Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat : support openssl 3.0 #244

Merged
merged 4 commits into from
Oct 21, 2022
Merged

feat : support openssl 3.0 #244

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
8d1d4f3
utils : add openssl 3.0 utils.
cfc4n Oct 20, 2022
9029e72
kern : add offset files of openssl 3.0.* versions.
cfc4n Oct 20, 2022
37a043a
make format
cfc4n Oct 20, 2022
5d087b0
user/module: set default bpf bytecode file for openssl 3.0
cfc4n Oct 21, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -188,6 +188,7 @@ BPF_NOCORE_TAG = $(subst .,_,$(KERN_RELEASE)).$(subst .,_,$(VERSION))
#

TARGETS := $(foreach var,$(shell echo {a..r}),kern/openssl_1_1_1$(var))
TARGETS += $(foreach var,$(shell echo {0..6}),kern/openssl_3_0_$(var))
TARGETS += kern/boringssl_1_1_1
TARGETS += kern/bash
TARGETS += kern/gnutls
Expand Down Expand Up @@ -368,7 +369,9 @@ format:
@echo " -> Formatting code"
@clang-format -i -style=$(STYLE) kern/*.c
@clang-format -i -style=$(STYLE) kern/common.h
@clang-format -i -style=$(STYLE) kern/masterkey_kern.h
@clang-format -i -style=$(STYLE) kern/openssl_masterkey.h
@clang-format -i -style=$(STYLE) kern/openssl_masterkey_3.0.h
@clang-format -i -style=$(STYLE) kern/boringssl_masterkey.h
@clang-format -i -style=$(STYLE) kern/openssl_tc.h

autogen: .checkver_$(CMD_BPFTOOL)
Expand Down
3 changes: 2 additions & 1 deletion kern/boringssl_masterkey.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -281,7 +281,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) {

///////////////////////// get TLS 1.2 master secret ////////////////////
if (mastersecret->version != TLS1_3_VERSION) {
void *ms_ptr = (void *)(ssl_session_st_addr + SSL_SESSION_ST_MASTER_KEY);
void *ms_ptr =
(void *)(ssl_session_st_addr + SSL_SESSION_ST_MASTER_KEY);
ret = bpf_probe_read_user(&mastersecret->master_key,
sizeof(mastersecret->master_key), ms_ptr);
if (ret) {
Expand Down
1 change: 0 additions & 1 deletion kern/common.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,6 @@
#define ETH_P_IP 0x0800 /* Internet Protocol packet */
#define SKB_MAX_DATA_SIZE 2048


// .rodata section bug via : https://github.com/ehids/ecapture/issues/39
#ifndef KERNEL_LESS_5_2
// alawyse, we used it in openssl_tc.h
Expand Down
49 changes: 49 additions & 0 deletions kern/openssl_3_0_0_kern.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
#ifndef ECAPTURE_OPENSSL_3_0_0_KERN_H
#define ECAPTURE_OPENSSL_3_0_0_KERN_H

/* OPENSSL_VERSION_TEXT: OpenSSL 3.0.0 7 sep 2021, OPENSSL_VERSION_NUMBER: 805306368 */

// ssl_st->version
#define SSL_ST_VERSION 0x0

// ssl_st->session
#define SSL_ST_SESSION 0x918

// ssl_st->s3
#define SSL_ST_S3 0xa8

// ssl_session_st->master_key
#define SSL_SESSION_ST_MASTER_KEY 0x50

// ssl_st->s3.client_random
#define SSL_ST_S3_CLIENT_RANDOM 0x160

// ssl_session_st->cipher
#define SSL_SESSION_ST_CIPHER 0x2f8

// ssl_session_st->cipher_id
#define SSL_SESSION_ST_CIPHER_ID 0x300

// ssl_cipher_st->id
#define SSL_CIPHER_ST_ID 0x18

// ssl_st->handshake_secret
#define SSL_ST_HANDSHAKE_SECRET 0x584

// ssl_st->master_secret
#define SSL_ST_MASTER_SECRET 0x5c4

// ssl_st->server_finished_hash
#define SSL_ST_SERVER_FINISHED_HASH 0x6c4

// ssl_st->handshake_traffic_hash
#define SSL_ST_HANDSHAKE_TRAFFIC_HASH 0x704

// ssl_st->exporter_master_secret
#define SSL_ST_EXPORTER_MASTER_SECRET 0x7c4

#include "openssl.h"
#include "openssl_masterkey_3.0.h"

