Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tls: Add TLS 1.0, 1.1, 1.2 decode and decryption #603

Merged
merged 1 commit into from
Mar 5, 2023
Merged

tls: Add TLS 1.0, 1.1, 1.2 decode and decryption #603

merged 1 commit into from
Mar 5, 2023

Conversation

wader
Copy link
Owner

@wader wader commented Mar 5, 2023

What it can do:

  • Decodes records and most standard messages and extensions.
  • Decryptes records and reassemples application data stream if a keylog is provided and the cipher suite is supported.
  • Supports most recommended and used ciphers and a bunch of older ones.

What it can't do:

  • SSL v3 maybe supported, is similar to TLS 1.0, not tested.
  • Decryption and renegotiation/cipher change.
  • Record defragmentation not supported, seems rare over TCP.
  • TLS 1.3
  • SSL v2 but v2 compat header is supported.
  • Some key exchange messages not decoded yet

Decryption code is heavly based on golang crypto/tls and zmap/zcrypto.

Will be base for decoding http2 and other TLS based on protocols.

Fixes #587

@wader wader force-pushed the tls branch 2 times, most recently from 3072df9 to 490d788 Compare March 5, 2023 12:17
@wader
tls: Add TLS 1.0, 1.1, 1.2 decode and decryption
9852f56 
What it can do:
- Decodes records and most standard messages and extensions.
- Decryptes records and reassemples application data stream if a keylog is provided
  and the cipher suite is supported.
- Supports most recommended and used ciphers and a bunch of older ones.

What it can't do:
- SSL v3 maybe supported, is similar to TLS 1.0, not tested.
- Decryption and renegotiation/cipher change.
- Record defragmentation not supported, seems rare over TCP.
- TLS 1.3
- SSL v2 but v2 compat header is supported.
- Some key exchange messages not decoded yet

Decryption code is heavly based on golang crypto/tls and zmap/zcrypto.

Will be base for decoding http2 and other TLS based on protocols.

Fixes #587
@wader wader merged commit 1e602c6 into master Mar 5, 2023
@wader wader deleted the tls branch March 5, 2023 13:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add TLS support
1 participant
@wader