initial commit

Author: BlazeWasHere

.ccls

@@ -0,0 +1,3 @@
+clang
+%h
+-I.

.clang-format

@@ -0,0 +1,5 @@
+---
+BasedOnStyle: LLVM
+IndentWidth: 4
+---
+

.gitignore

@@ -0,0 +1,5 @@
+.nvimlog
+.nvim
+a.out
+example
+test

LICENSE

@@ -0,0 +1,23 @@
+Boost Software License - Version 1.0 - August 17th, 2003
+
+Permission is hereby granted, free of charge, to any person or organization
+obtaining a copy of the software and accompanying documentation covered by
+this license (the "Software") to use, reproduce, display, distribute,
+execute, and transmit the Software, and to prepare derivative works of the
+Software, and to permit third-parties to whom the Software is furnished to
+do so, all subject to the following:
+
+The copyright notices in the Software and this entire statement, including
+the above license grant, this restriction and the following disclaimer,
+must be included in all copies of the Software, in whole or in part, and
+all derivative works of the Software, unless such copies or derivative
+works are solely in the form of machine-executable object code generated by
+a source language processor.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
+SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
+FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+DEALINGS IN THE SOFTWARE.

Makefile

@@ -0,0 +1,13 @@
+CFLAGS ?= -O2 -Wall -Wextra -Wfloat-equal -Wundef -Wcast-align -Wwrite-strings -Wlogical-op -Wmissing-declarations -Wredundant-decls -Wshadow
+
+all: test example
+
+test: tests.c cCHello.c
+	$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^
+
+example: example.c cCHello.c
+	$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^
+
+clean:
+	rm -rf example
+	rm -rf test

README.md

@@ -0,0 +1,63 @@
+# cCHello
+
+A minimal TLS client hello parser.
+
+# Features
+- compatible with C99
+- no dependencies
+- ~100 LOC
+- simple API
+- extensive overflow checks
+
+# API
+```c
+client_hello_t *cchello_client_hello_init(void);
+int cchello_parse(client_hello_t *ch, uint8_t *data, size_t data_len);
+void cchello_client_hello_free(client_hello_t *ch);
+```
+
+# Usage
+
+```c
+#include "cCHello.h"
+...
+client_hello_t *ch == cchello_client_hello_init();
+if (ch == NULL)
+    // handle alloc failure.
+
+int ret = cchello_parse(ch, data, data_len);
+if (ret < 0)
+    // handle cchello error.
+else
+    // you may want to check if cchello read all of the data
+    assert(data_len == ret);
+
+// remember to free!
+cchello_client_hello_free(ch);
+```
+
+# Example
+
+After running the example binary, visit the URL [https://localhost:1337](https://localhost:1337) in your browser.
+
+```sh
+$ make example
+cc -O2 -Wall -Wextra -Wfloat-equal -Wundef -Wcast-align -Wwrite-strings -Wlogical-op -Wmissing-declarations -Wredundant-decls -Wshadow  -o test tests.c cCHello.c
+$ ./example
+[...]
+```
+
+# Tests
+```sh
+$ make test
+cc -O2 -Wall -Wextra -Wfloat-equal -Wundef -Wcast-align -Wwrite-strings -Wlogical-op -Wmissing-declarations -Wredundant-decls -Wshadow  -o test tests.c cCHello.c
+$ ./test
+[...]
+ALL TESTS PASSED.
+```
+
+# Thanks
+[Michael Driscoll](https://github.com/syncsynchalt) for the [illustrated TLS connection](https://github.com/syncsynchalt/illustrated-tls)
+
+# License
+[BSL-1.0 License](https://github.com/BlazeWasHere/cCHello/blob/master/LICENSE)

