From 1927a4fa8d871188842cddde7755f4d34f804dd2 Mon Sep 17 00:00:00 2001 From: Peter Wu Date: Tue, 1 Oct 2013 23:02:53 +0200 Subject: generate-wireshark-cs: fix ECDH, add PSK, drop SIG_ ssl_get_keyex_alg.txt contains the current supported list of cipher suites for key exchange by the ssl_get_keyex_alg() function. It was generated with: awk -F '[ :;\t]+' '/^gint ssl_get_keyex_alg/{p=1} /case/{if(p)a[$3]=0} /return/{for(i in a)print i, $3;delete a} /^} /{if(p)exit}' packet-ssl-utils.c This file can then be converted and sorted with: while read num name; do echo $((num)) $name; done < ssl_get_keyex_alg.txt | sort -n > /tmp/1 To get the current cipher suites list: awk -F '[ {,]+' '/,KEX_/{print $2, $3}' packet-ssl-utils.c > /tmp/2 Check which cipher suites are missing or have an incorrect key exchange: diff -y /tmp/[12] It turned out that the ECDH cipher suites were incorrectly marked as DH (tested on top of SVN rev 52320). Therefore adjust the generate-wireshark-cs file. --- kex-fix/ssl_get_keyex_alg.txt | 210 +++++++++++++++++++++++++++++++++++++ kex-fix/ssl_get_keyex_alg.txt.diff | 210 +++++++++++++++++++++++++++++++++++++ 2 files changed, 420 insertions(+) create mode 100644 kex-fix/ssl_get_keyex_alg.txt create mode 100644 kex-fix/ssl_get_keyex_alg.txt.diff (limited to 'kex-fix') diff --git a/kex-fix/ssl_get_keyex_alg.txt b/kex-fix/ssl_get_keyex_alg.txt new file mode 100644 index 0000000..380037c --- /dev/null +++ b/kex-fix/ssl_get_keyex_alg.txt @@ -0,0 +1,210 @@ +0xffe0 KEX_RSA +0x003d KEX_RSA +0x0003 KEX_RSA +0xffe1 KEX_RSA +0x002f KEX_RSA +0x0004 KEX_RSA +0x0041 KEX_RSA +0x0005 KEX_RSA +0x0060 KEX_RSA +0x0006 KEX_RSA +0x0061 KEX_RSA +0x0007 KEX_RSA +0x00ba KEX_RSA +0x009c KEX_RSA +0x0062 KEX_RSA +0x0035 KEX_RSA +0x0008 KEX_RSA +0x009d KEX_RSA +0x0009 KEX_RSA +0x0064 KEX_RSA +0x000a KEX_RSA +0x00c0 KEX_RSA +0x0084 KEX_RSA +0xfefe KEX_RSA +0xfeff KEX_RSA +0x003b KEX_RSA +0x0001 KEX_RSA +0x0096 KEX_RSA +0x003c KEX_RSA +0x0002 KEX_RSA +0x0040 KEX_DH +0x0042 KEX_DH +0x009a KEX_DH +0x0043 KEX_DH +0x009b KEX_DH +0x0044 KEX_DH +0x0045 KEX_DH +0x0046 KEX_DH +0x009e KEX_DH +0x009f KEX_DH +0x0063 KEX_DH +0x0065 KEX_DH +0x0066 KEX_DH +0x0067 KEX_DH +0x0068 KEX_DH +0x00aa KEX_DH +0x0069 KEX_DH +0x00ab KEX_DH +0x0085 KEX_DH +0x0086 KEX_DH +0x0087 KEX_DH +0x0088 KEX_DH +0x0089 KEX_DH +0x00b2 KEX_DH +0x000b KEX_DH +0x00b3 KEX_DH +0x000c KEX_DH +0x00b4 KEX_DH +0x000d KEX_DH +0x00b5 KEX_DH +0x000e KEX_DH +0x000f KEX_DH +0x002d