0x2a, 0xc6, 0xac, 0x8d, 0x06, 0x06, 0x2c, 0xf6, 0x8d, 0x97, 0x58, 0x68, 0x86, 0xa4
};
+// copied verbatim from the protocol...
+unsigned char my_signature[SEC_MODULUS_SIZE] = {
+ 0x49, 0x54, 0x1b, 0xbe, 0x23, 0x8b, 0xbe, 0x1f, 0x77, 0xfa, 0x5d, 0xd0, 0x57, 0xee, 0x55, 0xd2,
+ 0x9e, 0x38, 0x7b, 0x82, 0x82, 0x8d, 0x25, 0x2a, 0xaa, 0xa0, 0xe6, 0xbe, 0x1b, 0xa6, 0x4e, 0xe2,
+ 0x9b, 0x55, 0x39, 0xb2, 0x38, 0xd2, 0x11, 0x64, 0x06, 0x64, 0x87, 0xb6, 0x3a, 0xce, 0xc6, 0x9a,
+ 0xc7, 0x85, 0xbd, 0xc7, 0xe3, 0x2b, 0x10, 0x9f, 0xdc, 0x38, 0x5a, 0x05, 0x86, 0xb3, 0x5c, 0x1a
+};
void
mcs_send_connect_response()
s = iso_init(250);
printf("INITLEN: %u\n", s->p - s->iso_hdr);
- ber_out_header(s, MCS_CONNECT_RESPONSE, 245);
+ ber_out_header(s, MCS_CONNECT_RESPONSE, 245 + 72);
ber_out_header(s, BER_TAG_RESULT, 1);
out_uint8(s, 0);
mcs_out_domain_params(s, 34, 2, 0, 0xffff); // dumdidum?
- ber_out_header(s, BER_TAG_OCTET_STRING, 207);
+ ber_out_header(s, BER_TAG_OCTET_STRING, 207 + 72);
// some unknown header of sorts
out_uint8(s, 0x00);
out_uint8(s, 0x44);
out_uint8(s, 0x6e);
- length = 184;
+ length = 184 + 72;
// two bytes of length
out_uint8(s, 0x80 | (length >> 8));
// crypto info
out_uint16_le(s, SEC_TAG_SRV_CRYPT);
- out_uint16_le(s, 160); // length
+ out_uint16_le(s, 232); // length
out_uint32_le(s, 2); // 128-bit
out_uint32_le(s, 3); // high
out_uint32_le(s, SEC_RANDOM_SIZE); // random_len
- out_uint32_le(s, 108); // rsa_info_len
+ out_uint32_le(s, 180); // rsa_info_len
out_uint8s(s, SEC_RANDOM_SIZE); // server_random
out_uint32_le(s, 1); // RDP4-style
// unknown
out_uint8p(s, my_modulus, SEC_MODULUS_SIZE);
out_uint8s(s, SEC_PADDING_SIZE);
+ // just copied verbatim...
+ out_uint16_le(s, SEC_TAG_KEYSIG);
+ out_uint16_le(s, 72);
+ out_uint8p(s, my_signature, 64); // 512 bits
+ out_uint8s(s, 4); // padding
+
s_mark_end(s);
iso_send(s);