sniffer.h
1 /* sniffer.h
2  *
3  * Copyright (C) 2006-2020 wolfSSL Inc.
4  *
5  * This file is part of wolfSSL.
6  *
7  * wolfSSL is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 2 of the License, or
10  * (at your option) any later version.
11  *
12  * wolfSSL is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20  */
21 
22 
23 
24 #ifndef WOLFSSL_SNIFFER_H
25 #define WOLFSSL_SNIFFER_H
26 
27 #include <wolfssl/wolfcrypt/settings.h>
28 
29 #ifdef _WIN32
30  #ifdef SSL_SNIFFER_EXPORTS
31  #define SSL_SNIFFER_API __declspec(dllexport)
32  #else
33  #define SSL_SNIFFER_API __declspec(dllimport)
34  #endif
35 #else
36  #define SSL_SNIFFER_API
37 #endif /* _WIN32 */
38 
39 
40 #ifdef __cplusplus
41  extern "C" {
42 #endif
43 
44 /* @param typeK: (formerly keyType) was shadowing a global declaration in
45  * wolfssl/wolfcrypt/asn.h line 175
46  */
47 WOLFSSL_API
48 SSL_SNIFFER_API int ssl_SetPrivateKey(const char* address, int port,
49  const char* keyFile, int typeK,
50  const char* password, char* error);
51 
52 WOLFSSL_API
53 SSL_SNIFFER_API int ssl_SetNamedPrivateKey(const char* name,
54  const char* address, int port,
55  const char* keyFile, int typeK,
56  const char* password, char* error);
57 
58 WOLFSSL_API
59 SSL_SNIFFER_API int ssl_DecodePacket(const unsigned char* packet, int length,
60  unsigned char** data, char* error);
61 
62 WOLFSSL_API
63 SSL_SNIFFER_API int ssl_FreeDecodeBuffer(unsigned char** data, char* error);
64 
65 WOLFSSL_API
66 SSL_SNIFFER_API int ssl_FreeZeroDecodeBuffer(unsigned char** data, int sz,
67  char* error);
68 
69 WOLFSSL_API
70 SSL_SNIFFER_API int ssl_Trace(const char* traceFile, char* error);
71 
72 WOLFSSL_API
73 SSL_SNIFFER_API int ssl_EnableRecovery(int onOff, int maxMemory, char* error);
74 
75 WOLFSSL_API
76 SSL_SNIFFER_API int ssl_GetSessionStats(unsigned int* active,
77  unsigned int* total,
78  unsigned int* peak,
79  unsigned int* maxSessions,
80  unsigned int* missedData,
81  unsigned int* reassemblyMemory,
82  char* error);
83 
84 WOLFSSL_API void ssl_InitSniffer(void);
85 
86 WOLFSSL_API void ssl_FreeSniffer(void);
87 
88 
89 /* ssl_SetPrivateKey typeKs */
90 enum {
91  FILETYPE_PEM = 1,
92  FILETYPE_DER = 2,
93 };
94 
95 
96 /*
97  * New Sniffer API that provides read-only access to the TLS and cipher
98  * information associated with the SSL session.