cCHello.c

@@ -0,0 +1,135 @@
+//          Copyright Blaze 2021.
+// Distributed under the Boost Software License, Version 1.0.
+//    (See accompanying file LICENSE or copy at
+//          https://www.boost.org/LICENSE_1_0.txt)
+
+#include <string.h>
+
+#include "cCHello.h"
+
+#define OVERFLOW_CHECK(num)                                                    \
+    if (num > data_len)                                                        \
+        return CCHELLO_OVERFLOW;
+
+static inline uint32_t concat_bytes(uint8_t x, uint8_t y, uint8_t z) {
+    return (x << 16) | (y << 8) | z;
+}
+
+enum tls_version cchello_parse_version(uint8_t major, uint8_t minor) {
+    uint32_t ret = concat_bytes(0, major, minor);
+
+    if (ret == TLS_1_0 || ret == TLS_1_1 || ret == TLS_1_2 || ret == TLS_1_3)
+        return ret;
+
+    return UNKNOWN;
+}
+
+client_hello_t *cchello_client_hello_init(void) {
+    return (client_hello_t *)calloc(1, sizeof(client_hello_t));
+}
+
+int cchello_parse(client_hello_t *ch, uint8_t *data, size_t data_len) {
+    uint32_t handshake_len, ch_data_len;
+    size_t read = 0;
+
+    if (data_len == 0)
+        return read;
+
+    for (read = 0; read < data_len; read++) {
+        switch (read) {
+        case 0:
+            // 0x16 = handshake record
+            if (data[read] != 0x16)
+                return CCHELLO_WRONG_PACKET;
+            break;
+        case 2:
+            ch->version = cchello_parse_version(data[read - 1], data[read]);
+            break;
+        case 4:
+            handshake_len = concat_bytes(0, data[read - 1], data[read]);
+            OVERFLOW_CHECK(handshake_len + read)
+            break;
+        case 5:
+            // handshake message type 0x1 = client hello
+            if (data[read] != 0x1)
+                return CCHELLO_WRONG_PACKET;
+            break;
+        case 8:
+            ch_data_len =
+                concat_bytes(data[read - 2], data[read - 1], data[read]);
+            OVERFLOW_CHECK(ch_data_len + read)
+            break;
+        case 11:
+            // TODO: what to do with this, is it even needed?
+            // cchello_parse_version(data[read - 1], data[read]);
+            break;
+        case 42:
+            memcpy(ch->random, data + 11, 32);
+            break;
+        case 43:
+            // session id
+            ch->session_id_len = data[read];
+            OVERFLOW_CHECK(ch->session_id_len + read);
+
+            ch->session_id = calloc(sizeof(uint8_t), ch->session_id_len);
+            if (ch->session_id == NULL)
+                return CCHELLO_NOMEM;
+
+            memcpy(ch->session_id, data + read + 1, ch->session_id_len);
+            // +1 byte; for the session_id_len byte
+            read += ch->session_id_len + 1;
+
+            // cipher suites
+            OVERFLOW_CHECK(read + 1);
+            ch->cipher_suites_len = concat_bytes(0, data[read], data[read + 1]);
+            OVERFLOW_CHECK(ch->cipher_suites_len + read);
+
+            ch->cipher_suites = calloc(sizeof(uint8_t), ch->cipher_suites_len);
+            if (ch->cipher_suites == NULL)
+                return CCHELLO_NOMEM;
+
+            // cipher_suites_len takes 2 bytes
+            read += 2;
+            memcpy(ch->cipher_suites, data + read, ch->cipher_suites_len);
+            read += ch->cipher_suites_len;
+
+            // compression methods
+            ch->compression_methods_len = data[read];
+            OVERFLOW_CHECK(ch->compression_methods_len + read);
+
+            ch->compression_methods =
+                calloc(sizeof(uint8_t), ch->cipher_suites_len);
+            memcpy(ch->compression_methods, data + read + 1,
+                   ch->compression_methods_len);
+            read += ch->compression_methods_len + 1;
+
+            // extensions
+            OVERFLOW_CHECK(read + 1);
+            ch->extensions_len = concat_bytes(0, data[read], data[read + 1]);
+            OVERFLOW_CHECK(ch->extensions_len + read);
+
+            ch->extensions = calloc(sizeof(uint8_t), ch->extensions_len);
+            if (ch->extensions == NULL)
+                return CCHELLO_NOMEM;
+
+            read += 2;
+            memcpy(ch->extensions, data + read, ch->extensions_len);
+            read += ch->extensions_len;
+
+            return read;
+        }
+    }
+
+    return read;
+}
+
+void cchello_client_hello_free(client_hello_t *ch) {
+    free(ch->extensions);
+    free(ch->compression_methods);
+    free(ch->cipher_suites);
+    free(ch->session_id);
+    free(ch);
+
+    // prevent segfault from freeing twice
+    ch = NULL;
+}

