forked from MLiONS/ECH-ENSI
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsnie_quic.py
38 lines (31 loc) · 1.26 KB
/
snie_quic.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
def sne_quic_extract_pkt_info(packet):
tls_extension_version = '0x0a'
tls_version = '0x0a'
llayer = dir(packet['quic'])
# print("QUIC layer info : " + str(llayer))
sni = 'NA'
tls_version = 'NA'
qlen = int(packet['quic'].packet_length)
tstamp = float(packet.sniff_timestamp)
if 'ip' in packet:
saddr = packet['ip'].src
daddr = packet['ip'].dst
else:
saddr = daddr = 0
if 'udp' in packet:
sport = packet['udp'].srcport
dport = packet['udp'].dstport
else:
sport = dport = 0
if "tls_handshake_extensions_supported_version" in llayer:
tls_extension_version = packet['quic'].tls_handshake_extensions_supported_version
if "tls_handshake_version" in llayer:
tls_version = packet['quic'].tls_handshake_version
if 'tls_handshake_extensions_server_name' in llayer:
sni = packet['quic'].tls_handshake_extensions_server_name
if tls_version != 'NA':
final_version = max(int(str(tls_extension_version),16),int(str(tls_version),16))
final_version = str(hex(final_version))
final_version = f"{final_version[:2]}0{final_version[2:]}"
tls_version = final_version
return saddr, daddr, sport, dport, sni, qlen, tstamp, tls_version