From 59a76e0774bf9ac97455217fca331fcd7947689f Mon Sep 17 00:00:00 2001 From: CFC4N Date: Thu, 1 Dec 2022 21:42:10 +0800 Subject: [PATCH 01/13] fixes bug. Signed-off-by: CFC4N --- kern/boringssl_1_1_1_kern.c | 4 +++- kern/boringssl_masterkey.h | 20 +++++++++++++++----- 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/kern/boringssl_1_1_1_kern.c b/kern/boringssl_1_1_1_kern.c index e801cc2fd..ca9889bc7 100644 --- a/kern/boringssl_1_1_1_kern.c +++ b/kern/boringssl_1_1_1_kern.c @@ -20,7 +20,7 @@ // s3->hs 在 ssl3_state_st 中的偏移量 #define SSL_HS_OFFSET 272 -// hs->established_session 在 SSL_HANDSHAKE 中的偏移量 +// s3->established_session 在 SSL_HANDSHAKE 中的偏移量 #define SSL_ESTABLISHED_SESSION_OFFSET 456 // hs->new_session 在 SSL_HANDSHAKE 中的偏移量 @@ -57,6 +57,8 @@ // bssl::SSL_HANDSHAKE_max_version = 30 /////////////////////////// NEW /////////////////////////// + +// ssl_st->s3->hs // bssl::SSL_HANDSHAKE->secret_ #define SSL_HANDSHAKE_SECRET_ = 40 diff --git a/kern/boringssl_masterkey.h b/kern/boringssl_masterkey.h index 5a94a07d5..94bc8e9b6 100644 --- a/kern/boringssl_masterkey.h +++ b/kern/boringssl_masterkey.h @@ -294,7 +294,17 @@ int probe_ssl_master_key(struct pt_regs *ctx) { //////////////////// TLS 1.3 master secret //////////////////////// - void *hs_ptr_tls13 = (void *)(ssl_st_ptr + SSL_ST_HANDSHAKE_SECRET); + // get s3->hs address first + u64 ssl_hs_st_addr; + u64 *ssl_hs_st_ptr = (u64 *)(s3_address + SSL_HS_OFFSET); + ret = bpf_probe_read_user(&ssl_hs_st_addr, sizeof(ssl_hs_st_addr), ssl_hs_st_ptr); + if (ret) { + debug_bpf_printk("bpf_probe_read ssl_hs_st_ptr failed, ret :%d\n", ret); + return 0; + } + debug_bpf_printk("ssl_hs_st_ptr :%llx, ssl_hs_st_addr:%llx\n", ssl_hs_st_ptr, ssl_hs_st_addr); + + void *hs_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_ST_HANDSHAKE_SECRET); ret = bpf_probe_read_user(&mastersecret->handshake_secret, sizeof(mastersecret->handshake_secret), (void *)hs_ptr_tls13); @@ -304,7 +314,7 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } - void *hth_ptr_tls13 = (void *)(ssl_st_ptr + SSL_ST_HANDSHAKE_TRAFFIC_HASH); + void *hth_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_ST_HANDSHAKE_TRAFFIC_HASH); ret = bpf_probe_read_user(&mastersecret->handshake_traffic_hash, sizeof(mastersecret->handshake_traffic_hash), (void *)hth_ptr_tls13); @@ -315,7 +325,7 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } - void *cats_ptr_tls13 = (void *)(ssl_st_ptr + SSL_ST_CLIENT_APP_TRAFFIC_SECRET); + void *cats_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_ST_CLIENT_APP_TRAFFIC_SECRET); ret = bpf_probe_read_user(&mastersecret->client_app_traffic_secret, sizeof(mastersecret->client_app_traffic_secret), (void *)cats_ptr_tls13); @@ -326,7 +336,7 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } - void *sats_ptr_tls13 = (void *)(ssl_st_ptr + SSL_ST_SERVER_APP_TRAFFIC_SECRET); + void *sats_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_ST_SERVER_APP_TRAFFIC_SECRET); ret = bpf_probe_read_user(&mastersecret->server_app_traffic_secret, sizeof(mastersecret->server_app_traffic_secret), (void *)sats_ptr_tls13); @@ -337,7 +347,7 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } - void *ems_ptr_tls13 = (void *)(ssl_st_ptr + SSL_ST_EXPORTER_MASTER_SECRET); + void *ems_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_ST_EXPORTER_MASTER_SECRET); ret = bpf_probe_read_user(&mastersecret->exporter_master_secret, sizeof(mastersecret->exporter_master_secret), (void *)ems_ptr_tls13); From 4c83624d44703b6ea3d9b6e515275147f4ccc65b Mon Sep 17 00:00:00 2001 From: CFC4N Date: Fri, 2 Dec 2022 21:45:12 +0800 Subject: [PATCH 02/13] update boringssl offset calculate code. Signed-off-by: CFC4N --- kern/boringssl_1_1_1_kern.c | 31 ++++---- kern/boringssl_masterkey.h | 142 ++++++++++++++++++----------------- kern/openssl_masterkey.h | 4 +- kern/openssl_masterkey_3.0.h | 4 +- utils/boringssl-offset.c | 8 +- 5 files changed, 97 insertions(+), 92 deletions(-) diff --git a/kern/boringssl_1_1_1_kern.c b/kern/boringssl_1_1_1_kern.c index ca9889bc7..ac590a581 100644 --- a/kern/boringssl_1_1_1_kern.c +++ b/kern/boringssl_1_1_1_kern.c @@ -6,19 +6,16 @@ //------------------------------------------ // android boringssl 版本 // ssl->version 在 ssl_st 结构体中的偏移量 -#define SSL_ST_VERSION 16 +#define SSL_ST_VERSION 0x10 // ssl->session 在 ssl_st 结构中的偏移量 -#define SSL_ST_SESSION 88 - -// session->secret 在 SSL_SESSION 中的偏移量 -#define SSL_SESSION_ST_MASTER_KEY 16 +#define SSL_ST_SESSION 0x58 // ssl->s3 在 ssl_st中的偏移量 -#define SSL_ST_S3 48 +#define SSL_ST_S3 0x30 // s3->hs 在 ssl3_state_st 中的偏移量 -#define SSL_HS_OFFSET 272 +#define SSL_HS_OFFSET 0x118 // s3->established_session 在 SSL_HANDSHAKE 中的偏移量 #define SSL_ESTABLISHED_SESSION_OFFSET 456 @@ -60,25 +57,25 @@ // ssl_st->s3->hs // bssl::SSL_HANDSHAKE->secret_ -#define SSL_HANDSHAKE_SECRET_ = 40 +#define SSL_HANDSHAKE_SECRET_ 40 // bssl::SSL_HANDSHAKE->early_traffic_secret_ -#define SSL_HANDSHAKE_EARLY_TRAFFIC_SECRET_ = 88 +#define SSL_HANDSHAKE_EARLY_TRAFFIC_SECRET_ 88 // bssl::SSL_HANDSHAKE->client_handshake_secret_ -#define SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_ = 136 +#define SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_ 136 // bssl::SSL_HANDSHAKE->server_handshake_secret_ -#define SSL_HANDSHAKE_SERVER_HANDSHAKE_SECRET_ = 184 +#define SSL_HANDSHAKE_SERVER_HANDSHAKE_SECRET_ 184 // bssl::SSL_HANDSHAKE->client_traffic_secret_0_ -#define SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_ = 232 +#define SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_ 232 // bssl::SSL_HANDSHAKE->server_traffic_secret_0_ -#define SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_ = 280 +#define SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_ 280 // bssl::SSL_HANDSHAKE->expected_client_finished_ -#define SSL_HANDSHAKE_EXPECTED_CLIENT_FINISHED_ = 328 +#define SSL_HANDSHAKE_EXPECTED_CLIENT_FINISHED_ 328 /////////////////////////// END /////////////////////////// // ssl->handshake_secret 在 ssl_st 中的偏移量 @@ -88,13 +85,13 @@ #define SSL_ST_HANDSHAKE_TRAFFIC_HASH 0x2fc // 764 // ssl_st->client_app_traffic_secret -#define SSL_ST_CLIENT_APP_TRAFFIC_SECRET 0x33c // 828 +//#define SSL_ST_CLIENT_APP_TRAFFIC_SECRET 0x33c // 828 // ssl_st->server_app_traffic_secret -#define SSL_ST_SERVER_APP_TRAFFIC_SECRET 0x37c // 892 +//#define SSL_ST_SERVER_APP_TRAFFIC_SECRET 0x37c // 892 // ssl->exporter_master_secret 在 ssl_st 中的偏移量 -#define SSL_ST_EXPORTER_MASTER_SECRET 0x3bc // 956 +//#define SSL_ST_EXPORTER_MASTER_SECRET 0x3bc // 956 #endif diff --git a/kern/boringssl_masterkey.h b/kern/boringssl_masterkey.h index 94bc8e9b6..4c3b65e27 100644 --- a/kern/boringssl_masterkey.h +++ b/kern/boringssl_masterkey.h @@ -227,10 +227,73 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } + // get s3->hs address first + u64 ssl_hs_st_addr; + u64 *ssl_hs_st_ptr = (u64 *)(s3_address + SSL_HS_OFFSET); + ret = bpf_probe_read_user(&ssl_hs_st_addr, sizeof(ssl_hs_st_addr), ssl_hs_st_ptr); + if (ret) { + debug_bpf_printk("bpf_probe_read ssl_hs_st_ptr failed, ret :%d\n", ret); + return 0; + } + debug_bpf_printk("ssl_hs_st_ptr :%llx, ssl_hs_st_addr:%llx\n", ssl_hs_st_ptr, ssl_hs_st_addr); + + void *hs_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_ST_HANDSHAKE_SECRET); + ret = bpf_probe_read_user(&mastersecret->handshake_secret, + sizeof(mastersecret->handshake_secret), + (void *)hs_ptr_tls13); + if (ret) { + debug_bpf_printk( + "bpf_probe_read SSL_ST_HANDSHAKE_SECRET failed, ret :%d\n", ret); + return 0; + } + + ///////////////////////// get TLS cipher info //////////////////// + // Get SSL_SESSION->cipher pointer + u64 *ssl_cipher_st_ptr = + (u64 *)(ssl_session_st_addr + SSL_SESSION_ST_CIPHER); + + // get cipher_suite_st pointer + debug_bpf_printk("cipher_suite_st pointer: %x\n", ssl_cipher_st_ptr); + ret = bpf_probe_read_user(&address, sizeof(address), ssl_cipher_st_ptr); + if (ret || address == 0) { + debug_bpf_printk( + "bpf_probe_read ssl_cipher_st_ptr failed, ret :%d, address:%x\n", + ret, address); + // return 0; + void *cipher_id_ptr = + (void *)(ssl_session_st_addr + SSL_SESSION_ST_CIPHER_ID); + ret = + bpf_probe_read_user(&mastersecret->cipher_id, + sizeof(mastersecret->cipher_id), cipher_id_ptr); + if (ret) { + debug_bpf_printk( + "bpf_probe_read SSL_SESSION_ST_CIPHER_ID failed from " + "SSL_SESSION->cipher_id, ret :%d\n", + ret); + return 0; + } + } else { + debug_bpf_printk("cipher_suite_st value: %x\n", address); + void *cipher_id_ptr = (void *)(address + SSL_CIPHER_ST_ID); + ret = + bpf_probe_read_user(&mastersecret->cipher_id, + sizeof(mastersecret->cipher_id), cipher_id_ptr); + if (ret) { + debug_bpf_printk( + "bpf_probe_read SSL_CIPHER_ST_ID failed from " + "ssl_cipher_st->id, ret :%d\n", + ret); + return 0; + } + } + + debug_bpf_printk("cipher_id: %d\n", mastersecret->cipher_id); + + ///////////////////////// get TLS 1.2 master secret //////////////////// if (mastersecret->version != TLS1_3_VERSION) { void *ms_ptr = - (void *)(ssl_session_st_addr + SSL_SESSION_ST_MASTER_KEY); + (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_SECRET_); ret = bpf_probe_read_user(&mastersecret->master_key, sizeof(mastersecret->master_key), ms_ptr); if (ret) { @@ -250,70 +313,9 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } - ///////////////////////// get TLS 1.3 master secret //////////////////// - // Get SSL_SESSION->cipher pointer - u64 *ssl_cipher_st_ptr = - (u64 *)(ssl_session_st_addr + SSL_SESSION_ST_CIPHER); - - // get cipher_suite_st pointer - debug_bpf_printk("cipher_suite_st pointer: %x\n", ssl_cipher_st_ptr); - ret = bpf_probe_read_user(&address, sizeof(address), ssl_cipher_st_ptr); - if (ret || address == 0) { - debug_bpf_printk( - "bpf_probe_read ssl_cipher_st_ptr failed, ret :%d, address:%x\n", - ret, address); - // return 0; - void *cipher_id_ptr = - (void *)(ssl_session_st_addr + SSL_SESSION_ST_CIPHER_ID); - ret = - bpf_probe_read_user(&mastersecret->cipher_id, - sizeof(mastersecret->cipher_id), cipher_id_ptr); - if (ret) { - debug_bpf_printk( - "bpf_probe_read SSL_SESSION_ST_CIPHER_ID failed from " - "SSL_SESSION->cipher_id, ret :%d\n", - ret); - return 0; - } - } else { - debug_bpf_printk("cipher_suite_st value: %x\n", address); - void *cipher_id_ptr = (void *)(address + SSL_CIPHER_ST_ID); - ret = - bpf_probe_read_user(&mastersecret->cipher_id, - sizeof(mastersecret->cipher_id), cipher_id_ptr); - if (ret) { - debug_bpf_printk( - "bpf_probe_read SSL_CIPHER_ST_ID failed from " - "ssl_cipher_st->id, ret :%d\n", - ret); - return 0; - } - } - - debug_bpf_printk("cipher_id: %d\n", mastersecret->cipher_id); //////////////////// TLS 1.3 master secret //////////////////////// - // get s3->hs address first - u64 ssl_hs_st_addr; - u64 *ssl_hs_st_ptr = (u64 *)(s3_address + SSL_HS_OFFSET); - ret = bpf_probe_read_user(&ssl_hs_st_addr, sizeof(ssl_hs_st_addr), ssl_hs_st_ptr); - if (ret) { - debug_bpf_printk("bpf_probe_read ssl_hs_st_ptr failed, ret :%d\n", ret); - return 0; - } - debug_bpf_printk("ssl_hs_st_ptr :%llx, ssl_hs_st_addr:%llx\n", ssl_hs_st_ptr, ssl_hs_st_addr); - - void *hs_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_ST_HANDSHAKE_SECRET); - ret = bpf_probe_read_user(&mastersecret->handshake_secret, - sizeof(mastersecret->handshake_secret), - (void *)hs_ptr_tls13); - if (ret) { - debug_bpf_printk( - "bpf_probe_read SSL_ST_HANDSHAKE_SECRET failed, ret :%d\n", ret); - return 0; - } - void *hth_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_ST_HANDSHAKE_TRAFFIC_HASH); ret = bpf_probe_read_user(&mastersecret->handshake_traffic_hash, sizeof(mastersecret->handshake_traffic_hash), @@ -325,41 +327,41 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } - void *cats_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_ST_CLIENT_APP_TRAFFIC_SECRET); + void *cats_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_); ret = bpf_probe_read_user(&mastersecret->client_app_traffic_secret, sizeof(mastersecret->client_app_traffic_secret), (void *)cats_ptr_tls13); if (ret) { debug_bpf_printk( - "bpf_probe_read SSL_ST_CLIENT_APP_TRAFFIC_SECRET failed, ret :%d\n", + "bpf_probe_read SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_ failed, ret :%d\n", ret); return 0; } - void *sats_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_ST_SERVER_APP_TRAFFIC_SECRET); + void *sats_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_); ret = bpf_probe_read_user(&mastersecret->server_app_traffic_secret, sizeof(mastersecret->server_app_traffic_secret), (void *)sats_ptr_tls13); if (ret) { debug_bpf_printk( - "bpf_probe_read SSL_ST_SERVER_APP_TRAFFIC_SECRET failed, ret :%d\n", + "bpf_probe_read SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_ failed, ret :%d\n", ret); return 0; } - void *ems_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_ST_EXPORTER_MASTER_SECRET); + void *ems_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_EXPECTED_CLIENT_FINISHED_); ret = bpf_probe_read_user(&mastersecret->exporter_master_secret, sizeof(mastersecret->exporter_master_secret), (void *)ems_ptr_tls13); if (ret) { debug_bpf_printk( - "bpf_probe_read SSL_ST_EXPORTER_MASTER_SECRET failed, ret :%d\n", + "bpf_probe_read SSL_HANDSHAKE_EXPECTED_CLIENT_FINISHED_ failed, ret :%d\n", ret); return 0; } debug_bpf_printk( - "*****master_secret*****: %x %x %x\n", mastersecret->master_secret[0], - mastersecret->master_secret[1], mastersecret->master_secret[2]); + "*****master_secret*****: %x %x %x\n", mastersecret->master_key[0], + mastersecret->master_key[1], mastersecret->master_key[2]); bpf_perf_event_output(ctx, &mastersecret_events, BPF_F_CURRENT_CPU, mastersecret, sizeof(struct mastersecret_t)); return 0; diff --git a/kern/openssl_masterkey.h b/kern/openssl_masterkey.h index 3e885524b..1495bf806 100644 --- a/kern/openssl_masterkey.h +++ b/kern/openssl_masterkey.h @@ -291,8 +291,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } debug_bpf_printk( - "*****master_secret*****: %x %x %x\n", mastersecret->master_secret[0], - mastersecret->master_secret[1], mastersecret->master_secret[2]); + "*****master_secret*****: %x %x %x\n", mastersecret->master_key[0], + mastersecret->master_key[1], mastersecret->master_key[2]); bpf_perf_event_output(ctx, &mastersecret_events, BPF_F_CURRENT_CPU, mastersecret, sizeof(struct mastersecret_t)); return 0; diff --git a/kern/openssl_masterkey_3.0.h b/kern/openssl_masterkey_3.0.h index 32d1317e9..163050387 100644 --- a/kern/openssl_masterkey_3.0.h +++ b/kern/openssl_masterkey_3.0.h @@ -273,8 +273,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } debug_bpf_printk( - "*****master_secret*****: %x %x %x\n", mastersecret->master_secret[0], - mastersecret->master_secret[1], mastersecret->master_secret[2]); + "*****master_secret*****: %x %x %x\n", mastersecret->master_key[0], + mastersecret->master_key[1], mastersecret->master_key[2]); bpf_perf_event_output(ctx, &mastersecret_events, BPF_F_CURRENT_CPU, mastersecret, sizeof(struct mastersecret_t)); return 0; diff --git a/utils/boringssl-offset.c b/utils/boringssl-offset.c index a1d27a334..0c4931a22 100644 --- a/utils/boringssl-offset.c +++ b/utils/boringssl-offset.c @@ -47,6 +47,8 @@ X(ssl_st, s3) \ X(ssl_session_st, secret) \ X(ssl_session_st, secret_length) \ + X(ssl_session_st, cipher) \ + X(ssl_cipher_st, id) \ X(bssl::SSL3_STATE, hs) \ X(bssl::SSL3_STATE, client_random) \ X(bssl::SSL_HANDSHAKE, new_session) \ @@ -57,7 +59,11 @@ void toUpper(char *s) { int i = 0; while (s[i] != '\0') { - putchar(toupper(s[i])); + if (s[i] == '.' || s[i] == ':') { + putchar('_'); + } else { + putchar(toupper(s[i])); + } i++; } } From 5a89d852a8822a7bd0c7fe8010ca22ba28212619 Mon Sep 17 00:00:00 2001 From: CFC4N Date: Sat, 3 Dec 2022 23:40:42 +0800 Subject: [PATCH 03/13] add tls log lable. Signed-off-by: CFC4N --- pkg/util/hkdf/hkdf.go | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/pkg/util/hkdf/hkdf.go b/pkg/util/hkdf/hkdf.go index 83aba20ee..2fc872670 100644 --- a/pkg/util/hkdf/hkdf.go +++ b/pkg/util/hkdf/hkdf.go @@ -45,12 +45,13 @@ const ( ) const ( - KeyLogLabelTLS12 = "CLIENT_RANDOM" - KeyLogLabelClientHandshake = "CLIENT_HANDSHAKE_TRAFFIC_SECRET" - KeyLogLabelServerHandshake = "SERVER_HANDSHAKE_TRAFFIC_SECRET" - KeyLogLabelClientTraffic = "CLIENT_TRAFFIC_SECRET_0" - KeyLogLabelServerTraffic = "SERVER_TRAFFIC_SECRET_0" - KeyLogLabelExporterSecret = "EXPORTER_SECRET" + KeyLogLabelTLS12 = "CLIENT_RANDOM" + KeyLogLabelClientHandshake = "CLIENT_HANDSHAKE_TRAFFIC_SECRET" + KeyLogLabelServerHandshake = "SERVER_HANDSHAKE_TRAFFIC_SECRET" + KeyLogLabelClientTraffic = "CLIENT_TRAFFIC_SECRET_0" + KeyLogLabelServerTraffic = "SERVER_TRAFFIC_SECRET_0" + KeyLogLabelExporterSecret = "EXPORTER_SECRET" + KeyLogLabelClientEarlyTafficSecret = "CLIENT_EARLY_TRAFFIC_SECRET" ) // crypto/tls/cipher_suites.go line 678 From ccfd467ae4a6d10f0d365f969ffb2f8c2109fd69 Mon Sep 17 00:00:00 2001 From: CFC4N Date: Sat, 3 Dec 2022 23:47:01 +0800 Subject: [PATCH 04/13] add boringssl tls event struct. Signed-off-by: CFC4N --- kern/boringssl_masterkey.h | 31 +++++++----- user/event/event_masterkey.go | 94 +++++++++++++++++++++++++++++++++++ 2 files changed, 113 insertions(+), 12 deletions(-) diff --git a/kern/boringssl_masterkey.h b/kern/boringssl_masterkey.h index 4c3b65e27..3f048ea87 100644 --- a/kern/boringssl_masterkey.h +++ b/kern/boringssl_masterkey.h @@ -30,10 +30,17 @@ struct mastersecret_t { // TLS 1.3 u32 cipher_id; - u8 handshake_secret[EVP_MAX_MD_SIZE]; - u8 handshake_traffic_hash[EVP_MAX_MD_SIZE]; - u8 client_app_traffic_secret[EVP_MAX_MD_SIZE]; - u8 server_app_traffic_secret[EVP_MAX_MD_SIZE]; + + // ???? + u8 early_traffic_secret_[EVP_MAX_MD_SIZE]; + u8 client_handshake_secret_[EVP_MAX_MD_SIZE]; + u8 server_handshake_secret_[EVP_MAX_MD_SIZE]; + + // SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_ + u8 client_traffic_secret_0_[EVP_MAX_MD_SIZE]; + + + u8 server_traffic_secret_0_[EVP_MAX_MD_SIZE]; u8 exporter_master_secret[EVP_MAX_MD_SIZE]; }; @@ -238,8 +245,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) { debug_bpf_printk("ssl_hs_st_ptr :%llx, ssl_hs_st_addr:%llx\n", ssl_hs_st_ptr, ssl_hs_st_addr); void *hs_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_ST_HANDSHAKE_SECRET); - ret = bpf_probe_read_user(&mastersecret->handshake_secret, - sizeof(mastersecret->handshake_secret), + ret = bpf_probe_read_user(&mastersecret->client_handshake_secret_, + sizeof(mastersecret->client_handshake_secret_), (void *)hs_ptr_tls13); if (ret) { debug_bpf_printk( @@ -317,8 +324,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) { //////////////////// TLS 1.3 master secret //////////////////////// void *hth_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_ST_HANDSHAKE_TRAFFIC_HASH); - ret = bpf_probe_read_user(&mastersecret->handshake_traffic_hash, - sizeof(mastersecret->handshake_traffic_hash), + ret = bpf_probe_read_user(&mastersecret->server_handshake_secret_, + sizeof(mastersecret->server_handshake_secret_), (void *)hth_ptr_tls13); if (ret) { debug_bpf_printk( @@ -328,8 +335,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) { } void *cats_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_); - ret = bpf_probe_read_user(&mastersecret->client_app_traffic_secret, - sizeof(mastersecret->client_app_traffic_secret), + ret = bpf_probe_read_user(&mastersecret->client_traffic_secret_0_, + sizeof(mastersecret->client_traffic_secret_0_), (void *)cats_ptr_tls13); if (ret) { debug_bpf_printk( @@ -339,8 +346,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) { } void *sats_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_); - ret = bpf_probe_read_user(&mastersecret->server_app_traffic_secret, - sizeof(mastersecret->server_app_traffic_secret), + ret = bpf_probe_read_user(&mastersecret->server_traffic_secret_0_, + sizeof(mastersecret->server_traffic_secret_0_), (void *)sats_ptr_tls13); if (ret) { debug_bpf_printk( diff --git a/user/event/event_masterkey.go b/user/event/event_masterkey.go index def48d8d3..f46e3f526 100644 --- a/user/event/event_masterkey.go +++ b/user/event/event_masterkey.go @@ -120,3 +120,97 @@ func (this *MasterSecretEvent) Payload() []byte { func (this *MasterSecretEvent) PayloadLen() int { return len(this.payload) } + +// for BoringSSL TLS 1.3 +type MasterSecretBoringSSLEvent struct { + event_type EventType + Version int32 `json:"version"` // TLS Version + + // TLS 1.2 or older + ClientRandom [SSL3_RANDOM_SIZE]byte `json:"clientRandom"` // Client Random + MasterKey [MASTER_SECRET_MAX_LEN]byte `json:"masterKey"` // Master Key + + // TLS 1.3 + CipherId uint32 `json:"cipherId"` // Cipher ID + EarlyTrafficSecret [EVP_MAX_MD_SIZE]byte `json:"earlyTrafficSecret"` // CLIENT_EARLY_TRAFFIC_SECRET + ClientHandshakeSecret [EVP_MAX_MD_SIZE]byte `json:"clientHandshakeSecret"` // CLIENT_HANDSHAKE_TRAFFIC_SECRET + ServerHandshakeSecret [EVP_MAX_MD_SIZE]byte `json:"serverHandshakeSecret"` // SERVER_HANDSHAKE_TRAFFIC_SECRET + ClientTrafficSecret0 [EVP_MAX_MD_SIZE]byte `json:"clientTrafficSecret0"` // SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_ + ServerTrafficSecret0 [EVP_MAX_MD_SIZE]byte `json:"serverTrafficSecret0"` // SERVER_TRAFFIC_SECRET_0 + ExporterMasterSecret [EVP_MAX_MD_SIZE]byte `json:"exporterMasterSecret"` // EXPORTER_SECRET + payload string +} + +func (this *MasterSecretBoringSSLEvent) Decode(payload []byte) (err error) { + buf := bytes.NewBuffer(payload) + if err = binary.Read(buf, binary.LittleEndian, &this.Version); err != nil { + return + } + if err = binary.Read(buf, binary.LittleEndian, &this.ClientRandom); err != nil { + return + } + if err = binary.Read(buf, binary.LittleEndian, &this.MasterKey); err != nil { + return + } + if err = binary.Read(buf, binary.LittleEndian, &this.CipherId); err != nil { + return + } + if err = binary.Read(buf, binary.LittleEndian, &this.EarlyTrafficSecret); err != nil { + return + } + if err = binary.Read(buf, binary.LittleEndian, &this.ClientHandshakeSecret); err != nil { + return + } + if err = binary.Read(buf, binary.LittleEndian, &this.ServerHandshakeSecret); err != nil { + return + } + if err = binary.Read(buf, binary.LittleEndian, &this.ClientTrafficSecret0); err != nil { + return + } + if err = binary.Read(buf, binary.LittleEndian, &this.ServerTrafficSecret0); err != nil { + return + } + if err = binary.Read(buf, binary.LittleEndian, &this.ExporterMasterSecret); err != nil { + return + } + this.payload = fmt.Sprintf("CLIENT_RANDOM %02x %02x", this.ClientRandom, this.MasterKey) + return nil +} + +func (this *MasterSecretBoringSSLEvent) StringHex() string { + v := TlsVersion{ + Version: this.Version, + } + s := fmt.Sprintf("TLS Version:%s, ClientRandom:%02x", v.String(), this.ClientRandom) + return s +} + +func (this *MasterSecretBoringSSLEvent) String() string { + v := TlsVersion{ + Version: this.Version, + } + s := fmt.Sprintf("TLS Version:%s, ClientRandom:%02x", v.String(), this.ClientRandom) + return s +} + +func (this *MasterSecretBoringSSLEvent) Clone() IEventStruct { + event := new(MasterSecretEvent) + event.event_type = EventTypeModuleData + return event +} + +func (this *MasterSecretBoringSSLEvent) EventType() EventType { + return this.event_type +} + +func (this *MasterSecretBoringSSLEvent) GetUUID() string { + return fmt.Sprintf("%02X", this.ClientRandom) +} + +func (this *MasterSecretBoringSSLEvent) Payload() []byte { + return []byte(this.payload) +} + +func (this *MasterSecretBoringSSLEvent) PayloadLen() int { + return len(this.payload) +} From f20368111d4792d08160a6e7eca29b9362abe90f Mon Sep 17 00:00:00 2001 From: CFC4N Date: Mon, 5 Dec 2022 22:03:18 +0800 Subject: [PATCH 05/13] add new masterSecretEvent struct for BoringSSL Signed-off-by: CFC4N --- kern/README.md | 71 +++++++++++++++++++++++++++++ kern/boringssl_1_1_1_kern.c | 86 ++++++++++++++++------------------- kern/boringssl_masterkey.h | 52 +++++++++++---------- user/event/event_masterkey.go | 10 ++-- user/module/probe_openssl.go | 6 +++ 5 files changed, 149 insertions(+), 76 deletions(-) diff --git a/kern/README.md b/kern/README.md index 4294c71fa..ef5d61e6e 100644 --- a/kern/README.md +++ b/kern/README.md @@ -115,3 +115,74 @@ struct bio_st { CRYPTO_EX_DATA ex_data; }; ``` + +## master secrets + +| openssl label name | openssl struct | Label Name | boringssl struct | | +|-----------------------------|---------------------------------|---------------------------------|-------------------------------|-----| +| MASTER_SECRET_LABEL | s->session->master_key | CLIENT_RANDOM | session->secret | | +| EXPORTER_SECRET | s->exporter_master_secret | EXPORTER_SECRET | ssl->s3->exporter_secret | | +| EARLY_EXPORTER_SECRET_LABEL | s->early_exporter_master_secret | EARLY_EXPORTER_SECRET | - | | +| SERVER_APPLICATION_LABEL | s->server_app_traffic_secret | SERVER_TRAFFIC_SECRET_0 | hs->server_traffic_secret_0() | | +| CLIENT_APPLICATION_LABEL | s->client_app_traffic_secret | CLIENT_TRAFFIC_SECRET_0 | hs->client_traffic_secret_0() | | +| SERVER_HANDSHAKE_LABEL | | SERVER_HANDSHAKE_TRAFFIC_SECRET | hs->server_handshake_secret() | | +| CLIENT_HANDSHAKE_LABEL | | CLIENT_HANDSHAKE_TRAFFIC_SECRET | hs->client_handshake_secret() | | +| CLIENT_EARLY_LABEL | | CLIENT_EARLY_TRAFFIC_SECRET | hs->early_traffic_secret() | | + +### EARLY_EXPORTER_SECRET_LABEL EXPORTER_SECRET_LABEL +- + +### SERVER_APPLICATION_LABEL +insecret = s->master_secret; +label = server_application_traffic; +labellen = sizeof(server_application_traffic) - 1; +log_label = SERVER_APPLICATION_LABEL; + +### CLIENT_APPLICATION_LABEL +insecret = s->master_secret; +label = client_application_traffic; +labellen = sizeof(client_application_traffic) - 1; +log_label = CLIENT_APPLICATION_LABEL; + +### SERVER_HANDSHAKE_LABEL +insecret = s->handshake_secret; +finsecret = s->server_finished_secret; +finsecretlen = EVP_MD_size(ssl_handshake_md(s)); +label = server_handshake_traffic; +labellen = sizeof(server_handshake_traffic) - 1; +log_label = SERVER_HANDSHAKE_LABEL; + +**再计算** +memcpy(s->handshake_traffic_hash, hashval, hashlen); +derive_secret_key_and_iv(s, which & SSL3_CC_WRITE, md, cipher, +insecret, hash, label, labellen, secret, iv, +ciph_ctx) + +### SERVER_HANDSHAKE_LABEL +insecret = s->handshake_secret; +finsecret = s->server_finished_secret; +finsecretlen = EVP_MD_size(ssl_handshake_md(s)); +label = server_handshake_traffic; +labellen = sizeof(server_handshake_traffic) - 1; +log_label = SERVER_HANDSHAKE_LABEL; + +**再计算** +memcpy(s->handshake_traffic_hash, hashval, hashlen); +derive_secret_key_and_iv(s, which & SSL3_CC_WRITE, md, cipher, +insecret, hash, label, labellen, secret, iv, +ciph_ctx) + +### CLIENT_HANDSHAKE_LABEL +insecret = s->handshake_secret; +finsecret = s->client_finished_secret; +finsecretlen = EVP_MD_size(ssl_handshake_md(s)); +label = client_handshake_traffic; +labellen = sizeof(client_handshake_traffic) - 1; +log_label = CLIENT_HANDSHAKE_LABEL; +hash = s->handshake_traffic_hash; + +### CLIENT_EARLY_LABEL +insecret = s->early_secret; +label = client_early_traffic; +labellen = sizeof(client_early_traffic) - 1; +log_label = CLIENT_EARLY_LABEL; \ No newline at end of file diff --git a/kern/boringssl_1_1_1_kern.c b/kern/boringssl_1_1_1_kern.c index ac590a581..6f54aec48 100644 --- a/kern/boringssl_1_1_1_kern.c +++ b/kern/boringssl_1_1_1_kern.c @@ -14,8 +14,35 @@ // ssl->s3 在 ssl_st中的偏移量 #define SSL_ST_S3 0x30 -// s3->hs 在 ssl3_state_st 中的偏移量 -#define SSL_HS_OFFSET 0x118 +// ssl_session_st->secret +#define SSL_SESSION_ST_SECRET 0x10 + +// ssl_session_st->secret_length +#define SSL_SESSION_ST_SECRET_LENGTH 0xc + +// ssl_session_st->cipher +#define SSL_SESSION_ST_CIPHER 0xd0 + +// ssl_cipher_st->id +#define SSL_CIPHER_ST_ID 0x10 + +// bssl::SSL3_STATE->hs +#define BSSL__SSL3_STATE_HS 0x118 + +// bssl::SSL3_STATE->client_random +#define BSSL__SSL3_STATE_CLIENT_RANDOM 0x30 + +// bssl::SSL_HANDSHAKE->new_session +#define BSSL__SSL_HANDSHAKE_NEW_SESSION 0x5f0 + +// bssl::SSL_HANDSHAKE->early_session +#define BSSL__SSL_HANDSHAKE_EARLY_SESSION 0x5f8 + +// bssl::SSL3_STATE->established_session +#define BSSL__SSL3_STATE_ESTABLISHED_SESSION 0x1d0 + +// bssl::SSL_HANDSHAKE->max_version +#define BSSL__SSL_HANDSHAKE_MAX_VERSION 0x1e // s3->established_session 在 SSL_HANDSHAKE 中的偏移量 #define SSL_ESTABLISHED_SESSION_OFFSET 456 @@ -30,69 +57,36 @@ #define SSL_S3_CLIENT_RANDOM_OFFSET 48 -////////// TLS 1.2 or older ///////// -// session->cipher 在 SSL_SESSION 中的偏移量 -#define SSL_SESSION_ST_CIPHER 496 +/////////////////////////////////////////// DON'T REMOVE THIS CODE BLOCK. ////////////////////////////////////////// -// session->cipher_id 在 SSL_SESSION 中的偏移量 -#define SSL_SESSION_ST_CIPHER_ID 0x1f8 - -// cipher->id 在 ssl_cipher_st 中的偏移量 -#define SSL_CIPHER_ST_ID 0x18 - -/* - size_t hash_len_ = 0; - uint8_t secret_[SSL_MAX_MD_SIZE] = {0}; - uint8_t early_traffic_secret_[SSL_MAX_MD_SIZE] = {0}; - uint8_t client_handshake_secret_[SSL_MAX_MD_SIZE] = {0}; - uint8_t server_handshake_secret_[SSL_MAX_MD_SIZE] = {0}; - uint8_t client_traffic_secret_0_[SSL_MAX_MD_SIZE] = {0}; - uint8_t server_traffic_secret_0_[SSL_MAX_MD_SIZE] = {0}; - uint8_t expected_client_finished_[SSL_MAX_MD_SIZE] = {0}; - */ -// bssl::SSL_HANDSHAKE_max_version = 30 - -/////////////////////////// NEW /////////////////////////// +// SSL_MAX_MD_SIZE is size of the largest hash function used in TLS, SHA-384. +#define SSL_MAX_MD_SIZE 48 +// memory layout, see README.md for more detail. // ssl_st->s3->hs // bssl::SSL_HANDSHAKE->secret_ -#define SSL_HANDSHAKE_SECRET_ 40 +#define SSL_HANDSHAKE_SECRET_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*0 // bssl::SSL_HANDSHAKE->early_traffic_secret_ -#define SSL_HANDSHAKE_EARLY_TRAFFIC_SECRET_ 88 +#define SSL_HANDSHAKE_EARLY_TRAFFIC_SECRET_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*1 // bssl::SSL_HANDSHAKE->client_handshake_secret_ -#define SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_ 136 +#define SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*2 // bssl::SSL_HANDSHAKE->server_handshake_secret_ -#define SSL_HANDSHAKE_SERVER_HANDSHAKE_SECRET_ 184 +#define SSL_HANDSHAKE_SERVER_HANDSHAKE_SECRET_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*3 // bssl::SSL_HANDSHAKE->client_traffic_secret_0_ -#define SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_ 232 +#define SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*4 // bssl::SSL_HANDSHAKE->server_traffic_secret_0_ -#define SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_ 280 +#define SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*5 // bssl::SSL_HANDSHAKE->expected_client_finished_ -#define SSL_HANDSHAKE_EXPECTED_CLIENT_FINISHED_ 328 +#define SSL_HANDSHAKE_EXPECTED_CLIENT_FINISHED_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*6 /////////////////////////// END /////////////////////////// -// ssl->handshake_secret 在 ssl_st 中的偏移量 -#define SSL_ST_HANDSHAKE_SECRET 0x17c // 380 - -// ssl->handshake_traffic_hash 在 ssl_st 中的偏移量 -#define SSL_ST_HANDSHAKE_TRAFFIC_HASH 0x2fc // 764 - -// ssl_st->client_app_traffic_secret -//#define SSL_ST_CLIENT_APP_TRAFFIC_SECRET 0x33c // 828 - -// ssl_st->server_app_traffic_secret -//#define SSL_ST_SERVER_APP_TRAFFIC_SECRET 0x37c // 892 - -// ssl->exporter_master_secret 在 ssl_st 中的偏移量 -//#define SSL_ST_EXPORTER_MASTER_SECRET 0x3bc // 956 - #endif #include "openssl.h" diff --git a/kern/boringssl_masterkey.h b/kern/boringssl_masterkey.h index 3f048ea87..0d9f0e24a 100644 --- a/kern/boringssl_masterkey.h +++ b/kern/boringssl_masterkey.h @@ -26,7 +26,7 @@ struct mastersecret_t { // TLS 1.2 or older s32 version; u8 client_random[SSL3_RANDOM_SIZE]; - u8 master_key[MASTER_SECRET_MAX_LEN]; + u8 secret_[MASTER_SECRET_MAX_LEN]; // TLS 1.3 u32 cipher_id; @@ -41,14 +41,14 @@ struct mastersecret_t { u8 server_traffic_secret_0_[EVP_MAX_MD_SIZE]; - u8 exporter_master_secret[EVP_MAX_MD_SIZE]; + u8 exporter_secret[EVP_MAX_MD_SIZE]; }; -// ssl/ssl_local.h 1556行 +// ssl/internal.h line 2653 SSL3_STATE struct ssl3_state_st { - long flags; + u64 read_sequence; // 确保BORINGSSL的state_st 中client_random 的偏移量是48 - u64 unused; + u64 write_sequence; unsigned char server_random[SSL3_RANDOM_SIZE]; unsigned char client_random[SSL3_RANDOM_SIZE]; }; @@ -104,7 +104,7 @@ static __always_inline u64 get_session_addr(void *ssl_st_ptr, u64 s3_address) { } // get hs pointer - u64 *ssl_hs_st_ptr = (u64 *)(s3_address + SSL_HS_OFFSET); + u64 *ssl_hs_st_ptr = (u64 *)(s3_address + BSSL__SSL3_STATE_HS); ret = bpf_probe_read_user(&tmp_address, sizeof(tmp_address), ssl_hs_st_ptr); if (ret) { debug_bpf_printk("bpf_probe_read ssl_hs_st_ptr failed, ret :%d\n", ret); @@ -233,24 +233,26 @@ int probe_ssl_master_key(struct pt_regs *ctx) { debug_bpf_printk("ssl_session_st_addr is null\n"); return 0; } - + debug_bpf_printk("ssl_session_st_addr addr :%d",ssl_session_st_addr); // get s3->hs address first u64 ssl_hs_st_addr; - u64 *ssl_hs_st_ptr = (u64 *)(s3_address + SSL_HS_OFFSET); + u64 *ssl_hs_st_ptr = (u64 *)(s3_address + BSSL__SSL3_STATE_HS); ret = bpf_probe_read_user(&ssl_hs_st_addr, sizeof(ssl_hs_st_addr), ssl_hs_st_ptr); if (ret) { debug_bpf_printk("bpf_probe_read ssl_hs_st_ptr failed, ret :%d\n", ret); return 0; } - debug_bpf_printk("ssl_hs_st_ptr :%llx, ssl_hs_st_addr:%llx\n", ssl_hs_st_ptr, ssl_hs_st_addr); - void *hs_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_ST_HANDSHAKE_SECRET); + // TODO + debug_bpf_printk("s3_address:%d, ssl_hs_st_ptr :%llx, ssl_hs_st_addr:%llx\n", s3_address, ssl_hs_st_ptr, ssl_hs_st_addr); + + void *hs_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_); ret = bpf_probe_read_user(&mastersecret->client_handshake_secret_, sizeof(mastersecret->client_handshake_secret_), (void *)hs_ptr_tls13); if (ret) { debug_bpf_printk( - "bpf_probe_read SSL_ST_HANDSHAKE_SECRET failed, ret :%d\n", ret); + "bpf_probe_read SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_ failed, ret :%d\n", ret); return 0; } @@ -268,14 +270,14 @@ int probe_ssl_master_key(struct pt_regs *ctx) { ret, address); // return 0; void *cipher_id_ptr = - (void *)(ssl_session_st_addr + SSL_SESSION_ST_CIPHER_ID); + (void *)(address + SSL_CIPHER_ST_ID); ret = bpf_probe_read_user(&mastersecret->cipher_id, sizeof(mastersecret->cipher_id), cipher_id_ptr); if (ret) { debug_bpf_printk( - "bpf_probe_read SSL_SESSION_ST_CIPHER_ID failed from " - "SSL_SESSION->cipher_id, ret :%d\n", + "bpf_probe_read SSL_CIPHER_ST_ID failed from " + "ssl_cipher_st->id, ret :%d\n", ret); return 0; } @@ -301,8 +303,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) { if (mastersecret->version != TLS1_3_VERSION) { void *ms_ptr = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_SECRET_); - ret = bpf_probe_read_user(&mastersecret->master_key, - sizeof(mastersecret->master_key), ms_ptr); + ret = bpf_probe_read_user(&mastersecret->secret_, + sizeof(mastersecret->secret_), ms_ptr); if (ret) { debug_bpf_printk( "bpf_probe_read MASTER_KEY_OFFSET failed, ms_ptr:%llx, ret " @@ -311,9 +313,9 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } - debug_bpf_printk("master_key: %x %x %x\n", mastersecret->master_key[0], - mastersecret->master_key[1], - mastersecret->master_key[2]); + debug_bpf_printk("master_key: %x %x %x\n", mastersecret->secret_[0], + mastersecret->secret_[1], + mastersecret->secret_[2]); bpf_perf_event_output(ctx, &mastersecret_events, BPF_F_CURRENT_CPU, mastersecret, sizeof(struct mastersecret_t)); @@ -323,13 +325,13 @@ int probe_ssl_master_key(struct pt_regs *ctx) { //////////////////// TLS 1.3 master secret //////////////////////// - void *hth_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_ST_HANDSHAKE_TRAFFIC_HASH); + void *hth_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_); ret = bpf_probe_read_user(&mastersecret->server_handshake_secret_, sizeof(mastersecret->server_handshake_secret_), (void *)hth_ptr_tls13); if (ret) { debug_bpf_printk( - "bpf_probe_read SSL_ST_HANDSHAKE_TRAFFIC_HASH failed, ret :%d\n", + "bpf_probe_read SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_ failed, ret :%d\n", ret); return 0; } @@ -357,8 +359,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) { } void *ems_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_EXPECTED_CLIENT_FINISHED_); - ret = bpf_probe_read_user(&mastersecret->exporter_master_secret, - sizeof(mastersecret->exporter_master_secret), + ret = bpf_probe_read_user(&mastersecret->exporter_secret, + sizeof(mastersecret->exporter_secret), (void *)ems_ptr_tls13); if (ret) { debug_bpf_printk( @@ -367,8 +369,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } debug_bpf_printk( - "*****master_secret*****: %x %x %x\n", mastersecret->master_key[0], - mastersecret->master_key[1], mastersecret->master_key[2]); + "*****master_secret*****: %x %x %x\n", mastersecret->secret_[0], + mastersecret->secret_[1], mastersecret->secret_[2]); bpf_perf_event_output(ctx, &mastersecret_events, BPF_F_CURRENT_CPU, mastersecret, sizeof(struct mastersecret_t)); return 0; diff --git a/user/event/event_masterkey.go b/user/event/event_masterkey.go index f46e3f526..56249146f 100644 --- a/user/event/event_masterkey.go +++ b/user/event/event_masterkey.go @@ -128,7 +128,7 @@ type MasterSecretBoringSSLEvent struct { // TLS 1.2 or older ClientRandom [SSL3_RANDOM_SIZE]byte `json:"clientRandom"` // Client Random - MasterKey [MASTER_SECRET_MAX_LEN]byte `json:"masterKey"` // Master Key + Secret [MASTER_SECRET_MAX_LEN]byte `json:"secret"` // secret Key // TLS 1.3 CipherId uint32 `json:"cipherId"` // Cipher