cCHello.h

@@ -0,0 +1,89 @@
+//          Copyright Blaze 2021.
+// Distributed under the Boost Software License, Version 1.0.
+//    (See accompanying file LICENSE or copy at
+//          https://www.boost.org/LICENSE_1_0.txt)
+
+#ifndef _CCHELLO_H
+#define _CCHELLO_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+#include <stddef.h>
+#include <stdint.h>
+#include <stdlib.h>
+
+#define TLS_VERSION_NUMBER(id)                                                 \
+    ((((id##_VERSION_MAJOR) & 0xFF) << 8) | ((id##_VERSION_MINOR) & 0xFF))
+
+#define TLS_1_0_VERSION_MAJOR 0x3
+#define TLS_1_0_VERSION_MINOR 0x1
+
+#define TLS_1_1_VERSION_MAJOR 0x3
+#define TLS_1_1_VERSION_MINOR 0x2
+
+#define TLS_1_2_VERSION_MAJOR 0x3
+#define TLS_1_2_VERSION_MINOR 0x3
+
+#define TLS_1_3_VERSION_MAJOR 0x3
+#define TLS_1_3_VERSION_MINOR 0x4
+
+enum tls_version {
+    UNKNOWN = -1,
+    TLS_1_0 = TLS_VERSION_NUMBER(TLS_1_0),
+    TLS_1_1 = TLS_VERSION_NUMBER(TLS_1_1),
+    TLS_1_2 = TLS_VERSION_NUMBER(TLS_1_2),
+    TLS_1_3 = TLS_VERSION_NUMBER(TLS_1_3),
+};
+
+enum cchello_err {
+    /* The packet given is not a handshake record or a client hello. */
+    CCHELLO_WRONG_PACKET = -1,
+    /* An overflow/overstep would have occured. */
+    CCHELLO_OVERFLOW = -2,
+    /* Not enough memory. */
+    CCHELLO_NOMEM = -3,
+};
+
+typedef struct {
+    /* The client's TLS version */
+    enum tls_version version;
+    /*  The client provides 32 bytes of random data. This data will be used
+     * later in the session. In this example we've made the random data a
+     * predictable string. */
+    uint8_t random[32];
+    /* The client can provide the ID of a previous TLS session against this
+     * server which it is able to resume. */
+    uint8_t *session_id;
+    uint8_t session_id_len;
+    /*  The client provides an ordered list of which cryptographic methods it
+     * will support for key exchange, encryption with that exchanged key, and
+     * message authentication. The list is in the order preferred by the client,
+     * with highest preference first. */
+    uint8_t *cipher_suites;
+    uint32_t cipher_suites_len;
+    /*  The client provides an ordered list of which compression methods it will
+     * support. This compression would be applied before encryption (as
+     * encrypted data is usually incompressible). */
+    uint8_t *compression_methods;
+    uint8_t compression_methods_len;
+    /*  The client has provided a list of optional extensions which the server
+     * can use to take action or enable new features. */
+    uint8_t *extensions;
+    uint32_t extensions_len;
+} client_hello_t;
+
+enum tls_version cchello_parse_version(uint8_t major, uint8_t minor);
+
+/* if <0, error; else returns bytes read from `data` */
+int cchello_parse(client_hello_t *ch, uint8_t *data, size_t data_len);
+
+client_hello_t *cchello_client_hello_init(void);
+
+void cchello_client_hello_free(client_hello_t *ch);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // _CCHELLO_H

example.c

@@ -0,0 +1,96 @@
+//          Copyright Blaze 2021.
+// Distributed under the Boost Software License, Version 1.0.
+//    (See accompanying file LICENSE or copy at
+//          https://www.boost.org/LICENSE_1_0.txt)
+
+#include <err.h>
+#include <netinet/in.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/socket.h>
+
+#include "cCHello.h"
+
+#define RECV_MAX 1024
+#define BACKLOG 256
+#define PORT 1337
+
+static int setup_socket(int port) {
+    struct sockaddr_in address;
+    int ret;
+
+    int sock = socket(AF_INET, SOCK_STREAM, 0);
+    if (sock == -1)
+        err(EXIT_FAILURE, "Failed to create a socket");
+
+    int optval = 1;
+
+    ret = setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval));
+    if (ret == -1)
+        err(EXIT_FAILURE, "Failed to set socket opt");
+
+    address.sin_family = AF_INET;
+    address.sin_port = htons(port);
+    address.sin_addr.s_addr = htonl(INADDR_ANY);
+
+    ret = bind(sock, (struct sockaddr *)&address, sizeof(address));
+    if (ret == -1)
+        err(EXIT_FAILURE, "Failed to bind the socket");
+
+    ret = listen(sock, BACKLOG);
+    if (ret == -1)
+        err(EXIT_FAILURE, "Failed to listen with the socket");
+
+    return sock;
+}
+
+static void print_hex(uint8_t *data, uint32_t data_len) {
+    printf("{");
+
+    for (size_t i = 0; i < data_len; i++)
+        if (i != (data_len - 1))
+            printf("0x%x, ", data[i]);
+        else
+            printf("0x%x", data[i]);
+
+    printf("}\n");
+}
+
+int main(void) {
+    struct sockaddr_in client_addr;
+    uint8_t buffer[RECV_MAX];
+    ssize_t buf_len;
+    int ret;
+
+    socklen_t addr_size = sizeof(client_addr);
+    int socket = setup_socket(PORT);
+
+    socket = accept(socket, (struct sockaddr *)&client_addr, &addr_size);
+    if (socket == -1)
+        err(EXIT_FAILURE, "Failed to accept with the socket");
+
+    buf_len = recv(socket, buffer, RECV_MAX, 0);
+    if (buf_len == -1)
+        err(EXIT_FAILURE, "Failed to read data from the socket");
+
+    client_hello_t *ch = calloc(1, sizeof(client_hello_t));
+    if (ch == NULL)
+        errx(EXIT_FAILURE, "out of memory");
+
+    ret = cchello_parse(ch, buffer, buf_len);
+    printf("function ret: %d, data size: %ld\n", ret, buf_len);
+
+    printf("tls version: %d\n", ch->version);
+    printf("session id: ");
+    print_hex(ch->session_id, ch->session_id_len);
+    printf("random: ");
+    print_hex(ch->random, sizeof(ch->random));
+    printf("compression methods: ");
+    print_hex(ch->compression_methods, ch->compression_methods_len);
+    printf("cipher suites: ");
+    print_hex(ch->cipher_suites, ch->cipher_suites_len);
+    printf("extensions: ");
+    print_hex(ch->extensions, ch->extensions_len);
+
+    return 0;
+}

