From 0b8b00f753dac9e700c37cd3383d7b40947be931 Mon Sep 17 00:00:00 2001 From: Stefan Becker Date: Sun, 13 Nov 2011 00:32:27 +0200 Subject: [PATCH] tls: add a hard-coded client_hello message Now we can check the authentication handshake stuff in sip-transport.c with TLS-DSK. As TLS-DSK needs more handshake messages we have to modify the sip-sec API a little bit... --- src/core/sip-sec-tls-dsk.c | 6 ++- src/core/sipe-tls.c | 106 ++++++++++++++++++++++++++++++++++++++++++++- src/core/sipe-tls.h | 2 + 3 files changed, 111 insertions(+), 3 deletions(-) diff --git a/src/core/sip-sec-tls-dsk.c b/src/core/sip-sec-tls-dsk.c index 4cd2d210..097a10ca 100644 --- a/src/core/sip-sec-tls-dsk.c +++ b/src/core/sip-sec-tls-dsk.c @@ -78,9 +78,11 @@ sip_sec_init_sec_context__tls_dsk(SipSecContext context, /* temporary */ (void)ctx; (void)in_buff; - (void)out_buff; - return SIP_SEC_E_INTERNAL_ERROR; + + out_buff->value = sipe_tls_client_hello(&out_buff->length); + + return SIP_SEC_E_OK; } static sip_uint32 diff --git a/src/core/sipe-tls.c b/src/core/sipe-tls.c index fdf2dfd3..29f8e79a 100644 --- a/src/core/sipe-tls.c +++ b/src/core/sipe-tls.c @@ -21,7 +21,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * * - * TLS Protocol Version 1.0 - Handshake Messages + * TLS Protocol Version 1.0/1.1 - Handshake Messages * * TLS-DSK uses the handshake messages during authentication and session key * exchange. This module *ONLY* implements this part of the TLS specification! @@ -29,8 +29,11 @@ * Specification references: * * - RFC2246: http://www.ietf.org/rfc/rfc2246.txt + * - RFC3546: http://www.ietf.org/rfc/rfc3546.txt + * - RFC4346: http://www.ietf.org/rfc/rfc4346.txt */ +#include #include #include @@ -38,6 +41,107 @@ #include "sipe-cert-crypto.h" #include "sipe-tls.h" +static const guchar const client_hello[] = { + +#if 0 +/* Extracted from log file */ + /* TLS Record */ + 0x16, /* ContenType: handshake(22) */ + 0x03, 0x01, /* ProtocolVersion: 3.1 (= TLS 1.0) */ + 0x00, 0x48, /* length: 72 bytes */ + /* TLS Record fragment -> 72 bytes */ + /* Handshake (header) */ + 0x01, /* msg_type: client_hello(1) */ + 0x00, 0x00, 0x44, /* length: 68 bytes */ + /* Handshake (body) */ + /* ClientHello */ + 0x03, 0x01, /* ProtocolVersion: 3.1 (= TLS 1.0) */ + /* Random: (32 bytes) */ + 0x4e, 0x81, 0xa7, 0x63, /* uint32 gmt_unix_time */ + 0x15, 0xfd, 0x06, 0x46, /* random_bytes[28] */ + 0x0a, 0xb2, 0xdf, 0xf0, + 0x85, 0x14, 0xac, 0x60, + 0x7e, 0xda, 0x48, 0x3c, + 0xb2, 0xad, 0x5b, 0x0f, + 0xf3, 0xe4, 0x4e, 0x5d, + 0x4b, 0x9f, 0x8e, 0xd6, + /* session_id: (0..32 bytes) */ + 0x00, /* = 0 -> no SessionID */ + /* cipher_suites: (2..2^16-1 bytes) */ + 0x00, 0x16, /* = 22 bytes -> 11 