CommunicationSecrets_8cc_source.html

/*

 * Copyright (C) 1996-2025 The Squid Software Foundation and contributors

 *

 * Squid software is distributed under GPLv2+ license and includes

 * contributions from numerous individuals and organizations.

 * Please see the COPYING and CONTRIBUTORS files for details.

 */


#include "squid.h"

#include "base/CharacterSet.h"

#include "base/IoManip.h"

#include "security/CommunicationSecrets.h"

#include "security/Session.h"


#include <ostream>


// TODO: Support SSL_CTX_set_keylog_callback() available since OpenSSL v1.1.1.


Security::CommunicationSecrets::CommunicationSecrets(const Connection &sconn)

{

#if USE_OPENSSL

    getClientRandom(sconn);


    if (const auto session = SSL_get_session(&sconn)) {

        getMasterKey(*session);

        getSessionId(*session);

    }

#else

    // Secret extraction is not supported in builds using other TLS libraries.

    // Secret extraction is impractical in builds without TLS libraries.

    (void)sconn;

#endif

}


bool


Security::CommunicationSecrets::gotAll() const

{

    return !id.isEmpty() && !random.isEmpty() && !key.isEmpty();

}


bool


Security::CommunicationSecrets::learnNew(const CommunicationSecrets &news)

{

    auto sawChange = false;


    if (id != news.id && !news.id.isEmpty()) {

        id = news.id;

        sawChange = true;

    }


    if (random != news.random && !news.random.isEmpty()) {

        random = news.random;

        sawChange = true;

    }


    if (key != news.key && !news.key.isEmpty()) {

        key = news.key;

        sawChange = true;

    }


    return sawChange;

}


static void


PrintSecret(std::ostream &os, const SBuf &secret)

{

    if (!secret.isEmpty())

        PrintHex(os, secret.rawContent(), secret.length());

    else

        os << '-';

}


void


Security::CommunicationSecrets::record(std::ostream &os) const {

    // Print SSLKEYLOGFILE blobs that contain at least one known secret.

    // See Wireshark tls_keylog_process_lines() source code for format details.


    // RSA Session-ID:... Master-Key:...

    if (id.length() || key.length()) {

        os << "RSA";

        PrintSecret(os << " Session-ID:", id);

        PrintSecret(os << " Master-Key:", key);

        os << "\n";

    }


    // CLIENT_RANDOM ... ...

    if (random.length() || key.length()) {

        os << "CLIENT_RANDOM ";

        PrintSecret(os, random);

        os << ' ';

        // we may have already printed the key on a separate Master-Key: line above,

        // but the CLIENT_RANDOM line format includes the same key info

        PrintSecret(os, key);

        os << "\n";

    }

}


#if USE_OPENSSL

static void


IgnorePlaceholder(SBuf &secret)

{

    static const auto NulChar = CharacterSet("NUL").add('\0');

    if (secret.findFirstNotOf(NulChar) == SBuf::npos) // all zeros

        secret.clear();

}


void


Security::CommunicationSecrets::getClientRandom(const Connection &sconn)

{

    random.clear();

    const auto expectedLength = SSL_get_client_random(&sconn, nullptr, 0);

    if (!expectedLength)

        return;


    // no auto due to reinterpret_casting of the result below

    char * const space = random.rawAppendStart(expectedLength);

    const auto actualLength = SSL_get_client_random(&sconn,

                              reinterpret_cast<unsigned char*>(space), expectedLength);

    random.rawAppendFinish(space, actualLength);


    IgnorePlaceholder(random);

}


void


Security::CommunicationSecrets::getSessionId(const Session &session)

{

    id.clear();

    unsigned int idLength = 0;

    // no auto due to reinterpret_casting of the result below

    const unsigned char * const idStart = SSL_SESSION_get_id(&session, &idLength);

    if (idStart && idLength)

        id.assign(reinterpret_cast<const char *>(idStart), idLength);


    IgnorePlaceholder(id);

}


void


Security::CommunicationSecrets::getMasterKey(const Session &session)

