packemon

package module
v1.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 9, 2025 License: BSD-2-Clause Imports: 26 Imported by: 0

README

Packémon

Packet monster, or Packémon for short! (っ‘-’)╮=͟͟͞͞◒ ヽ( '-'ヽ)

https://github.com/user-attachments/assets/dbb0baeb-a0b8-4e18-8647-ac05020f83d5

TUI tool for generating packets of arbitrary input and monitoring packets on any network interfaces (default: eth0). This tool is not available for Windows and macOS. I have confirmed that it works on Linux (Debian and Ubuntu on WSL2) .

I intend to develop it patiently🌴

The images of Packemon on REDME should be used as reference only, as they may look different from the actual Packemon.

[!WARNING] This tool is implemented with protocol stacks from scratch and utilizes raw socket.
There may be many bugs. If you find a bug, I would be glad if you raise an issue or give me a pull request!

Feature

This TUI tool has two major functions: packet generation and packet monitoring.

This image shows packemon running in Generator / Monitor mode.
DNS query packet generated by Generator on the left is shown in 40 line of the Monitor. DNS query response packet is shown as 41 line, and a more detailed view of it is shown in the image below.
See here for detailed instructions.

Packemon's Monitor allows user to select each packet by pressing Enter key. Then, select any line and press Enter key to see the details of the desired packet. Pressing Esc key in the packet detail screen will return you to the original packet list screen.

Generator

  • Send generated packets to any network interfaces.

    • You can specify network interface with --interface flag. Default is eth0.

  • Packets of various protocols are supported.

    details
    • Ethernet
    • ARP (WIP)
    • IPv4 (WIP)
    • IPv6 (WIP)
    • ICMPv4 (WIP)
    • ICMPv6
    • TCP (WIP)
    • UDP (WIP)
    • TLSv1.2 (WIP)
      • This tool is not very useful because the number of cipher suites it supports is still small, but an environment where you can try it out can be found here.
        • TCP 3way handshake ~ TLS handshake ~ TLS Application data (encrypted HTTP)
      • Supported cipher suites include
        • TLS_RSA_WITH_AES_128_GCM_SHA256
      • You can check the server for available cipher suites with the following command
        • nmap --script ssl-enum-ciphers -p 443 <server ip>
    • TLSv1.3 (WIP)
      • This tool is not very useful because the number of cipher suites it supports is still small, but an environment where you can try it out can be found here.
        • TCP 3way handshake ~ TLS handshake ~ TLS Application data (encrypted HTTP)
      • Supported cipher suites include
        • TLS_CHACHA20_POLY1305_SHA256
    • DNS (WIP)
    • HTTP (WIP)
    • xxxxx....
    • Routing Protocols
      • IGP (Interior Gateway Protocol)
        • OSPF (Open Shortest Path First)
        • EIGRP (Enhanced Interior Gateway Routing Protocol)
        • RIP (Routing Information Protocol)
      • EGP (Exterior Gateway Protocol)

[!WARNING] While using Generator mode, TCP RST packets automatically sent out by the kernel are dropped. When this mode is stopped, the original state is restored. Probably😅. Incidentally, dropping RST packets is done by running the eBPF program. The background note incorporating the eBPF is the POST of X around here.

Monitor

  • Monitor any network interfaces.

    • You can specify network interface with --interface flag. Default is eth0.

  • Specified packets can be saved to pcapng file.

  • Packets of various protocols are supported.

    details
    • Ethernet
    • ARP
    • IPv4 (WIP)
    • IPv6 (WIP)
    • ICMPv4 (WIP)
    • ICMPv6
    • TCP (WIP)
    • UDP
    • TLSv1.2 (WIP)
    • TLSv1.3
    • DNS (WIP)
      • DNS query
      • DNS query response
      • xxxxx....
    • HTTP (WIP)
      • HTTP GET request
      • HTTP GET response
      • xxxxx....
    • xxxxx....
    • Routing Protocols
      • IGP (Interior Gateway Protocol)
        • OSPF (Open Shortest Path First)
        • EIGRP (Enhanced Interior Gateway Routing Protocol)
        • RIP (Routing Information Protocol)
      • EGP (Exterior Gateway Protocol)
        • BGP (Border Gateway Protocol)

[!WARNING] If packet parsing fails, it is indicated by “Proto:ETHER” as shown in the following image.

If you want to check the details of the packet, you can select the line, save it to a pcapng file, and import it into Wireshark or other software🙏

Installation


git clone & Go
# Recomended (Clone this repository and require 'Dependencies' section of https://ebpf-go.dev/guides/getting-started/#ebpf-c-program)
$ cd egress_control/ && go generate && cd -
$ go build -o packemon cmd/packemon/*.go
$ ls | grep packemon
$ mv packemon /usr/local/bin/

Go
# Deprecated (In some environments, RST packets may be sent during TCP 3-way handshake)
$ go install github.com/ddddddO/packemon/cmd/packemon@latest

deb
$ export PACKEMON_VERSION=X.X.X
$ curl -o packemon.deb -L https://github.com/ddddddO/packemon/releases/download/v$PACKEMON_VERSION/packemon_$PACKEMON_VERSION-1_amd64.deb
$ dpkg -i packemon.deb

rpm
$ export PACKEMON_VERSION=X.X.X
$ yum install https://github.com/ddddddO/packemon/releases/download/v$PACKEMON_VERSION/packemon_$PACKEMON_VERSION-1_amd64.rpm

apk
$ export PACKEMON_VERSION=X.X.X
$ curl -o packemon.apk -L https://github.com/ddddddO/packemon/releases/download/v$PACKEMON_VERSION/packemon_$PACKEMON_VERSION-1_amd64.apk
$ apk add --allow-untrusted packemon.apk

Usage

  • Generator

    sudo packemon --send

  • Monitor

    sudo packemon

Usecase

Sending DNS query and Monitoring DNS response

  1. setup

    # Generator
$ sudo packemon --send

    # Monitor
$ sudo packemon

    ← Generator | Monitor →

  2. Generator

    • > Ethernet > Ether Type > IPv4

    • > IPv4 > Protocol > UDP

    • > IPv4 > Destination IP Addr > 1.1.1.1

      • Enter the address of DNS resolver here. Above is the address of Cloudflare resolver.

    • > UDP > Destination Port > 53

    • > UDP > Automatically calculate length ? > (Check!)

    • > DNS > Queries Domain > go.dev

      • Enter here the domain for which you want to name resolution.

    • > DNS > Click on Send!

      • At this time, DNS query is sent with the contents set so far.

  3. Monitor

    • Find records where Proto: DNS and DstIP or SrcIP is 1.1.1.1. Select each record to see the packet structure of the DNS query and the packet structure of the DNS response.