#endif

49 changes: 49 additions & 0 deletions kern/openssl_3_0_1_kern.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
#ifndef ECAPTURE_OPENSSL_3_0_1_KERN_H
#define ECAPTURE_OPENSSL_3_0_1_KERN_H

/* OPENSSL_VERSION_TEXT: OpenSSL 3.0.1 14 Dec 2021, OPENSSL_VERSION_NUMBER: 805306384 */

// ssl_st->version
#define SSL_ST_VERSION 0x0

// ssl_st->session
#define SSL_ST_SESSION 0x918

// ssl_st->s3
#define SSL_ST_S3 0xa8

// ssl_session_st->master_key
#define SSL_SESSION_ST_MASTER_KEY 0x50

// ssl_st->s3.client_random
#define SSL_ST_S3_CLIENT_RANDOM 0x160

// ssl_session_st->cipher
#define SSL_SESSION_ST_CIPHER 0x2f8

// ssl_session_st->cipher_id
#define SSL_SESSION_ST_CIPHER_ID 0x300

// ssl_cipher_st->id
#define SSL_CIPHER_ST_ID 0x18

// ssl_st->handshake_secret
#define SSL_ST_HANDSHAKE_SECRET 0x584

// ssl_st->master_secret
#define SSL_ST_MASTER_SECRET 0x5c4

// ssl_st->server_finished_hash
#define SSL_ST_SERVER_FINISHED_HASH 0x6c4

// ssl_st->handshake_traffic_hash
#define SSL_ST_HANDSHAKE_TRAFFIC_HASH 0x704

// ssl_st->exporter_master_secret
#define SSL_ST_EXPORTER_MASTER_SECRET 0x7c4

#include "openssl.h"
#include "openssl_masterkey_3.0.h"

#endif

49 changes: 49 additions & 0 deletions kern/openssl_3_0_2_kern.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
#ifndef ECAPTURE_OPENSSL_3_0_2_KERN_H
#define ECAPTURE_OPENSSL_3_0_2_KERN_H

/* OPENSSL_VERSION_TEXT: OpenSSL 3.0.2 15 Mar 2022, OPENSSL_VERSION_NUMBER: 805306400 */

// ssl_st->version
#define SSL_ST_VERSION 0x0

// ssl_st->session
#define SSL_ST_SESSION 0x918

// ssl_st->s3
#define SSL_ST_S3 0xa8

// ssl_session_st->master_key
#define SSL_SESSION_ST_MASTER_KEY 0x50

// ssl_st->s3.client_random
#define SSL_ST_S3_CLIENT_RANDOM 0x160

// ssl_session_st->cipher
#define SSL_SESSION_ST_CIPHER 0x2f8

// ssl_session_st->cipher_id
#define SSL_SESSION_ST_CIPHER_ID 0x300

// ssl_cipher_st->id
#define SSL_CIPHER_ST_ID 0x18

// ssl_st->handshake_secret
#define SSL_ST_HANDSHAKE_SECRET 0x584

// ssl_st->master_secret
#define SSL_ST_MASTER_SECRET 0x5c4

// ssl_st->server_finished_hash
#define SSL_ST_SERVER_FINISHED_HASH 0x6c4

// ssl_st->handshake_traffic_hash
#define SSL_ST_HANDSHAKE_TRAFFIC_HASH 0x704

// ssl_st->exporter_master_secret
#define SSL_ST_EXPORTER_MASTER_SECRET 0x7c4

#include "openssl.h"
#include "openssl_masterkey_3.0.h"

