123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258 |
- /* sniffer.h
- *
- * Copyright (C) 2006-2021 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
- #ifndef WOLFSSL_SNIFFER_H
- #define WOLFSSL_SNIFFER_H
- #include <wolfssl/wolfcrypt/settings.h>
- #ifdef _WIN32
- #ifdef SSL_SNIFFER_EXPORTS
- #define SSL_SNIFFER_API __declspec(dllexport)
- #else
- #define SSL_SNIFFER_API __declspec(dllimport)
- #endif
- #else
- #define SSL_SNIFFER_API
- #endif /* _WIN32 */
- #ifdef __cplusplus
- extern "C" {
- #endif
- /* @param typeK: (formerly keyType) was shadowing a global declaration in
- * wolfssl/wolfcrypt/asn.h line 175
- */
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_SetPrivateKey(const char* address, int port,
- const char* keyFile, int typeK,
- const char* password, char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_SetPrivateKeyBuffer(const char* address, int port,
- const char* keyBuf, int keySz,
- int typeK, const char* password,
- char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_SetNamedPrivateKey(const char* name,
- const char* address, int port,
- const char* keyFile, int typeK,
- const char* password, char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_SetNamedPrivateKeyBuffer(const char* name,
- const char* address, int port,
- const char* keyBuf, int keySz,
- int typeK, const char* password,
- char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_SetEphemeralKey(const char* address, int port,
- const char* keyFile, int typeKey,
- const char* password, char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_SetEphemeralKeyBuffer(const char* address, int port,
- const char* keyBuf, int keySz, int typeKey,
- const char* password, char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_SetNamedEphemeralKey(const char* name,
- const char* address, int port,
- const char* keyFile, int typeKey,
- const char* password, char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_SetNamedEphemeralKeyBuffer(const char* name,
- const char* address, int port,
- const char* keyBuf, int keySz, int typeKey,
- const char* password, char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_DecodePacket(const unsigned char* packet, int length,
- unsigned char** data, char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_FreeDecodeBuffer(unsigned char** data, char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_FreeZeroDecodeBuffer(unsigned char** data, int sz,
- char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_Trace(const char* traceFile, char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_EnableRecovery(int onOff, int maxMemory, char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_GetSessionStats(unsigned int* active,
- unsigned int* total,
- unsigned int* peak,
- unsigned int* maxSessions,
- unsigned int* missedData,
- unsigned int* reassemblyMemory,
- char* error);
- WOLFSSL_API void ssl_InitSniffer(void);
- WOLFSSL_API void ssl_FreeSniffer(void);
- /* ssl_SetPrivateKey typeKs */
- enum {
- FILETYPE_PEM = 1,
- FILETYPE_DER = 2,
- };
- /*
- * New Sniffer API that provides read-only access to the TLS and cipher
- * information associated with the SSL session.
- */
- typedef struct SSLInfo
- {
- unsigned char isValid;
- /* indicates if the info in this struct is valid: 0 = no, 1 = yes */
- unsigned char protocolVersionMajor; /* SSL Version: major */
- unsigned char protocolVersionMinor; /* SSL Version: minor */
- unsigned char serverCipherSuite0; /* first byte, normally 0 */
- unsigned char serverCipherSuite; /* second byte, actual suite */
- unsigned char serverCipherSuiteName[256];
- /* cipher name, e.g., "TLS_RSA_..." */
- unsigned char serverNameIndication[128];
- unsigned int keySize;
- } SSLInfo;
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_DecodePacketWithSessionInfo(
- const unsigned char* packet, int length,
- unsigned char** data, SSLInfo* sslInfo, char* error);
- typedef void (*SSLConnCb)(const void* session, SSLInfo* info, void* ctx);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_SetConnectionCb(SSLConnCb cb);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_SetConnectionCtx(void* ctx);
- typedef struct SSLStats
- {
- unsigned long int sslStandardConns;
- unsigned long int sslClientAuthConns;
- unsigned long int sslResumedConns;
- unsigned long int sslEphemeralMisses;
- unsigned long int sslResumeMisses;
- unsigned long int sslCiphersUnsupported;
- unsigned long int sslKeysUnmatched;
- unsigned long int sslKeyFails;
- unsigned long int sslDecodeFails;
- unsigned long int sslAlerts;
- unsigned long int sslDecryptedBytes;
- unsigned long int sslEncryptedBytes;
- unsigned long int sslEncryptedPackets;
- unsigned long int sslDecryptedPackets;
- unsigned long int sslKeyMatches;
- unsigned long int sslEncryptedConns;
- unsigned long int sslResumptionValid;
- unsigned long int sslResumptionInserts;
- } SSLStats;
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_ResetStatistics(void);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_ReadStatistics(SSLStats* stats);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_ReadResetStatistics(SSLStats* stats);
- typedef int (*SSLWatchCb)(void* vSniffer,
- const unsigned char* certHash,
- unsigned int certHashSz,
- const unsigned char* certChain,
- unsigned int certChainSz,
- void* ctx, char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_SetWatchKeyCallback(SSLWatchCb cb, char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_SetWatchKeyCallback_ex(SSLWatchCb cb, int devId,
- char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_SetWatchKeyCtx(void* ctx, char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_SetWatchKey_buffer(void* vSniffer,
- const unsigned char* key, unsigned int keySz,
- int keyType, char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_SetWatchKey_file(void* vSniffer,
- const char* keyFile, int keyType,
- const char* password, char* error);
- typedef int (*SSLStoreDataCb)(const unsigned char* decryptBuf,
- unsigned int decryptBufSz, unsigned int decryptBufOffset, void* ctx);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_SetStoreDataCallback(SSLStoreDataCb cb);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_DecodePacketWithSessionInfoStoreData(
- const unsigned char* packet, int length, void* ctx,
- SSLInfo* sslInfo, char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_DecodePacketWithChain(void* vChain,
- unsigned int chainSz, unsigned char** data, char* error);
- WOLFSSL_API
- SSL_SNIFFER_API int ssl_DecodePacketWithChainSessionInfoStoreData(
- void* vChain, unsigned int chainSz, void* ctx, SSLInfo* sslInfo,
- char* error);
- #ifdef __cplusplus
- } /* extern "C" */
- #endif
- #endif /* wolfSSL_SNIFFER_H */
|