      • List

      • DNS query (DstIP: 1.1.1.1)

      • DNS response (SrcIP: 1.1.1.1)

Another feature

⚠️ Might be repealed

The local node's browser can monitor packets from remote nodes or send arbitrary packets from remote nodes.

                                         +-------------------------------------+
+----------------------+                 | REMOTE NODE                         |
| LOCAL NODE (Browser) |                 | $ sudo packemon-api --interface xxx |
|  Monitor   <---------|-- WebSocket   --|--> HTTP GET  /ws  <-----+           |
|  Generator  ---------|-- POST packet --|--> HTTP POST /packet    |           |
+----------------------+                 |      -> parse packet    |           |                  +---------------+
                                         |           -> Network Interface -----|-- Send packet -->| TARGET NODE x |
                                         +-------------------------------------+                  |               |
                                                                                                  +---------------+

  • Remote node

  • Local node

[!WARNING] Please note that the following is dangerous.

The following procedure is an example of how you can expose packemon-api to the outside world and monitor and send remote node packets on your browser.

  1. (REMOTE) Please install packemon-api and run. 
    $ go install github.com/ddddddO/packemon/cmd/packemon-api@latest
$ sudo packemon-api --interface wlan0
  2. (REMOTE) Run ngrok and note the URL to be paid out. 
    $ ngrok http 8082
  3. (LOCAL) Enter the dispensed URL into your browser and you will be able to monitor and send packets to remote node.

Acknowledgment

Document

Stargazers over time

Stargazers over time

Log (japanese)

xxx
動作確認
Raspberry Piで簡易http server
pi@raspberrypi:~ $ sudo go run main.go
パケットキャプチャ
$ sudo tcpdump -U -i eth0 -w - | /mnt/c/Program\ Files/Wireshark/Wireshark.exe -k -i -

  • 受信画面

    $ sudo go run cmd/packemon/main.go

  • 送信画面

    $ sudo go run cmd/packemon/main.go --send

  • 単発フレーム送信コマンド(e.g. ARP request)

    $ sudo go run cmd/packemon/main.go --debug --send --proto arp
TLS version 指定でリクエスト
# TLS v1.2 でリクエスト
$ curl -k -s -v --tls-max 1.2 https://192.168.10.112:10443

# TLS v1.3 でリクエスト
$ curl -k -s -v --tls-max 1.3 https://192.168.10.112:10443

# TLS v1.3 で cipher suites を指定してリクエスト(ただし、Client Hello の Cipher Suites のリストが、その指定のみになるわけではなく、一番上(最優先)にくるというもの(パケットキャプチャで確認))
$ curl -k -s -v --tls-max 1.3 --tls13-ciphers "TLS_CHACHA20_POLY1305_SHA256" https://192.168.10.112:10443
手軽にブロードキャスト
$ arping -c 1 1.2.3.4
ARPING 1.2.3.4 from 172.23.242.78 eth0
Sent 1 probes (1 broadcast(s))
Received 0 response(s)
tcpでdns
$ nslookup -vc github.com
ipv6でping

どうするか

$ ip -6 route
$ ping -c 1 fe80::1
自前実装の tcp 3way handshake
$ sudo go run cmd/packemon/main.go --send --debug --proto tcp-3way-http
動作確認の様子
xxx

  • Ethernetフレームのみ作って送信(77c9149 でコミットしたファイルにて)

  • ARPリクエストを作って送信(390f266 でコミットしたファイルにて。中身はめちゃくちゃと思うけど)

  • ARPリクエストを受信してパース(b6a025a でコミット)

Documentation

Index

Constants

View Source 
const (
	ARP_OPERATION_CODE_REQUEST = 0x0001
	ARP_OPERATION_CODE_REPLY   = 0x0002
)
View Source 
const (
	DNS_QR_REQUEST  = 0 << 15 // 0
	DNS_QR_RESPONSE = 1 << 15 // 1000 0000 0000 0000
)

https://datatracker.ietf.org/doc/html/rfc1035#section-4.1.1 の「QR」 関連: https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-5 の「Opcode」の逆引きは廃止(IQuery (Inverse Query, OBSOLETE))

View Source 
const (
	DNS_QUERY_TYPE_A    = 0x0001
	DNS_QUERY_TYPE_AAAA = 0x001c
)
View Source 
const (
	PORT_HTTP  = 0x0050
	PORT_HTTPS = 0x01bb // 443
)
View Source 
const (
	IPv4_PROTO_ICMP uint8 = 0x01
	IPv4_PROTO_TCP  uint8 = 0x06
	IPv4_PROTO_UDP  uint8 = 0x11
)
View Source 
const (
	IPv6_NEXT_HEADER_TCP    = IPv4_PROTO_TCP
	IPv6_NEXT_HEADER_UDP    = IPv4_PROTO_UDP
	IPv6_NEXT_HEADER_ICMPv6 = 0x3a
)

TODO: IPv4 と同じものは、IPv4_PROTO_HOGE 使っていいかも

View Source 
const (
	TCP_FLAGS_SYN         = 0x02
	TCP_FLAGS_SYN_ACK     = 0x12
	TCP_FLAGS_ACK         = 0x10
	TCP_FLAGS_FIN_ACK     = 0x11
	TCP_FLAGS_PSH_ACK     = 0x18 // データを上位層へ渡してという信号
	TCP_FLAGS_FIN_PSH_ACK = 0x19
)
View Source 
const ARP_HARDWARE_TYPE_THERNET = 0x0001
View Source 
const ARP_PROTO_TYPE_IPv4 = 0x0800
View Source 
const COMMAND_IP = "ip"
View Source 
const COMPRESSION_METHOD_NULL = 0x00
View Source 
const (
	DNS_QUERY_CLASS_IN = 0x0001
)
View Source 
const ETHER_TYPE_ARP uint16 = 0x0806
View Source 
const ETHER_TYPE_IPv4 uint16 = 0x0800
View Source 
const ETHER_TYPE_IPv6 uint16 = 0x86dd
View Source 
const (
	ICMP_TYPE_REQUEST = 0x08
)
View Source 
const IP_PAYLOAD_MAX_LENGTH = 1500 - 14 // =1486byte(IPヘッダ含む。14byteはEthernetヘッダ分)
View Source 
const PORT_DNS = 0x0035 // 53
View Source 
const TLS_CONTENT_TYPE_ALERT = 0x15
View Source 
const TLS_CONTENT_TYPE_APPLICATION_DATA = 0x17
View Source 
const TLS_CONTENT_TYPE_CHANGE_CIPHER_SPEC = 0x14
View Source 
const TLS_CONTENT_TYPE_HANDSHAKE = 0x16
View Source 
const TLS_HANDSHAKE_TYPE_CHANGE_CIPHER_SPEC = 0x14
View Source 
const TLS_HANDSHAKE_TYPE_CLIENT_HELLO = 0x01
View Source 
const TLS_HANDSHAKE_TYPE_CLIENT_KEY_EXCHANGE = 0x10
View Source 
const TLS_HANDSHAKE_TYPE_FINISHED = 0x14
View Source 
const TLS_HANDSHAKE_TYPE_SERVER_HELLO = 0x02

