base/bif/plugins/Zeek_SSL.functions.bif.zeek

GLOBAL
Namespace

GLOBAL

Summary

Functions

parse_distinguished_name: function

Decodes a DER-encoded distinguished name into an ASCII string, using the RFC2253 representation

set_keys: function

Set the decryption keys that should be used to decrypt TLS application data in the connection.

set_secret: function

Set the secret that should be used to derive keys for the connection.

set_ssl_established: function

Sets if the SSL analyzer should consider the connection established (handshake finished successfully).

Detailed Interface

Functions

parse_distinguished_name
Type

function (dn: string) : string

Decodes a DER-encoded distinguished name into an ASCII string, using the RFC2253 representation

Parameters

dn – DER encoded distinguished name

Returns

Ascii representation on success, empty string on failure

See also: ssl_certificate_request

set_keys
Type

function (c: connection, keys: string) : bool

Set the decryption keys that should be used to decrypt TLS application data in the connection.

Parameters
  • c – The affected connection

  • keys – The key buffer as derived via TLS PRF.

Returns

T on success, F on failure.

set_secret
Type

function (c: connection, secret: string) : bool

Set the secret that should be used to derive keys for the connection. (For TLS 1.2 this is the pre-master secret).

Parameters
  • c – The affected connection

  • secret – secret to set

Returns

T on success, F on failure.

set_ssl_established
Type

function (c: connection) : bool

Sets if the SSL analyzer should consider the connection established (handshake finished successfully).

Parameters

c – The SSL connection.

Returns

T on success, F on failure.