Wireshark-dev: [Wireshark-dev] [TLS parser]Help seeking idea to write TLS parser in basic way
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Sadik Sikder <sadiksikder@xxxxxxxxx>
Date: Fri, 13 Oct 2017 11:54:46 +0200
hello Sir
Good morning!
i have a own netanalyzer [developed libpcap on linux c/c++]that  works like kind of wireshark. the net analyzer developed by other team up to tcp  parser and i need to write tls parser which parse following field values  i have developed a TLS decryption system taking field values from analyzer like client random, server random etc. these are static. for totally automation /dynamic i need write a tls parser code for triggering automatic those field value fetching into my decryption tool.  
currently i am seeking information or idea how should i start to write TLS parser. i have no idea before that. a basic page example link or explanation would be great help.
====================================================================

need to Parse the following SSL fields first to see field name and values on command line and Hex data as stream and pass following selected values to the decryption as String :

Handshake Protocol: Client Hello

Content type: Handshake

Version:

Random: ( pasre value as HEX stream and pass it to the decryption routine as String.)

Cipher Suites and lists


Handshake Protocol:Server Hello

Content type: Handshake

Version:

Random: ( pasre value as HEX stream and pass it to the decryption routineas String .)

Cipher Suites and lists

Handshake Protocol:Certificate

Content type: Handshake

Version:

Handshake Protocol:Server Key exchange

EC Diffie-Hellman Server Params

Pubkey:
signature

Handshake Protocol: Encrypted Handshake message

Content type: Handshake

parse last encrypted handshake message as HEX stream and pass it to the decryption routine as String.


Handshake Protocol: Application Data Protocol

Content type:

Version:

Encrypted Application data client and server side( parse value as HEX stream and pass it to the decryption routine as String.)

====================================================================

Thanks in advance.


Kind Regards,

Samsuddin Sikder
Masters Student 
M.Sc. in Communication Systems Engineering
Cologne University of Applied Sciences (FH-Köln),Germany