handshake_done, \
2520 { "Google Support Handshake Done", prefix ".quic.parameter.google.support_handshake_done", \
2521 FT_NONE, BASE_NONE, NULL, 0x00, \
2522 NULL, HFILL } \
2523 }, \
2524 { & name .hf.hs_ext_quictp_parameter_google_quic_params, \
2525 { "Google QUIC parameters", prefix ".quic.parameter.google.quic_params", \
2526 FT_BYTES, BASE_NONE, NULL, 0x00, \
2527 NULL, HFILL } \
2528 }, \
2529 { & name .hf.hs_ext_quictp_parameter_google_quic_params_unknown_field, \
2530 { "Google Unknown Field", prefix ".quic.parameter.google.quic_params_unknown_field", \
2531 FT_BYTES, BASE_NONE, NULL, 0x00, \
2532 NULL, HFILL } \
2533 }, \
2534 { & name .hf.hs_ext_quictp_parameter_google_connection_options, \
2535 { "Google Connection options", prefix ".quic.parameter.google.connection_options", \
2536 FT_BYTES, BASE_NONE, NULL, 0x00, \
2537 NULL, HFILL } \
2538 }, \
2539 { & name .hf.hs_ext_quictp_parameter_google_supported_versions_length, \
2540 { "Google Supported Versions Length", prefix ".quic.parameter.google.supported_versions_length", \
2541 FT_UINT8, BASE_DEC, NULL, 0x00, \
2542 NULL, HFILL } \
2543 }, \
2544 { & name .hf.hs_ext_quictp_parameter_google_supported_version, \
2545 { "Google Supported Version", prefix ".quic.parameter.google.supported_version", \
2546 FT_UINT32, BASE_RANGE_STRING | BASE_HEX, RVALS(quic_version_vals), 0x00, \
2547 NULL, HFILL } \
2548 }, \
2549 { & name .hf.hs_ext_quictp_parameter_facebook_partial_reliability, \
2550 { "Facebook Partial Reliability", prefix ".quic.parameter.facebook.partial_reliability", \
2551 FT_UINT64, BASE_DEC, NULL, 0x00, \
2552 NULL, HFILL } \
2553 }, \
2554 { & name .hf.hs_ext_quictp_parameter_chosen_version, \
2555 { "Chosen Version", prefix ".quic.parameter.vi.chosen_version", \
2556 FT_UINT32, BASE_RANGE_STRING | BASE_HEX, RVALS(quic_version_vals), 0x00, \
2557 NULL, HFILL } \
2558 }, \
2559 { & name .hf.hs_ext_quictp_parameter_other_version, \
2560 { "Other Version", prefix ".quic.parameter.vi.other_version", \
2561 FT_UINT32, BASE_RANGE_STRING | BASE_HEX, RVALS(quic_version_vals), 0x00, \
2562 NULL, HFILL } \
2563 }, \
2564 { & name .hf.hs_ext_quictp_parameter_enable_multipath, \
2565 { "Enable Multipath", prefix ".quic.parameter.enable_multipath", \
2566 FT_UINT64, BASE_DEC|BASE_VAL64_STRING, VALS64(quic_enable_multipath_vals), 0x00, \
2567 NULL, HFILL } \
2568 }, \
2569 { & name .hf.hs_ext_quictp_parameter_initial_max_paths, \
2570 { "Initial Max Paths", prefix ".quic.parameter.initial_max_paths", \
2571 FT_UINT64, BASE_DEC, NULL, 0x00, \
2572 NULL, HFILL } \
2573 }, \
2574 { & name .hf.hs_ext_quictp_parameter_initial_max_path_id, \
2575 { "Initial Max Path ID", prefix ".quic.parameter.initial_max_path_id", \
2576 FT_UINT64, BASE_DEC, NULL, 0x00, \
2577 NULL, HFILL } \
2578 }, \
2579 { & name .hf.hs_ext_connection_id_length, \
