robin.thoni
/
ipxe
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 11 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1280 Commits
2 Branches
Tree: 2494625702
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2494625702'
${ noResults }
ipxe/src/crypto/ssl.c

ssl.c 4.7KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133 
  1. #include "ssl.h"

  2. #include "ssl_constructs.h"

  3. #include <string.h> // for bcopy()

  4. #include <time.h> // for time()

  5. #include <stdlib.h> // for rand(), htons?, htonl?

  6. // note net byte order is big-endian

  7. // Need to set error codes

  8. 

  9. int CreateSSLHello(SSL_t *ssl)

  10. {

  11.   printf("In CreateSSLHello()\n",ssl);

  12. 

  13.   // Initalize the structure

  14.   bzero(ssl,sizeof(SSL_t));

  15.   //ssl->max_size = sizeof(ssl->buffer);

  16.   ssl->max_size = 18456;

  17. 

  18.   // Declare variables

  19.   int i; void *ptr;

  20. 

  21.   // Set pointers into buffer

  22.   SSLPlaintext *record = (SSLPlaintext *)ssl->buffer;

  23.   Handshake *handshake = (Handshake *)record->fragment;

  24.   // the body starts right after the handshake

  25.   printf("sizeof(Handshake) = %d\n",sizeof(Handshake));

  26.   ClientHello *hello = (ClientHello *)(handshake + 1);

  27. 

  28.   printf("record->%#x, handshake->%#x, hello->%#x\n",record,handshake,hello);

  29. 

  30.   // Construct ClientHello Message

  31.   hello->client_version = version;

  32.   i = htonl(time(NULL));

  33.   bcopy(&i,hello->random.gmt_unix_time,4);

  34.   for(i=0;i<28;i++){ hello->random.random_bytes[i] = (uint8)rand(); }

  35.   hello->session_id_length = 0;

  36.   hello->session_id = &hello->session_id_length;

  37.   hello->session_id_end = hello->session_id;

  38.   hello->cipher_suites_length = (CipherSuiteLength *)(hello->session_id_end + 1);

  39.   hello->cipher_suites = (hello->cipher_suites_length + 1);

  40.   hello->cipher_suites_end = hello->cipher_suites;

  41.   i = htons(2*5); // 2 bytes per Suite * 5 Suites

  42.   bcopy(&i,hello->cipher_suites_length,2);

  43.   bcopy(SSL_NULL_WITH_NULL_NULL,hello->cipher_suites_end,sizeof(CipherSuite));

  44.   *hello->cipher_suites_end++;

  45.   bcopy(SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA,hello->cipher_suites_end,sizeof(CipherSuite));

  46.   *hello->cipher_suites_end++;

  47.   bcopy(SSL_DH_DSS_WITH_DES_CBC_SHA,hello->cipher_suites_end,sizeof(CipherSuite));

  48.   *hello->cipher_suites_end++;

  49.   bcopy(SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,hello->cipher_suites_end,sizeof(CipherSuite));

  50.   *hello->cipher_suites_end++;

  51.   bcopy(SSL_DH_anon_WITH_RC4_128_MD5,hello->cipher_suites_end,sizeof(CipherSuite));

  52.   hello->compression_methods_length = (CompressionMethodLength *)(hello->cipher_suites_end + 1);

  53.   hello->compression_methods = (hello->compression_methods_length + 1);

  54.   hello->compression_methods_end = hello->compression_methods;

  55.   *hello->compression_methods_length = 1;

  56.   *hello->compression_methods_end = compression_method_null;

  57. 

  58.   // Construct Handshake Message

  59.   handshake->msg_type = handshake_type_client_hello;

  60.   i = (void *)(hello->compression_methods_end + 1) - (void *)hello;

  61.   printf("Handshake.length = %d\n", i);

  62.   handshake->length[0] = (char)*(&i+8);

  63.   handshake->length[1] = (char)*(&i+8);

  64.   handshake->length[2] = (char)i;

  65.   //bcopy((&i+1),handshake->length,3); // +1 so we copy 3 bytes

  66. 

  67.   // Construct SSL Record

  68.   printf("sizeof(ContentType)=%d\n",sizeof(ContentType));

  69.   printf("sizeof(uint8)=%d\n",sizeof(uint8));

  70.   record->type = content_type_handshake;

  71.   record->version = version;

  72.   i += sizeof(Handshake);

  73.   printf("SSLPlaintext.length = %d\n",i);

  74.   record->length[0] = (char)*(&i+8);

  75.   record->length[1] = (char)i;

  76.   //bcopy(&i,record->length,4); // length of handshake

  77. 

  78.   // Set total size of message

  79.   i += sizeof(ContentType) + sizeof(ProtocolVersion) + sizeof(uint16);

  80.   ssl->length = i;

  81.   printf("End of CreateSSLHello\n");

  82.   return 0;

  83. }

  84. 

  85. void PrintSSLPacket(SSL_t *ssl)

  86. {

  87.   printf("Printing packet with length:%d\n", ssl->length);

  88.   char *ptr = ssl->buffer;

  89.   char *begin = ptr;

  90.   char *tmp;

  91.   char *end = ssl->buffer + ssl->length;

  92.   printf("Record Layer:\n");

  93.   printf("\tContentType: %2hhX\n",(char)*ptr++);

  94.   printf("\tVersion: %2hhX %2hhX\n", (char)*ptr++, (char)*ptr++);

  95.   printf("\tLength: %2hhX %2hhX\n", (char)*ptr++, (char)*ptr++);

  96. 

  97.   printf("Handshake:\n");

  98.   printf("\tType: %2hhX\n", (char)*ptr++);

  99.   printf("\tLength: %2hhX %2hhX %2hhX\n", (char)*ptr++, (char)*ptr++, (char)*ptr++);

  100.   printf("\tVersion: %2hhX %2hhX\n", (char)*ptr++, (char)*ptr++);

  101.   printf("\tgmt_unix_time: %2hhX %2hhX %2hhX %2hhX\n", (char)*ptr++, (char)*ptr++, (char)*ptr++, (char)*ptr++);

  102.   printf("\trandom: ");

  103.   tmp = ptr + 28;

  104.   for(;ptr<tmp;ptr++){printf("%2hhX ", (char)*ptr);}

  105. 

  106.   printf("\n\nHexDump:\n");

  107. 

  108.   int ctr = 0;

  109.   for(;begin<end;begin++){printf("%2hhX ",(char)*begin);if(++ctr%10==0){printf("\n");}}

  110.   printf("\n\n");

  111. }

  112. 

  113. int ReadSSLHello(SSL_t *ssl)

  114. {

  115.   SSLCiphertext *ct = (SSLCiphertext *)ssl->buffer;

  116. 

  117.   if(ct->type == content_type_alert){

  118.     // assuming text is still plaintext

  119.     Alert *a = (Alert *)&ct->fragment;

  120.     if(a->level == alert_level_fatal){

  121.       printf("Fatal Alert %d, connection terminated\n",a->description);

  122.       return (1);

  123.     }else if(a->level == alert_level_warning){

  124.       printf("Warning Alert %d\n", a->description);

  125.     }else{

  126.       printf("Unknown alert level %d\n", a->level);

  127.     }

  128.   }else{

  129.     printf("SSL type %d\n",ct->type);

  130.   }

  131.   return (0);

  132. }