ID @@ -137,7 +137,7 @@ type MasterSecretBoringSSLEvent struct { ServerHandshakeSecret [EVP_MAX_MD_SIZE]byte `json:"serverHandshakeSecret"` // SERVER_HANDSHAKE_TRAFFIC_SECRET ClientTrafficSecret0 [EVP_MAX_MD_SIZE]byte `json:"clientTrafficSecret0"` // SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_ ServerTrafficSecret0 [EVP_MAX_MD_SIZE]byte `json:"serverTrafficSecret0"` // SERVER_TRAFFIC_SECRET_0 - ExporterMasterSecret [EVP_MAX_MD_SIZE]byte `json:"exporterMasterSecret"` // EXPORTER_SECRET + ExporterSecret [EVP_MAX_MD_SIZE]byte `json:"exporterSecret"` // EXPORTER_SECRET payload string } @@ -149,7 +149,7 @@ func (this *MasterSecretBoringSSLEvent) Decode(payload []byte) (err error) { if err = binary.Read(buf, binary.LittleEndian, &this.ClientRandom); err != nil { return } - if err = binary.Read(buf, binary.LittleEndian, &this.MasterKey); err != nil { + if err = binary.Read(buf, binary.LittleEndian, &this.Secret); err != nil { return } if err = binary.Read(buf, binary.LittleEndian, &this.CipherId); err != nil { @@ -170,10 +170,10 @@ func (this *MasterSecretBoringSSLEvent) Decode(payload []byte) (err error) { if err = binary.Read(buf, binary.LittleEndian, &this.ServerTrafficSecret0); err != nil { return } - if err = binary.Read(buf, binary.LittleEndian, &this.ExporterMasterSecret); err != nil { + if err = binary.Read(buf, binary.LittleEndian, &this.ExporterSecret); err != nil { return } - this.payload = fmt.Sprintf("CLIENT_RANDOM %02x %02x", this.ClientRandom, this.MasterKey) + this.payload = fmt.Sprintf("CLIENT_RANDOM %02x %02x", this.ClientRandom, this.Secret) return nil } diff --git a/user/module/probe_openssl.go b/user/module/probe_openssl.go index d83d65801..47ca2a14c 100644 --- a/user/module/probe_openssl.go +++ b/user/module/probe_openssl.go @@ -586,6 +586,10 @@ func (this *MOpenSSLProbe) saveMasterSecret(secretEvent *event.MasterSecretEvent } } +func (this *MOpenSSLProbe) saveMasterSecretBoringSSL(secretEvent *event.MasterSecretBoringSSLEvent) { + +} + func (this *MOpenSSLProbe) Dispatcher(eventStruct event.IEventStruct) { // detect eventStruct type switch eventStruct.(type) { @@ -593,6 +597,8 @@ func (this *MOpenSSLProbe) Dispatcher(eventStruct event.IEventStruct) { this.AddConn(eventStruct.(*event.ConnDataEvent).Pid, eventStruct.(*event.ConnDataEvent).Fd, eventStruct.(*event.ConnDataEvent).Addr) case *event.MasterSecretEvent: this.saveMasterSecret(eventStruct.(*event.MasterSecretEvent)) + case *event.MasterSecretBoringSSLEvent: + this.saveMasterSecretBoringSSL(eventStruct.(*event.MasterSecretBoringSSLEvent)) case *event.TcSkbEvent: this.dumpTcSkb(eventStruct.(*event.TcSkbEvent)) } From 81603519023152e0ca22d1cc4e6ef326f538744a Mon Sep 17 00:00:00 2001 From: CFC4N Date: Tue, 6 Dec 2022 22:08:43 +0800 Subject: [PATCH 06/13] kern : update boringssl offset calculation add boringssl offset gen script. Signed-off-by: CFC4N --- kern/boringssl_1_1_1_kern.c | 45 +-------- kern/boringssl_const.h | 36 +++++++ kern/boringssl_masterkey.h | 160 ++++++++++---------------------- user/event/event_masterkey.go | 20 ++-- user/module/probe_openssl.go | 72 ++++++++++++-- user/module/probe_openssl_tc.go | 5 +- utils/boringssl_offset_1.1.1.sh | 65 +++++++++++++ utils/openssl_offset_1.1.1.sh | 1 + utils/openssl_offset_3.0.sh | 3 +- 9 files changed, 232 insertions(+), 175 deletions(-) create mode 100644 kern/boringssl_const.h create mode 100755 utils/boringssl_offset_1.1.1.sh diff --git a/kern/boringssl_1_1_1_kern.c b/kern/boringssl_1_1_1_kern.c index 6f54aec48..f1e9a5af0 100644 --- a/kern/boringssl_1_1_1_kern.c +++ b/kern/boringssl_1_1_1_kern.c @@ -4,7 +4,6 @@ /* OPENSSL_VERSION_TEXT: OpenSSL 1.1.1 (compatible; BoringSSL), OPENSSL_VERSION_NUMBER:0x1010107f */ //------------------------------------------ -// android boringssl 版本 // ssl->version 在 ssl_st 结构体中的偏移量 #define SSL_ST_VERSION 0x10 @@ -44,50 +43,8 @@ // bssl::SSL_HANDSHAKE->max_version #define BSSL__SSL_HANDSHAKE_MAX_VERSION 0x1e -// s3->established_session 在 SSL_HANDSHAKE 中的偏移量 -#define SSL_ESTABLISHED_SESSION_OFFSET 456 - -// hs->new_session 在 SSL_HANDSHAKE 中的偏移量 -#define SSL_HS_NEW_SESSION_OFFSET 656 - -// hs->early_session 在 SSL_HANDSHAKE 中的偏移量 -#define SSL_HS_EARLY_SESSION_OFFSET 664 - -// s3->client_random 在 ssl3_state_st 中的偏移量 -#define SSL_S3_CLIENT_RANDOM_OFFSET 48 - - - -/////////////////////////////////////////// DON'T REMOVE THIS CODE BLOCK. ////////////////////////////////////////// - -// SSL_MAX_MD_SIZE is size of the largest hash function used in TLS, SHA-384. -#define SSL_MAX_MD_SIZE 48 - -// memory layout, see README.md for more detail. -// ssl_st->s3->hs -// bssl::SSL_HANDSHAKE->secret_ -#define SSL_HANDSHAKE_SECRET_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*0 - -// bssl::SSL_HANDSHAKE->early_traffic_secret_ -#define SSL_HANDSHAKE_EARLY_TRAFFIC_SECRET_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*1 - -// bssl::SSL_HANDSHAKE->client_handshake_secret_ -#define SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*2 - -// bssl::SSL_HANDSHAKE->server_handshake_secret_ -#define SSL_HANDSHAKE_SERVER_HANDSHAKE_SECRET_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*3 - -// bssl::SSL_HANDSHAKE->client_traffic_secret_0_ -#define SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*4 - -// bssl::SSL_HANDSHAKE->server_traffic_secret_0_ -#define SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*5 - -// bssl::SSL_HANDSHAKE->expected_client_finished_ -#define SSL_HANDSHAKE_EXPECTED_CLIENT_FINISHED_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*6 -/////////////////////////// END /////////////////////////// - #endif +#include "boringssl_const.h" #include "openssl.h" #include "boringssl_masterkey.h" diff --git a/kern/boringssl_const.h b/kern/boringssl_const.h new file mode 100644 index 000000000..fdc17642d --- /dev/null +++ b/kern/boringssl_const.h @@ -0,0 +1,36 @@ +#ifndef ECAPTURE_BORINGSSL_CONST_H +#define ECAPTURE_BORINGSSL_CONST_H + +/////////////////////////////////////////// DON'T REMOVE THIS CODE BLOCK. ////////////////////////////////////////// + +// memory layout from boringssl repo ssl/internal.h line 1720 +// struct of struct SSL_HANDSHAKE + +// SSL_MAX_MD_SIZE is size of the largest hash function used in TLS, SHA-384. +#define SSL_MAX_MD_SIZE 48 + +// ssl_st->s3->hs +// bssl::SSL_HANDSHAKE->secret_ +#define SSL_HANDSHAKE_SECRET_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*0 + +// bssl::SSL_HANDSHAKE->early_traffic_secret_ +#define SSL_HANDSHAKE_EARLY_TRAFFIC_SECRET_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*1 + +// bssl::SSL_HANDSHAKE->client_handshake_secret_ +#define SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*2 + +// bssl::SSL_HANDSHAKE->server_handshake_secret_ +#define SSL_HANDSHAKE_SERVER_HANDSHAKE_SECRET_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*3 + +// bssl::SSL_HANDSHAKE->client_traffic_secret_0_ +#define SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*4 + +// bssl::SSL_HANDSHAKE->server_traffic_secret_0_ +#define SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*5 + +// bssl::SSL_HANDSHAKE->expected_client_finished_ +#define SSL_HANDSHAKE_EXPECTED_CLIENT_FINISHED_ BSSL__SSL_HANDSHAKE_MAX_VERSION+8+SSL_MAX_MD_SIZE*6 + +/////////////////////////// END /////////////////////////// + +#endif \ No newline at end of file diff --git a/kern/boringssl_masterkey.h b/kern/boringssl_masterkey.h index 0d9f0e24a..0b46fad6e 100644 --- a/kern/boringssl_masterkey.h +++ b/kern/boringssl_masterkey.h @@ -15,14 +15,14 @@ #include "ecapture.h" // https://wiki.openssl.org/index.php/TLS1.3 -// 仅openssl 1.1.1 后才支持 TLS 1.3 协议 +// 仅openssl/boringssl 1.1.1 后才支持 TLS 1.3 协议 -// openssl 1.1.1.X 版本相关的常量 +// boringssl 1.1.1 版本相关的常量 #define SSL3_RANDOM_SIZE 32 #define MASTER_SECRET_MAX_LEN 48 #define EVP_MAX_MD_SIZE 64 -struct mastersecret_t { +struct mastersecret_bssl_t { // TLS 1.2 or older s32 version; u8 client_random[SSL3_RANDOM_SIZE]; @@ -67,22 +67,22 @@ struct { struct { __uint(type, BPF_MAP_TYPE_LRU_HASH); __type(key, u64); - __type(value, struct mastersecret_t); + __type(value, struct mastersecret_bssl_t); __uint(max_entries, 2048); } bpf_context SEC(".maps"); struct { __uint(type, BPF_MAP_TYPE_ARRAY); __type(key, u32); - __type(value, struct mastersecret_t); + __type(value, struct mastersecret_bssl_t); __uint(max_entries, 1); } bpf_context_gen SEC(".maps"); /////////////////////////COMMON FUNCTIONS //////////////////////////////// //这个函数用来规避512字节栈空间限制,通过在堆上创建内存的方式,避开限制 -static __always_inline struct mastersecret_t *make_event() { +static __always_inline struct mastersecret_bssl_t *make_event() { u32 key_gen = 0; - struct mastersecret_t *bpf_ctx = + struct mastersecret_bssl_t *bpf_ctx = bpf_map_lookup_elem(&bpf_context_gen, &key_gen); if (!bpf_ctx) return 0; u64 id = bpf_get_current_pid_tgid(); @@ -94,15 +94,7 @@ static __always_inline struct mastersecret_t *make_event() { // SSL_SESSION *SSL_get_session(const SSL *ssl) static __always_inline u64 get_session_addr(void *ssl_st_ptr, u64 s3_address) { u64 tmp_address; - // zero: 优先获取 s3->established_session - u64 *ssl_established_session_ptr = - (u64 *)(s3_address + SSL_ESTABLISHED_SESSION_OFFSET); - int ret = bpf_probe_read_user(&tmp_address, sizeof(tmp_address), - ssl_established_session_ptr); - if (ret == 0 && tmp_address != 0) { - return tmp_address; - } - + int ret; // get hs pointer u64 *ssl_hs_st_ptr = (u64 *)(s3_address + BSSL__SSL3_STATE_HS); ret = bpf_probe_read_user(&tmp_address, sizeof(tmp_address), ssl_hs_st_ptr); @@ -112,28 +104,16 @@ static __always_inline u64 get_session_addr(void *ssl_st_ptr, u64 s3_address) { } debug_bpf_printk("ssl_hs_st_ptr :%llx\n", ssl_hs_st_ptr); - // first: ssl_st->s3->hs->early_session - u64 *ssl_early_session_st_ptr = - (u64 *)(ssl_hs_st_ptr + SSL_HS_EARLY_SESSION_OFFSET); - ret = bpf_probe_read_user(&tmp_address, sizeof(tmp_address), - ssl_early_session_st_ptr); - if (ret == 0 && tmp_address != 0) { - debug_bpf_printk( - "ssl_st->s3->hs->early_session is not null, address :%llx", - tmp_address); - return tmp_address; - } - // second: ssl_st->s3->hs->new_session u64 *ssl_new_session_st_ptr = - (u64 *)(ssl_hs_st_ptr + SSL_HS_NEW_SESSION_OFFSET); + (u64 *)(ssl_hs_st_ptr + BSSL__SSL_HANDSHAKE_NEW_SESSION); ret = bpf_probe_read_user(&tmp_address, sizeof(tmp_address), ssl_new_session_st_ptr); // if ret !=0 or tmp_address == 0 then we try to get the session from // ssl_st if (ret == 0 && tmp_address != 0) { debug_bpf_printk( - "ssl_st->s3->hs->new_session is not null, address :%llx", + "ssl_st->s3->hs->new_session is not null, address :%llx\n", tmp_address); return tmp_address; } @@ -149,7 +129,7 @@ static __always_inline u64 get_session_addr(void *ssl_st_ptr, u64 s3_address) { ssl_st_ptr, ssl_new_session_st_ptr, ret); return 0; } - debug_bpf_printk("ssl_st:%llx, ssl_st->session is not null, address :%llx", + debug_bpf_printk("ssl_st:%llx, ssl_st->session is not null, address :%llx\n", ssl_st_ptr, tmp_address); return tmp_address; } @@ -173,8 +153,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) { #endif debug_bpf_printk("openssl uprobe/SSL_write masterKey PID :%d\n", pid); - // mastersecret_t sent to userspace - struct mastersecret_t *mastersecret = make_event(); + // mastersecret_bssl_t sent to userspace + struct mastersecret_bssl_t *mastersecret = make_event(); // Get a ssl_st pointer void *ssl_st_ptr = (void *)PT_REGS_PARM1(ctx); if (!mastersecret) { @@ -206,6 +186,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } s3_address = address; + debug_bpf_printk("s3_address :%llx\n",s3_address); + struct ssl3_state_st ssl3_stat; ret = bpf_probe_read_user(&ssl3_stat, sizeof(ssl3_stat), (void *)address); if (ret) { @@ -225,89 +207,24 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } - // Get ssl_session_st pointer - u64 *ssl_session_st_ptr; - u64 ssl_session_st_addr; - ssl_session_st_addr = get_session_addr(ssl_st_ptr, s3_address); - if (ssl_session_st_addr == 0) { - debug_bpf_printk("ssl_session_st_addr is null\n"); - return 0; - } - debug_bpf_printk("ssl_session_st_addr addr :%d",ssl_session_st_addr); - // get s3->hs address first - u64 ssl_hs_st_addr; - u64 *ssl_hs_st_ptr = (u64 *)(s3_address + BSSL__SSL3_STATE_HS); - ret = bpf_probe_read_user(&ssl_hs_st_addr, sizeof(ssl_hs_st_addr), ssl_hs_st_ptr); - if (ret) { - debug_bpf_printk("bpf_probe_read ssl_hs_st_ptr failed, ret :%d\n", ret); - return 0; - } - - // TODO - debug_bpf_printk("s3_address:%d, ssl_hs_st_ptr :%llx, ssl_hs_st_addr:%llx\n", s3_address, ssl_hs_st_ptr, ssl_hs_st_addr); - - void *hs_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_); - ret = bpf_probe_read_user(&mastersecret->client_handshake_secret_, - sizeof(mastersecret->client_handshake_secret_), - (void *)hs_ptr_tls13); - if (ret) { - debug_bpf_printk( - "bpf_probe_read SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_ failed, ret :%d\n", ret); - return 0; - } - - ///////////////////////// get TLS cipher info //////////////////// - // Get SSL_SESSION->cipher pointer - u64 *ssl_cipher_st_ptr = - (u64 *)(ssl_session_st_addr + SSL_SESSION_ST_CIPHER); - - // get cipher_suite_st pointer - debug_bpf_printk("cipher_suite_st pointer: %x\n", ssl_cipher_st_ptr); - ret = bpf_probe_read_user(&address, sizeof(address), ssl_cipher_st_ptr); - if (ret || address == 0) { - debug_bpf_printk( - "bpf_probe_read ssl_cipher_st_ptr failed, ret :%d, address:%x\n", - ret, address); - // return 0; - void *cipher_id_ptr = - (void *)(address + SSL_CIPHER_ST_ID); - ret = - bpf_probe_read_user(&mastersecret->cipher_id, - sizeof(mastersecret->cipher_id), cipher_id_ptr); - if (ret) { - debug_bpf_printk( - "bpf_probe_read SSL_CIPHER_ST_ID failed from " - "ssl_cipher_st->id, ret :%d\n", - ret); - return 0; - } - } else { - debug_bpf_printk("cipher_suite_st value: %x\n", address); - void *cipher_id_ptr = (void *)(address + SSL_CIPHER_ST_ID); - ret = - bpf_probe_read_user(&mastersecret->cipher_id, - sizeof(mastersecret->cipher_id), cipher_id_ptr); - if (ret) { - debug_bpf_printk( - "bpf_probe_read SSL_CIPHER_ST_ID failed from " - "ssl_cipher_st->id, ret :%d\n", - ret); - return 0; - } - } - - debug_bpf_printk("cipher_id: %d\n", mastersecret->cipher_id); - - ///////////////////////// get TLS 1.2 master secret //////////////////// if (mastersecret->version != TLS1_3_VERSION) { - void *ms_ptr = - (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_SECRET_); + // Get ssl_session_st pointer + u64 *ssl_session_st_ptr; + u64 ssl_session_st_addr; + ssl_session_st_addr = get_session_addr(ssl_st_ptr, s3_address); + if (ssl_session_st_addr == 0) { + debug_bpf_printk("ssl_session_st_addr is null\n"); + return 0; + } + debug_bpf_printk("s3_address:%llx, ssl_session_st_addr addr :%llx\n", s3_address, ssl_session_st_addr); + u64 *ms_ptr = + (u64 *)(ssl_session_st_addr + SSL_SESSION_ST_SECRET); ret = bpf_probe_read_user(&mastersecret->secret_, sizeof(mastersecret->secret_), ms_ptr); if (ret) { debug_bpf_printk( - "bpf_probe_read MASTER_KEY_OFFSET failed, ms_ptr:%llx, ret " + "bpf_probe_read SSL_SESSION_ST_SECRET failed, ms_ptr:%llx, ret " ":%d\n", ms_ptr, ret); return 0; @@ -318,11 +235,30 @@ int probe_ssl_master_key(struct pt_regs *ctx) { mastersecret->secret_[2]); bpf_perf_event_output(ctx, &mastersecret_events, BPF_F_CURRENT_CPU, - mastersecret, sizeof(struct mastersecret_t)); + mastersecret, sizeof(struct mastersecret_bssl_t)); return 0; } +// get s3->hs address first + u64 ssl_hs_st_addr; + u64 *ssl_hs_st_ptr = (u64 *)(s3_address + BSSL__SSL3_STATE_HS); + ret = bpf_probe_read_user(&ssl_hs_st_addr, sizeof(ssl_hs_st_addr), ssl_hs_st_ptr); + if (ret) { + debug_bpf_printk("bpf_probe_read ssl_hs_st_ptr failed, ret :%d\n", ret); + return 0; + } + + void *hs_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_); + ret = bpf_probe_read_user(&mastersecret->client_handshake_secret_, + sizeof(mastersecret->client_handshake_secret_), + (void *)hs_ptr_tls13); + if (ret) { + debug_bpf_printk( + "bpf_probe_read SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_ failed, ret :%d\n", ret); + return 0; + } + //////////////////// TLS 1.3 master secret //////////////////////// void *hth_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_); @@ -372,6 +308,6 @@ int probe_ssl_master_key(struct pt_regs *ctx) { "*****master_secret*****: %x %x %x\n", mastersecret->secret_[0], mastersecret->secret_[1], mastersecret->secret_[2]); bpf_perf_event_output(ctx, &mastersecret_events, BPF_F_CURRENT_CPU, - mastersecret, sizeof(struct mastersecret_t)); + mastersecret, sizeof(struct mastersecret_bssl_t)); return 0; } \ No newline at end of file diff --git a/user/event/event_masterkey.go b/user/event/event_masterkey.go index 56249146f..2ef9bafe8 100644 --- a/user/event/event_masterkey.go +++ b/user/event/event_masterkey.go @@ -122,13 +122,13 @@ func (this *MasterSecretEvent) PayloadLen() int { } // for BoringSSL TLS 1.3 -type MasterSecretBoringSSLEvent struct { +type MasterSecretBSSLEvent struct { event_type EventType Version int32 `json:"version"` // TLS Version // TLS 1.2 or older ClientRandom [SSL3_RANDOM_SIZE]byte `json:"clientRandom"` // Client Random - Secret [MASTER_SECRET_MAX_LEN]byte `json:"secret"` // secret Key + Secret [MASTER_SECRET_MAX_LEN]byte `json:"secret"` // secret Key // TLS 1.3 CipherId uint32 `json:"cipherId"` // Cipher ID @@ -141,7 +141,7 @@ type MasterSecretBoringSSLEvent struct { payload string } -func (this *MasterSecretBoringSSLEvent) Decode(payload []byte) (err error) { +func (this *MasterSecretBSSLEvent) Decode(payload []byte) (err error) { buf := bytes.NewBuffer(payload) if err = binary.Read(buf, binary.LittleEndian, &this.Version); err != nil { return @@ -177,7 +177,7 @@ func (this *MasterSecretBoringSSLEvent) Decode(payload []byte) (err error) { return nil } -func (this *MasterSecretBoringSSLEvent) StringHex() string { +func (this *MasterSecretBSSLEvent) StringHex() string { v := TlsVersion{ Version: this.Version, } @@ -185,7 +185,7 @@ func (this *MasterSecretBoringSSLEvent) StringHex() string { return s } -func (this *MasterSecretBoringSSLEvent) String() string { +func (this *MasterSecretBSSLEvent) String() string { v := TlsVersion{ Version: this.Version, } @@ -193,24 +193,24 @@ func (this *MasterSecretBoringSSLEvent) String() string { return s } -func (this *MasterSecretBoringSSLEvent) Clone() IEventStruct { +func (this *MasterSecretBSSLEvent) Clone() IEventStruct { event := new(MasterSecretEvent) event.event_type = EventTypeModuleData return event } -func (this *MasterSecretBoringSSLEvent) EventType() EventType { +func (this *MasterSecretBSSLEvent) EventType() EventType { return this.event_type } -func (this *MasterSecretBoringSSLEvent) GetUUID() string { +func (this *MasterSecretBSSLEvent) GetUUID() string { return fmt.Sprintf("%02X", this.ClientRandom) } -func (this *MasterSecretBoringSSLEvent) Payload() []byte { +func (this *MasterSecretBSSLEvent) Payload() []byte { return []byte(this.payload) } -func (this *MasterSecretBoringSSLEvent) PayloadLen() int { +func (this *MasterSecretBSSLEvent) PayloadLen() int { return len(this.payload) } diff --git a/user/module/probe_openssl.go b/user/module/probe_openssl.go index 47ca2a14c..c32fc7f51 100644 --- a/user/module/probe_openssl.go +++ b/user/module/probe_openssl.go @@ -82,6 +82,7 @@ type MOpenSSLProbe struct { sslVersionBpfMap map[string]string // bpf map key: ssl version, value: bpf map key sslBpfFile string // ssl bpf file + isBoringSSL bool // } // 对象初始化 @@ -138,6 +139,12 @@ func (this *MOpenSSLProbe) Init(ctx context.Context, logger *log.Logger, conf co // getSslBpfFile 根据sslVersion参数,获取对应的bpf文件 func (this *MOpenSSLProbe) getSslBpfFile(soPath, sslVersion string) error { + defer func() { + if strings.Contains(this.sslBpfFile, "boringssl") { + this.isBoringSSL = true + } + }() + if sslVersion != "" { this.logger.Printf("%s\tOpenSSL/BoringSSL version: %s\n", this.Name(), sslVersion) bpfFile, found := this.sslVersionBpfMap[sslVersion] @@ -449,9 +456,17 @@ func (this *MOpenSSLProbe) initDecodeFun() error { return errors.New("cant found map:mastersecret_events") } this.eventMaps = append(this.eventMaps, MasterkeyEventsMap) - masterkeyEvent := &event.MasterSecretEvent{} + + var masterkeyEvent event.IEventStruct + + if this.isBoringSSL { + masterkeyEvent = &event.MasterSecretBSSLEvent{} + } else { + masterkeyEvent = &event.MasterSecretEvent{} + } //masterkeyEvent.SetModule(this) this.eventFuncMaps[MasterkeyEventsMap] = masterkeyEvent + return nil } @@ -575,19 +590,64 @@ func (this *MOpenSSLProbe) saveMasterSecret(secretEvent *event.MasterSecretEvent // switch this.eBPFProgramType { case EbpfprogramtypeOpensslTc: - this.logger.Printf("%s: save CLIENT_RANDOM %02x to file success, %d bytes", v.String(), secretEvent.ClientRandom, l) e = this.savePcapngSslKeyLog(b.Bytes()) if e != nil { this.logger.Fatalf("%s: save CLIENT_RANDOM to pcapng error:%s", v.String(), e.Error()) return } default: - this.logger.Printf("%s: save CLIENT_RANDOM %02x to file success, %d bytes", v.String(), secretEvent.ClientRandom, l) } + this.logger.Printf("%s: save CLIENT_RANDOM %02x to file success, %d bytes", v.String(), secretEvent.ClientRandom, l) } -func (this *MOpenSSLProbe) saveMasterSecretBoringSSL(secretEvent *event.MasterSecretBoringSSLEvent) { +func (this *MOpenSSLProbe) saveMasterSecretBSSL(secretEvent *event.MasterSecretBSSLEvent) { + var k = fmt.Sprintf("%02x", secretEvent.ClientRandom) + + _, f := this.masterKeys[k] + if f { + // 已存在该随机数的masterSecret,不需要重复写入 + return + } + this.masterKeys[k] = true + + // save to file + var b *bytes.Buffer + switch secretEvent.Version { + case event.TLS1_2_VERSION: + b = bytes.NewBufferString(fmt.Sprintf("%s %02x %02x\n", hkdf.KeyLogLabelTLS12, secretEvent.ClientRandom, secretEvent.Secret)) + case event.TLS1_3_VERSION: + var length int + length = 32 + + b = bytes.NewBufferString(fmt.Sprintf("%s %02x %02x\n", hkdf.KeyLogLabelClientHandshake, secretEvent.ClientRandom, secretEvent.ClientHandshakeSecret[:length])) + b.WriteString(fmt.Sprintf("%s %02x %02x\n", hkdf.KeyLogLabelClientEarlyTafficSecret, secretEvent.ClientRandom, secretEvent.EarlyTrafficSecret[:length])) + b.WriteString(fmt.Sprintf("%s %02x %02x\n", hkdf.KeyLogLabelClientTraffic, secretEvent.ClientRandom, secretEvent.ClientTrafficSecret0[:length])) + b.WriteString(fmt.Sprintf("%s %02x %02x\n", hkdf.KeyLogLabelServerHandshake, secretEvent.ClientRandom, secretEvent.ServerHandshakeSecret[:length])) + b.WriteString(fmt.Sprintf("%s %02x %02x\n", hkdf.KeyLogLabelServerTraffic, secretEvent.ClientRandom, secretEvent.ServerTrafficSecret0[:length])) + b.WriteString(fmt.Sprintf("%s %02x %02x\n", hkdf.KeyLogLabelExporterSecret, secretEvent.ClientRandom, secretEvent.ExporterSecret[:length])) + + default: + b = bytes.NewBufferString(fmt.Sprintf("%s %02x %02x\n", hkdf.KeyLogLabelTLS12, secretEvent.ClientRandom, secretEvent.Secret)) + } + v := event.TlsVersion{Version: secretEvent.Version} + l, e := this.keylogger.WriteString(b.String()) + if e != nil { + this.logger.Fatalf("%s: save CLIENT_RANDOM to file error:%s", v.String(), e.Error()) + return + } + // + switch this.eBPFProgramType { + case EbpfprogramtypeOpensslTc: + this.logger.Printf("%s: save CLIENT_RANDOM %02x to file success, %d bytes", v.String(), secretEvent.ClientRandom, l) + e = this.savePcapngSslKeyLog(b.Bytes()) + if e != nil { + this.logger.Fatalf("%s: save CLIENT_RANDOM to pcapng error:%s", v.String(), e.Error()) + return + } + default: + this.logger.Printf("%s: save CLIENT_RANDOM %02x to file success, %d bytes", v.String(), secretEvent.ClientRandom, l) + } } func (this *MOpenSSLProbe) Dispatcher(eventStruct event.IEventStruct) { @@ -597,8 +657,8 @@ func (this *MOpenSSLProbe) Dispatcher(eventStruct event.IEventStruct) { this.AddConn(eventStruct.(*event.ConnDataEvent).Pid, eventStruct.(*event.ConnDataEvent).Fd, eventStruct.(*event.ConnDataEvent).Addr) case *event.MasterSecretEvent: this.saveMasterSecret(eventStruct.(*event.MasterSecretEvent)) - case *event.MasterSecretBoringSSLEvent: - this.saveMasterSecretBoringSSL(eventStruct.(*event.MasterSecretBoringSSLEvent)) + case *event.MasterSecretBSSLEvent: + this.saveMasterSecretBSSL(eventStruct.(*event.MasterSecretBSSLEvent)) case *event.TcSkbEvent: this.dumpTcSkb(eventStruct.(*event.TcSkbEvent)) } diff --git a/user/module/probe_openssl_tc.go b/user/module/probe_openssl_tc.go index 5709be541..d6180824d 100644 --- a/user/module/probe_openssl_tc.go +++ b/user/module/probe_openssl_tc.go @@ -135,8 +135,9 @@ func (this *MOpenSSLProbe) setupManagersTC() error { Section: "uprobe/SSL_write_key", EbpfFuncName: "probe_ssl_master_key", AttachToFuncName: PROBE_OPENSSL_MASTERKEY_FUNC, // SSL_do_handshake or SSL_write - BinaryPath: binaryPath, - UID: "uprobe_ssl_master_key", + //AttachToFuncName: "SSL_do_handshake", // SSL_do_handshake or SSL_write + BinaryPath: binaryPath, + UID: "uprobe_ssl_master_key", }, }, diff --git a/utils/boringssl_offset_1.1.1.sh b/utils/boringssl_offset_1.1.1.sh new file mode 100755 index 000000000..b9be659e7 --- /dev/null +++ b/utils/boringssl_offset_1.1.1.sh @@ -0,0 +1,65 @@ +#!