2580 { "Connection ID length", prefix ".connection_id_length", \
2581 FT_UINT8, BASE_DEC, NULL, 0x00, \
2582 NULL, HFILL } \
2583 }, \
2584 { & name .hf.hs_ext_connection_id, \
2585 { "Connection ID", prefix ".connection_id", \
2586 FT_BYTES, BASE_NONE, NULL, 0x00, \
2587 NULL, HFILL } \
2588 }, \
2589 { & name .hf.hs_ext_trusted_ca_keys_len, \
2590 { "Trusted CA keys length", prefix ".handshake.trusted_ca.keys_length", \
2591 FT_UINT16, BASE_DEC, NULL, 0x00, \
2592 "Length of Trusted CA keys extension", HFILL } \
2593 }, \
2594 { & name .hf.hs_ext_trusted_ca_keys_list, \
2595 { "Trusted CA keys", prefix ".handshake.trusted_ca.keys", \
2596 FT_NONE, BASE_NONE, NULL, 0x00, \
2597 "List of Trusted CA keys", HFILL } \
2598 }, \
2599 { & name .hf.hs_ext_trusted_ca_key, \
2600 { "Trusted CA key", prefix ".handshake.trusted_ca.key", \
2601 FT_NONE, BASE_NONE, NULL, 0x0, \
2602 NULL, HFILL } \
2603 }, \
2604 { & name .hf.hs_ext_trusted_ca_key_type, \
2605 { "Trusted CA key type", prefix ".handshake.trusted_ca.key_type", \
2606 FT_UINT8, BASE_DEC, VALS(tls_hello_ext_trusted_ca_key_type), 0x00, \
2607 "Type of Trusted CA key", HFILL } \
2608 }, \
2609 { & name .hf.hs_ext_trusted_ca_key_hash, \
2610 { "Trusted CA key hash", prefix ".handshake.trusted_ca.key_hash", \
2611 FT_BYTES, BASE_NONE, NULL, 0x00, \
2612 NULL, HFILL } \
2613 }, \
2614 { & name .hf.hs_ext_trusted_ca_key_dname_len, \
2615 { "Distinguished Name Length", prefix ".handshake.trusted_ca.key_dname_len", \
2616 FT_UINT16, BASE_DEC, NULL, 0x0, \
2617 "Length of distinguished name", HFILL } \
2618 }, \
2619 { & name .hf.hs_ext_trusted_ca_key_dname, \
2620 { "Distinguished Name", prefix ".handshake.trusted_ca.key_dname", \
2621 FT_NONE, BASE_NONE, NULL, 0x0, \
2622 "Distinguished name of a CA that the client trusts", HFILL } \
2623 }, \
2624 { & name .hf.esni_suite, \
2625 { "Cipher Suite", prefix ".esni.suite", \
2626 FT_UINT16, BASE_HEX|BASE_EXT_STRING, &ssl_31_ciphersuite_ext, 0x0, \
2627 "Cipher suite used to encrypt the SNI", HFILL } \
2628 }, \
2629 { & name .hf.esni_record_digest_length, \
2630 { "Record Digest Length", prefix ".esni.record_digest_length", \
2631 FT_UINT16, BASE_DEC, NULL, 0x00, \
2632 NULL, HFILL } \
2633 }, \
2634 { & name .hf.esni_record_digest, \
2635 { "Record Digest", prefix ".esni.record_digest", \
2636 FT_BYTES, BASE_NONE, NULL, 0x00, \
2637 "Cryptographic hash of the ESNIKeys from which the ESNI key was obtained", HFILL } \
2638 }, \
2639 { & name .hf.esni_encrypted_sni_length, \
2640 { "Encrypted SNI Length", prefix ".esni.encrypted_sni_length", \
2641 FT_UINT16, BASE_DEC, NULL, 0x00, \
2642 NULL, HFILL } \
2643 }, \
2644 { & name .hf.esni_encrypted_sni, \
2645 { "Encrypted SNI", prefix ".esni.encrypted_sni", \
2646 FT_BYTES, BASE_NONE, NULL, 0x00, \
2647 "The encrypted ClientESNIInner structure", HFILL } \
2648 }, \
