Overview of secpod_ssl_ciphers.inc

Public Function Summary

Public functions are intended to be called by the code that imports this library.

Name Summary
check_sslv2_cipher_spec_supported
check_sslv3_cipher_spec_supported
check_tlsv1_1_cipher_spec_supported
check_tlsv1_2_cipher_spec_supported
check_tlsv1_cipher_spec_supported
construct_ssl_req
get_ssl_server_hello

Public Function Details

check_sslv2_cipher_spec_supported

Named Parameters

server_hello

Code

function check_sslv2_cipher_spec_supported(server_hello)
{
  ## SSLv2 Server Hello Structure
  ## Length(2), ServerHelo(1), SessionIDHit(1), CertificateType(1), SSLVer(2),
  ## CertificateLength(2), CipherLength(2), ConnIDLength(2),
  ## Certificate(CertificateLength)
  ## CipherSpec(CipherLength),
  ## ConnID(ConnIDLength)

  sslv2_cipher_sup = FALSE;

  ## Check for ServerHello(4), SSL Ver(0x0002), Cipher Spec Length(3)
  ## If all the conditions specified menas, given cipher spec is supported
  ## by server
  if(ord(server_hello[2]) == 4 && ord(server_hello[5]) == 0 && ord(server_hello[6]) == 2 &&
     ord(server_hello[9]) == 0 && ord(server_hello[10]) == 3){
    sslv2_cipher_sup = TRUE;
  }
  return(sslv2_cipher_sup);
}


## This function check for certain bytes in the server_hello and

		
top

check_sslv3_cipher_spec_supported

Named Parameters

server_hello

Code

function check_sslv3_cipher_spec_supported(server_hello)
{

  ## ServerHello :
  ## HandshakeType(1), SSLVer(2), Length(2), ServerHello(1), Length(3)
  ## SSLVer(2), RandomData(32),
  ## SessionIDLength(1), SessionID(SessionIDLength)
  ## CipherSuite(Client-CipherSuitLength)
  ## CompressionMethod(1)
  ##
  ## Certificate :
  ## HandshakeType(1), SSLVer(2), Length(2), Certificate(1), Length(3)
  ## CertificatesLength(3), CertificateLength(3), Certificate(CertificateLength)
  ##
  ## ServerKey Exchange
  ## HandshakeType(1), SSLVer(2), Length(2), ServerKeyExchange(1), Length(3)
  ##
  ## ServerHello Done
  ## HandshakeType(1), SSLVer(2), Length(2), ServerHelloDone(1), Length(3)

  sslv3_cipher_sup = FALSE;

  ## Check for ServerHello(4), SSL Ver(0x0002), Cipher Spec Length(3)
  ## If all the conditions specified menas, given cipher spec is supported
  ## by server
  if(ord(server_hello[0]) == 22 && ord(server_hello[1]) == 3 && ord(server_hello[2]) == 0 &&
     ord(server_hello[5]) == 2 &&  ord(server_hello[9]) == 3){
    sslv3_cipher_sup = TRUE;
  }
  return(sslv3_cipher_sup);
}

## This function check for certain bytes in the server_hello and

		
top

check_tlsv1_1_cipher_spec_supported

Named Parameters

server_hello

Code

function check_tlsv1_1_cipher_spec_supported(server_hello)
{

  ## ServerHello :
  ## HandshakeType(1), SSLVer(2), Length(2), ServerHello(1), Length(3)
  ## SSLVer(2), RandomData(32),
  ## SessionIDLength(1), SessionID(SessionIDLength)
  ## CipherSuite(Client-CipherSuitLength)
  ## CompressionMethod(1)
  ##
  ## Certificate :
  ## HandshakeType(1), SSLVer(2), Length(2), Certificate(1), Length(3)
  ## CertificatesLength(3), CertificateLength(3), Certificate(CertificateLength)
  ##
  ## ServerKey Exchange
  ## HandshakeType(1), SSLVer(2), Length(2), ServerKeyExchange(1), Length(3)
  ##
  ## ServerHello Done
  ## HandshakeType(1), SSLVer(2), Length(2), ServerHelloDone(1), Length(3)

  tlsv1_1_cipher_sup = FALSE;

  ## Check for ServerHello(4), SSL Ver(0x0002), Cipher Spec Length(3)
  ## If all the conditions specified menas, given cipher spec is supported
  ## by server
  if(ord(server_hello[0]) == 22 && ord(server_hello[1]) == 3 && ord(server_hello[2]) == 2 &&
     ord(server_hello[5]) == 2 &&  ord(server_hello[9]) == 3 && ord(server_hello[10]) == 2){
    tlsv1_1_cipher_sup = TRUE;
  }
  return(tlsv1_1_cipher_sup);
}