Variables

View Source 
var IPv4Protocols = map[uint8]string{
	IPv4_PROTO_ICMP: "ICMP",
	IPv4_PROTO_TCP:  "TCP",
	IPv4_PROTO_UDP:  "UDP",
}
View Source 
var KeyLable = []byte("key expansion")
View Source 
var MasterSecretLable = []byte("master secret")
View Source 
var TLS_EXTENSION_SUPPORTED_VERSIONS = []byte{0x00, 0x2b}
View Source 
var TLS_EXTENSION_TYPE_KEY_SHARE = []byte{0x0, 0x33}
View Source 
var TLS_VERSION_1_0 = []byte{0x03, 0x01}
View Source 
var TLS_VERSION_1_1 = []byte{0x03, 0x02}
View Source 
var TLS_VERSION_1_2 = []byte{0x03, 0x03}
View Source 
var TLS_VERSION_1_3 = []byte{0x03, 0x04}
View Source 
var TLSv13_ClientapTraffic = []byte(`c ap traffic`)
View Source 
var TLSv13_ClienthsTraffic = []byte(`c hs traffic`)
View Source 
var TLSv13_DerivedLabel = []byte(`derived`)
View Source 
var TLSv13_FinishedLabel = []byte(`finished`)
View Source 
var TLSv13_ServerapTraffic = []byte(`s ap traffic`)
View Source 
var TLSv13_ServerhsTraffic = []byte(`s hs traffic`)

Functions

func DecryptApplicationData added in v1.3.2 

func DecryptApplicationData(encryptedText []byte, keyBlock *KeyBlock, clientSequence int) []byte

func DecryptChacha20 added in v1.4.0 

func DecryptChacha20(header []byte, chipertext []byte, tlsConn *TLSv12Connection) []byte

こちらも拝借させてもらってる ref: https://github.com/sat0ken/go-tcpip/blob/7dd5085f8aa25747a6098cc7d8d8e336ec5fcadd/tls1_3.go#L88

func EncryptChacha20 added in v1.4.0 

func EncryptChacha20(message []byte, tlsConn *TLSv12Connection) []byte

func EncryptClientMessageForAlert added in v1.3.2 

func EncryptClientMessageForAlert(keyblock *KeyBlock, clientSequence int, plaintext []byte) ([]byte, int)

TODO: 上の encryptClientMessage と共通化を

func EstablishConnectionAndSendPayload 

func EstablishConnectionAndSendPayload(nwInterface string, dstIPAddr []byte, dstPort uint16, payload []byte) error

with tcp 3 way handshake

func EstablishConnectionAndSendPayloadXxx added in v0.0.3 

func EstablishConnectionAndSendPayloadXxx(ctx context.Context, nwInterface string, fEthrh *EthernetHeader, fIpv4 *IPv4, fTcp *TCP, upperLayerData []byte) error

このなかで、ログ出力などしないこと。Monitor の下に出てくる 挙動を詳細に確認する場合は、internal内の SendTCP3wayhandshake 関数でやること TODO: 対向からRST,RST/ACKが来た時にreturnするようにする

func EstablishConnectionAndSendPayloadXxxForIPv6 added in v1.1.0 

func EstablishConnectionAndSendPayloadXxxForIPv6(ctx context.Context, nwInterface string, fEthrh *EthernetHeader, fIpv6 *IPv6, fTcp *TCP, upperLayerData []byte) error

func EstablishTCPTLSv1_2AndSendPayload added in v1.3.0 

func EstablishTCPTLSv1_2AndSendPayload(ctx context.Context, nwInterface string, fEthrh *EthernetHeader, fIpv4 *IPv4, fTcp *TCP, upperLayerData []byte) error

TCP 3way handshake と TLSv1.2 の handshake 後にリクエストする関数

func EstablishTCPTLSv1_2AndSendPayloadForIPv6 added in v1.3.2 

func EstablishTCPTLSv1_2AndSendPayloadForIPv6(ctx context.Context, nwInterface string, fEthrh *EthernetHeader, fIpv6 *IPv6, fTcp *TCP, upperLayerData []byte) error

TCP 3way handshake と TLSv1.2 の handshake 後にリクエストする関数(IPv6用)

func EstablishTCPTLSv1_3AndSendPayload added in v1.4.0 

func EstablishTCPTLSv1_3AndSendPayload(ctx context.Context, nwInterface string, fEthrh *EthernetHeader, fIpv4 *IPv4, fTcp *TCP, upperLayerData []byte) error

TCP 3way handshake と TLSv1.3 の handshake 後にリクエストする関数

func ExecCommand 

func ExecCommand(command string, args ...string) (string, error)

func ExecIP 

func ExecIP(args ...string) (string, error)

func ExecIPNeigh 

func ExecIPNeigh(args ...string) (string, error)

func ExecIPRoute 

func ExecIPRoute(args ...string) (string, error)

func GetDefaultRouteIP 

func GetDefaultRouteIP() (string, error)

func GetDefaultRouteMAC 

func GetDefaultRouteMAC() (string, error)

func IsDNSRequest added in v1.0.8 

func IsDNSRequest(flags uint16) bool

func IsDNSResponse added in v1.0.8 

func IsDNSResponse(flags uint16) bool

func NewTLSApplicationData added in v1.0.3 

func NewTLSApplicationData(data []byte, keyblock *KeyBlock, clientSequence int) []byte

func NewTLSClientKeyExchangeAndChangeCipherSpecAndFinished added in v1.0.3 

func NewTLSClientKeyExchangeAndChangeCipherSpecAndFinished(clientHello *TLSClientHello, serverHello *TLSServerHello) (*TLSClientKeyExchange, *KeyBlock, int, []byte, []byte)

func Options 

func Options() []byte

synパケットの中を覗いて下

func OptionsOfAck 

func OptionsOfAck() []byte

synパケットの中を覗いて下

func OptionsOfhttp 

func OptionsOfhttp() []byte

http getリクエスト時のtcp optionを覗いて https://atmarkit.itmedia.co.jp/ait/articles/0401/29/news080_2.html 「オプション」フィールド:32bit単位で可変長

func ParsedTLSToPassive added in v1.3.0 

func ParsedTLSToPassive(tcp *TCP, p *Passive)

func SendEncryptedApplicationData added in v1.4.0 

func SendEncryptedApplicationData(upperLayerData []byte, prevTCP *TCP, srcIPAddr uint32, dstIPAddr uint32, dstMACAddr HardwareAddr, srcMACAddr HardwareAddr, fEthrh *EthernetHeader, nw *NetworkInterface, tlsConn *TLSv12Connection, tcpConn *TCPConnection) error

func SendTLSClientHello added in v1.3.0 

func SendTLSClientHello(nw *NetworkInterface, clientHello *TLSClientHello, srcPort, dstPort uint16, srcIPAddr uint32, dstIPAddr uint32, firsthopMACAddr [6]byte, prevSequence uint32, prevAcknowledgment uint32) error

func SendTLSClientHelloForIPv6 added in v1.3.2 

func SendTLSClientHelloForIPv6(nw *NetworkInterface, clientHello *TLSClientHello, srcPort, dstPort uint16, srcIPAddr []uint8, dstIPAddr []uint8, firsthopMACAddr [6]byte, prevSequence uint32, prevAcknowledgment uint32) error

func StrHexToBytes added in v1.0.0 

func StrHexToBytes(s string) ([]byte, error)