2649 { & name .hf.esni_nonce, \
2650 { "Nonce", prefix ".esni.nonce", \
2651 FT_BYTES, BASE_NONE, NULL, 0x00, \
2652 "Contents of ClientESNIInner.nonce", HFILL } \
2653 }, \
2654 { & name .hf.ech_echconfiglist_length, \
2655 { "ECHConfigList length", prefix ".ech.echconfiglist_length", \
2656 FT_UINT16, BASE_DEC, NULL, 0x0, \
2657 "Encrypted ClientHello (ECH) Configurations length", HFILL } \
2658 }, \
2659 { & name .hf.ech_echconfiglist, \
2660 { "ECHConfigList", prefix ".ech.echconfiglist", \
2661 FT_NONE, BASE_NONE, NULL, 0x0, \
2662 "Encrypted ClientHello (ECH) Configurations", HFILL } \
2663 }, \
2664 { & name .hf.ech_echconfig, \
2665 { "ECHConfig", prefix ".ech.echconfig", \
2666 FT_NONE, BASE_NONE, NULL, 0x0, \
2667 "Encrypted ClientHello (ECH) Configuration", HFILL } \
2668 }, \
2669 { & name .hf.ech_echconfig_version, \
2670 { "Version", prefix ".ech.echconfig.version", \
2671 FT_UINT16, BASE_HEX, NULL, 0x0, \
2672 "Encrypted ClientHello: ECHConfig version", HFILL } \
2673 }, \
2674 { & name .hf.ech_echconfig_length, \
2675 { "Length", prefix ".ech.echconfig.length", \
2676 FT_UINT16, BASE_DEC, NULL, 0x0, \
2677 "Encrypted ClientHello: ECHConfig length", HFILL } \
2678 }, \
2679 { & name .hf.ech_echconfigcontents_maximum_name_length, \
2680 { "Maximum Name Length", prefix ".ech.echconfigcontents.maximum_name_length", \
2681 FT_UINT8, BASE_DEC, NULL, 0x0, \
2682 "The longest name of a backend server, if known", HFILL } \
2683 }, \
2684 { & name .hf.ech_echconfigcontents_public_name_length, \
2685 { "Public Name length", prefix ".ech.echconfigcontents.public_name_length", \
2686 FT_UINT8, BASE_DEC, NULL, 0x0, \
2687 "Length of the Public Name field", HFILL } \
2688 }, \
2689 { & name .hf.ech_echconfigcontents_public_name, \
2690 { "Public Name", prefix ".ech.echconfigcontents.public_name", \
2691 FT_STRING, BASE_NONE, NULL, 0x0, \
2692 "The DNS name of the client-facing server, i.e., the entity trusted to update the ECH configuration", HFILL } \
2693 }, \
2694 { & name .hf.ech_echconfigcontents_extensions_length, \
2695 { "Extensions length", prefix ".ech.echconfigcontents.extensions_length", \
2696 FT_UINT16, BASE_DEC, NULL, 0x0, \
2697 "Length of the Extensions field", HFILL } \
2698 }, \
2699 { & name .hf.ech_echconfigcontents_extensions, \
2700 { "Extensions", prefix ".ech.echconfigcontents.extensions", \
2701 FT_BYTES, BASE_NONE, NULL, 0x0, \
2702 "A list of extensions that the client must take into consideration when generating a ClientHello message", HFILL } \
2703 }, \
2704 { & name .hf.ech_hpke_keyconfig, \
2705 { "HPKE Key Config", prefix ".ech.hpke.keyconfig", \
2706 FT_NONE, BASE_NONE, NULL, 0x0, \
2707 "HPKE Key Config", HFILL } \
2708 }, \
2709 { & name .hf.ech_hpke_keyconfig_config_id, \
2710 { "Config Id", prefix ".ech.hpke.keyconfig.config_id", \
2711 FT_UINT8, BASE_DEC, NULL, 0x0, \
