tls: adding fingerprint calculation.

author Jean-Paul Roliers <popof.fpn@gmail.com>

Thu, 2 Feb 2012 14:07:42 +0000 (15:07 +0100)

committer Eric Leblond <eric@regit.org>

Fri, 24 Aug 2012 10:59:11 +0000 (12:59 +0200)
author Jean-Paul Roliers <popof.fpn@gmail.com>
Thu, 2 Feb 2012 14:07:42 +0000 (15:07 +0100)
committer Eric Leblond <eric@regit.org>
Fri, 24 Aug 2012 10:59:11 +0000 (12:59 +0200)
diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c

index f8012c32e233b1e885d0114a60a34c36a3a3ca22..c092a5f98b8aaba1d58b987025a0ee24039784eb 100644 (file)
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -878,6 +878,8 @@ void SSLStateFree(void *p)
          SCFree(ssl_state->client_connp.cert0_subject);
      if (ssl_state->client_connp.cert0_issuerdn)
          SCFree(ssl_state->client_connp.cert0_issuerdn);
+    if (ssl_state->client_connp.cert0_fingerprint)
+        SCFree(ssl_state->client_connp.cert0_fingerprint);
  
      if (ssl_state->server_connp.trec)
          SCFree(ssl_state->server_connp.trec);
@@ -885,6 +887,8 @@ void SSLStateFree(void *p)
          SCFree(ssl_state->server_connp.cert0_subject);
      if (ssl_state->server_connp.cert0_issuerdn)
          SCFree(ssl_state->server_connp.cert0_issuerdn);
+    if (ssl_state->server_connp.cert0_fingerprint)
+        SCFree(ssl_state->server_connp.cert0_fingerprint);
  
      SCFree(ssl_state);
  
diff --git a/src/app-layer-ssl.h b/src/app-layer-ssl.h

index f96e04d3a5732291def0090018796c135af049eb..85da873c1fe1e36fab866734a2627006b07a10c0 100644 (file)
--- a/src/app-layer-ssl.h
+++ b/src/app-layer-ssl.h
@@ -100,6 +100,7 @@ typedef struct SSLStateConnp_ {
  
      char *cert0_subject;
      char *cert0_issuerdn;
+    char *cert0_fingerprint;
  
      /* buffer for the tls record.
       * We use a malloced buffer, if the record is fragmented */
diff --git a/src/app-layer-tls-handshake.c b/src/app-layer-tls-handshake.c

index 053b6d09481bc25925bbf5e76c993e2779e2d684..ce0349cafdea9403bd7b241c9cef531a9b65cc01 100644 (file)
--- a/src/app-layer-tls-handshake.c
+++ b/src/app-layer-tls-handshake.c
@@ -50,6 +50,8 @@
  #include "util-decode-der.h"
  #include "util-decode-der-get.h"
  
+#include "util-crypt.h"
+
  #define SSLV3_RECORD_LEN 5
  
  static void TLSCertificateErrCodeToWarning(SSLState *ssl_state, uint32_t errcode)
@@ -143,6 +145,32 @@ int DecodeTLSHandshakeServerCertificate(SSLState *ssl_state, uint8_t *input, uin
                  }
              }
              DerFree(cert);
+
+            if (i == 0 && ssl_state->server_connp.cert0_fingerprint == NULL) {
+                int msg_len = cur_cert_length;
+                int hash_len = 20;
+                int out_len = 60;
+                char out[out_len];
+                unsigned char* hash;
+                hash = ComputeSHA1((unsigned char*) input, (int) msg_len);
+                char *p = out;
+                int j = 0;
+
+                if (hash == NULL) {
+                    SCLogWarning(SC_ERR_MEM_ALLOC, "Can not allocate fingerprint string");
+                } else {
+
+                    for (j = 0; j < hash_len; j++, p += 3) {
+                        snprintf(p, 4, j == hash_len - 1 ? "%02x" : "%02x:", hash[j]);
+                    }
+                    SCFree(hash);
+                    ssl_state->server_connp.cert0_fingerprint = SCStrdup(out);
+                    if (ssl_state->server_connp.cert0_fingerprint == NULL) {
+                        SCLogWarning(SC_ERR_MEM_ALLOC, "Can not allocate fingerprint string");
+                    }
+                }
+            }
+
          }
  
          i++;
@@ -152,5 +180,6 @@ int DecodeTLSHandshakeServerCertificate(SSLState *ssl_state, uint8_t *input, uin
      }
  
      return parsed;
+
  }
author	Jean-Paul Roliers <popof.fpn@gmail.com>
	Thu, 2 Feb 2012 14:07:42 +0000 (15:07 +0100)
committer	Eric Leblond <eric@regit.org>
	Fri, 24 Aug 2012 10:59:11 +0000 (12:59 +0200)
src/app-layer-ssl.c		patch \| blob \| blame \| history
src/app-layer-ssl.h		patch \| blob \| blame \| history
src/app-layer-tls-handshake.c		patch \| blob \| blame \| history