TODO: rename or refactor

func StrHexToBytes2 added in v1.0.0 

func StrHexToBytes2(s string) ([]byte, error)

TODO: rename or refactor

func StrHexToBytes3 added in v1.0.0 

func StrHexToBytes3(s string) (byte, error)

TODO: rename or refactor

func StrIPToBytes added in v1.0.0 

func StrIPToBytes(s string) ([]byte, error)

stringのIPv4アドレスをbytesに変換

func StrIntToUint16 added in v1.0.0 

func StrIntToUint16(s string) (uint16, error)

func UintTo2byte added in v1.4.0 

func UintTo2byte(data uint16) []byte

func WriteHash added in v1.4.0 

func WriteHash(message []byte) []byte

func WriteUint16 

func WriteUint16(buf *bytes.Buffer, target uint16)

func WriteUint32 

func WriteUint32(buf *bytes.Buffer, target uint32)

Types

type ARP 

type ARP struct {
	HardwareType       uint16
	ProtocolType       uint16
	HardwareAddrLength uint8
	ProtocolLength     uint8
	Operation          uint16

	SenderHardwareAddr HardwareAddr
	SenderIPAddr       uint32

	TargetHardwareAddr HardwareAddr
	TargetIPAddr       uint32
}

https://ja.wikipedia.org/wiki/Address_Resolution_Protocol#%E3%83%91%E3%82%B1%E3%83%83%E3%83%88%E6%A7%8B%E9%80%A0 https://beginners-network.com/supplement/arp_packet_format.html

func NewARPReply added in v1.0.0 

func NewARPReply(sMACAdder HardwareAddr, sIPAddr uint32, tMACAddr HardwareAddr, tIPAddr uint32) *ARP

func NewARPRequest added in v1.0.0 

func NewARPRequest(sMACAdder HardwareAddr, sIPAddr uint32, tMACAddr HardwareAddr, tIPAddr uint32) *ARP

func ParsedARP 

func ParsedARP(payload []byte) *ARP

func (*ARP) Bytes 

func (a *ARP) Bytes() []byte

type Answer 

type Answer struct {
	Name       uint16
	Typ        uint16
	Class      uint16
	Ttl        uint32
	DataLength uint16
	Address    uint32
}

type Certificate added in v1.0.3 

type Certificate struct {
	RecordLayer        *TLSRecordLayer
	HandshakeProtocol  *TLSHandshakeProtocol
	CertificatesLength []byte
	Certificates       []byte // TODO: ここ更にフィールドあった
	// contains filtered or unexported fields
}

func (*Certificate) Bytes added in v1.0.3 

func (c *Certificate) Bytes() []byte

func (*Certificate) ServerPublicKey added in v1.0.3 

func (c *Certificate) ServerPublicKey() *rsa.PublicKey

func (*Certificate) Validate added in v1.0.3 

func (c *Certificate) Validate() error

ref: https://zenn.dev/satoken/articles/golang-tls1_2#serverhello%2C-certificate%2C-serverhellodone

type CertificateVerify added in v1.4.0 

type CertificateVerify struct {
	HandshakeType           byte
	Length                  []byte
	SignatureHashAlgorithms []byte
	SignatureLength         []byte
	Signature               []byte
}

func (*CertificateVerify) VerifyServerCertificate added in v1.4.0 

func (c *CertificateVerify) VerifyServerCertificate(pubkey *rsa.PublicKey, handshake_messages []byte) error

ref: https://github.com/sat0ken/go-tcpip/blob/7dd5085f8aa25747a6098cc7d8d8e336ec5fcadd/tls1_3.go#L285

type ChangeCipherSpecAndFinished added in v1.0.3 

type ChangeCipherSpecAndFinished struct {
	ChangeCipherSpecProtocol *ChangeCipherSpecProtocol
	Finished                 *Finished
}

func ParsedTLSChangeCipherSpecAndFinished added in v1.0.3 

func ParsedTLSChangeCipherSpecAndFinished(b []byte, keyblock *KeyBlock, clientSequenceNum int, verifyingData *ForVerifing) *ChangeCipherSpecAndFinished

これは、自作 tls handshake 用で、Monitor に表示するためのものではない

type ChangeCipherSpecProtocol added in v1.0.3 

type ChangeCipherSpecProtocol struct {
	RecordLayer             *TLSRecordLayer
	ChangeCipherSpecMessage []byte
}

func ParsedChangeCipherSpec added in v1.4.0 

func ParsedChangeCipherSpec(b []byte) (*ChangeCipherSpecProtocol, int)

func (*ChangeCipherSpecProtocol) Bytes added in v1.0.3 

func (cc *ChangeCipherSpecProtocol) Bytes() []byte

type ClientKeyExchange added in v1.0.3 

type ClientKeyExchange struct {
	RecordLayer                 *TLSRecordLayer
	HandshakeProtocol           *TLSHandshakeProtocol
	RSAEncryptedPreMasterSecret *RSAEncryptedPreMasterSecret
}

func (*ClientKeyExchange) Bytes added in v1.0.3 

func (c *ClientKeyExchange) Bytes() []byte

type DNS 

type DNS struct {
	TransactionID uint16
	Flags         uint16 // TODO: ここにビット単位で意味があるから、structにして管理したい
	Questions     uint16
	AnswerRRs     uint16
	AuthorityRRs  uint16
	AdditionalRRs uint16
	Queries       *Queries
	Answers       []*Answer
}

https://atmarkit.itmedia.co.jp/ait/articles/1601/29/news014.html 上記とパケットキャプチャ見てイメージがつく、domain

func ParsedDNSRequest 

func ParsedDNSRequest(payload []byte) *DNS

func ParsedDNSResponse 

func ParsedDNSResponse(payload []byte) *DNS

func (*DNS) Bytes 

func (d *DNS) Bytes() []byte

func (*DNS) Domain 

func (d *DNS) Domain(domain string)