KEX_DH +0x0010 KEX_DH +0x0011 KEX_DH +0x0012 KEX_DH +0x006a KEX_DH +0x0013 KEX_DH +0x006b KEX_DH +0x0014 KEX_DH +0x006c KEX_DH +0x0015 KEX_DH +0x006d KEX_DH +0x0016 KEX_DH +0x0017 KEX_DH +0x0030 KEX_DH +0x0018 KEX_DH +0x0031 KEX_DH +0x0019 KEX_DH +0x0032 KEX_DH +0x0033 KEX_DH +0x0034 KEX_DH +0x0036 KEX_DH +0x008e KEX_DH +0x0037 KEX_DH +0x008f KEX_DH +0x0038 KEX_DH +0x0039 KEX_DH +0x0090 KEX_DH +0x0091 KEX_DH +0x00bb KEX_DH +0x00bc KEX_DH +0x00bd KEX_DH +0x00be KEX_DH +0x00bf KEX_DH +0x0097 KEX_DH +0x0098 KEX_DH +0x0099 KEX_DH +0x00a0 KEX_DH +0x00a1 KEX_DH +0x00a2 KEX_DH +0x00a3 KEX_DH +0x00a4 KEX_DH +0x00a5 KEX_DH +0x00a6 KEX_DH +0x00a7 KEX_DH +0x00c1 KEX_DH +0x001a KEX_DH +0x00c2 KEX_DH +0x001b KEX_DH +0x00c3 KEX_DH +0x00c4 KEX_DH +0x00c5 KEX_DH +0x003a KEX_DH +0x003e KEX_DH +0x003f KEX_DH +0xc030 KEX_ECDH +0xc017 KEX_ECDH +0xc031 KEX_ECDH +0xc018 KEX_ECDH +0xc032 KEX_ECDH +0xc019 KEX_ECDH +0xc033 KEX_ECDH +0xc034 KEX_ECDH +0xc035 KEX_ECDH +0xc036 KEX_ECDH +0xc037 KEX_ECDH +0xc038 KEX_ECDH +0xc039 KEX_ECDH +0xc03a KEX_ECDH +0xc03b KEX_ECDH +0xc001 KEX_ECDH +0xc002 KEX_ECDH +0xc003 KEX_ECDH +0xc004 KEX_ECDH +0xc005 KEX_ECDH +0xc006 KEX_ECDH +0xc007 KEX_ECDH +0xc008 KEX_ECDH +0xc009 KEX_ECDH +0xc023 KEX_ECDH +0xc024 KEX_ECDH +0xc025 KEX_ECDH +0xc026 KEX_ECDH +0xc027 KEX_ECDH +0xc028 KEX_ECDH +0xc029 KEX_ECDH +0xc00a KEX_ECDH +0xc00b KEX_ECDH +0xc00c KEX_ECDH +0xc00d KEX_ECDH +0xc00e KEX_ECDH +0xc00f KEX_ECDH +0xc02a KEX_ECDH +0xc02b KEX_ECDH +0xc02c KEX_ECDH +0xc02d KEX_ECDH +0xc02e KEX_ECDH +0xc02f KEX_ECDH +0xc010 KEX_ECDH +0xc011 KEX_ECDH +0xc012 KEX_ECDH +0xc013 KEX_ECDH +0xc014 KEX_ECDH +0xc015 KEX_ECDH +0xc016 KEX_ECDH +0xC095 KEX_PSK +0xC08E KEX_PSK +0x00B0 KEX_PSK +0xC08F KEX_PSK +0x00B1 KEX_PSK +0x002C KEX_PSK +0xC0AA KEX_PSK +0xC0A4 KEX_PSK +0xC0AB KEX_PSK +0xC0A5 KEX_PSK +0xC06A KEX_PSK +0xC064 KEX_PSK +0x00AE KEX_PSK +0x00A8 KEX_PSK +0x008A KEX_PSK +0xC06B KEX_PSK +0xC065 KEX_PSK +0x00AF KEX_PSK +0x00A9 KEX_PSK +0x008B KEX_PSK +0xC0A8 KEX_PSK +0x008C KEX_PSK +0xC0A9 KEX_PSK +0xC094 KEX_PSK +0x008D KEX_PSK +0xC06E KEX_RSA_PSK +0xC068 KEX_RSA_PSK +0xC06F KEX_RSA_PSK +0xC069 KEX_RSA_PSK +0xC098 KEX_RSA_PSK +0xC099 KEX_RSA_PSK +0x00AC KEX_RSA_PSK +0x002E KEX_RSA_PSK +0x00B6 KEX_RSA_PSK +0x00AD KEX_RSA_PSK +0x0092 KEX_RSA_PSK +0x00B7 KEX_RSA_PSK +0x0093 KEX_RSA_PSK +0xC092 KEX_RSA_PSK +0x00B8 KEX_RSA_PSK +0x0094 KEX_RSA_PSK +0xC093 KEX_RSA_PSK +0x00B9 KEX_RSA_PSK +0x0095 KEX_RSA_PSK diff --git