tests.c

@@ -0,0 +1,192 @@
+//          Copyright Blaze 2021.
+// Distributed under the Boost Software License, Version 1.0.
+//    (See accompanying file LICENSE or copy at
+//          https://www.boost.org/LICENSE_1_0.txt)
+
+#include <assert.h>
+#include <stdbool.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "cCHello.h"
+
+static uint8_t ch_1_3[] = {
+    0x16, 0x03, 0x01, 0x00, 0xca, 0x01, 0x00, 0x00, 0xc6, 0x03, 0x03, 0x00,
+    0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
+    0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+    0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0xe0, 0xe1, 0xe2, 0xe3,
+    0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
+    0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb,
+    0xfc, 0xfd, 0xfe, 0xff, 0x00, 0x06, 0x13, 0x01, 0x13, 0x02, 0x13, 0x03,
+    0x01, 0x00, 0x00, 0x77, 0x00, 0x00, 0x00, 0x18, 0x00, 0x16, 0x00, 0x00,
+    0x13, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e, 0x75, 0x6c, 0x66,
+    0x68, 0x65, 0x69, 0x6d, 0x2e, 0x6e, 0x65, 0x74, 0x00, 0x0a, 0x00, 0x08,
+    0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00, 0x0d, 0x00, 0x14,
+    0x00, 0x12, 0x04, 0x03, 0x08, 0x04, 0x04, 0x01, 0x05, 0x03, 0x08, 0x05,
+    0x05, 0x01, 0x08, 0x06, 0x06, 0x01, 0x02, 0x01, 0x00, 0x33, 0x00, 0x26,
+    0x00, 0x24, 0x00, 0x1d, 0x00, 0x20, 0x35, 0x80, 0x72, 0xd6, 0x36, 0x58,
+    0x80, 0xd1, 0xae, 0xea, 0x32, 0x9a, 0xdf, 0x91, 0x21, 0x38, 0x38, 0x51,
+    0xed, 0x21, 0xa2, 0x8e, 0x3b, 0x75, 0xe9, 0x65, 0xd0, 0xd2, 0xcd, 0x16,
+    0x62, 0x54, 0x00, 0x2d, 0x00, 0x02, 0x01, 0x01, 0x00, 0x2b, 0x00, 0x03,
+    0x02, 0x03, 0x04};
+
+static uint8_t ch_1_2[] = {
+    0x16, 0x03, 0x01, 0x00, 0xa5, 0x01, 0x00, 0x00, 0xa1, 0x03, 0x03, 0x00,
+    0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
+    0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+    0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x00, 0x00, 0x20, 0xcc, 0xa8,
+    0xcc, 0xa9, 0xc0, 0x2f, 0xc0, 0x30, 0xc0, 0x2b, 0xc0, 0x2c, 0xc0, 0x13,
+    0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9c, 0x00, 0x9d, 0x00, 0x2f,
+    0x00, 0x35, 0xc0, 0x12, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x58, 0x00, 0x00,
+    0x00, 0x18, 0x00, 0x16, 0x00, 0x00, 0x13, 0x65, 0x78, 0x61, 0x6d, 0x70,
+    0x6c, 0x65, 0x2e, 0x75, 0x6c, 0x66, 0x68, 0x65, 0x69, 0x6d, 0x2e, 0x6e,
+    0x65, 0x74, 0x00, 0x05, 0x00, 0x05, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00,
+    0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0d, 0x00, 0x12, 0x00,
+    0x10, 0x04, 0x01, 0x04, 0x03, 0x05, 0x01, 0x05, 0x03, 0x06, 0x01, 0x06,
+    0x03, 0x02, 0x01, 0x02, 0x03, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x12,
+    0x00, 0x00};
+
+static void assert_array(uint8_t *x, uint8_t *y, size_t len) {
+    assert(memcmp(x, y, sizeof(uint8_t) * len) == 0);
+}
+
+static void print_hex(uint8_t *data, uint32_t data_len) {
+    printf("{");
+
+    for (size_t i = 0; i < data_len; i++)
+        if (i != (data_len - 1))
+            printf("0x%x, ", data[i]);
+        else
+            printf("0x%x", data[i]);
+
+    printf("}\n");
+}
+
+static client_hello_t *ch_init() {
