etls

package

v0.0.0-...-006e37e Latest Latest Go to latest Published: Jan 8, 2020 License: MIT Imports: 5 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/D4-project/sensor-d4-tls-fingerprinting

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
type CertificateMsg
type ClientHelloMsg
type CurveID
type ETLS
- func (t *ETLS) CanDecode() gopacket.LayerClass
- func (t *ETLS) DecodeFromBytes(data []byte, df gopacket.DecodeFeedback) error
- func (t *ETLS) LayerType() gopacket.LayerType
- func (t *ETLS) NextLayerType() gopacket.LayerType
- func (t *ETLS) Payload() []byte
type ETLSAlertDescr
- func (ad ETLSAlertDescr) String() string
type ETLSAlertLevel
- func (al ETLSAlertLevel) String() string
type ETLSAlertRecord
type ETLSAppDataRecord
type ETLSChangeCipherSpecRecord
type ETLSHandshakeRecord
type ETLSRecordHeader
type ETLSType
- func (tt ETLSType) String() string
type ETLSVersion
- func (tv ETLSVersion) String() string
type ETLSchangeCipherSpec
- func (ccs ETLSchangeCipherSpec) String() string
type Extension
type ServerHelloMsg
type SignatureScheme

Constants ¶

View Source

const (
	ETLSAlertWarning      ETLSAlertLevel = 1
	ETLSAlertFatal        ETLSAlertLevel = 2
	ETLSAlertUnknownLevel ETLSAlertLevel = 255

	ETLSAlertCloseNotify               ETLSAlertDescr = 0
	ETLSAlertUnexpectedMessage         ETLSAlertDescr = 10
	ETLSAlertBadRecordMac              ETLSAlertDescr = 20
	ETLSAlertDecryptionFailedRESERVED  ETLSAlertDescr = 21
	ETLSAlertRecordOverflow            ETLSAlertDescr = 22
	ETLSAlertDecompressionFailure      ETLSAlertDescr = 30
	ETLSAlertHandshakeFailure          ETLSAlertDescr = 40
	ETLSAlertNoCertificateRESERVED     ETLSAlertDescr = 41
	ETLSAlertBadCertificate            ETLSAlertDescr = 42
	ETLSAlertUnsupportedCertificate    ETLSAlertDescr = 43
	ETLSAlertCertificateRevoked        ETLSAlertDescr = 44
	ETLSAlertCertificateExpired        ETLSAlertDescr = 45
	ETLSAlertCertificateUnknown        ETLSAlertDescr = 46
	ETLSAlertIllegalParameter          ETLSAlertDescr = 47
	ETLSAlertUnknownCa                 ETLSAlertDescr = 48
	ETLSAlertAccessDenied              ETLSAlertDescr = 49
	ETLSAlertDecodeError               ETLSAlertDescr = 50
	ETLSAlertDecryptError              ETLSAlertDescr = 51
	ETLSAlertExportRestrictionRESERVED ETLSAlertDescr = 60
	ETLSAlertProtocolVersion           ETLSAlertDescr = 70
	ETLSAlertInsufficientSecurity      ETLSAlertDescr = 71
	ETLSAlertInternalError             ETLSAlertDescr = 80
	ETLSAlertUserCanceled              ETLSAlertDescr = 90
	ETLSAlertNoRenegotiation           ETLSAlertDescr = 100
	ETLSAlertUnsupportedExtension      ETLSAlertDescr = 110
	ETLSAlertUnknownDescription        ETLSAlertDescr = 255
)

Variables ¶

View Source

var LayerTypeETLS gopacket.LayerType

Functions ¶

This section is empty.

Types ¶

type CertificateMsg ¶

type CertificateMsg struct {
	Certificates [][]byte
	// contains filtered or unexported fields
}

type ClientHelloMsg ¶

type ClientHelloMsg struct {
	AllExtensions []uint16
	Vers          uint16

	CipherSuites []uint16

	SupportedCurves []CurveID
	SupportedPoints []uint8
	// contains filtered or unexported fields
}

type CurveID ¶

type CurveID uint16

CurveID is the type of a ETLS identifier for an elliptic curve. See https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8

const (
	CurveP256 CurveID = 23
	CurveP384 CurveID = 24
	CurveP521 CurveID = 25
	X25519    CurveID = 29
)

type ETLS ¶

type ETLS struct {
	layers.BaseLayer

	// ETLS Records
	ChangeCipherSpec []ETLSChangeCipherSpecRecord
	Handshake        []ETLSHandshakeRecord
	AppData          []ETLSAppDataRecord
	Alert            []ETLSAlertRecord
}