type ECDHEKeys added in v1.4.0 

type ECDHEKeys struct {
	PrivateKey []byte
	PublicKey  []byte
	SharedKey  []byte
}

type EncryptedHandshakeMessage added in v1.0.3 

type EncryptedHandshakeMessage struct {
	RecordLayer                *TLSRecordLayer
	EncryptedHandshakeMessage_ []byte
}

func (*EncryptedHandshakeMessage) Bytes added in v1.0.3 

func (e *EncryptedHandshakeMessage) Bytes() []byte

type EthernetFrame 

type EthernetFrame struct {
	Header *EthernetHeader
	Data   []byte
}

func NewEthernetFrame 

func NewEthernetFrame(dst HardwareAddr, src HardwareAddr, typ uint16, payload []byte) *EthernetFrame

func ParsedEthernetFrame 

func ParsedEthernetFrame(b []byte) *EthernetFrame

func (*EthernetFrame) Bytes 

func (ef *EthernetFrame) Bytes() []byte

type EthernetHeader 

type EthernetHeader struct {
	Dst HardwareAddr
	Src HardwareAddr
	Typ uint16
}

type Finished added in v1.0.3 

type Finished struct {
	RecordLayer *TLSRecordLayer

	RawEncrypted []byte
}

type FinishedMessage added in v1.4.0 

type FinishedMessage struct {
	HandshakeType byte
	Length        []byte
	VerifyData    []byte
}

func (*FinishedMessage) Bytes added in v1.4.0 

func (f *FinishedMessage) Bytes() []byte

type ForVerifing added in v1.0.3 

type ForVerifing struct {
	Master            []byte
	ClientHello       *TLSClientHello
	ServerHello       *TLSServerHello
	ClientKeyExchange *ClientKeyExchange
	ClientFinished    []byte // 暗号化前の
}

type HTTP 

type HTTP struct {
	Method        string
	Uri           string
	Version       string
	Host          string
	UserAgent     string
	Accept        string
	ContentLength string

	Body string
}

func NewHTTP 

func NewHTTP() *HTTP

func ParsedHTTPRequest 

func ParsedHTTPRequest(payload []byte) *HTTP

func (*HTTP) Bytes 

func (h *HTTP) Bytes() []byte

type HTTPResponse 

type HTTPResponse struct {
	StatusLine string
	Header     *HTTPResponseHeader
	Body       []byte
	// contains filtered or unexported fields
}

func ParsedHTTPResponse 

func ParsedHTTPResponse(payload []byte) *HTTPResponse

TODO: 多分このあたりバグってる。Monitor の http response の hexadecimal dump と Wireshark で異なる TODO: panic になることある

func (*HTTPResponse) Bytes added in v1.0.7 

func (hr *HTTPResponse) Bytes() []byte

func (*HTTPResponse) Len added in v0.0.3 

func (h *HTTPResponse) Len() int

type HTTPResponseHeader added in v0.0.3 

type HTTPResponseHeader struct {
	Date          string
	ContentLength int
	ContentType   string
}

func (*HTTPResponseHeader) Bytes added in v1.0.7 

func (hrh *HTTPResponseHeader) Bytes() []byte

type HardwareAddr 

type HardwareAddr [6]uint8

func (*HardwareAddr) String added in v1.0.0 

func (h *HardwareAddr) String() string

type ICMP 

type ICMP struct {
	Typ        uint8
	Code       uint8
	Checksum   uint16
	Identifier uint16
	Sequence   uint16
	Data       []byte
}

https://www.infraexpert.com/study/tcpip4.html https://inc0x0.com/icmp-ip-packets-ping-manually-create-and-send-icmp-ip-packets/

func NewICMP 

func NewICMP() *ICMP

icmp request

func ParsedICMP 

func ParsedICMP(payload []byte) *ICMP

func (*ICMP) Bytes 

func (i *ICMP) Bytes() []byte

func (*ICMP) CalculateChecksum 

func (i *ICMP) CalculateChecksum() uint16

copy from https://cs.opensource.google/go/x/net/+/master:icmp/message.go

type IPv4 

type IPv4 struct {
	Version        uint8  // 4bit
	Ihl            uint8  // 4bit. hearder length
	Tos            uint8  // 8bit. type of service
	TotalLength    uint16 // 16bit. total length
	Identification uint16 // 16bit
	Flags          uint8  // 3bit
	FragmentOffset uint16 // 13bit
	Ttl            uint8  // 8bit
	Protocol       uint8  // 8bit
	HeaderChecksum uint16 // 16bit
	SrcAddr        uint32 // 32bit
	DstAddr        uint32 // 32bit

	Options []uint8
	Padding []uint8

	Data []byte
}

https://www.infraexpert.com/study/tcpip1.html

func NewIPv4 added in v0.0.3 

func NewIPv4(protocol uint8, srcAddr uint32, dstAddr uint32) *IPv4

func ParsedIPv4 

func ParsedIPv4(payload []byte) *IPv4

func (*IPv4) Bytes 

func (i *IPv4) Bytes() []byte

func (*IPv4) CalculateChecksum 

func (i *IPv4) CalculateChecksum()

TODO: ここだけではないけど要refactor

func (*IPv4) CalculateTotalLength 

func (i *IPv4) CalculateTotalLength()

func (*IPv4) StrDstIPAddr added in v1.0.0 

func (i *IPv4) StrDstIPAddr() string

func (*IPv4) StrSrcIPAddr added in v1.0.0 

func (i *IPv4) StrSrcIPAddr() string

type IPv6 added in v0.0.2 

type IPv6 struct {
	Version       uint8 // 4bit
	TrafficClass  uint8
	FlowLabel     uint32 // 20bit
	PayloadLength uint16
	NextHeader    uint8
	HopLimit      uint8
	SrcAddr       []uint8
	DstAddr       []uint8

