Hello --
I have been working on the creation of a MITM plugin of sorts using OpenSSL
v1.0.1.c. My code basically is handed stream payloads (e.g. in this case
full SSL/TLS packets or groups of packets). I must then MITM them and
extract application data as required. I cannot use sockets directly here,
so I'm attempting to implement this using BIOs. (Note: MITM CA is installed
for me client side)
It seemed I was on the right track in my implementation, but I'm not stuck.
It looks like servers are rejecting my negotiations with an "Protocol
Version" (70) TLS alert.
What I'm hoping for here is a) is the path I'm going down correct, and b)
any ideas on what to look for?!
Here is the rundown of my implementation (C=local client/real data,
R=remote server/real data, MS: MITM server context/session, MC: MITM client
context/session)
Outgoing 'ClientHello':
1) Create new MS, read and clone certificate. Throw this server away
2) Create new MC, do_handshake() -> write MITM 'ClientHello' to R
Incoming 'ServerHello':
1) MC read
Incoming 'Certificate':
1) MC read
Incoming 'Done'
1) MC read
2) New MS using cloned/MITM certificate
3) MS accept cached original 'ClientHello' -> write MITM
'ServerHello+Cert+Done' to C
Outgoing 'KeyExchange':
1) MS read
Outgoing 'ChangeCipherSpec':
1) MS read
Outgoing 'Finished':
1) MS read
2) Write pending MC MITM 'KeyExchange+ChangeCipherSpec+Finished' to R
Incoming 'ChangeCipherSpec':
1) MC read
Incoming 'Finished':
1) MC read
After the init/handshake process (above), data is simply passed through:
Outgoing: C -> MS -> {decrypted} -> MC -> {encrypted} -> R
Incoming; R -> MC -> {decrypted} -> MS -> {encrypted} -> C
Sorry for the long email. It's a complex problem, this is the best way I
could think of describing it. Would love any feedback / tips / etc. I can
get!