## This function check for certain bytes in the server_hello and

		
top

check_tlsv1_2_cipher_spec_supported

Named Parameters

server_hello

Code

function check_tlsv1_2_cipher_spec_supported(server_hello)
{
  ## ServerHello :
  ## HandshakeType(1), SSLVer(2), Length(2), ServerHello(1), Length(3)
  ## SSLVer(2), RandomData(32),
  ## SessionIDLength(1), SessionID(SessionIDLength)
  ## CipherSuite(Client-CipherSuitLength)
  ## CompressionMethod(1)
  ##
  ## Certificate :
  ## HandshakeType(1), SSLVer(2), Length(2), Certificate(1), Length(3)
  ## CertificatesLength(3), CertificateLength(3), Certificate(CertificateLength)
  ##
  ## ServerKey Exchange
  ## HandshakeType(1), SSLVer(2), Length(2), ServerKeyExchange(1), Length(3)
  ##
  ## ServerHello Done
  ## HandshakeType(1), SSLVer(2), Length(2), ServerHelloDone(1), Length(3)

  tlsv1_2_cipher_sup = FALSE;

  ## Check for ServerHello(4), SSL Ver(0x0002), Cipher Spec Length(3)
  ## If all the conditions specified menas, given cipher spec is supported
  ## by server
  if(ord(server_hello[0]) == 22 && ord(server_hello[1]) == 3 && ord(server_hello[2]) == 3 &&
     ord(server_hello[5]) == 2 &&  ord(server_hello[9]) == 3 &&  ord(server_hello[10]) == 3){
    tlsv1_2_cipher_sup = TRUE;
  }
  return(tlsv1_2_cipher_sup);
}



		
top

check_tlsv1_cipher_spec_supported

Named Parameters

server_hello

Code

function check_tlsv1_cipher_spec_supported(server_hello)
{

  ## ServerHello :
  ## HandshakeType(1), SSLVer(2), Length(2), ServerHello(1), Length(3)
  ## SSLVer(2), RandomData(32),
  ## SessionIDLength(1), SessionID(SessionIDLength)
  ## CipherSuite(Client-CipherSuitLength)
  ## CompressionMethod(1)
  ##
  ## Certificate :
  ## HandshakeType(1), SSLVer(2), Length(2), Certificate(1), Length(3)
  ## CertificatesLength(3), CertificateLength(3), Certificate(CertificateLength)
  ##
  ## ServerKey Exchange
  ## HandshakeType(1), SSLVer(2), Length(2), ServerKeyExchange(1), Length(3)
  ##
  ## ServerHello Done
  ## HandshakeType(1), SSLVer(2), Length(2), ServerHelloDone(1), Length(3)

  tlsv1_cipher_sup = FALSE;

  ## Check for ServerHello(4), SSL Ver(0x0002), Cipher Spec Length(3)
  ## If all the conditions specified menas, given cipher spec is supported
  ## by server
  if(ord(server_hello[0]) == 22 && ord(server_hello[1]) == 3 && ord(server_hello[2]) == 1 &&
     ord(server_hello[5]) == 2 &&  ord(server_hello[9]) == 3){
    tlsv1_cipher_sup = TRUE;
  }
  return(tlsv1_cipher_sup);
}

## This function check for certain bytes in the server_hello and

		
top

construct_ssl_req

Named Parameters

CIPHER
SSL_VER

Code

function construct_ssl_req(SSL_VER, CIPHER)
{
  ssl_req = NULL;

  ## Construct SSLv2 Request with given Cipher Spec
  if(SSL_VER == "sslv2")
  {
    ## SSLv2 Version Client Hello Structure
    ## 0x80, Length(1), ClientHello(1), SSLVer(2), CipherSpecLength(2)
    ## SessionIDLength(2), ChallengeLength(2),
    ## CipherSpec(CipherSpecLength)
    ## Challenge(ChallengeLength)

    ssl_req = raw_string(
                          0x80, 0x1e, 0x01, 0x00, 0x02, 0x00, 0x03, 0x00,
                          0x00, 0x00, 0x12,
                          CIPHER[0], CIPHER[1], CIPHER[2],

                          ## Challenge
                          0x00, 0x67,
                          0xc6, 0x69, 0x73, 0x51, 0xff, 0x4a, 0xec, 0x29,
                          0xcd, 0xba, 0xab, 0xf2, 0xfb, 0x00, 0x00, 0x00
                        );
  }

  ## Construct SSLv3 Request with given Cipher Spec
  else if(SSL_VER == "sslv3")
  {
     ## SSLv3 Client Hello Structure
     ## HandshakeType(1), SSLVer(2), Length(2), ClientHello(1), Length(3)
     ## SSLVer(2), RandomData(32), SessionID(1),
     ## CipherSuitLength(2), CipherSuit(CipherSuitLength),
     ## CompressionMethodLength(1), CompressionMethod(CompressionMethodLength)

     ssl_req = raw_string(
                           0x16, 0x03, 0x00, 0x00, 0x2d, 0x01, 0x00, 0x00,
                           0x29, 0x03, 0x00,

                           ## Random 32 byte data
                           0xec, 0x18, 0xdb, 0x5c, 0x02, 0x1a, 0xfe, 0x43,
                           0xfb, 0xfa, 0xaa, 0x3a, 0xfb, 0x29, 0xd1, 0xe6,
                           0x05, 0x3c, 0x7c, 0x94, 0x75, 0xd8, 0xbe, 0x61,
                           0x89, 0xf9, 0x5c, 0xbb, 0xa8, 0x99, 0x0f, 0x95,