ETLS is actually a slide of ETLSrecord structures

func (*ETLS) CanDecode ¶

func (t *ETLS) CanDecode() gopacket.LayerClass

CanDecode implements gopacket.DecodingLayer.

func (*ETLS) DecodeFromBytes ¶

func (t *ETLS) DecodeFromBytes(data []byte, df gopacket.DecodeFeedback) error

DecodeFromBytes decodes the slice into the ETLS struct.

func (*ETLS) LayerType ¶

func (t *ETLS) LayerType() gopacket.LayerType

LayerType returns gopacket.LayerTypeETLS.

func (*ETLS) NextLayerType ¶

func (t *ETLS) NextLayerType() gopacket.LayerType

NextLayerType implements gopacket.DecodingLayer.

func (*ETLS) Payload ¶

func (t *ETLS) Payload() []byte

Payload returns nil, since ETLS encrypted payload is inside ETLSAppDataRecord

type ETLSAlertDescr ¶

type ETLSAlertDescr uint8

ETLSAlertDescr defines the alert descrption data type

func (ETLSAlertDescr) String ¶

func (ad ETLSAlertDescr) String() string

Strings shows the ETLS alert description nicely formatted

type ETLSAlertLevel ¶

type ETLSAlertLevel uint8

ETLSAlertLevel defines the alert level data type

func (ETLSAlertLevel) String ¶

func (al ETLSAlertLevel) String() string

Strings shows the ETLS alert level nicely formatted

type ETLSAlertRecord ¶

type ETLSAlertRecord struct {
	ETLSRecordHeader

	Level       ETLSAlertLevel
	Description ETLSAlertDescr

	EncryptedMsg []byte
}

ETLSAlertRecord contains all the information that each Alert Record type should have

type ETLSAppDataRecord ¶

type ETLSAppDataRecord struct {
	ETLSRecordHeader
	Payload []byte
}

ETLSAppDataRecord contains all the information that each AppData Record types should have

type ETLSChangeCipherSpecRecord ¶

type ETLSChangeCipherSpecRecord struct {
	ETLSRecordHeader

	Message ETLSchangeCipherSpec
}

ETLSChangeCipherSpecRecord defines the type of data inside ChangeCipherSpec Record

type ETLSHandshakeRecord ¶

type ETLSHandshakeRecord struct {
	ETLSRecordHeader
	ETLSHandshakeMsgType     uint8
	ETLSHandshakeServerHello *ServerHelloMsg
	ETLSHandshakeClientHello *ClientHelloMsg
	ETLSHandshakeCertificate *CertificateMsg
}

ETLSHandshakeRecord defines the structure of a Handskake Record

type ETLSRecordHeader ¶

type ETLSRecordHeader struct {
	ContentType ETLSType
	Version     ETLSVersion
	Length      uint16
}

ETLSRecordHeader contains all the information that each ETLS Record types should have

type ETLSType ¶

type ETLSType uint8

ETLSType defines the type of data after the ETLS Record

const (
	ETLSChangeCipherSpec ETLSType = 20
	ETLSAlert            ETLSType = 21
	ETLSHandshake        ETLSType = 22
	ETLSApplicationData  ETLSType = 23
	ETLSUnknown          ETLSType = 255
)

ETLSType known values.

func (ETLSType) String ¶

func (tt ETLSType) String() string

String shows the register type nicely formatted

type ETLSVersion ¶

type ETLSVersion uint16

ETLSVersion represents the ETLS version in numeric format

func (ETLSVersion) String ¶

func (tv ETLSVersion) String() string

Strings shows the ETLS version nicely formatted

type ETLSchangeCipherSpec ¶

type ETLSchangeCipherSpec uint8

ETLSchangeCipherSpec defines the message value inside ChangeCipherSpec Record

const (
	ETLSChangecipherspecMessage ETLSchangeCipherSpec = 1
	ETLSChangecipherspecUnknown ETLSchangeCipherSpec = 255
)

func (ETLSchangeCipherSpec) String ¶

func (ccs ETLSchangeCipherSpec) String() string

String shows the message value nicely formatted

type Extension ¶

type Extension uint16

type ServerHelloMsg ¶

type ServerHelloMsg struct {
	AllExtensions []uint16
	Vers          uint16

	CipherSuite uint16
	// contains filtered or unexported fields
}

type SignatureScheme ¶

type SignatureScheme uint16

SignatureScheme identifies a signature algorithm supported by ETLS. See https://tools.ietf.org/html/draft-ietf-tls-tls13-18#section-4.2.3.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL