4

I am trying to create a websocket server program. Here is the handshaking code. However when i am trying to connect using chrome, the connection is dropped. Check this out and see if you can find any error.

iResult = recv(ClientSocket, recvbuf, recvbuflen, 0);
    if (iResult > 0) 
    {

        char *s = strstr(recvbuf,"Sec-WebSocket-Key:");
        s = s + strlen("Sec-WebSocket-Key:");

        char  buff[200] = {};
        int i = 0;
        while((int)*s != 13)
        {
            if((int)*s != 32)
            {
                buff[i] = *s;
                i++;
            }
            s++;
        }
        buff[i] = '\0';
        strcat(buff,"258EAFA5-E914-47DA-95CA-C5AB0DC85B11");
        hashwrapper *myWrapper = new sha1wrapper();
        std::string hash(myWrapper->getHashFromString(buff));

        std::string encoded = base64_encode(reinterpret_cast<const unsigned char*>(hash.c_str()), hash.length());

        char * handshakeFormat = "HTTP/1.1 101 Web Socket Protocol Handshake\r\n"
    "Upgrade: WebSocket\r\n"
    "Connection: Upgrade\r\n"
    "Sec-WebSocket-Accept: %s\r\n\r\n";

        memset(recvbuf,0,sizeof(recvbuf));
        sprintf(recvbuf,handshakeFormat,encoded.c_str());
                iSendResult = send( ClientSocket, recvbuf, iResult, 0 );


        delete myWrapper;
        myWrapper = NULL;
    }

For testing purpose :

key = "dGhlIHNhbXBsZSBub25jZQ=="

unique key = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"

sha1 hash : "b37a4f2cc0624f1690f64606cf385945b2bec4ea"

This is produced by my sha1 hashing function.

actual sha1 hash as per RFC6455 : "0xb3 0x7a 0x4f 0x2c 0xc0 0x62 0x4f 0x16 0x90 0xf6 0x46 0x06 0xcf 0x38 0x59 0x45 0xb2 0xbe 0xc4 0xea"

base64 encoded = "YjM3YTRmMmNjMDYyNGYxNjkwZjY0NjA2Y2YzODU5NDViMmJlYzRlYQ=="

This is produced by my base64 encoder

actual base64 encoding as per RFC6455 : "s3pPLMBiTxaQ9kYGzzhZRbK+xOo="

Google chrome sends the handshake data in the format :

GET /?encoding=text HTTP/1.1
Upgrade: websocket
Connection: Upgrade
Host: localhost:2000
Origin: http://www.websocket.org
Sec-WebSocket-Key: SEvjVT+KuQHF0TRSdop3GA==
Sec-WebSocket-Version: 13
Community
  • 1
  • 1
S. Swaroop
  • 411
  • 1
  • 6
  • 17
  • this might be a little confusing. What I have tried to do is, I implemented that code and it didnt work. The connection was dropped everytime. So to find the error, I took the example data in the RFC and tried to see if my encoded value was correct. However it was not. But the base64 encoded value that my program created was exactly similar to the encoding found by online base64 encoders. So I am sure mine is correct and RFC is wrong. But if mine is correct then why its not working – S. Swaroop Mar 08 '12 at 20:27
  • hmm. actually all my codes are in C, but just the hashing and encoding part is C++. And I have not written that codes. – S. Swaroop Mar 08 '12 at 20:28
  • Problem is I am getting a very long (56 characters) base64 encoded string. But the actual string should be 28 characters long. So where is the error ? – S. Swaroop Mar 08 '12 at 23:39

1 Answers1

2

You have to encode the byte values of the hash. Right now you're converting the hash to a hexadecimal string before encoding it.

Decode "s3pPLMBiTxaQ9kYGzzhZRbK+xOo=" and convert the output to a hex string, and you'll see it's B3 7A 4F 2C C0 62 4F 16 90 F6 46 06 CF 38 59 45 B2 BE C4 EA

"YjM3YTRmMmNjMDYyNGYxNjkwZjY0NjA2Y2YzODU5NDViMmJlYzRlYQ==", on the other hand, when decoded results in (the string) "b37a4f2cc0624f1690f64606cf385945b2bec4ea".

pezcode
  • 5,490
  • 2
  • 24
  • 37
  • I was expecting some error of this kind. I am using hashlib library to calculate sha1 hash. and in the above code, hash.c_str() returns me the hash value as **"b37a4f2cc0624f1690f64606cf385945b2bec4ea"** how am i supposed to get the correct hash value that is to be passed on to base64_encode ? – S. Swaroop Mar 09 '12 at 08:29
  • I don't know hashlib. Look if there's a function that gives you the raw hash bytes. If there isn't pick another library, there are literally hundreds that implement *SHA*. – pezcode Mar 09 '12 at 14:09
  • **Hey I have been banned from asking questions here as someone down voted the above question. Someone please up it so that I can ask some other questions.** I tried to use crypto++. But it gives me a lot of errors like **unresolved external symbol "public: virtual bool ... "** Here is the link where the code snippet exists [link]http://stackoverflow.com/questions/6981616/using-cryptopp-to-generate-random-hashes-sha1 – S. Swaroop Mar 09 '12 at 17:06