	Option []uint8

	Data []byte
}

rfc: https://datatracker.ietf.org/doc/html/rfc8200#page-6 https://atmarkit.itmedia.co.jp/ait/articles/1201/05/news113.html ↑ によると、「TrafficClass」の前半4bitに拡張ヘッダ(Option)までの長さ入ってるっぽいけど https://datatracker.ietf.org/doc/html/rfc8200#section-4 によると、「NextHeader」の種類ごとに、拡張ヘッダー(Option)があるかどうかみたいなのがわかるっぽい? ちなみに、NextHeader は、IPv4 の Protocol と同じ値みたい

func NewIPv6 added in v1.1.0 

func NewIPv6(protocol uint8, srcAddr []uint8, dstAddr []uint8) *IPv6

func ParsedIPv6 added in v0.0.2 

func ParsedIPv6(payload []byte) *IPv6

func (*IPv6) Bytes added in v1.1.0 

func (i *IPv6) Bytes() []byte

func (*IPv6) PseudoHeader added in v1.1.0 

func (i *IPv6) PseudoHeader(upperLayerLength uint32) []byte

上位レイヤのチェックサムを求めるための ref: https://datatracker.ietf.org/doc/html/rfc8200#section-8.1

func (*IPv6) StrDstIPAddr added in v1.0.0 

func (i *IPv6) StrDstIPAddr() string

func (*IPv6) StrSrcIPAddr added in v1.0.0 

func (i *IPv6) StrSrcIPAddr() string

type KeyBlock added in v1.0.3 

type KeyBlock struct {
	ClientWriteKey []byte
	ServerWriteKey []byte
	ClientWriteIV  []byte
	ServerWriteIV  []byte
}

type KeyBlockForTLSv13 added in v1.4.0 

type KeyBlockForTLSv13 struct {
	ClientFinishedKey []byte

	ServerFinishedKey []byte
	// contains filtered or unexported fields
}

type Mss 

type Mss struct {
	Kind   uint8
	Length uint8
	Value  uint16
}

type NetworkInterface 

type NetworkInterface struct {
	Intf       *net.Interface
	Socket     int // file discripter
	SocketAddr unix.SockaddrLinklayer
	IPAdder    uint32

	PassiveCh chan *Passive
}

func NewNetworkInterface 

func NewNetworkInterface(nwInterface string) (*NetworkInterface, error)

func (*NetworkInterface) Close 

func (nw *NetworkInterface) Close() error

func (*NetworkInterface) Recieve 

func (nw *NetworkInterface) Recieve(ctx context.Context) error

func (*NetworkInterface) Send 

func (nw *NetworkInterface) Send(ethernetFrame *EthernetFrame) error

type NetworkInterfaceForTCP 

type NetworkInterfaceForTCP struct {
	Socket int
}

func NewNetworkInterfaceForTCP 

func NewNetworkInterfaceForTCP(nwInterface string) (*NetworkInterfaceForTCP, error)

func (*NetworkInterfaceForTCP) Close 

func (nwt *NetworkInterfaceForTCP) Close() error

func (*NetworkInterfaceForTCP) Connect 

func (nwt *NetworkInterfaceForTCP) Connect(dstIPAddr []byte, dstPort uint16) error

func (*NetworkInterfaceForTCP) Read 

func (nwt *NetworkInterfaceForTCP) Read(buf []byte) (int, error)

func (*NetworkInterfaceForTCP) Write 

func (nwt *NetworkInterfaceForTCP) Write(tcpPayload []byte) (int, error)

type NoOperation 

type NoOperation struct {
	Kind uint8
}

type Passive 

type Passive struct {
	HTTPRes                                         *HTTPResponse
	HTTP                                            *HTTP
	TLSClientHello                                  *TLSClientHello
	TLSServerHello                                  *TLSServerHello
	TLSServerHelloFor1_3                            *TLSServerHelloFor1_3 // TODO: まとめたい
	TLSClientKeyExchange                            *TLSClientKeyExchange
	TLSChangeCipherSpecAndEncryptedHandshakeMessage *TLSChangeCipherSpecAndEncryptedHandshakeMessage
	TLSApplicationData                              *TLSApplicationData
	TLSEncryptedAlert                               *TLSEncryptedAlert
	DNS                                             *DNS
	TCP                                             *TCP
	UDP                                             *UDP
	ICMP                                            *ICMP
	IPv4                                            *IPv4
	IPv6                                            *IPv6
	ARP                                             *ARP
	EthernetFrame                                   *EthernetFrame
}

func ParsedPacket 

func ParsedPacket(recieved []byte) (passive *Passive)

func (*Passive) HighLayerProto 

func (p *Passive) HighLayerProto() string

type Queries 

type Queries struct {
	Domain     []uint8
	Typ        uint16
	Class      uint16
	Ttl        uint32
	DataLength uint16
}

TODO: 個別にQueryで定義してスライスで持つようにする

type RSAEncryptedPreMasterSecret added in v1.0.3 

type RSAEncryptedPreMasterSecret struct {
	EncryptedPreMasterLength []byte
	EncryptedPreMaster       []byte
}

func (*RSAEncryptedPreMasterSecret) Bytes added in v1.0.3 

func (r *RSAEncryptedPreMasterSecret) Bytes() []byte

type SackPermitted 

type SackPermitted struct {
	Kind   uint8
	Length uint8
}

type ServerHello added in v1.0.3 

type ServerHello struct {
	RecordLayer       *TLSRecordLayer
	HandshakeProtocol *TLSHandshakeProtocol
}

func ParsedTLSServerHelloOnly added in v1.4.0 

func ParsedTLSServerHelloOnly(b []byte) (*ServerHello, int)

TLS1.2/1.3 共通

func (*ServerHello) Bytes added in v1.0.3 

func (s *ServerHello) Bytes() []byte

type ServerHelloDone added in v1.0.3 

type ServerHelloDone struct {
	RecordLayer       *TLSRecordLayer
	HandshakeProtocol *TLSHandshakeProtocol
}

func (*ServerHelloDone) Bytes added in v1.0.3 

func (sd *ServerHelloDone) Bytes() []byte

type TCP 

type TCP struct {
	SrcPort        uint16
	DstPort        uint16
	Sequence       uint32
	Acknowledgment uint32

	// Data Offset (DOffset)(4bit. TCPヘッダ長. 32bit整数倍) と Reserved (Rsrvd)(4bit. すべて0)
	// ref: https://www.rfc-editor.org/rfc/rfc9293.html#section-3.1
	HeaderLength uint8

	// Control bits(8bit)
	// ref: https://www.rfc-editor.org/rfc/rfc9293.html#section-3.1-6.14.1
	Flags uint8

	Window        uint16
	Checksum      uint16
	UrgentPointer uint16
	Options       []byte // optionsをセットする用の関数あった方がいいかも?