99  */
100 
101 typedef struct SSLInfo
102 {
103  unsigned char isValid;
104  /* indicates if the info in this struct is valid: 0 = no, 1 = yes */
105  unsigned char protocolVersionMajor; /* SSL Version: major */
106  unsigned char protocolVersionMinor; /* SSL Version: minor */
107  unsigned char serverCipherSuite0; /* first byte, normally 0 */
108  unsigned char serverCipherSuite; /* second byte, actual suite */
109  unsigned char serverCipherSuiteName[256];
110  /* cipher name, e.g., "TLS_RSA_..." */
111  unsigned char serverNameIndication[128];
112  unsigned int keySize;
113 } SSLInfo;
114 
115 
116 WOLFSSL_API
117 SSL_SNIFFER_API int ssl_DecodePacketWithSessionInfo(
118  const unsigned char* packet, int length,
119  unsigned char** data, SSLInfo* sslInfo, char* error);
120 
121 typedef void (*SSLConnCb)(const void* session, SSLInfo* info, void* ctx);
122 
123 WOLFSSL_API
124 SSL_SNIFFER_API int ssl_SetConnectionCb(SSLConnCb cb);
125 
126 WOLFSSL_API
127 SSL_SNIFFER_API int ssl_SetConnectionCtx(void* ctx);
128 
129 
130 typedef struct SSLStats
131 {
132  unsigned long int sslStandardConns;
133  unsigned long int sslClientAuthConns;
134  unsigned long int sslResumedConns;
135  unsigned long int sslEphemeralMisses;
136  unsigned long int sslResumeMisses;
137  unsigned long int sslCiphersUnsupported;
138  unsigned long int sslKeysUnmatched;
139  unsigned long int sslKeyFails;
140  unsigned long int sslDecodeFails;
141  unsigned long int sslAlerts;
142  unsigned long int sslDecryptedBytes;
143  unsigned long int sslEncryptedBytes;
144  unsigned long int sslEncryptedPackets;
145  unsigned long int sslDecryptedPackets;
146  unsigned long int sslKeyMatches;
147  unsigned long int sslEncryptedConns;
148 
149  unsigned long int sslResumptionValid;
150  unsigned long int sslResumptionInserts;
151 } SSLStats;
152 
153 
154 WOLFSSL_API
155 SSL_SNIFFER_API int ssl_ResetStatistics(void);
156 
157 
158 WOLFSSL_API
159 SSL_SNIFFER_API int ssl_ReadStatistics(SSLStats* stats);
160 
161 
162 WOLFSSL_API
163 SSL_SNIFFER_API int ssl_ReadResetStatistics(SSLStats* stats);
164 
165 
166 typedef int (*SSLWatchCb)(void* vSniffer,
167  const unsigned char* certHash,
168  unsigned int certHashSz,
169  const unsigned char* certChain,
170  unsigned int certChainSz,
171  void* ctx, char* error);
172 
173 WOLFSSL_API
174 SSL_SNIFFER_API int ssl_SetWatchKeyCallback(SSLWatchCb cb, char* error);
175 
176 WOLFSSL_API
177 SSL_SNIFFER_API int ssl_SetWatchKeyCallback_ex(SSLWatchCb cb, int devId,
178  char* error);
179 
180 WOLFSSL_API
181 SSL_SNIFFER_API int ssl_SetWatchKeyCtx(void* ctx, char* error);
182 
183 WOLFSSL_API
184 SSL_SNIFFER_API int ssl_SetWatchKey_buffer(void* vSniffer,
185  const unsigned char* key, unsigned int keySz,
186  int keyType, char* error);
187 
188 WOLFSSL_API
189 SSL_SNIFFER_API int ssl_SetWatchKey_file(void* vSniffer,
190  const char* keyFile, int keyType,
191  const char* password, char* error);
192 
193 
194 typedef int (*SSLStoreDataCb)(const unsigned char* decryptBuf,
195  unsigned int decryptBufSz, unsigned int decryptBufOffset, void* ctx);
196 
197 WOLFSSL_API
198 SSL_SNIFFER_API int ssl_SetStoreDataCallback(SSLStoreDataCb cb);
199 
200 WOLFSSL_API
201 SSL_SNIFFER_API int ssl_DecodePacketWithSessionInfoStoreData(
202  const unsigned char* packet, int length, void* ctx,
203  SSLInfo* sslInfo, char* error);
204 
205 
206 WOLFSSL_API
207 SSL_SNIFFER_API int ssl_DecodePacketWithChain(void* vChain,
208  unsigned int chainSz, unsigned char** data, char* error);
209 
210 
211 WOLFSSL_API
212 SSL_SNIFFER_API int ssl_DecodePacketWithChainSessionInfoStoreData(
213  void* vChain, unsigned int chainSz, void* ctx, SSLInfo* sslInfo,
214  char* error);
215 
216 #ifdef __cplusplus
217  } /* extern "C" */
218 #endif
219 
220 #endif /* wolfSSL_SNIFFER_H */
221 
SSLInfo
Definition: sniffer.h:101
SSLStats
Definition: sniffer.h:130