6 * Copyright (C) 2011 SIPE Project <http://sipe.sourceforge.net/>
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 * TLS Protocol Version 1.0/1.1 - Handshake Messages
26 * TLS-DSK uses the handshake messages during authentication and session key
27 * exchange. This module *ONLY* implements this part of the TLS specification!
29 * Specification references:
31 * - RFC2246: http://www.ietf.org/rfc/rfc2246.txt
32 * - RFC3546: http://www.ietf.org/rfc/rfc3546.txt
33 * - RFC4346: http://www.ietf.org/rfc/rfc4346.txt
41 #include "sipe-cert-crypto.h"
44 static const guchar
const client_hello
[] = {
47 /* Extracted from log file */
49 0x16, /* ContenType: handshake(22) */
50 0x03, 0x01, /* ProtocolVersion: 3.1 (= TLS 1.0) */
51 0x00, 0x48, /* length: 72 bytes */
52 /* TLS Record fragment -> 72 bytes */
53 /* Handshake (header) */
54 0x01, /* msg_type: client_hello(1) */
55 0x00, 0x00, 0x44, /* length: 68 bytes */
56 /* Handshake (body) */
58 0x03, 0x01, /* ProtocolVersion: 3.1 (= TLS 1.0) */
59 /* Random: (32 bytes) */
60 0x4e, 0x81, 0xa7, 0x63, /* uint32 gmt_unix_time */
61 0x15, 0xfd, 0x06, 0x46, /* random_bytes[28] */
62 0x0a, 0xb2, 0xdf, 0xf0,
63 0x85, 0x14, 0xac, 0x60,
64 0x7e, 0xda, 0x48, 0x3c,
65 0xb2, 0xad, 0x5b, 0x0f,
66 0xf3, 0xe4, 0x4e, 0x5d,
67 0x4b, 0x9f, 0x8e, 0xd6,
68 /* session_id: (0..32 bytes) */
69 0x00, /* = 0 -> no SessionID */
70 /* cipher_suites: (2..2^16-1 bytes) */
71 0x00, 0x16, /* = 22 bytes -> 11 CipherSuites */
72 0x00, 0x04, /* TLS_RSA_WITH_RC4_128_MD5 */
73 0x00, 0x05, /* TLS_RSA_WITH_RC4_128_SHA */
74 0x00, 0x0a, /* TLS_RSA_WITH_3DES_EDE_CBC_SHA */
75 0x00, 0x09, /* TLS_RSA_WITH_DES_CBC_SHA */
76 0x00, 0x64, /* NON-STANDARD */
77 0x00, 0x62, /* NON-STANDARD */
78 0x00, 0x03, /* TLS_RSA_EXPORT_WITH_RC4_40_MD5 */
79 0x00, 0x06, /* TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 */
80 0x00, 0x13, /* TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA */
81 0x00, 0x12, /* TLS_DHE_DSS_WITH_DES_CBC_SHA */
82 0x00, 0x63, /* NON-STANDARD */
83 /* compr_methods: (1..2^8-1 bytes) */
84 0x01, /* = 1 byte -> 1 CompressionMethod */
86 /* TLS Extended Client Hello (RFC3546) */
87 /* extensions: (0..2^16-1) */
88 0x00, 0x05, /* = 5 bytes */
89 0xff, 0x01, /* ExtensionType: (= 0xFF01) */
90 /* extension_data: (0..2^16-1 byt) */
91 0x00, 0x01, /* = 1 byte */
95 0x16, /* ContenType: handshake(22) */
96 0x03, 0x01, /* ProtocolVersion: 3.1 (= TLS 1.0) */
97 0x00, 0x31, /* length: 49 bytes */
98 /* TLS Record fragment -> 72 bytes */
99 /* Handshake (header) */
100 0x01, /* msg_type: client_hello(1) */
101 0x00, 0x00, 0x2d, /* length: 45 bytes */
102 /* Handshake (body) */
104 0x03, 0x01, /* ProtocolVersion: 3.1 (= TLS 1.0) */
105 /* Random: (32 bytes) */
106 #define GMT_OFFSET 11
107 0x4e, 0x81, 0xa7, 0x63, /* uint32 gmt_unix_time */
108 #define RANDOM_OFFSET 15
109 0x15, 0xfd, 0x06, 0x46, /* random_bytes[28] */
110 0x0a, 0xb2, 0xdf, 0xf0,
111 0x85, 0x14, 0xac, 0x60,
112 0x7e, 0xda, 0x48, 0x3c,
113 0xb2, 0xad, 0x5b, 0x0f,
114 0xf3, 0xe4, 0x4e, 0x5d,
115 0x4b, 0x9f, 0x8e, 0xd6,
116 /* session_id: (0..32 bytes) */
117 0x00, /* = 0 -> no SessionID */
118 /* cipher_suites: (2..2^16-1 bytes) */
119 0x00, 0x06, /* = 6 bytes -> 3 CipherSuites */
120 0x00, 0x04, /* TLS_RSA_WITH_RC4_128_MD5 */
121 0x00, 0x05, /* TLS_RSA_WITH_RC4_128_SHA */
122 0x00, 0x03, /* TLS_RSA_EXPORT_WITH_RC4_40_MD5 */
123 /* compr_methods: (1..2^8-1 bytes) */
124 0x01, /* = 1 byte -> 1 CompressionMethod */
129 guchar
*sipe_tls_client_hello(gsize
*length
)
131 guchar
*msg
= g_memdup(client_hello
, sizeof(client_hello
));
132 guint32 now
= time(NULL
);
133 guint32 now_N
= GUINT32_TO_BE(now
);
137 memcpy(msg
+ GMT_OFFSET
, &now_N
, sizeof(now_N
));
138 for (p
= msg
+ RANDOM_OFFSET
, i
= 0; i
< 2; i
++)
139 *p
++ = rand() & 0xFF;
141 *length
= sizeof(client_hello
);