#endif

49 changes: 49 additions & 0 deletions kern/openssl_3_0_3_kern.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
#ifndef ECAPTURE_OPENSSL_3_0_3_KERN_H
#define ECAPTURE_OPENSSL_3_0_3_KERN_H

/* OPENSSL_VERSION_TEXT: OpenSSL 3.0.3 3 May 2022, OPENSSL_VERSION_NUMBER: 805306416 */

// ssl_st->version
#define SSL_ST_VERSION 0x0

// ssl_st->session
#define SSL_ST_SESSION 0x918

// ssl_st->s3
#define SSL_ST_S3 0xa8

// ssl_session_st->master_key
#define SSL_SESSION_ST_MASTER_KEY 0x50

// ssl_st->s3.client_random
#define SSL_ST_S3_CLIENT_RANDOM 0x160

// ssl_session_st->cipher
#define SSL_SESSION_ST_CIPHER 0x2f8

// ssl_session_st->cipher_id
#define SSL_SESSION_ST_CIPHER_ID 0x300

// ssl_cipher_st->id
#define SSL_CIPHER_ST_ID 0x18

// ssl_st->handshake_secret
#define SSL_ST_HANDSHAKE_SECRET 0x584

// ssl_st->master_secret
#define SSL_ST_MASTER_SECRET 0x5c4

// ssl_st->server_finished_hash
#define SSL_ST_SERVER_FINISHED_HASH 0x6c4

// ssl_st->handshake_traffic_hash
#define SSL_ST_HANDSHAKE_TRAFFIC_HASH 0x704

// ssl_st->exporter_master_secret
#define SSL_ST_EXPORTER_MASTER_SECRET 0x7c4

#include "openssl.h"
#include "openssl_masterkey_3.0.h"

#endif

49 changes: 49 additions & 0 deletions kern/openssl_3_0_4_kern.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
#ifndef ECAPTURE_OPENSSL_3_0_4_KERN_H
#define ECAPTURE_OPENSSL_3_0_4_KERN_H

/* OPENSSL_VERSION_TEXT: OpenSSL 3.0.4 21 Jun 2022, OPENSSL_VERSION_NUMBER: 805306432 */

// ssl_st->version
#define SSL_ST_VERSION 0x0

// ssl_st->session
#define SSL_ST_SESSION 0x918

// ssl_st->s3
#define SSL_ST_S3 0xa8

// ssl_session_st->master_key
#define SSL_SESSION_ST_MASTER_KEY 0x50

// ssl_st->s3.client_random
#define SSL_ST_S3_CLIENT_RANDOM 0x160

// ssl_session_st->cipher
#define SSL_SESSION_ST_CIPHER 0x2f8

// ssl_session_st->cipher_id
#define SSL_SESSION_ST_CIPHER_ID 0x300

// ssl_cipher_st->id
#define SSL_CIPHER_ST_ID 0x18

// ssl_st->handshake_secret
#define SSL_ST_HANDSHAKE_SECRET 0x584

// ssl_st->master_secret
#define SSL_ST_MASTER_SECRET 0x5c4

// ssl_st->server_finished_hash
#define SSL_ST_SERVER_FINISHED_HASH 0x6c4

// ssl_st->handshake_traffic_hash
#define SSL_ST_HANDSHAKE_TRAFFIC_HASH 0x704

// ssl_st->exporter_master_secret
#define SSL_ST_EXPORTER_MASTER_SECRET 0x7c4

#include "openssl.h"
#include "openssl_masterkey_3.0.h"

#endif

49 changes: 49 additions & 0 deletions kern/openssl_3_0_5_kern.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
#ifndef ECAPTURE_OPENSSL_3_0_5_KERN_H
#define ECAPTURE_OPENSSL_3_0_5_KERN_H

