#ifndef __RELAY_H__ #define __RELAY_H__ #include #include #include #include "ptwist.h" #define MAX_FLOWS 10 #define TLS_HELLO_REQ 0x00 #define TLS_CLNT_HELLO 0x01 #define TLS_SERV_HELLO 0x02 #define TLS_NEW_SESS 0x04 #define TLS_CERT 0x0b #define TLS_SRVR_KEYEX 0x0c #define TLS_CERT_REQ 0x0d #define TLS_SRVR_HELLO_DONE 0x0e #define TLS_CERT_VERIFY 0x0f #define TLS_CLNT_KEYEX 0x10 #define TLS_FINISHED 0x14 # define n2s(c,s) ((s=(((unsigned int)(c[0]))<< 8)| \ (((unsigned int)(c[1])) )),c+=2) struct packet_st{ uint32_t seq_num; uint16_t len; uint16_t data_len; uint8_t *data; struct packet_st *next; int incoming; //0 for outgoing, 1 for incoming }; typedef struct packet_st packet; typedef struct flow_st { struct in_addr src_ip, dst_ip; /* Source (client) and Destination (server) addresses */ uint16_t src_port, dst_port; /* Source and Destination ports */ uint32_t seq_num; /* sequence number */ byte key[16]; /* negotiated key */ int state; /* TLS handshake state */ int in_encrypted; /* indicates whether incoming flow is encrypted */ int out_encrypted; /* indicates whether outgoing flow is encrypted */ packet *packet_chain; /* currently held data */ DH *dh; uint8_t handshake_hash[EVP_MAX_MD_SIZE]; EVP_MD_CTX *finish_md_ctx; EVP_CIPHER_CTX *read_ctx; EVP_CIPHER_CTX *write_ctx; uint8_t client_random[SSL3_RANDOM_SIZE]; uint8_t server_random[SSL3_RANDOM_SIZE]; uint8_t master_secret[SSL3_MASTER_SECRET_SIZE]; } flow; typedef struct flow_table_st { flow *table; int len; int max_len; } flow_table; int init_flow_table (void); flow *add_flow(flow newFlow); int update_flow(flow *f); int remove_flow(int index); int check_flow(flow observed); flow *get_flow(int index); int add_packet(flow *f, uint8_t *data); int extract_parameters(flow *f, uint8_t *hs); int decrypt_fin(flow *f, uint8_t *hs, int32_t len, int32_t incoming); void extract_server_random(flow *f, uint8_t *hs); int compute_master_secret(flow *f); #endif /* __RELAY_H__ */