2712 "HPKE Config Id", HFILL } \
2713 }, \
2714 { & name .hf.ech_hpke_keyconfig_kem_id, \
2715 { "KEM Id", prefix ".ech.hpke.keyconfig.kem_id", \
2716 FT_UINT16, BASE_DEC, VALS(kem_id_type_vals), 0x0, \
2717 "HPKE KEM Id", HFILL } \
2718 }, \
2719 { & name .hf.ech_hpke_keyconfig_public_key_length, \
2720 { "Public Key length", prefix ".ech.hpke.keyconfig.public_key_length", \
2721 FT_UINT16, BASE_DEC, NULL, 0x0, \
2722 "HPKE Public Key length", HFILL } \
2723 }, \
2724 { & name .hf.ech_hpke_keyconfig_public_key, \
2725 { "Public Key", prefix ".ech.hpke.keyconfig.public_key", \
2726 FT_BYTES, BASE_NONE, NULL, 0x0, \
2727 "HPKE Public Key", HFILL } \
2728 }, \
2729 { & name .hf.ech_hpke_keyconfig_cipher_suites, \
2730 { "Cipher Suites", prefix ".ech.hpke.keyconfig.cipher_suites", \
2731 FT_NONE, BASE_NONE, NULL, 0x0, \
2732 "HPKE Cipher Suites", HFILL } \
2733 }, \
2734 { & name .hf.ech_hpke_keyconfig_cipher_suites_length, \
2735 { "Cipher Suites length", prefix ".ech.hpke.keyconfig.cipher_suites_length", \
2736 FT_UINT16, BASE_DEC, NULL, 0x0, \
2737 "HPKE Cipher Suites length", HFILL } \
2738 }, \
2739 { & name .hf.ech_hpke_keyconfig_cipher_suite, \
2740 { "Cipher Suite", prefix ".ech.hpke.keyconfig.cipher_suite", \
2741 FT_NONE, BASE_NONE, NULL, 0x0, \
2742 "HPKE Cipher Suite", HFILL } \
2743 }, \
2744 { & name .hf.ech_hpke_keyconfig_cipher_suite_kdf_id, \
2745 { "KDF Id", prefix ".ech.hpke.keyconfig.cipher_suite.kdf_id", \
2746 FT_UINT16, BASE_DEC, VALS(kdf_id_type_vals), 0x0, \
2747 "HPKE KDF Id", HFILL } \
2748 }, \
2749 { & name .hf.ech_hpke_keyconfig_cipher_suite_aead_id, \
2750 { "AEAD Id", prefix ".ech.hpke.keyconfig.cipher_suite.aead_id", \
2751 FT_UINT16, BASE_DEC, VALS(aead_id_type_vals), 0x0, \
2752 "HPKE AEAD Id", HFILL } \
2753 }, \
2754 { & name .hf.ech_clienthello_type, \
2755 { "Client Hello type", prefix ".ech.client_hello_type", \
2756 FT_UINT8, BASE_DEC, VALS(tls_hello_ext_ech_clienthello_types), 0x0, \
2757 "Client Hello type", HFILL } \
2758 }, \
2759 { & name .hf.ech_cipher_suite, \
2760 { "Cipher Suite", prefix ".ech.cipher_suite", \
2761 FT_NONE, BASE_NONE, NULL, 0x0, \
2762 "The cipher suite used to encrypt ClientHelloInner", HFILL } \
2763 }, \
2764 { & name .hf.ech_config_id, \
2765 { "Config Id", prefix ".ech.config_id", \
2766 FT_UINT8, BASE_DEC, NULL, 0x0, \
2767 "The ECHConfigContents.key_config.config_id for the chosen ECHConfig", HFILL } \
2768 }, \
2769 { & name .hf.ech_enc_length, \
2770 { "Enc length", prefix ".ech.enc_length", \
2771 FT_UINT16, BASE_DEC, NULL, 0x0, \
2772 NULL, HFILL } \
2773 }, \
2774 { & name .hf.ech_enc, \
2775 { "Enc", prefix ".ech.enc", \
2776 FT_BYTES, BASE_NONE, NULL, 0x0, \
2777 "The HPKE encapsulated key, used by servers to decrypt the corresponding payload field", HFILL } \
2778 }, \
2779 { & name .hf.ech_payload_length, \