a/kex-fix/ssl_get_keyex_alg.txt.diff b/kex-fix/ssl_get_keyex_alg.txt.diff new file mode 100644 index 0000000..a28b251 --- /dev/null +++ b/kex-fix/ssl_get_keyex_alg.txt.diff @@ -0,0 +1,210 @@ +1 KEX_RSA 1 KEX_RSA +2 KEX_RSA 2 KEX_RSA +3 KEX_RSA 3 KEX_RSA +4 KEX_RSA 4 KEX_RSA +5 KEX_RSA 5 KEX_RSA +6 KEX_RSA 6 KEX_RSA +7 KEX_RSA 7 KEX_RSA +8 KEX_RSA 8 KEX_RSA +9 KEX_RSA 9 KEX_RSA +10 KEX_RSA 10 KEX_RSA +11 KEX_DH 11 KEX_DH +12 KEX_DH 12 KEX_DH +13 KEX_DH 13 KEX_DH +14 KEX_DH 14 KEX_DH +15 KEX_DH 15 KEX_DH +16 KEX_DH 16 KEX_DH +17 KEX_DH 17 KEX_DH +18 KEX_DH 18 KEX_DH +19 KEX_DH 19 KEX_DH +20 KEX_DH 20 KEX_DH +21 KEX_DH 21 KEX_DH +22 KEX_DH 22 KEX_DH +23 KEX_DH 23 KEX_DH +24 KEX_DH 24 KEX_DH +25 KEX_DH 25 KEX_DH +26 KEX_DH 26 KEX_DH +27 KEX_DH 27 KEX_DH +44 KEX_PSK < +45 KEX_DH < +46 KEX_RSA_PSK < +47 KEX_RSA 47 KEX_RSA +48 KEX_DH 48 KEX_DH +49 KEX_DH 49 KEX_DH +50 KEX_DH 50 KEX_DH +51 KEX_DH 51 KEX_DH +52 KEX_DH 52 KEX_DH +53 KEX_RSA 53 KEX_RSA +54 KEX_DH 54 KEX_DH +55 KEX_DH 55 KEX_DH +56 KEX_DH 56 KEX_DH +57 KEX_DH 57 KEX_DH +58 KEX_DH 58 KEX_DH +59 KEX_RSA 59 KEX_RSA +60 KEX_RSA 60 KEX_RSA +61 KEX_RSA 61 KEX_RSA +62 KEX_DH 62 KEX_DH +63 KEX_DH 63 KEX_DH +64 KEX_DH 64 KEX_DH +65 KEX_RSA 65 KEX_RSA +66 KEX_DH 66 KEX_DH +67 KEX_DH 67 KEX_DH +68 KEX_DH 68 KEX_DH +69 KEX_DH 69 KEX_DH +70 KEX_DH 70 KEX_DH +96 KEX_RSA 96 KEX_RSA +97 KEX_RSA 97 KEX_RSA +98 KEX_RSA 98 KEX_RSA +99 KEX_DH 99 KEX_DH +100 KEX_RSA 100 KEX_RSA +101 KEX_DH 101 KEX_DH +102 KEX_DH 102 KEX_DH +103 KEX_DH 103 KEX_DH +104 KEX_DH 104 KEX_DH +105 KEX_DH 105 KEX_DH +106 KEX_DH 106 KEX_DH +107 KEX_DH 107 KEX_DH +108 KEX_DH 108 KEX_DH +109 KEX_DH 109 KEX_DH +132 KEX_RSA 132 KEX_RSA +133 KEX_DH 133 KEX_DH +134 KEX_DH 134 KEX_DH +135 KEX_DH 135 KEX_DH +136 KEX_DH 136 KEX_DH +137 KEX_DH 137 KEX_DH +138 KEX_PSK < +139 KEX_PSK 139 KEX_PSK +140 KEX_PSK 140 KEX_PSK +141 KEX_PSK 141 KEX_PSK +142 KEX_DH < +143 KEX_DH < +144 KEX_DH < +145 KEX_DH < +146 KEX_RSA_PSK < +147 KEX_RSA_PSK < +148 KEX_RSA_PSK < +149 KEX_RSA_PSK < +150 KEX_RSA 150 KEX_RSA +151 KEX_DH 151 KEX_DH +152 KEX_DH 152 KEX_DH +153 KEX_DH 153 KEX_DH +154 KEX_DH 154 KEX_DH +155 KEX_DH 155 KEX_DH +156 KEX_RSA 156 KEX_RSA +157 KEX_RSA 157 KEX_RSA +158 KEX_DH 158 KEX_DH +159 KEX_DH 159 KEX_DH +160 KEX_DH 160 KEX_DH +161 KEX_DH 161 KEX_DH +162 KEX_DH 162 KEX_DH +163 KEX_DH 163 KEX_DH +164 KEX_DH 164 KEX_DH +165 KEX_DH 165 KEX_DH +166 KEX_DH 166 KEX_DH +167 KEX_DH 167 KEX_DH +168 KEX_PSK < +169 KEX_PSK < +170 