Skip to content

Commit

Permalink
Packetbeat: Update TLS protocol cipher suites (elastic#7455) (elastic…
Browse files Browse the repository at this point in the history
…#7498)

The TLS protocol parser has been updated with 5 new cipher suites
introduced in TLS 1.3:

+------------------------------+-------------+
| Description                  | Value       |
+------------------------------+-------------+
| TLS_AES_128_GCM_SHA256       | {0x13,0x01} |
|                              |             |
| TLS_AES_256_GCM_SHA384       | {0x13,0x02} |
|                              |             |
| TLS_CHACHA20_POLY1305_SHA256 | {0x13,0x03} |
|                              |             |
| TLS_AES_128_CCM_SHA256       | {0x13,0x04} |
|                              |             |
| TLS_AES_128_CCM_8_SHA256     | {0x13,0x05} |
+------------------------------+-------------+

(cherry picked from commit 533e026)
  • Loading branch information
adriansr authored and andrewkroh committed Jul 3, 2018
1 parent 597c264 commit 778f023
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 0 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,8 @@ https://github.com/elastic/beats/compare/v6.3.0...6.3[Check the HEAD diff]

*Packetbeat*

- Updated the TLS protocol parser with new cipher suites added to TLS 1.3. {issue}7455[7455]

*Winlogbeat*

==== Deprecated
Expand Down
7 changes: 7 additions & 0 deletions packetbeat/protos/tls/algos.go
Original file line number Diff line number Diff line change
Expand Up @@ -176,6 +176,13 @@ var cipherSuites = map[cipherSuite]string{
0x00C5: "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256",

0x00FF: "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",

0x1301: "TLS_AES_128_GCM_SHA256",
0x1302: "TLS_AES_256_GCM_SHA384",
0x1303: "TLS_CHACHA20_POLY1305_SHA256",
0x1304: "TLS_AES_128_CCM_SHA256",
0x1305: "TLS_AES_128_CCM_8_SHA256",

0x5600: "TLS_FALLBACK_SCSV",

0xC001: "TLS_ECDH_ECDSA_WITH_NULL_SHA",
Expand Down

0 comments on commit 778f023

Please sign in to comment.