2780 { "Payload length", prefix ".ech.payload_length", \
2781 FT_UINT16, BASE_DEC, NULL, 0x0, \
2782 "Payload Length", HFILL } \
2783 }, \
2784 { & name .hf.ech_payload, \
2785 { "Payload", prefix ".ech.payload", \
2786 FT_BYTES, BASE_NONE, NULL, 0x0, \
2787 "The serialized and encrypted ClientHelloInner structure", HFILL } \
2788 }, \
2789 { & name .hf.ech_confirmation, \
2790 { "Confirmation", prefix ".ech.confirmation", \
2791 FT_BYTES, BASE_NONE, NULL, 0x0, \
2792 "Confirmation of ECH acceptance in a HelloRetryRequest", HFILL } \
2793 }, \
2794 { & name .hf.ech_retry_configs, \
2795 { "Retry Configs", prefix ".ech.retry_configs", \
2796 FT_NONE, BASE_NONE, NULL, 0x0, \
2797 "ECHConfig structures for one-time use by the client in a retry connection", HFILL } \
2798 }, \
2799 { & name .hf.ech_padding_data, \
2800 { "ECH Encrypted Padding", prefix ".ech.encrypted_padding", \
2801 FT_BYTES, BASE_NONE, NULL, 0x0, \
2802 "Must be zero", HFILL } \
2803 }, \
2804 { & name .hf.hs_ext_alps_len, \
2805 { "ALPS Extension Length", prefix ".handshake.extensions_alps_len", \
2806 FT_UINT16, BASE_DEC, NULL, 0x0, \
2807 "Length of the ALPS Extension", HFILL } \
2808 }, \
2809 { & name .hf.hs_ext_alps_alpn_list, \
2810 { "Supported ALPN List", prefix ".handshake.extensions_alps_alpn_list", \
2811 FT_NONE, BASE_NONE, NULL, 0x0, \
2812 "List of supported ALPN by ALPS", HFILL } \
2813 }, \
2814 { & name .hf.hs_ext_alps_alpn_str_len, \
2815 { "Supported ALPN Length", prefix ".handshake.extensions_alps_alpn_str_len", \
2816 FT_UINT8, BASE_DEC, NULL, 0x0, \
2817 "Length of ALPN string", HFILL } \
2818 }, \
2819 { & name .hf.hs_ext_alps_alpn_str, \
2820 { "Supported ALPN", prefix ".handshake.extensions_alps_alpn_str", \
2821 FT_STRING, BASE_NONE, NULL, 0x00, \
2822 "ALPN supported by ALPS", HFILL } \
2823 }, \
2824 { & name .hf.hs_ext_alps_settings, \
2825 { "ALPN Opaque Settings", prefix ".handshake.extensions_alps.settings", \
2826 FT_BYTES, BASE_NONE, NULL, 0x00, \
2827 "ALPN Opaque Settings", HFILL } \
2828 }
2829 /* }}} */
2830
2831 /* {{{ */
2832 #define SSL_COMMON_ETT_LIST(name) \
2833 & name .ett.hs_ext, \
2834 & name .ett.hs_ext_alpn, \
2835 & name .ett.hs_ext_cert_types, \
2836 & name .ett.hs_ext_groups, \
2837 & name .ett.hs_ext_curves_point_formats, \
2838 & name .ett.hs_ext_npn, \
2839 & name .ett.hs_ext_reneg_info, \
2840 & name .ett.hs_ext_key_share, \
2841 & name .ett.hs_ext_key_share_ks, \
2842 & name .ett.hs_ext_pre_shared_key, \
2843 & name .ett.hs_ext_psk_identity, \
2844 & name .ett.hs_ext_server_name, \
2845 & name .ett.hs_ext_oid_filter, \
2846 & name .ett.hs_ext_quictp_parameter, \
2847 & name .ett.hs_ext_trusted_ca_keys, \
2848 & name .ett.hs_ext_trusted_ca_key, \
2849 & name .ett.hs_sig_hash_alg, \
2850 & name .ett.hs_sig_hash_algs, \
2851 & name .ett.urlhash, \
2852 & name .ett.keyex_params, \