                           0x00, 0x00, 0x02,
                           CIPHER[0], CIPHER[1],
                           0x01, 0x00, 0x00, 0x00
                         );
  }

  ## Construct TLSv1 Request with given Cipher Spec
  else if(SSL_VER == "tlsv1")
  {

     ## TLSv1
     ## TLSv1 Client Hello Structure
     ## HandshakeType(1), TLSVer(2), Length(2), ClientHello(1), Length(3)
     ## SSLVer(2), RandomData(32), SessionID(1),
     ## CipherSuitLength(2), CipherSuit(CipherSuitLength),
     ## CompressionMethodLength(1), CompressionMethod(CompressionMethodLength)

     ssl_req = raw_string(
                           0x16, 0x03, 0x01, 0x00, 0x2d, 0x01, 0x00, 0x00,
                           0x29, 0x03, 0x01,

                           ## Random 32 byte data
                           0xec, 0x18, 0xdb, 0x5c, 0x02, 0x1a, 0xfe, 0x43,
                           0xfb, 0xfa, 0xaa, 0x3a, 0xfb, 0x29, 0xd1, 0xe6,
                           0x05, 0x3c, 0x7c, 0x94, 0x75, 0xd8, 0xbe, 0x61,
                           0x89, 0xf9, 0x5c, 0xbb, 0xa8, 0x99, 0x0f, 0x95,

                           0x00, 0x00, 0x02,
                           CIPHER[0], CIPHER[1],
                           0x01, 0x00, 0x00, 0x00
                         );
  }

  ## Construct TLSv1_1 Request with given Cipher Spec
  else if(SSL_VER == "tlsv1_1")
  {

     ## TLSv1_1
     ## TLSv1 Client Hello Structure
     ## HandshakeType(1), TLSVer(2), Length(2), ClientHello(1), Length(3)
     ## SSLVer(2), RandomData(32), SessionID(1),
     ## CipherSuitLength(2), CipherSuit(CipherSuitLength),
     ## CompressionMethodLength(1), CompressionMethod(CompressionMethodLength)

     ssl_req = raw_string(
                           0x16, 0x03, 0x01, 0x00, 0x2d, 0x01, 0x00, 0x00,
                           0x29, 0x03, 0x02,

                           ## Random 32 byte data
                           0xec, 0x18, 0xdb, 0x5c, 0x02, 0x1a, 0xfe, 0x43,
                           0xfb, 0xfa, 0xaa, 0x3a, 0xfb, 0x29, 0xd1, 0xe6,
                           0x05, 0x3c, 0x7c, 0x94, 0x75, 0xd8, 0xbe, 0x61,
                           0x89, 0xf9, 0x5c, 0xbb, 0xa8, 0x99, 0x0f, 0x95,

                           0x00, 0x00, 0x02,
                           CIPHER[0], CIPHER[1],
                           0x01, 0x00, 0x00, 0x00
                         );
  }

  ## Construct TLSv1_2 Request with given Cipher Spec
  else if(SSL_VER == "tlsv1_2")
  {

     ## TLSv1_2
     ## TLSv1 Client Hello Structure
     ## HandshakeType(1), TLSVer(2), Length(2), ClientHello(1), Length(3)
     ## SSLVer(2), RandomData(32), SessionID(1),
     ## CipherSuitLength(2), CipherSuit(CipherSuitLength),
     ## CompressionMethodLength(1), CompressionMethod(CompressionMethodLength)

     ssl_req = raw_string(
                           0x16, 0x03, 0x01, 0x00, 0x2d, 0x01, 0x00, 0x00,
                           0x29, 0x03, 0x03,

                          ## Random 32 byte data
                           0xec, 0x18, 0xdb, 0x5c, 0x02, 0x1a, 0xfe, 0x43,
                           0xfb, 0xfa, 0xaa, 0x3a, 0xfb, 0x29, 0xd1, 0xe6,
                           0x05, 0x3c, 0x7c, 0x94, 0x75, 0xd8, 0xbe, 0x61,
                           0x89, 0xf9, 0x5c, 0xbb, 0xa8, 0x99, 0x0f, 0x95,

                           0x00, 0x00, 0x02,
                           CIPHER[0], CIPHER[1],
                           0x01, 0x00, 0x00, 0x00
                         );
  }

  return(ssl_req);
}

## This function sends given client hello request

		
top

get_ssl_server_hello

Named Parameters

sslPort
ssl_req

Code

function get_ssl_server_hello(ssl_req, sslPort)
{
    local_var soc, sslPort;

    soc = open_ssl_socket( port:sslPort );
    if(!soc){
      return FALSE;
    }

    send(socket:soc, data:ssl_req);
    server_res = recv(socket:soc, length:16);

    close(soc);

    return (server_res);
}


## This function check for certain bytes in the server_hello and

		
top