/usr/bin/env bash +set -e + +PROJECT_ROOT_DIR=$(pwd) +BORINGSSL_DIR="${PROJECT_ROOT_DIR}/deps/boringssl" +OUTPUT_DIR="${PROJECT_ROOT_DIR}/kern" + +if [[ ! -f "go.mod" ]]; then + echo "Run the script from the project root directory" + exit 1 +fi + +# skip cloning if the header file of the max supported version is already generated +if [[ ! -f "${OUTPUT_DIR}/boringssl_1_1_1_kern.c" ]]; then + # skip cloning if the openssl directory already exists + if [[ ! -d "${BORINGSSL_DIR}" ]]; then + git clone https://github.com/google/boringssl.git ${BORINGSSL_DIR} + fi +fi + +function run() { + git fetch --tags + cp -f ${PROJECT_ROOT_DIR}/utils/boringssl-offset.c ${BORINGSSL_DIR}/offset.c + declare -A sslVerMap=() + sslVerMap["0"]="0" + + # shellcheck disable=SC2068 + for ver in ${!sslVerMap[@]}; do +# tag="openssl-3.0.${ver}" +# val=${sslVerMap[$ver]} + header_file="${OUTPUT_DIR}/boringssl_1_1_1_kern.c" + header_define="BORINGSSL_1_1_1_KERN_H" + + if [[ -f ${header_file} ]]; then + echo "Skip ${header_file}" + continue + fi + +# git checkout ${tag} + echo "Generating ${header_file}" + + cmake . + + g++ -I include/ -I . offset.c -o offset + + echo -e "#ifndef ECAPTURE_${header_define}" >${header_file} + echo -e "#define ECAPTURE_${header_define}\n" >>${header_file} + ./offset >>${header_file} + echo -e "#include \"boringssl_const.h\"" >>${header_file} + echo -e "#include \"openssl.h\"" >>${header_file} + echo -e "#include \"boringssl_masterkey.h\"" >>${header_file} + echo -e "\n#endif\n" >>${header_file} + + # clean up + make clean + + done + + rm offset.c +} + +pushd ${BORINGSSL_DIR} +(run) +[[ "$?" != 0 ]] && popd +popd diff --git a/utils/openssl_offset_1.1.1.sh b/utils/openssl_offset_1.1.1.sh index 33bd1c06c..8a441c40a 100755 --- a/utils/openssl_offset_1.1.1.sh +++ b/utils/openssl_offset_1.1.1.sh @@ -48,6 +48,7 @@ function run() { # exit 0 # for ver in {a..r}; do + # shellcheck disable=SC2068 for ver in ${!sslVerMap[@]}; do tag="OpenSSL_1_1_1${ver}" val=${sslVerMap[$ver]} diff --git a/utils/openssl_offset_3.0.sh b/utils/openssl_offset_3.0.sh index d819d8d74..fef3cc1ee 100755 --- a/utils/openssl_offset_3.0.sh +++ b/utils/openssl_offset_3.0.sh @@ -31,6 +31,7 @@ function run() { sslVerMap["6"]="0" sslVerMap["7"]="0" + # shellcheck disable=SC2068 for ver in ${!sslVerMap[@]}; do tag="openssl-3.0.${ver}" val=${sslVerMap[$ver]} @@ -55,7 +56,7 @@ function run() { make build_generated - clang -I include/ -I . offset.c -o offset $flag + clang -I include/ -I . offset.c -o offset echo -e "#ifndef ECAPTURE_${header_define}" >${header_file} echo -e "#define ECAPTURE_${header_define}\n" >>${header_file} From 6696db32de6eb2194caf206c49de5eaa8804ec19 Mon Sep 17 00:00:00 2001 From: CFC4N Date: Thu, 8 Dec 2022 21:38:25 +0800 Subject: [PATCH 07/13] update git repo exist check condition. Signed-off-by: CFC4N --- utils/openssl_offset_1.0.2.sh | 2 +- utils/openssl_offset_1.1.0.sh | 2 +- utils/openssl_offset_1.1.1.sh | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/utils/openssl_offset_1.0.2.sh b/utils/openssl_offset_1.0.2.sh index 953c757f2..1e06b68e9 100755 --- a/utils/openssl_offset_1.0.2.sh +++ b/utils/openssl_offset_1.0.2.sh @@ -11,7 +11,7 @@ if [[ ! -f "go.mod" ]]; then fi # skip cloning if the header file of the max supported version is already generated -if [[ ! -f "${OUTPUT_DIR}/openssl_1_0_2a_kern.c" ]]; then +if [[ ! -f "${OPENSSL_DIR}/.git" ]]; then # skip cloning if the openssl directory already exists if [[ ! -d "${OPENSSL_DIR}" ]]; then git clone https://github.com/openssl/openssl.git ${OPENSSL_DIR} diff --git a/utils/openssl_offset_1.1.0.sh b/utils/openssl_offset_1.1.0.sh index 17f016bc9..871f1e157 100755 --- a/utils/openssl_offset_1.1.0.sh +++ b/utils/openssl_offset_1.1.0.sh @@ -11,7 +11,7 @@ if [[ ! -f "go.mod" ]]; then fi # skip cloning if the header file of the max supported version is already generated -if [[ ! -f "${OUTPUT_DIR}/openssl_1_1_0a_kern.c" ]]; then +if [[ ! -f "${OPENSSL_DIR}/.git" ]]; then # skip cloning if the openssl directory already exists if [[ ! -d "${OPENSSL_DIR}" ]]; then git clone https://github.com/openssl/openssl.git ${OPENSSL_DIR} diff --git a/utils/openssl_offset_1.1.1.sh b/utils/openssl_offset_1.1.1.sh index 8a441c40a..751b78b93 100755 --- a/utils/openssl_offset_1.1.1.sh +++ b/utils/openssl_offset_1.1.1.sh @@ -11,7 +11,7 @@ if [[ ! -f "go.mod" ]]; then fi # skip cloning if the header file of the max supported version is already generated -if [[ ! -f "${OUTPUT_DIR}/openssl_1_1_1j_kern.c" ]]; then +if [[ ! -f "${OPENSSL_DIR}/.git" ]]; then # skip cloning if the openssl directory already exists if [[ ! -d "${OPENSSL_DIR}" ]]; then git clone https://github.com/openssl/openssl.git ${OPENSSL_DIR} From fb8510669ccbad3c631f3c1c9c0661cf73e8dd4d Mon Sep 17 00:00:00 2001 From: CFC4N Date: Thu, 8 Dec 2022 21:40:44 +0800 Subject: [PATCH 08/13] update boringssl offset for android boringssl, different from https://boringssl.googlesource.com/boringssl Signed-off-by: CFC4N --- kern/boringssl_1_1_1_kern.c | 26 +++++++++++++------------- utils/boringssl_offset_1.1.1.sh | 14 +++++++++----- 2 files changed, 22 insertions(+), 18 deletions(-) diff --git a/kern/boringssl_1_1_1_kern.c b/kern/boringssl_1_1_1_kern.c index f1e9a5af0..6c80217f8 100644 --- a/kern/boringssl_1_1_1_kern.c +++ b/kern/boringssl_1_1_1_kern.c @@ -1,16 +1,15 @@ -#ifndef ECAPTURE_BORINGSSL_1_1_1_H -#define ECAPTURE_BORINGSSL_1_1_1_H +#ifndef ECAPTURE_BORINGSSL_1_1_1_KERN_H +#define ECAPTURE_BORINGSSL_1_1_1_KERN_H -/* OPENSSL_VERSION_TEXT: OpenSSL 1.1.1 (compatible; BoringSSL), OPENSSL_VERSION_NUMBER:0x1010107f */ +/* OPENSSL_VERSION_TEXT: OpenSSL 1.1.1 (compatible; BoringSSL), OPENSSL_VERSION_NUMBER: 269488255 */ -//------------------------------------------ -// ssl->version 在 ssl_st 结构体中的偏移量 +// ssl_st->version #define SSL_ST_VERSION 0x10 -// ssl->session 在 ssl_st 结构中的偏移量 +// ssl_st->session #define SSL_ST_SESSION 0x58 -// ssl->s3 在 ssl_st中的偏移量 +// ssl_st->s3 #define SSL_ST_S3 0x30 // ssl_session_st->secret @@ -26,25 +25,26 @@ #define SSL_CIPHER_ST_ID 0x10 // bssl::SSL3_STATE->hs -#define BSSL__SSL3_STATE_HS 0x118 +#define BSSL__SSL3_STATE_HS 0x110 // bssl::SSL3_STATE->client_random #define BSSL__SSL3_STATE_CLIENT_RANDOM 0x30 // bssl::SSL_HANDSHAKE->new_session -#define BSSL__SSL_HANDSHAKE_NEW_SESSION 0x5f0 +#define BSSL__SSL_HANDSHAKE_NEW_SESSION 0x5d8 // bssl::SSL_HANDSHAKE->early_session -#define BSSL__SSL_HANDSHAKE_EARLY_SESSION 0x5f8 +#define BSSL__SSL_HANDSHAKE_EARLY_SESSION 0x5e0 // bssl::SSL3_STATE->established_session -#define BSSL__SSL3_STATE_ESTABLISHED_SESSION 0x1d0 +#define BSSL__SSL3_STATE_ESTABLISHED_SESSION 0x1c8 // bssl::SSL_HANDSHAKE->max_version #define BSSL__SSL_HANDSHAKE_MAX_VERSION 0x1e -#endif - #include "boringssl_const.h" #include "openssl.h" #include "boringssl_masterkey.h" + +#endif + diff --git a/utils/boringssl_offset_1.1.1.sh b/utils/boringssl_offset_1.1.1.sh index b9be659e7..521061d96 100755 --- a/utils/boringssl_offset_1.1.1.sh +++ b/utils/boringssl_offset_1.1.1.sh @@ -11,10 +11,11 @@ if [[ ! -f "go.mod" ]]; then fi # skip cloning if the header file of the max supported version is already generated -if [[ ! -f "${OUTPUT_DIR}/boringssl_1_1_1_kern.c" ]]; then +if [[ ! -d "${BORINGSSL_DIR}/.git" ]]; then # skip cloning if the openssl directory already exists if [[ ! -d "${BORINGSSL_DIR}" ]]; then - git clone https://github.com/google/boringssl.git ${BORINGSSL_DIR} +# git clone https://github.com/google/boringssl.git ${BORINGSSL_DIR} + git clone https://android.googlesource.com/platform/external/boringssl ${BORINGSSL_DIR} fi fi @@ -22,9 +23,14 @@ function run() { git fetch --tags cp -f ${PROJECT_ROOT_DIR}/utils/boringssl-offset.c ${BORINGSSL_DIR}/offset.c declare -A sslVerMap=() + # get all commit about ssl/internel.h who commit date > Apr 25 23:00:0 2021 (android 12 release) + # see https://android.googlesource.com/platform/external/boringssl/+/refs/heads/android12-release . + # range commit id from 160e1757ccacbde7488b145070eca94f2c370de2 + # this repo is different from https://boringssl.googlesource.com/boringssl sslVerMap["0"]="0" # shellcheck disable=SC2068 + # shellcheck disable=SC2034 for ver in ${!sslVerMap[@]}; do # tag="openssl-3.0.${ver}" # val=${sslVerMap[$ver]} @@ -39,9 +45,7 @@ function run() { # git checkout ${tag} echo "Generating ${header_file}" - cmake . - - g++ -I include/ -I . offset.c -o offset + g++ -I include/ -I ./src/ offset.c -o offset echo -e "#ifndef ECAPTURE_${header_define}" >${header_file} echo -e "#define ECAPTURE_${header_define}\n" >>${header_file} From bf139ee9fb25ba87914bfa25ec0f779564919832 Mon Sep 17 00:00:00 2001 From: CFC4N Date: Fri, 9 Dec 2022 22:09:02 +0800 Subject: [PATCH 09/13] make format Signed-off-by: CFC4N --- kern/boringssl_masterkey.h | 97 ++++++++++++++++++++++++--------- kern/openssl_masterkey.h | 14 +++-- kern/openssl_masterkey_3.0.h | 14 +++-- user/module/const.go | 5 ++ user/module/const_androidgki.go | 27 --------- user/module/const_linux.go | 27 --------- user/module/probe_openssl.go | 7 ++- user/module/probe_openssl_tc.go | 8 +-- utils/boringssl_offset_1.1.1.sh | 8 ++- 9 files changed, 107 insertions(+), 100 deletions(-) delete mode 100644 user/module/const_androidgki.go delete mode 100644 user/module/const_linux.go diff --git a/kern/boringssl_masterkey.h b/kern/boringssl_masterkey.h index 0b46fad6e..efcb250b0 100644 --- a/kern/boringssl_masterkey.h +++ b/kern/boringssl_masterkey.h @@ -79,7 +79,7 @@ struct { } bpf_context_gen SEC(".maps"); /////////////////////////COMMON FUNCTIONS //////////////////////////////// -//这个函数用来规避512字节栈空间限制,通过在堆上创建内存的方式,避开限制 +// 这个函数用来规避512字节栈空间限制,通过在堆上创建内存的方式,避开限制 static __always_inline struct mastersecret_bssl_t *make_event() { u32 key_gen = 0; struct mastersecret_bssl_t *bpf_ctx = @@ -92,9 +92,18 @@ static __always_inline struct mastersecret_bssl_t *make_event() { // in boringssl, the master secret is stored in src/ssl/ssl_session.cc // SSL_SESSION *SSL_get_session(const SSL *ssl) +// ssl_handshake_session static __always_inline u64 get_session_addr(void *ssl_st_ptr, u64 s3_address) { u64 tmp_address; int ret; + // zero: 优先获取 s3->established_session + u64 *ssl_established_session_ptr = + (u64 *)(s3_address + BSSL__SSL3_STATE_ESTABLISHED_SESSION); + ret = bpf_probe_read_user(&tmp_address, sizeof(tmp_address), + ssl_established_session_ptr); + if (ret == 0 && tmp_address != 0) { + return tmp_address; + } // get hs pointer u64 *ssl_hs_st_ptr = (u64 *)(s3_address + BSSL__SSL3_STATE_HS); ret = bpf_probe_read_user(&tmp_address, sizeof(tmp_address), ssl_hs_st_ptr); @@ -104,6 +113,17 @@ static __always_inline u64 get_session_addr(void *ssl_st_ptr, u64 s3_address) { } debug_bpf_printk("ssl_hs_st_ptr :%llx\n", ssl_hs_st_ptr); + // first: ssl_st->s3->hs->early_session + u64 *ssl_early_session_st_ptr = + (u64 *)(ssl_hs_st_ptr + BSSL__SSL_HANDSHAKE_EARLY_SESSION); + ret = bpf_probe_read_user(&tmp_address, sizeof(tmp_address), + ssl_early_session_st_ptr); + if (ret == 0 && tmp_address != 0) { + debug_bpf_printk( + "ssl_st->s3->hs->early_session is not null, address :%llx", + tmp_address); + return tmp_address; + } // second: ssl_st->s3->hs->new_session u64 *ssl_new_session_st_ptr = (u64 *)(ssl_hs_st_ptr + BSSL__SSL_HANDSHAKE_NEW_SESSION); @@ -129,8 +149,9 @@ static __always_inline u64 get_session_addr(void *ssl_st_ptr, u64 s3_address) { ssl_st_ptr, ssl_new_session_st_ptr, ret); return 0; } - debug_bpf_printk("ssl_st:%llx, ssl_st->session is not null, address :%llx\n", - ssl_st_ptr, tmp_address); + debug_bpf_printk( + "ssl_st:%llx, ssl_st->session is not null, address :%llx\n", ssl_st_ptr, + tmp_address); return tmp_address; } @@ -186,7 +207,7 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } s3_address = address; - debug_bpf_printk("s3_address :%llx\n",s3_address); + debug_bpf_printk("s3_address :%llx\n", s3_address); struct ssl3_state_st ssl3_stat; ret = bpf_probe_read_user(&ssl3_stat, sizeof(ssl3_stat), (void *)address); @@ -210,16 +231,30 @@ int probe_ssl_master_key(struct pt_regs *ctx) { ///////////////////////// get TLS 1.2 master secret //////////////////// if (mastersecret->version != TLS1_3_VERSION) { // Get ssl_session_st pointer - u64 *ssl_session_st_ptr; +// u64 *ssl_session_st_ptr; u64 ssl_session_st_addr; ssl_session_st_addr = get_session_addr(ssl_st_ptr, s3_address); if (ssl_session_st_addr == 0) { debug_bpf_printk("ssl_session_st_addr is null\n"); return 0; } - debug_bpf_printk("s3_address:%llx, ssl_session_st_addr addr :%llx\n", s3_address, ssl_session_st_addr); - u64 *ms_ptr = - (u64 *)(ssl_session_st_addr + SSL_SESSION_ST_SECRET); + debug_bpf_printk("s3_address:%llx, ssl_session_st_addr addr :%llx\n", + s3_address, ssl_session_st_addr); + + s32 secret_length; + u64 *ms_len_ptr = (u64 *)(ssl_session_st_addr + SSL_SESSION_ST_SECRET_LENGTH); + ret = bpf_probe_read_user(&secret_length, + sizeof(secret_length), ms_len_ptr); + if (ret) { + debug_bpf_printk( + "bpf_probe_read SSL_SESSION_ST_SECRET_LENGTH failed, ms_len_ptr:%llx, ret " + ":%d\n", + ms_len_ptr, ret); + return 0; + } + debug_bpf_printk(" secret_length:%d\n",secret_length); + + u64 *ms_ptr = (u64 *)(ssl_session_st_addr + SSL_SESSION_ST_SECRET); ret = bpf_probe_read_user(&mastersecret->secret_, sizeof(mastersecret->secret_), ms_ptr); if (ret) { @@ -231,82 +266,92 @@ int probe_ssl_master_key(struct pt_regs *ctx) { } debug_bpf_printk("master_key: %x %x %x\n", mastersecret->secret_[0], - mastersecret->secret_[1], - mastersecret->secret_[2]); + mastersecret->secret_[1], mastersecret->secret_[2]); bpf_perf_event_output(ctx, &mastersecret_events, BPF_F_CURRENT_CPU, mastersecret, sizeof(struct mastersecret_bssl_t)); return 0; } - -// get s3->hs address first + // get s3->hs address first u64 ssl_hs_st_addr; u64 *ssl_hs_st_ptr = (u64 *)(s3_address + BSSL__SSL3_STATE_HS); - ret = bpf_probe_read_user(&ssl_hs_st_addr, sizeof(ssl_hs_st_addr), ssl_hs_st_ptr); + ret = bpf_probe_read_user(&ssl_hs_st_addr, sizeof(ssl_hs_st_addr), + ssl_hs_st_ptr); if (ret) { debug_bpf_printk("bpf_probe_read ssl_hs_st_ptr failed, ret :%d\n", ret); return 0; } - void *hs_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_); + void *hs_ptr_tls13 = + (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_); ret = bpf_probe_read_user(&mastersecret->client_handshake_secret_, sizeof(mastersecret->client_handshake_secret_), (void *)hs_ptr_tls13); if (ret) { debug_bpf_printk( - "bpf_probe_read SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_ failed, ret :%d\n", ret); + "bpf_probe_read SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_ failed, ret " + ":%d\n", + ret); return 0; } //////////////////// TLS 1.3 master secret //////////////////////// - void *hth_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_); + void *hth_ptr_tls13 = + (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_); ret = bpf_probe_read_user(&mastersecret->server_handshake_secret_, sizeof(mastersecret->server_handshake_secret_), (void *)hth_ptr_tls13); if (ret) { debug_bpf_printk( - "bpf_probe_read SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_ failed, ret :%d\n", + "bpf_probe_read SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_ failed, ret " + ":%d\n", ret); return 0; } - void *cats_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_); + void *cats_ptr_tls13 = + (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_); ret = bpf_probe_read_user(&mastersecret->client_traffic_secret_0_, sizeof(mastersecret->client_traffic_secret_0_), (void *)cats_ptr_tls13); if (ret) { debug_bpf_printk( - "bpf_probe_read SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_ failed, ret :%d\n", + "bpf_probe_read SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_ failed, ret " + ":%d\n", ret); return 0; } - void *sats_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_); + void *sats_ptr_tls13 = + (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_); ret = bpf_probe_read_user(&mastersecret->server_traffic_secret_0_, sizeof(mastersecret->server_traffic_secret_0_), (void *)sats_ptr_tls13); if (ret) { debug_bpf_printk( - "bpf_probe_read SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_ failed, ret :%d\n", + "bpf_probe_read SSL_HANDSHAKE_SERVER_TRAFFIC_SECRET_0_ failed, ret " + ":%d\n", ret); return 0; } - void *ems_ptr_tls13 = (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_EXPECTED_CLIENT_FINISHED_); + void *ems_ptr_tls13 = + (void *)(ssl_hs_st_addr + SSL_HANDSHAKE_EXPECTED_CLIENT_FINISHED_); ret = bpf_probe_read_user(&mastersecret->exporter_secret, sizeof(mastersecret->exporter_secret), (void *)ems_ptr_tls13); if (ret) { debug_bpf_printk( - "bpf_probe_read SSL_HANDSHAKE_EXPECTED_CLIENT_FINISHED_ failed, ret :%d\n", + "bpf_probe_read SSL_HANDSHAKE_EXPECTED_CLIENT_FINISHED_ failed, " + "ret :%d\n", ret); return 0; } - debug_bpf_printk( - "*****master_secret*****: %x %x %x\n", mastersecret->secret_[0], - mastersecret->secret_[1], mastersecret->secret_[2]); + debug_bpf_printk("*****master_secret*****: %x %x %x\n", + mastersecret->secret_[0], mastersecret->secret_[1], + mastersecret->secret_[2]); bpf_perf_event_output(ctx, &mastersecret_events, BPF_F_CURRENT_CPU, mastersecret, sizeof(struct mastersecret_bssl_t)); return 0; diff --git a/kern/openssl_masterkey.h b/kern/openssl_masterkey.h index 1495bf806..28953dd5c 100644 --- a/kern/openssl_masterkey.h +++ b/kern/openssl_masterkey.h @@ -74,7 +74,7 @@ struct { } bpf_context_gen SEC(".maps"); /////////////////////////COMMON FUNCTIONS //////////////////////////////// -//这个函数用来规避512字节栈空间限制,通过在堆上创建内存的方式,避开限制 +// 这个函数用来规避512字节栈空间限制,通过在堆上创建内存的方式,避开限制 static __always_inline struct mastersecret_t *make_event() { u32 key_gen = 0; struct mastersecret_t *bpf_ctx = @@ -258,7 +258,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } - void *cats_ptr_tls13 = (void *)(ssl_st_ptr + SSL_ST_CLIENT_APP_TRAFFIC_SECRET); + void *cats_ptr_tls13 = + (void *)(ssl_st_ptr + SSL_ST_CLIENT_APP_TRAFFIC_SECRET); ret = bpf_probe_read_user(&mastersecret->client_app_traffic_secret, sizeof(mastersecret->client_app_traffic_secret), (void *)cats_ptr_tls13); @@ -269,7 +270,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } - void *sats_ptr_tls13 = (void *)(ssl_st_ptr + SSL_ST_SERVER_APP_TRAFFIC_SECRET); + void *sats_ptr_tls13 = + (void *)(ssl_st_ptr + SSL_ST_SERVER_APP_TRAFFIC_SECRET); ret = bpf_probe_read_user(&mastersecret->server_app_traffic_secret, sizeof(mastersecret->server_app_traffic_secret), (void *)sats_ptr_tls13); @@ -290,9 +292,9 @@ int probe_ssl_master_key(struct pt_regs *ctx) { ret); return 0; } - debug_bpf_printk( - "*****master_secret*****: %x %x %x\n", mastersecret->master_key[0], - mastersecret->master_key[1], mastersecret->master_key[2]); + debug_bpf_printk("*****master_secret*****: %x %x %x\n", + mastersecret->master_key[0], mastersecret->master_key[1], + mastersecret->master_key[2]); bpf_perf_event_output(ctx, &mastersecret_events, BPF_F_CURRENT_CPU, mastersecret, sizeof(struct mastersecret_t)); return 0; diff --git a/kern/openssl_masterkey_3.0.h b/kern/openssl_masterkey_3.0.h index 163050387..ca8e7951d 100644 --- a/kern/openssl_masterkey_3.0.h +++ b/kern/openssl_masterkey_3.0.h @@ -63,7 +63,7 @@ struct { } bpf_context_gen SEC(".maps"); /////////////////////////COMMON FUNCTIONS //////////////////////////////// -//这个函数用来规避512字节栈空间限制,通过在堆上创建内存的方式,避开限制 +// 这个函数用来规避512字节栈空间限制,通过在堆上创建内存的方式,避开限制 static __always_inline struct mastersecret_t *make_event() { u32 key_gen = 0; struct mastersecret_t *bpf_ctx = @@ -240,7 +240,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } - void *cats_ptr_tls13 = (void *)(ssl_st_ptr + SSL_ST_CLIENT_APP_TRAFFIC_SECRET); + void *cats_ptr_tls13 = + (void *)(ssl_st_ptr + SSL_ST_CLIENT_APP_TRAFFIC_SECRET); ret = bpf_probe_read_user(&mastersecret->client_app_traffic_secret, sizeof(mastersecret->client_app_traffic_secret), (void *)cats_ptr_tls13); @@ -251,7 +252,8 @@ int probe_ssl_master_key(struct pt_regs *ctx) { return 0; } - void *sats_ptr_tls13 = (void *)(ssl_st_ptr + SSL_ST_SERVER_APP_TRAFFIC_SECRET); + void *sats_ptr_tls13 = + (void *)(ssl_st_ptr + SSL_ST_SERVER_APP_TRAFFIC_SECRET); ret = bpf_probe_read_user(&mastersecret->server_app_traffic_secret, sizeof(mastersecret->server_app_traffic_secret), (void *)sats_ptr_tls13); @@ -272,9 +274,9 @@ int probe_ssl_master_key(struct pt_regs *ctx) { ret); return 0; } - debug_bpf_printk( - "*****master_secret*****: %x %x %x\n", mastersecret->master_key[0], - mastersecret->master_key[1], mastersecret->master_key[2]); + debug_bpf_printk("*****master_secret*****: %x %x %x\n", + mastersecret->master_key[0], mastersecret->master_key[1], + mastersecret->master_key[2]); bpf_perf_event_output(ctx, &mastersecret_events, BPF_F_CURRENT_CPU, mastersecret, sizeof(struct mastersecret_t)); return 0; diff --git a/user/module/const.go b/user/module/const.go index 41e2a8824..4a016d387 100644 --- a/user/module/const.go +++ b/user/module/const.go @@ -34,3 +34,8 @@ const ( const ( BASH_ERRNO_DEFAULT int = 128 ) + +const ( + MasterKeyHookFuncOpenSSL = "SSL_write" + MasterKeyHookFuncBoringSSL = "SSL_do_handshake" +) diff --git a/user/module/const_androidgki.go b/user/module/const_androidgki.go deleted file mode 100644 index 59ee6ad3f..000000000 --- a/user/module/const_androidgki.go +++ /dev/null @@ -1,27 +0,0 @@ -//go:build androidgki -// +build androidgki - -// Copyright 2022 CFC4N . All Rights Reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package module - -/* -Copyright © 2022 CFC4N - -*/ - -const ( - PROBE_OPENSSL_MASTERKEY_FUNC = "SSL_do_handshake" -) diff --git a/user/module/const_linux.go b/user/module/const_linux.go deleted file mode 100644 index 6d5e52c66..000000000 --- a/user/module/const_linux.go +++ /dev/null @@ -1,27 +0,0 @@ -//go:build !androidgki -// +build !androidgki - -// Copyright 2022 CFC4N . All Rights Reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package module - -/* -Copyright © 2022 CFC4N - -*/ - -const ( - PROBE_OPENSSL_MASTERKEY_FUNC = "SSL_write" -) diff --git a/user/module/probe_openssl.go b/user/module/probe_openssl.go index c32fc7f51..5cd665589 100644 --- a/user/module/probe_openssl.go +++ b/user/module/probe_openssl.go @@ -83,6 +83,7 @@ type MOpenSSLProbe struct { sslVersionBpfMap map[string]string // bpf map key: ssl version, value: bpf map key sslBpfFile string // ssl bpf file isBoringSSL bool // + masterHookFunc string // SSL_do_handshake on boringSSL, SSL_write on openssl } // 对象初始化 @@ -142,6 +143,9 @@ func (this *MOpenSSLProbe) getSslBpfFile(soPath, sslVersion string) error { defer func() { if strings.Contains(this.sslBpfFile, "boringssl") { this.isBoringSSL = true + this.masterHookFunc = MasterKeyHookFuncBoringSSL + } else { + this.masterHookFunc = MasterKeyHookFuncOpenSSL } }() @@ -303,6 +307,7 @@ func (this *MOpenSSLProbe) setupManagersUprobe() error { this.logger.Printf("%s\tHOOK type:%d, binrayPath:%s\n", this.Name(), this.conf.(*config.OpensslConfig).ElfType, binaryPath) this.logger.Printf("%s\tlibPthread so Path:%s\n", this.Name(), libPthread) + this.logger.Printf("%s\tlHook masterKey function:%s\n", this.Name(), this.masterHookFunc) this.bpfManager = &manager.Manager{ Probes: []*manager.Probe{ @@ -376,7 +381,7 @@ func (this *MOpenSSLProbe) setupManagersUprobe() error { { Section: "uprobe/SSL_write_key", EbpfFuncName: "probe_ssl_master_key", - AttachToFuncName: "SSL_write", + AttachToFuncName: this.masterHookFunc, BinaryPath: binaryPath, UID: "uprobe_ssl_master_key", }, diff --git a/user/module/probe_openssl_tc.go b/user/module/probe_openssl_tc.go index d6180824d..09da6b2a8 100644 --- a/user/module/probe_openssl_tc.go +++ b/user/module/probe_openssl_tc.go @@ -93,6 +93,7 @@ func (this *MOpenSSLProbe) setupManagersTC() error { this.logger.Printf("%s\tHOOK type:%d, binrayPath:%s\n", this.Name(), this.conf.(*config.OpensslConfig).ElfType, binaryPath) this.logger.Printf("%s\tIfname:%s, Ifindex:%d, Port:%d, Pcapng filepath:%s\n", this.Name(), this.ifName, this.ifIdex, this.conf.