The information that you're after is in the spec, it just takes a little deconstruction to determine that byte sequences. I've successfully used it to hand disassemble the SSL headers from a packet dump but I agree that it's not as easy as it would be with a structure diagram.
Steven -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Dustin C. Locke Sent: Wednesday, 11 June 2003 11:39 AM To: [EMAIL PROTECTED] Subject: RE: SSL protocol packet format Thanks for the reply. I've read Netscape's SSL 3.0 draft twice...most of the information is simply data type specification in Baukus Naur Form with no reference to the construction of the packet itself. For instance, it outlines several higher-level data types within the protocol (SSLPlaintext, SSLCompressed, SSLCiphertext) and their component types (type, version, length, fragment, etc.), but with no useful information as to where such data is located in the packet. I need to be able to map a struct{} data type over the packet headers, so some sort of detailed specification (e.g., "bits 0 - 7 are flag bits with the following possible values, bits 9-23 are ...") is necessary. Obviously, I could map them myself using a packet sniffer and trial-and-error packet generation, but this is somewhat tedious. Alternatively, I could look at the source for OpenSSL or SSLDump I suppose, but this is not desirable either. It seems to me that since somebody somewhere has developed software that interacts directly with the layer 3 protocol datagrams themselves, this information should be available. Thanks, DCL On Tue, 2003-06-10 at 17:25, Steven Reddie wrote: > The fourth result returned by google.com for "SSL" is the "SSL 3.0 > Specification". Is that not what you're after? I haven't seen a diagram of > packet content but this specification should contain the information that > you're after in a textual form. > > Regards, > > Steven > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Dustin C. Locke > Sent: Wednesday, 11 June 2003 11:09 AM > To: [EMAIL PROTECTED] > Subject: SSL protocol packet format > > > Does anybody know where I can find a specific diagram/chart showing the > number of bits, data content, and data type of all of the individual > fields (header and body both) of an ssl packet? They're readily > available for many other protocols (IP, TCP, NTP, etc.), but I am unable > to find one for SSL. I need to do some packet analysis directly from a > tcpdump, creating a struct{} from the packet header and payload, which > is difficult to do with the info in the Internet-Draft for SSL 3.0. > > Thanks, > DCL > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
