class Handshake(pypacker.Packet): __hdr__ = (("type", "B", 0), ("len", "3s", b"\x00" * 3)) len_i = pypacker.get_property_bytes_num("len", ">I") def extract_certificates(self): """ Extracts certificates from a Handshake packet Workflow: find 1# cert segment(SSL.get_cert_length()) -> collect/assemble until cert length collected -> create SSL(tcp_bytes) -> ssl.handshake.extract_certs() return -- [cert1, cert2, ...] """ ret = [] if self.type != HNDS_CERTIFICATE: logger.warning("not a certificate handshake: %r", self) return ret bts_body = self.body_bytes certs_len = self.len_i - 3 #logger.debug("total cert length: %d", certs_len) # skip total cert length off = 3 while off < certs_len: cert_len = unpack_I(b"\x00" + bts_body[off:off + 3])[0] #logger.debug("cert length: %d", cert_len) cert_bytes = bts_body[off + 3:off + 3 + cert_len] off += 3 + cert_len ret.append(cert_bytes) return ret
class serverHandshakeHello(pypacker.Packet): __hdr__ = ( ("type", "B", 0), ("len", "3s", b"\x00" * 3), ("tlsversion", "H", 0x0301), ("random", "32s", b"\x00" * 32), ("sid_len", "B", 32), ("sid", None, triggerlist.TriggerList), #var length # ("cipsuite_len", "H", 0x0032), ("ciphersuite", None, triggerlist.TriggerList), #var length # ("compr_len", "B", 0), ("compression", "B", 0), ("ext_len", "H", 0x0000), ("extensions", None, triggerlist.TriggerList), ) len_i = pypacker.get_property_bytes_num("len", ">I") @staticmethod def __parse_extension(buf): extensions = [] offset = 0 buflen = len(buf) while offset < buflen: ext_content_len = struct.unpack('!h', buf[offset + 2:offset + 4])[0] ext_len = 4 + ext_content_len extensions.append(Extension(buf[offset:offset + ext_len])) offset += ext_len return extensions def _dissect(self, buf): sid_len = buf[38] offset = 38 + 1 sid = buf[offset:offset + sid_len] self.sid.append(sid) offset = offset + sid_len #the next few lines are just to bypass some stuff that isn't there in my testing so far, but left, just in case for cleanup later # cipsuite_len = struct.unpack('!h',buf[offset:offset+2])[0] cipsuite_len = 2 #test for now # offset = offset + 2 ciphersuite = buf[offset:offset + cipsuite_len] self.ciphersuite.append(ciphersuite) offset = offset + cipsuite_len + 1 ext_len = struct.unpack('!h', buf[offset:offset + 2])[0] offset = offset + 2 self._init_triggerlist("extensions", buf[offset:], self.__parse_extension) offset = offset + ext_len return len(buf)
class clientHandshakeHello(pypacker.Packet): __hdr__ = ( ("type", "B", 0), ("len", "3s", b"\x00" * 3), ("tlsversion", "H", 0x0301), ("random", "32s", b"\x00" * 32), ("sid_len", "B", 32), ("sid", None, triggerlist.TriggerList), #var length ("cipsuite_len", "H", 0x0032), ("ciphersuite", None, triggerlist.TriggerList), #var length ("compr_len", "B", 0), ("compression", "B", 0), ("ext_len", "H", 0x0000), ("extensions", None, triggerlist.TriggerList), ) len_i = pypacker.get_property_bytes_num("len", ">I") @staticmethod def __parse_extension(buf): extensions = [] offset = 0 buflen = len(buf) while offset < buflen: ext_content_len = struct.unpack('!h', buf[offset + 2:offset + 4])[0] ext_len = 4 + ext_content_len extensions.append(Extension(buf[offset:offset + ext_len])) offset += ext_len return extensions def _dissect(self, buf): sid_len = buf[38] offset = 38 + 1 sid = buf[offset:offset + sid_len] self.sid.append(sid) offset = offset + sid_len cipsuite_len = struct.unpack('!h', buf[offset:offset + 2])[0] offset = offset + 2 ciphersuite = buf[offset:offset + cipsuite_len] self.ciphersuite.append(ciphersuite) offset = offset + cipsuite_len + 2 ext_len = struct.unpack('!h', buf[offset:offset + 2])[0] offset = offset + 2 self._init_triggerlist("extensions", buf[offset:], self.__parse_extension) offset = offset + ext_len return len(buf)
class HandshakeHello(pypacker.Packet): __hdr__ = ( ("type", "B", 0), # can't use struct here but: # int.from_bytes(len, "big") ("len", "3s", b"\x00" * 3), ("tlsversion", "H", 0x0301), ("random", "32s", b"\x00" * 32), ("sid_len", "B", 32), # variable length ("sid", None, b"A" * 32), ("ciphersuite", "H", 0x0035), ("compression", "B", 0), ("ext_len", "H", 0x0000), ("extensions", None, triggerlist.TriggerList), ) len_i = pypacker.get_property_bytes_num("len", ">I") @staticmethod def __parse_extension(buf): extensions = [] offset = 0 buflen = len(buf) while offset < buflen: ext_content_len = unpack_H(buf[offset + 2:offset + 4])[0] ext_len = 4 + ext_content_len extensions.append(Extension(buf[offset:offset + ext_len])) offset += ext_len return extensions def _dissect(self, buf): sid_len = buf[38] offset_extlen = 38 + sid_len + 3 # ext_len = unpack_H(buf[offset_extlen : offset_extlen+2]) self._init_triggerlist("extensions", buf[offset_extlen + 2:], self.__parse_extension)