(*config.OpensslConfig).Port, this.pcapngFilename) + this.logger.Printf("%s\tlHook masterKey function:%s\n", this.Name(), this.masterHookFunc) // create pcapng writer netIfs, err := net.Interfaces() @@ -134,10 +135,9 @@ func (this *MOpenSSLProbe) setupManagersTC() error { { Section: "uprobe/SSL_write_key", EbpfFuncName: "probe_ssl_master_key", - AttachToFuncName: PROBE_OPENSSL_MASTERKEY_FUNC, // SSL_do_handshake or SSL_write - //AttachToFuncName: "SSL_do_handshake", // SSL_do_handshake or SSL_write - BinaryPath: binaryPath, - UID: "uprobe_ssl_master_key", + AttachToFuncName: this.masterHookFunc, // SSL_do_handshake or SSL_write + BinaryPath: binaryPath, + UID: "uprobe_ssl_master_key", }, }, diff --git a/utils/boringssl_offset_1.1.1.sh b/utils/boringssl_offset_1.1.1.sh index 521061d96..b0b0542de 100755 --- a/utils/boringssl_offset_1.1.1.sh +++ b/utils/boringssl_offset_1.1.1.sh @@ -2,6 +2,8 @@ set -e PROJECT_ROOT_DIR=$(pwd) +BORINGSSL_REPO=https://android.googlesource.com/platform/external/boringssl +#BORINGSSL_REPO=https://github.com/google/boringssl.git BORINGSSL_DIR="${PROJECT_ROOT_DIR}/deps/boringssl" OUTPUT_DIR="${PROJECT_ROOT_DIR}/kern" @@ -15,7 +17,7 @@ if [[ ! -d "${BORINGSSL_DIR}/.git" ]]; then # skip cloning if the openssl directory already exists if [[ ! -d "${BORINGSSL_DIR}" ]]; then # git clone https://github.com/google/boringssl.git ${BORINGSSL_DIR} - git clone https://android.googlesource.com/platform/external/boringssl ${BORINGSSL_DIR} + git clone ${BORINGSSL_REPO} ${BORINGSSL_DIR} fi fi @@ -45,14 +47,14 @@ function run() { # git checkout ${tag} echo "Generating ${header_file}" - g++ -I include/ -I ./src/ offset.c -o offset + g++ -I include/ -I . -I ./src/ offset.c -o offset echo -e "#ifndef ECAPTURE_${header_define}" >${header_file} echo -e "#define ECAPTURE_${header_define}\n" >>${header_file} ./offset >>${header_file} echo -e "#include \"boringssl_const.h\"" >>${header_file} - echo -e "#include \"openssl.h\"" >>${header_file} echo -e "#include \"boringssl_masterkey.h\"" >>${header_file} + echo -e "#include \"openssl.h\"" >>${header_file} echo -e "\n#endif\n" >>${header_file} # clean up From 1252dff78ff905a68dd63a57c047bfae2ea147c8 Mon Sep 17 00:00:00 2001 From: CFC4N Date: Sat, 10 Dec 2022 22:27:18 +0800 Subject: [PATCH 10/13] remove libPthread shared-object lib. Signed-off-by: CFC4N --- cli/cmd/tls.go | 1 - user/config/config_openssl.go | 6 +- user/config/config_openssl_androidgki.go | 11 +--- user/config/config_openssl_linux.go | 81 +----------------------- user/module/probe_openssl.go | 7 +- 5 files changed, 7 insertions(+), 99 deletions(-) diff --git a/cli/cmd/tls.go b/cli/cmd/tls.go index dac0b15bf..4d677a8f1 100644 --- a/cli/cmd/tls.go +++ b/cli/cmd/tls.go @@ -57,7 +57,6 @@ func init() { opensslCmd.PersistentFlags().StringVar(&gc.Curlpath, "wget", "", "wget file path, default: /usr/bin/wget. (Deprecated)") opensslCmd.PersistentFlags().StringVar(&nc.Firefoxpath, "firefox", "", "firefox file path, default: /usr/lib/firefox/firefox. (Deprecated)") opensslCmd.PersistentFlags().StringVar(&nc.Nsprpath, "nspr", "", "libnspr44.so file path, will automatically find it from curl default.") - opensslCmd.PersistentFlags().StringVar(&oc.Pthread, "pthread", "", "libpthread.so file path, use to hook connect to capture socket FD.will automatically find it from curl. (Deprecated)") opensslCmd.PersistentFlags().StringVar(&goc.Path, "gobin", "", "path to binary built with Go toolchain.") opensslCmd.PersistentFlags().StringVarP(&oc.Write, "write", "w", "", "write the raw packets to file as pcapng format.") opensslCmd.PersistentFlags().StringVarP(&oc.Ifname, "ifname", "i", "", "(TC Classifier) Interface name on which the probe will be attached.") diff --git a/user/config/config_openssl.go b/user/config/config_openssl.go index 7b81d7293..1ea55af97 100644 --- a/user/config/config_openssl.go +++ b/user/config/config_openssl.go @@ -17,9 +17,9 @@ package config // 最终使用openssl参数 type OpensslConfig struct { eConfig - Curlpath string `json:"curlPath"` //curl的文件路径 - Openssl string `json:"openssl"` - Pthread string `json:"pThread"` // /lib/x86_64-linux-gnu/libpthread.so.0 + Curlpath string `json:"curlPath"` //curl的文件路径 + Openssl string `json:"openssl"` + //Pthread string `json:"pThread"` // /lib/x86_64-linux-gnu/libpthread.so.0 Write string `json:"write"` // Write the raw packets to file rather than parsing and printing them out. Ifname string `json:"ifName"` // (TC Classifier) Interface name on which the probe will be attached. Port uint16 `json:"port"` // capture port diff --git a/user/config/config_openssl_androidgki.go b/user/config/config_openssl_androidgki.go index ca5967fd0..b247a525c 100644 --- a/user/config/config_openssl_androidgki.go +++ b/user/config/config_openssl_androidgki.go @@ -24,7 +24,7 @@ import ( const ( DEFAULT_OPENSSL_PATH = "/apex/com.android.conscrypt/lib64/libssl.so" - DEFAULT_LIBC_PATH = "/apex/com.android.runtime/lib64/bionic/libc.so" + //DEFAULT_LIBC_PATH = "/apex/com.android.runtime/lib64/bionic/libc.so" DEFAULT_IFNAME = "wlan0" ) @@ -43,15 +43,6 @@ func (this *OpensslConfig) Check() error { this.Openssl = DEFAULT_OPENSSL_PATH } - if this.Pthread != "" || len(strings.TrimSpace(this.Pthread)) > 0 { - _, e := os.Stat(this.Pthread) - if e != nil { - return e - } - } else { - this.Pthread = DEFAULT_LIBC_PATH - } - if this.Ifname == "" || len(strings.TrimSpace(this.Ifname)) == 0 { this.Ifname = DEFAULT_IFNAME } diff --git a/user/config/config_openssl_linux.go b/user/config/config_openssl_linux.go index cae143ac7..dec3a60f8 100644 --- a/user/config/config_openssl_linux.go +++ b/user/config/config_openssl_linux.go @@ -18,9 +18,7 @@ package config import ( - "debug/elf" "errors" - "fmt" "os" "path/filepath" "strings" @@ -54,73 +52,9 @@ func (this *OpensslConfig) checkOpenssl() error { return nil } -func (this *OpensslConfig) checkConnect() error { - var sharedObjects = []string{ - "libpthread.so.0", // ubuntu 21.04 server - "libc.so.6", // ubuntu 21.10 server - "libc.so", // Android - } - - var funcName = "" - var found bool - for _, so := range sharedObjects { - pthreadSoPath, e := getDynPathByElf(this.Curlpath, so) - if e != nil { - _, e = os.Stat(X86_BINARY_PREFIX) - prefix := X86_BINARY_PREFIX - if e != nil { - prefix = OTHERS_BINARY_PREFIX - } - this.Pthread = filepath.Join(prefix, so) - _, e = os.Stat(this.Pthread) - if e != nil { - // search all of sharedObjects - //return e - continue - } - } else { - this.Pthread = pthreadSoPath - } - - _elf, e := elf.Open(this.Pthread) - if e != nil { - //return e - continue - } - - dynamicSymbols, err := _elf.DynamicSymbols() - if err != nil { - //return err - continue - } - - // - for _, sym := range dynamicSymbols { - if sym.Name != "connect" { - continue - } - //fmt.Printf("\tsize:%d, name:%s, offset:%d\n", sym.Size, sym.Name, 0) - funcName = sym.Name - found = true - break - } - - // if found - if found && funcName != "" { - break - } - } - - //如果没找到,则报错。 - if !found || funcName == "" { - return errors.New(fmt.Sprintf("cant found 'connect' function to hook in files::%v", sharedObjects)) - } - return nil -} - func (this *OpensslConfig) Check() error { this.IsAndroid = false - var checkedOpenssl, checkedConnect bool + var checkedOpenssl bool // 如果readline 配置,且存在,则直接返回。 if this.Openssl != "" || len(strings.TrimSpace(this.Openssl)) > 0 { _, e := os.Stat(this.Openssl) @@ -142,19 +76,11 @@ func (this *OpensslConfig) Check() error { this.Curlpath = "/usr/bin/curl" } - if this.Pthread != "" || len(strings.TrimSpace(this.Pthread)) > 0 { - _, e := os.Stat(this.Pthread) - if e != nil { - return e - } - checkedConnect = true - } - if this.Ifname == "" || len(strings.TrimSpace(this.Ifname)) == 0 { this.Ifname = DEFAULT_IFNAME } - if checkedConnect && checkedOpenssl { + if checkedOpenssl { return nil } @@ -169,8 +95,5 @@ func (this *OpensslConfig) Check() error { } } - if !checkedConnect { - return this.checkConnect() - } return nil } diff --git a/user/module/probe_openssl.go b/user/module/probe_openssl.go index 5cd665589..1e83d0ec5 100644 --- a/user/module/probe_openssl.go +++ b/user/module/probe_openssl.go @@ -275,7 +275,7 @@ func (this *MOpenSSLProbe) constantEditor() []manager.ConstantEditor { } func (this *MOpenSSLProbe) setupManagersUprobe() error { - var binaryPath, libPthread, sslVersion string + var binaryPath, sslVersion string sslVersion = this.conf.(*config.OpensslConfig).SslVersion sslVersion = strings.ToLower(sslVersion) switch this.conf.(*config.OpensslConfig).ElfType { @@ -296,17 +296,12 @@ func (this *MOpenSSLProbe) setupManagersUprobe() error { } } - libPthread = this.conf.(*config.OpensslConfig).Pthread - if libPthread == "" { - libPthread = "/lib/x86_64-linux-gnu/libpthread.so.0" - } _, err := os.Stat(binaryPath) if err != nil { return err } this.logger.Printf("%s\tHOOK type:%d, binrayPath:%s\n", this.Name(), this.conf.(*config.OpensslConfig).ElfType, binaryPath) - this.logger.Printf("%s\tlibPthread so Path:%s\n", this.Name(), libPthread) this.logger.Printf("%s\tlHook masterKey function:%s\n", this.Name(), this.masterHookFunc) this.bpfManager = &manager.Manager{ From f59bdb01d15c10c9cfe629c8b47d4a783ac19bbb Mon Sep 17 00:00:00 2001 From: CFC4N Date: Sat, 10 Dec 2022 22:33:14 +0800 Subject: [PATCH 11/13] sort include files. Signed-off-by: CFC4N --- kern/boringssl_1_1_1_kern.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kern/boringssl_1_1_1_kern.c b/kern/boringssl_1_1_1_kern.c index 6c80217f8..354f1885e 100644 --- a/kern/boringssl_1_1_1_kern.c +++ b/kern/boringssl_1_1_1_kern.c @@ -43,8 +43,8 @@ #define BSSL__SSL_HANDSHAKE_MAX_VERSION 0x1e #include "boringssl_const.h" -#include "openssl.h" #include "boringssl_masterkey.h" +#include "openssl.h" #endif From 5946126dd5b910c8e3b3692f4fcac4d5a8cd48e6 Mon Sep 17 00:00:00 2001 From: CFC4N Date: Sat, 10 Dec 2022 22:37:24 +0800 Subject: [PATCH 12/13] add deps directory. Signed-off-by: CFC4N --- deps/.gitkeep | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 deps/.gitkeep diff --git a/deps/.gitkeep b/deps/.gitkeep new file mode 100644 index 000000000..e69de29bb From 5a2ad8be5d794183813550f6df43f47de6eb582e Mon Sep 17 00:00:00 2001 From: CFC4N Date: Sat, 10 Dec 2022 23:06:41 +0800 Subject: [PATCH 13/13] support boringssl event on TC model. Signed-off-by: CFC4N --- user/event/event_masterkey.go | 2 +- user/module/probe_openssl.go | 7 ++++--- user/module/probe_openssl_tc.go | 10 +++++++++- 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/user/event/event_masterkey.go b/user/event/event_masterkey.go index 2ef9bafe8..3082cf5d1 100644 --- a/user/event/event_masterkey.go +++ b/user/event/event_masterkey.go @@ -194,7 +194,7 @@ func (this *MasterSecretBSSLEvent) String() string { } func (this *MasterSecretBSSLEvent) Clone() IEventStruct { - event := new(MasterSecretEvent) + event := new(MasterSecretBSSLEvent) event.event_type = EventTypeModuleData return event } diff --git a/user/module/probe_openssl.go b/user/module/probe_openssl.go index 1e83d0ec5..b8383fd17 100644 --- a/user/module/probe_openssl.go +++ b/user/module/probe_openssl.go @@ -302,7 +302,7 @@ func (this *MOpenSSLProbe) setupManagersUprobe() error { } this.logger.Printf("%s\tHOOK type:%d, binrayPath:%s\n", this.Name(), this.conf.(*config.OpensslConfig).ElfType, binaryPath) - this.logger.Printf("%s\tlHook masterKey function:%s\n", this.Name(), this.masterHookFunc) + this.logger.Printf("%s\tHook masterKey function:%s\n", this.Name(), this.masterHookFunc) this.bpfManager = &manager.Manager{ Probes: []*manager.Probe{ @@ -616,6 +616,8 @@ func (this *MOpenSSLProbe) saveMasterSecretBSSL(secretEvent *event.MasterSecretB case event.TLS1_2_VERSION: b = bytes.NewBufferString(fmt.Sprintf("%s %02x %02x\n", hkdf.KeyLogLabelTLS12, secretEvent.ClientRandom, secretEvent.Secret)) case event.TLS1_3_VERSION: + fallthrough + default: var length int length = 32 @@ -626,8 +628,7 @@ func (this *MOpenSSLProbe) saveMasterSecretBSSL(secretEvent *event.MasterSecretB b.WriteString(fmt.Sprintf("%s %02x %02x\n", hkdf.KeyLogLabelServerTraffic, secretEvent.ClientRandom, secretEvent.ServerTrafficSecret0[:length])) b.WriteString(fmt.Sprintf("%s %02x %02x\n", hkdf.KeyLogLabelExporterSecret, secretEvent.ClientRandom, secretEvent.ExporterSecret[:length])) - default: - b = bytes.NewBufferString(fmt.Sprintf("%s %02x %02x\n", hkdf.KeyLogLabelTLS12, secretEvent.ClientRandom, secretEvent.Secret)) + //b = bytes.NewBufferString(fmt.Sprintf("%s %02x %02x\n", hkdf.KeyLogLabelTLS12, secretEvent.ClientRandom, secretEvent.Secret)) } v := event.TlsVersion{Version: secretEvent.Version} l, e := this.keylogger.WriteString(b.String()) diff --git a/user/module/probe_openssl_tc.go b/user/module/probe_openssl_tc.go index 09da6b2a8..b32889223 100644 --- a/user/module/probe_openssl_tc.go +++ b/user/module/probe_openssl_tc.go @@ -195,7 +195,15 @@ func (this *MOpenSSLProbe) initDecodeFunTC() error { return errors.New("cant found map:mastersecret_events") } this.eventMaps = append(this.eventMaps, MasterkeyEventsMap) - masterkeyEvent := &event.MasterSecretEvent{} + + var masterkeyEvent event.IEventStruct + + if this.isBoringSSL { + masterkeyEvent = &event.MasterSecretBSSLEvent{} + } else { + masterkeyEvent = &event.MasterSecretEvent{} + } + //masterkeyEvent.SetModule(this) this.eventFuncMaps[MasterkeyEventsMap] = masterkeyEvent return nil