2853 & name .ett.certificates, \
2854 & name .ett.cert_types, \
2855 & name .ett.dnames, \
2856 & name .ett.hs_random, \
2857 & name .ett.cipher_suites, \
2858 & name .ett.comp_methods, \
2859 & name .ett.session_ticket, \
2860 & name .ett.sct, \
2861 & name .ett.cert_status, \
2862 & name .ett.ocsp_response, \
2863 & name .ett.uncompressed_certificates, \
2864 & name .ett.hs_ext_alps, \
2865 & name .ett.ech_echconfiglist, \
2866 & name .ett.ech_echconfig, \
2867 & name .ett.ech_retry_configs, \
2868 & name .ett.ech_hpke_keyconfig, \
2869 & name .ett.ech_hpke_cipher_suites, \
2870 & name .ett.ech_hpke_cipher_suite, \
2871 & name .ett.ech_decrypt, \
2872 & name .ett.hs_ext_token_binding_key_parameters, \
2873
2874 /* }}} */
2875
2876 /* {{{ */
2877 #define SSL_COMMON_EI_LIST(name, prefix) \
2878 { & name .ei.client_version_error, \
2879 { prefix ".handshake.client_version_error", PI_PROTOCOL, PI_WARN, \
2880 "Client Hello legacy version field specifies version 1.3, not version 1.2; some servers may not be able to handle that.", EXPFILL } \
2881 }, \
2882 { & name .ei.server_version_error, \
2883 { prefix ".handshake.server_version_error", PI_PROTOCOL, PI_WARN, \
2884 "Server Hello legacy version field specifies version 1.3, not version 1.2; some middleboxes may not be able to handle that.", EXPFILL } \
2885 }, \
2886 { & name .ei.legacy_version, \
2887 { prefix ".handshake.legacy_version", PI_DEPRECATED, PI_CHAT, \
2888 "This legacy_version field MUST be ignored. The supported_versions extension is present and MUST be used instead.", EXPFILL } \
2889 }, \
2890 { & name .ei.malformed_vector_length, \
2891 { prefix ".malformed.vector_length", PI_PROTOCOL, PI_WARN, \
2892 "Variable vector length is outside the permitted range", EXPFILL } \
2893 }, \
2894 { & name .ei.malformed_buffer_too_small, \
2895 { prefix ".malformed.buffer_too_small", PI_MALFORMED, PI_ERROR, \
2896 "Malformed message, not enough data is available", EXPFILL } \
2897 }, \
2898 { & name .ei.malformed_trailing_data, \
2899 { prefix ".malformed.trailing_data", PI_PROTOCOL, PI_WARN, \
2900 "Undecoded trailing data is present", EXPFILL } \
2901 }, \
2902 { & name .ei.hs_ext_cert_status_undecoded, \
2903 { prefix ".handshake.status_request.undecoded", PI_UNDECODED, PI_NOTE, \
2904 "Responder ID list or Request Extensions are not implemented, contact Wireshark developers if you want this to be supported", EXPFILL } \
2905 }, \
2906 { & name .ei.hs_ciphersuite_undecoded, \
2907 { prefix ".handshake.ciphersuite.undecoded", PI_UNDECODED, PI_NOTE, \
2908 "Ciphersuite not implemented, contact Wireshark developers if you want this to be supported", EXPFILL } \
2909 }, \
2910 { & name .ei.hs_srv_keyex_illegal, \
2911 { prefix ".handshake.server_keyex_illegal", PI_PROTOCOL, PI_WARN, \
2912 "It is not legal to send the ServerKeyExchange message for this ciphersuite", EXPFILL } \