KEX_DH < +171 KEX_DH < +172 KEX_RSA_PSK < +173 KEX_RSA_PSK < +174 KEX_PSK < +175 KEX_PSK < +176 KEX_PSK < +177 KEX_PSK < +178 KEX_DH < +179 KEX_DH < +180 KEX_DH < +181 KEX_DH < +182 KEX_RSA_PSK < +183 KEX_RSA_PSK < +184 KEX_RSA_PSK < +185 KEX_RSA_PSK < +186 KEX_RSA 186 KEX_RSA +187 KEX_DH 187 KEX_DH +188 KEX_DH 188 KEX_DH +189 KEX_DH 189 KEX_DH +190 KEX_DH 190 KEX_DH +191 KEX_DH 191 KEX_DH +192 KEX_RSA 192 KEX_RSA +193 KEX_DH 193 KEX_DH +194 KEX_DH 194 KEX_DH +195 KEX_DH 195 KEX_DH +196 KEX_DH 196 KEX_DH +197 KEX_DH 197 KEX_DH +49153 KEX_ECDH | 49153 KEX_DH +49154 KEX_ECDH | 49154 KEX_DH +49155 KEX_ECDH | 49155 KEX_DH +49156 KEX_ECDH | 49156 KEX_DH +49157 KEX_ECDH | 49157 KEX_DH +49158 KEX_ECDH | 49158 KEX_DH +49159 KEX_ECDH | 49159 KEX_DH +49160 KEX_ECDH | 49160 KEX_DH +49161 KEX_ECDH | 49161 KEX_DH +49162 KEX_ECDH | 49162 KEX_DH +49163 KEX_ECDH | 49163 KEX_DH +49164 KEX_ECDH | 49164 KEX_DH +49165 KEX_ECDH | 49165 KEX_DH +49166 KEX_ECDH | 49166 KEX_DH +49167 KEX_ECDH | 49167 KEX_DH +49168 KEX_ECDH | 49168 KEX_DH +49169 KEX_ECDH | 49169 KEX_DH +49170 KEX_ECDH | 49170 KEX_DH +49171 KEX_ECDH | 49171 KEX_DH +49172 KEX_ECDH | 49172 KEX_DH +49173 KEX_ECDH | 49173 KEX_DH +49174 KEX_ECDH | 49174 KEX_DH +49175 KEX_ECDH | 49175 KEX_DH +49176 KEX_ECDH | 49176 KEX_DH +49177 KEX_ECDH | 49177 KEX_DH +49187 KEX_ECDH | 49187 KEX_DH +49188 KEX_ECDH | 49188 KEX_DH +49189 KEX_ECDH | 49189 KEX_DH +49190 KEX_ECDH | 49190 KEX_DH +49191 KEX_ECDH | 49191 KEX_DH +49192 KEX_ECDH | 49192 KEX_DH +49193 KEX_ECDH | 49193 KEX_DH +49194 KEX_ECDH | 49194 KEX_DH +49195 KEX_ECDH | 49195 KEX_DH +49196 KEX_ECDH | 49196 KEX_DH +49197 KEX_ECDH | 49197 KEX_DH +49198 KEX_ECDH | 49198 KEX_DH +49199 KEX_ECDH | 49199 KEX_DH +49200 KEX_ECDH | 49200 KEX_DH +49201 KEX_ECDH | 49201 KEX_DH +49202 KEX_ECDH | 49202 KEX_DH +49203 KEX_ECDH < +49204 KEX_ECDH < +49205 KEX_ECDH < +49206 KEX_ECDH < +49207 KEX_ECDH < +49208 KEX_ECDH < +49209 KEX_ECDH < +49210 KEX_ECDH < +49211 KEX_ECDH < +49252 KEX_PSK < +49253 KEX_PSK < +49256 KEX_RSA_PSK < +49257 KEX_RSA_PSK < +49258 KEX_PSK < +49259 KEX_PSK < +49262 KEX_RSA_PSK < +49263 KEX_RSA_PSK < +49294 KEX_PSK < +49295 KEX_PSK < +49298 KEX_RSA_PSK < +49299 KEX_RSA_PSK < +49300 KEX_PSK < +49301 KEX_PSK < +49304 KEX_RSA_PSK < +49305 KEX_RSA_PSK < +49316 KEX_PSK < +49317 KEX_PSK < +49320 KEX_PSK < +49321 KEX_PSK < +49322 KEX_PSK < +49323 KEX_PSK < +65278 KEX_RSA < +65279 KEX_RSA < +65504 KEX_RSA < +65505 KEX_RSA < -- cgit v1.2.1