CipherSuites */ + 0x00, 0x04, /* TLS_RSA_WITH_RC4_128_MD5 */ + 0x00, 0x05, /* TLS_RSA_WITH_RC4_128_SHA */ + 0x00, 0x0a, /* TLS_RSA_WITH_3DES_EDE_CBC_SHA */ + 0x00, 0x09, /* TLS_RSA_WITH_DES_CBC_SHA */ + 0x00, 0x64, /* NON-STANDARD */ + 0x00, 0x62, /* NON-STANDARD */ + 0x00, 0x03, /* TLS_RSA_EXPORT_WITH_RC4_40_MD5 */ + 0x00, 0x06, /* TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 */ + 0x00, 0x13, /* TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA */ + 0x00, 0x12, /* TLS_DHE_DSS_WITH_DES_CBC_SHA */ + 0x00, 0x63, /* NON-STANDARD */ + /* compr_methods: (1..2^8-1 bytes) */ + 0x01, /* = 1 byte -> 1 CompressionMethod */ + 0x00, /* null(0) */ + /* TLS Extended Client Hello (RFC3546) */ + /* extensions: (0..2^16-1) */ + 0x00, 0x05, /* = 5 bytes */ + 0xff, 0x01, /* ExtensionType: (= 0xFF01) */ + /* extension_data: (0..2^16-1 byt) */ + 0x00, 0x01, /* = 1 byte */ + 0x00 +#else + /* TLS Record */ + 0x16, /* ContenType: handshake(22) */ + 0x03, 0x01, /* ProtocolVersion: 3.1 (= TLS 1.0) */ + 0x00, 0x31, /* length: 49 bytes */ + /* TLS Record fragment -> 72 bytes */ + /* Handshake (header) */ + 0x01, /* msg_type: client_hello(1) */ + 0x00, 0x00, 0x2d, /* length: 45 bytes */ + /* Handshake (body) */ + /* ClientHello */ + 0x03, 0x01, /* ProtocolVersion: 3.1 (= TLS 1.0) */ + /* Random: (32 bytes) */ +#define GMT_OFFSET 11 + 0x4e, 0x81, 0xa7, 0x63, /* uint32 gmt_unix_time */ +#define RANDOM_OFFSET 15 + 0x15, 0xfd, 0x06, 0x46, /* random_bytes[28] */ + 0x0a, 0xb2, 0xdf, 0xf0, + 0x85, 0x14, 0xac, 0x60, + 0x7e, 0xda, 0x48, 0x3c, + 0xb2, 0xad, 0x5b, 0x0f, + 0xf3, 0xe4, 0x4e, 0x5d, + 0x4b, 0x9f, 0x8e, 0xd6, + /* session_id: (0..32 bytes) */ + 0x00, /* = 0 -> no SessionID */ + /* cipher_suites: (2..2^16-1 bytes) */ + 0x00, 0x06, /* = 6 bytes -> 3 CipherSuites */ + 0x00, 0x04, /* TLS_RSA_WITH_RC4_128_MD5 */ + 0x00, 0x05, /* TLS_RSA_WITH_RC4_128_SHA */ + 0x00, 0x03, /* TLS_RSA_EXPORT_WITH_RC4_40_MD5 */ + /* compr_methods: (1..2^8-1 bytes) */ + 0x01, /* = 1 byte -> 1 CompressionMethod */ + 0x00 /* null(0) */ +#endif +}; + +guchar *sipe_tls_client_hello(gsize *length) +{ + guchar *msg = g_memdup(client_hello, sizeof(client_hello)); + guint32 now = time(NULL); + guint32 now_N = GUINT32_TO_BE(now); + guchar *p; + guint i; + + memcpy(msg + GMT_OFFSET, &now_N, sizeof(now_N)); + for (p = msg + RANDOM_OFFSET, i = 0; i < 2; i++) + *p++ = rand() & 0xFF; + + *length = sizeof(client_hello); + return(msg); +} + /* Local Variables: mode: c diff --git a/src/core/sipe-tls.h b/src/core/sipe-tls.h index 084f9622..2ed56914 100644 --- a/src/core/sipe-tls.h +++ b/src/core/sipe-tls.h @@ -26,3 +26,5 @@ * * */ + +guchar *sipe_tls_client_hello(gsize *length); -- 2.11.4.GIT