	Data []byte
}

func NewTCPAck 

func NewTCPAck(srcPort, dstPort uint16, prevSequence uint32, prevAcknowledgment uint32) *TCP

tcpパケット連続で送るときは port 変えること

func NewTCPAckForPassiveData added in v0.0.3 

func NewTCPAckForPassiveData(srcPort, dstPort uint16, prevSequence uint32, prevAcknowledgment uint32, tcpPayloadLength int) *TCP

tcpパケット連続で送るときは port 変えること

func NewTCPFinAck added in v0.0.3 

func NewTCPFinAck(srcPort, dstPort uint16, prevSequence uint32, prevAcknowledgment uint32) *TCP

tcpパケット連続で送るときは port 変えること

func NewTCPSyn 

func NewTCPSyn(srcPort, dstPort uint16) *TCP

tcpパケット単発で連続で送るときは port/sequence 変えること

func NewTCPWithData 

func NewTCPWithData(srcPort, dstPort uint16, data []byte, prevSequence uint32, prevAcknowledgment uint32) *TCP

tcpパケット連続で送るときは port 変えること

func ParsedTCP 

func ParsedTCP(payload []byte) *TCP

func (*TCP) Bytes 

func (t *TCP) Bytes() []byte

https://www.infraexpert.com/study/tcpip8.html

func (*TCP) CalculateChecksum added in v0.0.3 

func (t *TCP) CalculateChecksum(ipv4 *IPv4)

https://atmarkit.itmedia.co.jp/ait/articles/0401/29/news080_2.html 「「チェックサム」フィールド:16bit幅」

func (*TCP) CalculateChecksumForIPv6 added in v1.1.0 

func (t *TCP) CalculateChecksumForIPv6(ipv6 *IPv6)

type TCPConnection added in v1.3.2 

type TCPConnection struct {
	SrcPort uint16
	DstPort uint16
	// contains filtered or unexported fields
}

func NewTCPConnection added in v1.3.2 

func NewTCPConnection(SrcPort uint16, DstPort uint16) *TCPConnection

func (*TCPConnection) Close added in v1.3.2 

func (conn *TCPConnection) Close()

func (*TCPConnection) EstablishedConnection added in v1.3.2 

func (conn *TCPConnection) EstablishedConnection()

func (*TCPConnection) IsPassiveAck added in v1.3.2 

func (conn *TCPConnection) IsPassiveAck(tcp *TCP) bool

func (*TCPConnection) IsPassiveFinAck added in v1.3.2 

func (conn *TCPConnection) IsPassiveFinAck(tcp *TCP) bool

func (*TCPConnection) IsPassivePshAck added in v1.3.2 

func (conn *TCPConnection) IsPassivePshAck(tcp *TCP) bool

func (*TCPConnection) IsPassiveSynAckForHandshake added in v1.3.2 

func (conn *TCPConnection) IsPassiveSynAckForHandshake(tcp *TCP) bool

func (*TCPConnection) SetState added in v1.3.2 

func (conn *TCPConnection) SetState(state TCPState)

type TCPState added in v1.3.2 

type TCPState int
const (
	TCP_STATE_INIT TCPState = iota
	TCP_STATE_3WAY_HANDSHAKE_SEND_SYN
	TCP_STATE_3WAY_HANDSHAKE_PASSIVE_SYNACK
	TCP_STATE_3WAY_HANDSHAKE_SEND_ACK // = established tcp connection
	TCP_STATE_PASSIVE_PSHACK          // = データ受信
	TCP_STATE_SEND_FINACK             // = tcp connection を終えたい
	TCP_STATE_PASSIVE_FINACK
	TCP_STATE_SEND_ACK
)

type TLSApplicationData added in v1.0.3 

type TLSApplicationData struct {
	RecordLayer              *TLSRecordLayer
	EncryptedApplicationData []byte
}

func ParsedTLSApplicationData added in v1.3.0 

func ParsedTLSApplicationData(b []byte) *TLSApplicationData

func (*TLSApplicationData) Bytes added in v1.0.3 

func (a *TLSApplicationData) Bytes() []byte

type TLSChangeCipherSpecAndEncryptedHandshakeMessage added in v1.3.0 

type TLSChangeCipherSpecAndEncryptedHandshakeMessage struct {
	ChangeCipherSpecProtocol  *ChangeCipherSpecProtocol
	EncryptedHandshakeMessage *EncryptedHandshakeMessage
}

サーバから来る

func ParsedTLSChangeCipherSpecAndEncryptedHandshakeMessage added in v1.3.0 

func ParsedTLSChangeCipherSpecAndEncryptedHandshakeMessage(b []byte) *TLSChangeCipherSpecAndEncryptedHandshakeMessage

これは、Monitor 表示用に、受信したものをただパースする関数

func (*TLSChangeCipherSpecAndEncryptedHandshakeMessage) Bytes added in v1.3.0 

func (t *TLSChangeCipherSpecAndEncryptedHandshakeMessage) Bytes() []byte

type TLSClientHello added in v1.0.3 

type TLSClientHello struct {
	RecordLayer       *TLSRecordLayer
	HandshakeProtocol *TLSHandshakeProtocol

	// TODO: これがこのstruct内にあるのはおかしく、一旦実装を簡単にするため置いてるだけ。要リファクタ
	ECDHEKeys *ECDHEKeys
}

func NewTLSClientHello added in v1.0.3 

func NewTLSClientHello(tlsVersion []byte, cipherSuites ...uint16) *TLSClientHello

TODO: tls1.3 用のと汎用的に

func ParsedTLSClientHello added in v1.3.0 

func ParsedTLSClientHello(b []byte) *TLSClientHello

func (*TLSClientHello) Bytes added in v1.0.3 

func (tch *TLSClientHello) Bytes() []byte

type TLSClientKeyExchange added in v1.0.3 

type TLSClientKeyExchange struct {
	ClientKeyExchange         *ClientKeyExchange
	ChangeCipherSpecProtocol  *ChangeCipherSpecProtocol
	EncryptedHandshakeMessage []byte
}

func ParsedTLSClientKeyexchange added in v1.3.0 

func ParsedTLSClientKeyexchange(b []byte) *TLSClientKeyExchange

func (*TLSClientKeyExchange) Bytes added in v1.0.3 

func (tlsclientkeyexchange *TLSClientKeyExchange) Bytes() []byte

type TLSEncryptedAlert added in v1.3.0 

type TLSEncryptedAlert struct {
	RecordLayer  *TLSRecordLayer
	AlertMessage []byte
}

func ParsedTLSEncryptedAlert added in v1.3.0 

func ParsedTLSEncryptedAlert(b []byte) *TLSEncryptedAlert

func (*TLSEncryptedAlert) Bytes added in v1.3.0 

func (t *TLSEncryptedAlert) Bytes() []byte

type TLSExtension added in v1.4.0 

type TLSExtension struct {
	Type   []byte
	Length []byte
	Data   []byte
}

func (*TLSExtension) Bytes added in v1.4.0 

func (e *TLSExtension) Bytes() []byte

func (*TLSExtension) IsTLS13 added in v1.4.0 

func (e *TLSExtension) IsTLS13() bool

type TLSExtensions added in v1.4.0 

type TLSExtensions []*TLSExtension

func ParsedTLSExtensions added in v1.4.0 

func ParsedTLSExtensions(extensionsLength int, b []byte) TLSExtensions

func (TLSExtensions) Bytes added in v1.4.0 

func (es TLSExtensions) Bytes() []byte

type TLSHandshakeProtocol added in v1.0.3 

type TLSHandshakeProtocol struct {
	HandshakeType            []byte
	Length                   []byte
	Version                  []byte
	Random                   []byte
	SessionIDLength          []byte
	SessionID                []byte
	CipherSuitesLength       []byte
	CipherSuites             []uint16 // ref: https://tls12.xargs.org/#client-hello/annotated [Ciper Suites]
	CompressionMethodsLength []byte
	CompressionMethods       []byte
	ExtensionsLength         []byte
	Extentions               TLSExtensions
}