/* OPENSSL_VERSION_TEXT: OpenSSL 3.0.5 5 Jul 2022, OPENSSL_VERSION_NUMBER: 805306448 */

// ssl_st->version
#define SSL_ST_VERSION 0x0

// ssl_st->session
#define SSL_ST_SESSION 0x918

// ssl_st->s3
#define SSL_ST_S3 0xa8

// ssl_session_st->master_key
#define SSL_SESSION_ST_MASTER_KEY 0x50

// ssl_st->s3.client_random
#define SSL_ST_S3_CLIENT_RANDOM 0x160

// ssl_session_st->cipher
#define SSL_SESSION_ST_CIPHER 0x2f8

// ssl_session_st->cipher_id
#define SSL_SESSION_ST_CIPHER_ID 0x300

// ssl_cipher_st->id
#define SSL_CIPHER_ST_ID 0x18

// ssl_st->handshake_secret
#define SSL_ST_HANDSHAKE_SECRET 0x584

// ssl_st->master_secret
#define SSL_ST_MASTER_SECRET 0x5c4

// ssl_st->server_finished_hash
#define SSL_ST_SERVER_FINISHED_HASH 0x6c4

// ssl_st->handshake_traffic_hash
#define SSL_ST_HANDSHAKE_TRAFFIC_HASH 0x704

// ssl_st->exporter_master_secret
#define SSL_ST_EXPORTER_MASTER_SECRET 0x7c4

#include "openssl.h"
#include "openssl_masterkey_3.0.h"

#endif

49 changes: 49 additions & 0 deletions kern/openssl_3_0_6_kern.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
#ifndef ECAPTURE_OPENSSL_3_0_6_KERN_H
#define ECAPTURE_OPENSSL_3_0_6_KERN_H

/* OPENSSL_VERSION_TEXT: OpenSSL 3.0.6 11 Oct 2022, OPENSSL_VERSION_NUMBER: 805306464 */

// ssl_st->version
#define SSL_ST_VERSION 0x0

// ssl_st->session
#define SSL_ST_SESSION 0x918

// ssl_st->s3
#define SSL_ST_S3 0xa8

// ssl_session_st->master_key
#define SSL_SESSION_ST_MASTER_KEY 0x50

// ssl_st->s3.client_random
#define SSL_ST_S3_CLIENT_RANDOM 0x160

// ssl_session_st->cipher
#define SSL_SESSION_ST_CIPHER 0x2f8

// ssl_session_st->cipher_id
#define SSL_SESSION_ST_CIPHER_ID 0x300

// ssl_cipher_st->id
#define SSL_CIPHER_ST_ID 0x18

// ssl_st->handshake_secret
#define SSL_ST_HANDSHAKE_SECRET 0x584

// ssl_st->master_secret
#define SSL_ST_MASTER_SECRET 0x5c4

// ssl_st->server_finished_hash
#define SSL_ST_SERVER_FINISHED_HASH 0x6c4

// ssl_st->handshake_traffic_hash
#define SSL_ST_HANDSHAKE_TRAFFIC_HASH 0x704

// ssl_st->exporter_master_secret
#define SSL_ST_EXPORTER_MASTER_SECRET 0x7c4

#include "openssl.h"
#include "openssl_masterkey_3.0.h"

#endif

3 changes: 2 additions & 1 deletion kern/openssl_masterkey.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -158,7 +158,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) {

///////////////////////// get TLS 1.2 master secret ////////////////////
if (mastersecret->version != TLS1_3_VERSION) {
void *ms_ptr = (void *)(ssl_session_st_addr + SSL_SESSION_ST_MASTER_KEY);
void *ms_ptr =
(void *)(ssl_session_st_addr + SSL_SESSION_ST_MASTER_KEY);
ret = bpf_probe_read_user(&mastersecret->master_key,
sizeof(mastersecret->master_key), ms_ptr);
if (ret) {
Expand Down
Loading