2913 }, \
2914 { & name .ei.resumed, \
2915 { prefix ".resumed", PI_SEQUENCE, PI_NOTE, \
2916 "This session reuses previously negotiated keys (Session resumption)", EXPFILL } \
2917 }, \
2918 { & name .ei.record_length_invalid, \
2919 { prefix ".record.length.invalid", PI_PROTOCOL, PI_ERROR, \
2920 "Record fragment length is too small or too large", EXPFILL } \
2921 }, \
2922 { & name .ei.decompression_error, \
2923 { prefix ".decompression_error", PI_PROTOCOL, PI_ERROR, \
2924 "Decompression error", EXPFILL } \
2925 }, \
2926 { & name .ei.ech_echconfig_invalid_version, \
2927 { prefix ".ech_echconfig_invalid_version", PI_PROTOCOL, PI_ERROR, \
2928 "Invalid/unknown ECHConfig version", EXPFILL } \
2929 }, \
2930 { & name .ei.ech_accepted, \
2931 { prefix ".ech_accepted", PI_PROTOCOL, PI_NOTE, \
2932 "Calculated ECH Confirmation matches Server Random bytes, ECH was accepted", EXPFILL } \
2933 }, \
2934 { & name .ei.ech_rejected, \
2935 { prefix ".ech_rejected", PI_PROTOCOL, PI_WARN, \
2936 "Calculated ECH Confirmation does not match Server Random bytes, ECH was rejected", EXPFILL } \
2937 }
2938 /* }}} */
2939
2940 extern void
2941 ssl_common_register_ssl_alpn_dissector_table(const char *name,
2942 const char *ui_name, const int proto);
2943
2944 extern void
2945 ssl_common_register_dtls_alpn_dissector_table(const char *name,
2946 const char *ui_name, const int proto);
2947
2948 extern void
2949 ssl_common_register_options(module_t *module, ssl_common_options_t *options, bool is_dtls);
2950
2951 #ifdef SSL_DECRYPT_DEBUG
2952 extern void
2953 ssl_debug_printf(const char* fmt,...) G_GNUC_PRINTF(1,2);
2954 extern void
2955 ssl_print_data(const char* name, const unsigned char* data, size_t len);
2956 extern void
2957 ssl_print_string(const char* name, const StringInfo* data);
2958 extern void
2959 ssl_set_debug(const char* name);
2960 extern void
2961 ssl_debug_flush(void);
2962 #else
2963
2964 /* No debug: nullify debug operation*/
2965 static inline void G_GNUC_PRINTF(1,2)
2966 ssl_debug_printf(const char* fmt _U_,...)
2967 {
2968 }
2969 #define ssl_print_data(a, b, c)
2970 #define ssl_print_string(a, b)
2971 #define ssl_set_debug(name)
2972 #define ssl_debug_flush()
2973
2974 #endif /* SSL_DECRYPT_DEBUG */
2975
2976
2977 uint32_t
2978 ssl_dissect_ext_ech_echconfiglist(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info *pinfo,
2979 proto_tree *tree, uint32_t offset, uint32_t offset_end);
2980
2981 #endif /* __PACKET_TLS_UTILS_H__ */
2982
2983 /*
2984 * Editor modelines - https://www.wireshark.org/tools/modelines.html
2985 *
2986 * Local variables:
2987 * c-basic-offset: 4
2988 * tab-width: 8
2989 * indent-tabs-mode: nil
2990 * End:
2991 *
2992 * vi: set shiftwidth=4 tabstop=8 expandtab:
2993 * :indentSize=4:tabSize=8:noTabs=true:
2994 */
Metzes wireshark repo