func (*TLSHandshakeProtocol) Bytes added in v1.0.3 

func (p *TLSHandshakeProtocol) Bytes(isFromServer bool) []byte

type TLSRecordLayer added in v1.0.3 

type TLSRecordLayer struct {
	ContentType []byte
	Version     []byte
	Length      []byte
}

ref: https://tls12.xargs.org/#client-hello/annotated 以降のstructのフィールドはWiresharkを見つつ補完

func (*TLSRecordLayer) Bytes added in v1.0.3 

func (l *TLSRecordLayer) Bytes() []byte

type TLSServerHello added in v1.0.3 

type TLSServerHello struct {
	ServerHello     *ServerHello
	Certificate     *Certificate
	ServerHelloDone *ServerHelloDone
}

func ParsedTLSServerHello added in v1.0.3 

func ParsedTLSServerHello(b []byte) *TLSServerHello

tls1.2用

func (*TLSServerHello) Bytes added in v1.0.3 

func (tlsserverhello *TLSServerHello) Bytes() []byte

type TLSServerHelloFor1_3 added in v1.4.0 

type TLSServerHelloFor1_3 struct {
	ServerHello              *ServerHello
	ChangeCipherSpecProtocol *ChangeCipherSpecProtocol
	ApplicationDataProtocols []*TLSApplicationData
}

func ParsedTLSServerHelloFor1_3 added in v1.4.0 

func ParsedTLSServerHelloFor1_3(b []byte) *TLSServerHelloFor1_3

tls1.3用

func (*TLSServerHelloFor1_3) Bytes added in v1.4.0 

func (t *TLSServerHelloFor1_3) Bytes() []byte

func (*TLSServerHelloFor1_3) GetServerKeyShare added in v1.4.0 

func (t *TLSServerHelloFor1_3) GetServerKeyShare() []byte

type TLSv12Connection added in v1.3.2 

type TLSv12Connection struct {
	TLSClientHello       *TLSClientHello
	TLSServerHello       *TLSServerHello
	TLSClientKeyExchange *TLSClientKeyExchange
	TLSClientFinished    []byte
	KeyBlock             *KeyBlock
	ClientSequence       int
	Master               []byte

	// 以降、tlsv1.3実装で追加したものたち
	ECDHEKeys            *ECDHEKeys
	KeyBlockForTLSv13    *KeyBlockForTLSv13
	TLSServerHelloFor1_3 *TLSServerHelloFor1_3

	ServerHandshakeSeq int
	ServerAppSeq       int
	ClientHandshakeSeq int
	ClientAppSeq       int
	// contains filtered or unexported fields
}

func NewTLSv12Connection added in v1.3.2 

func NewTLSv12Connection() *TLSv12Connection

func NewTLSv13Connection added in v1.4.0 

func NewTLSv13Connection() *TLSv12Connection

TODO: 1.3用のstructを?

func (*TLSv12Connection) Close added in v1.3.2 

func (t *TLSv12Connection) Close()

func (*TLSv12Connection) EstablishedConnection added in v1.3.2 

func (t *TLSv12Connection) EstablishedConnection()

func (*TLSv12Connection) IsEstablished added in v1.3.2 

func (t *TLSv12Connection) IsEstablished() bool

func (*TLSv12Connection) IsPassiveChangeCipherSpecAndFinished added in v1.3.2 

func (t *TLSv12Connection) IsPassiveChangeCipherSpecAndFinished(tcp *TCP) bool

func (*TLSv12Connection) IsPassiveServerHello added in v1.3.2 

func (t *TLSv12Connection) IsPassiveServerHello(tcp *TCP) bool

TODO: ServerHello 以外も拾っちゃってるからちゃんと判定したい

func (*TLSv12Connection) IsSendApplicationData added in v1.3.2 

func (t *TLSv12Connection) IsSendApplicationData() bool

func (*TLSv12Connection) KeyscheduleToAppTraffic added in v1.4.0 

func (t *TLSv12Connection) KeyscheduleToAppTraffic()

こちらも

func (*TLSv12Connection) KeyscheduleToMasterSecret added in v1.4.0 

func (t *TLSv12Connection) KeyscheduleToMasterSecret(sharedkey []byte)

丸っと拝借させて頂いた コード: https://github.com/sat0ken/go-tcpip/blob/7dd5085f8aa25747a6098cc7d8d8e336ec5fcadd/tls1_3.go#L192 記事:https://zenn.dev/satoken/articles/golang-tls1_3#tls1.3%E3%81%AE%E9%8D%B5%E7%94%9F%E6%88%90%E3%81%AE%E6%B5%81%E3%82%8C TODO: やっぱりレシーバがTLSv1.2用のはおかしいから、v1.3用の作るか、共用に命名変更するかする

func (*TLSv12Connection) SetState added in v1.3.2 

func (t *TLSv12Connection) SetState(s TLSv12State)

func (*TLSv12Connection) VerifingData added in v1.3.2 

func (t *TLSv12Connection) VerifingData() *ForVerifing

type TLSv12State added in v1.3.2 

type TLSv12State int
const (
	TLSv12_STATE_INIT TLSv12State = iota
	TLSv12_STATE_PASSIVE_SERVER_HELLO
	TLSv12_STATE_SEND_APPLICATION_DATA
)

type Timestamps 

type Timestamps struct {
	Kind      uint8
	Length    uint8
	Value     uint32
	EchoReply uint32
}

type UDP 

type UDP struct {
	SrcPort  uint16
	DstPort  uint16
	Length   uint16
	Checksum uint16 // TODO: 後で計算用メソッドを。そもそも他のヘッダのchecksumと同じ計算っぽいから、独立させるかも
	Data     []byte
}

func ParsedUDP 

func ParsedUDP(payload []byte) *UDP

func (*UDP) Bytes 

func (u *UDP) Bytes() []byte

func (*UDP) CalculateChecksumForIPv6 added in v1.1.0 

func (u *UDP) CalculateChecksumForIPv6(ipv6 *IPv6)

IPv6 ではチェックサムがないため、上のレイヤでチェックサムが必要なため

func (*UDP) Len 

func (u *UDP) Len()

type WindowScale 

type WindowScale struct {
	Kind       uint8
	Length     uint8
	ShiftCount uint8
}

Source Files

View all Source files

Directories

Path Synopsis
cmd
debugging/bgp
debugging/http-server
debugging/https-server
debugging/tls-server
packemon
packemon-api
internal
debugging
tui

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.