Fix parsing of TLS/1.3 sigscheme list

ericlaw1979 · ericlaw1979 · commit 36e0e5296a9a · 2022-11-04T14:18:18.000-05:00
diff --git a/FiddlerImportNetlog/FiddlerInterface.cs b/FiddlerImportNetlog/FiddlerInterface.cs
@@ -9,7 +9,7 @@
 namespace FiddlerImportNetlog
 {
     [ProfferFormat("NetLog JSON", 
-                   "Chromium's JSON-based event log format (v1.3.4.0). See https://dev.chromium.org/for-testers/providing-network-details for more details.",
+                   "Chromium's JSON-based event log format (v1.3.4.1). See https://dev.chromium.org/for-testers/providing-network-details for more details.",
                    // We handle import of JSON files, whether uncompressed, or compressed with ZIP or GZ. I'm not completely sure I remember the implications
                    // of declaring .gz here, nor why .zip isn't mentioned. Is this about the drag/drop import feature?
                    ".json;.gz"
diff --git a/FiddlerImportNetlog/Importer.cs b/FiddlerImportNetlog/Importer.cs
@@ -1,6 +1,7 @@
 ﻿using System;
 using System.Collections;
 using System.Collections.Generic;
+using System.ComponentModel;
 using System.Diagnostics;
 using System.Globalization;
 using System.IO;
@@ -1035,15 +1036,15 @@ private void ParseTLS1dot3CertificateRequest(Hashtable htCertFilter, byte[] arrC
                                              arrExtData[iX++];
                         Debug.Assert((cbSigHashAlgs % 2) == 0);
 
-                        var alSigHashAlgs = new ArrayList();
+                        var alSigSchemes = new ArrayList();
 
                         for (int ixSigHashPair = 0; ixSigHashPair < cbSigHashAlgs / 2; ++ixSigHashPair)
                         {
-                            alSigHashAlgs.Add(GetHashSigString(arrExtData[iX + (2 * ixSigHashPair)], arrExtData[1+ iX + (2 * ixSigHashPair)]));
+                                alSigSchemes.Add(GetTLS13SigSchemeString((arrExtData[iX + (2 * ixSigHashPair)] << 8) + arrExtData[1+ iX + (2 * ixSigHashPair)]));
                         }
-                        htCertFilter.Add("Accepted SignatureAndHashAlgorithms", alSigHashAlgs);
+                        htCertFilter.Add("Accepted SignatureSchemes", alSigSchemes);
                     }
-                    catch { htCertFilter.Add("Accepted SignatureAndHashAlgorithms", "Parse failure"); }
+                    catch { htCertFilter.Add("Accepted SignatureSchemes", "Parse failure"); }
                     break;
                 default:
                     htCertFilter.Add("FilterExt #" + iExtensionType.ToString(), "Length" + iExtDataLen.ToString());
@@ -1104,6 +1105,42 @@ private void GenerateDNSResolutionListSession(Dictionary<int, List<Hashtable>> d
             catch (Exception e) { FiddlerApplication.Log.LogFormat("GenerateDNSResolutionListSession failed: " + DescribeExceptionWithStack(e)); }
         }
 
+        // https://www.rfc-editor.org/rfc/rfc8446#section-4.3.2:~:text=extensions%20contains%20a-,SignatureSchemeList,-value%3A%0A%0A%20%20%20%20%20%20enum%20%7B%0A%20%20%20%20%20%20%20%20%20%20/*%20RSASSA
+        private static string GetTLS13SigSchemeString(int iValue)
+        {
+            switch (iValue)
+            {
+                case 0x0401: return "rsa_pkcs1_sha256";
+                case 0x0501: return "rsa_pkcs1_sha384";
+                case 0x0601: return "rsa_pkcs1_sha512";
+
+                /* ECDSA algorithms */
+                case 0x0403: return "ecdsa_secp256r1_sha256";
+                case 0x0503: return "ecdsa_secp384r1_sha384";
+                case 0x0603: return "ecdsa_secp521r1_sha512";
+
+                /* RSASSA-PSS algorithms with public key OID rsaEncryption */
+                case 0x0804: return "rsa_pss_rsae_sha256";
+                case 0x0805: return "rsa_pss_rsae_sha384";
+                case 0x0806: return "rsa_pss_rsae_sha512";
+
+                /* EdDSA algorithms */
+                case 0x0807: return "ed25519";
+                case 0x0808: return "ed448";
+
+                /* RSASSA-PSS algorithms with public key OID RSASSA-PSS */
+                case 0x0809: return "rsa_pss_pss_sha256";
+                case 0x080a: return "rsa_pss_pss_sha384";
+                case 0x080b: return "rsa_pss_pss_sha512";
+
+                case 0x0201: return "rsa_pkcs1_sha1";
+                case 0x0202: return "dsa_sha1";
+                case 0x0203: return "ecdsa_sha1";
+
+                default: return String.Format("unknown(0x{0:x})", iValue);
+            }
+        }
+
         private static string GetHashSigString(int iHash, int iSig)
         {
             string sHash;
diff --git a/FiddlerImportNetlog/Properties/AssemblyInfo.cs b/FiddlerImportNetlog/Properties/AssemblyInfo.cs
@@ -6,7 +6,7 @@
 [assembly: AssemblyCopyright("Copyright ©2021 Eric Lawrence")]
 [assembly: System.Resources.NeutralResourcesLanguage("en-US")]
 [assembly: ComVisible(false)]
-[assembly: AssemblyVersion("1.3.4.0")]  // ALWAYS UPDATE THE VERSION in the [ProfferFormat] attribute in FiddlerInterface.cs to match!
+[assembly: AssemblyVersion("1.3.4.1")]  // ALWAYS UPDATE THE VERSION in the [ProfferFormat] attribute in FiddlerInterface.cs to match!
 [assembly: Fiddler.RequiredVersion("4.6.0.0")]
 
 

Original file line number	Diff line number	Diff line change
`@@ -9,7 +9,7 @@`
`9`	`9`	`namespace FiddlerImportNetlog`
`10`	`10`	`{`
`11`	`11`	`[ProfferFormat("NetLog JSON",`
`12`		`- "Chromium's JSON-based event log format (v1.3.4.0). See https://dev.chromium.org/for-testers/providing-network-details for more details.",`
	`12`	`+ "Chromium's JSON-based event log format (v1.3.4.1). See https://dev.chromium.org/for-testers/providing-network-details for more details.",`
`13`	`13`	`// We handle import of JSON files, whether uncompressed, or compressed with ZIP or GZ. I'm not completely sure I remember the implications`
`14`	`14`	`// of declaring .gz here, nor why .zip isn't mentioned. Is this about the drag/drop import feature?`
`15`	`15`	`".json;.gz"`