{

    key.clear();

    const auto expectedLength = SSL_SESSION_get_master_key(&session, nullptr, 0);

    if (!expectedLength)

        return;


    // no auto due to reinterpret_casting of the result below

    char * const space = key.rawAppendStart(expectedLength);

    const auto actualLength = SSL_SESSION_get_master_key(&session,

                              reinterpret_cast<unsigned char*>(space), expectedLength);

    key.rawAppendFinish(space, actualLength);


    IgnorePlaceholder(key);

}


#endif /* USE_OPENSSL */


CharacterSet.h

PrintSecret
static void PrintSecret(std::ostream &os, const SBuf &secret)
writes the given secret (in hex) or, if there is no secret, a placeholder
Definition CommunicationSecrets.cc:66

IgnorePlaceholder
static void IgnorePlaceholder(SBuf &secret)
Definition CommunicationSecrets.cc:104

CommunicationSecrets.h

PrintHex
void PrintHex(std::ostream &os, const char *const data, const size_t n)
Prints the first n data bytes using hex notation. Does nothing if n is 0.
Definition IoManip.cc:16

IoManip.h

CharacterSet
optimized set of C chars, with quick membership test and merge support
Definition CharacterSet.h:18

CharacterSet::add
CharacterSet & add(const unsigned char c)
add a given character to the character set
Definition CharacterSet.cc:47

SBuf
Definition SBuf.h:94

SBuf::rawContent
const char * rawContent() const
Definition SBuf.cc:509

SBuf::npos
static const size_type npos
Definition SBuf.h:100

SBuf::length
size_type length() const
Returns the number of bytes stored in SBuf.
Definition SBuf.h:419

SBuf::findFirstNotOf
size_type findFirstNotOf(const CharacterSet &set, size_type startPos=0) const
Definition SBuf.cc:746

SBuf::isEmpty
bool isEmpty() const
Definition SBuf.h:435

SBuf::clear
void clear()
Definition SBuf.cc:175

Security::CommunicationSecrets
Definition CommunicationSecrets.h:22

Security::CommunicationSecrets::key
SBuf key
TLS session (pre-)master key.
Definition CommunicationSecrets.h:50

Security::CommunicationSecrets::random
SBuf random
CLIENT_RANDOM from the TLS connection.
Definition CommunicationSecrets.h:49

Security::CommunicationSecrets::getClientRandom
void getClientRandom(const Connection &sconn)
Definition CommunicationSecrets.cc:112

Security::CommunicationSecrets::id
SBuf id
TLS session ID.
Definition CommunicationSecrets.h:48

Security::CommunicationSecrets::getMasterKey
void getMasterKey(const Session &session)
Definition CommunicationSecrets.cc:142

Security::CommunicationSecrets::getSessionId
void getSessionId(const Session &session)
Definition CommunicationSecrets.cc:129

Security::CommunicationSecrets::learnNew
bool learnNew(const CommunicationSecrets &news)
Definition CommunicationSecrets.cc:42

Security::CommunicationSecrets::CommunicationSecrets
CommunicationSecrets()=default

Security::CommunicationSecrets::record
void record(std::ostream &) const
logs all known secrets using a (multiline) SSLKEYLOGFILE format
Definition CommunicationSecrets.cc:75

Security::CommunicationSecrets::gotAll
bool gotAll() const
whether we know all the secrets that could be extracted
Definition CommunicationSecrets.cc:36

Security::Session
SSL_SESSION Session
Definition Session.h:51

Security::Connection
SSL Connection
Definition Session.h:49

SSL_SESSION_get_id
const unsigned char * SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
Definition openssl.h:147

SSL_get_client_random
size_t SSL_get_client_random(const SSL *ssl, unsigned char *outStart, size_t outSizeMax)
Definition openssl.h:157

SSL_SESSION_get_master_key
size_t SSL_SESSION_get_master_key(const SSL_SESSION *session, unsigned char *outStart, size_t outSizeMax)
Definition openssl.h:178

Session.h

squid.h