+    client_hello_t *ch = cchello_client_hello_init();
+    if (ch == NULL) {
+        fprintf(stderr, "out of memory\n");
+        exit(EXIT_FAILURE);
+    }
+
+    return ch;
+}
+
+static void test_ch_1_3() {
+    client_hello_t *ch = ch_init();
+
+    uint8_t c_session_id[] = {0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
+                              0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
+                              0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
+                              0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff};
+    uint8_t c_random[] = {0x0,  0x1,  0x2,  0x3,  0x4,  0x5,  0x6,  0x7,
+                          0x8,  0x9,  0xa,  0xb,  0xc,  0xd,  0xe,  0xf,
+                          0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+                          0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f};
+    uint8_t c_ciphers[] = {0x13, 0x1, 0x13, 0x2, 0x13, 0x3};
+    uint8_t c_extensions[] = {
+        0x0,  0x0,  0x0,  0x18, 0x0,  0x16, 0x0,  0x0,  0x13, 0x65, 0x78, 0x61,
+        0x6d, 0x70, 0x6c, 0x65, 0x2e, 0x75, 0x6c, 0x66, 0x68, 0x65, 0x69, 0x6d,
+        0x2e, 0x6e, 0x65, 0x74, 0x0,  0xa,  0x0,  0x8,  0x0,  0x6,  0x0,  0x1d,
+        0x0,  0x17, 0x0,  0x18, 0x0,  0xd,  0x0,  0x14, 0x0,  0x12, 0x4,  0x3,
+        0x8,  0x4,  0x4,  0x1,  0x5,  0x3,  0x8,  0x5,  0x5,  0x1,  0x8,  0x6,
+        0x6,  0x1,  0x2,  0x1,  0x0,  0x33, 0x0,  0x26, 0x0,  0x24, 0x0,  0x1d,
+        0x0,  0x20, 0x35, 0x80, 0x72, 0xd6, 0x36, 0x58, 0x80, 0xd1, 0xae, 0xea,
+        0x32, 0x9a, 0xdf, 0x91, 0x21, 0x38, 0x38, 0x51, 0xed, 0x21, 0xa2, 0x8e,
+        0x3b, 0x75, 0xe9, 0x65, 0xd0, 0xd2, 0xcd, 0x16, 0x62, 0x54, 0x0,  0x2d,
+        0x0,  0x2,  0x1,  0x1,  0x0,  0x2b, 0x0,  0x3,  0x2,  0x3,  0x4};
+
+    printf("TEST: parsing tls1.3 client hello: START.\n");
+    int ret = cchello_parse(ch, ch_1_3, sizeof(ch_1_3));
+    assert(ret == sizeof(ch_1_3));
+
+    printf("tls version: %d\n", ch->version);
+    assert(ch->version == TLS_1_0);
+
+    printf("session id: ");
+    print_hex(ch->session_id, ch->session_id_len);
+    assert_array(ch->session_id, c_session_id, sizeof(c_session_id));
+
+    printf("random: ");
+    print_hex(ch->random, sizeof(ch->random));
+    assert_array(ch->random, c_random, sizeof(c_random));
+
+    printf("compression methods: ");
+    print_hex(ch->compression_methods, ch->compression_methods_len);
+    assert(ch->compression_methods[0] == 0x0);
+
+    printf("cipher suites: ");
+    print_hex(ch->cipher_suites, ch->cipher_suites_len);
+    assert_array(ch->cipher_suites, c_ciphers, sizeof(c_ciphers));
+
+    printf("extensions: ");
+    print_hex(ch->extensions, ch->extensions_len);
+    assert_array(ch->extensions, c_extensions, sizeof(c_extensions));
+
+    printf("TEST: parsing tls1.3 client hello: PASSED.\n\n");
+    cchello_client_hello_free(ch);
+}
+
+static void test_ch_1_2() {
+    client_hello_t *ch = ch_init();
+
+    uint8_t c_session_id[] = {};
+    uint8_t c_random[] = {0x0,  0x1,  0x2,  0x3,  0x4,  0x5,  0x6,  0x7,
+                          0x8,  0x9,  0xa,  0xb,  0xc,  0xd,  0xe,  0xf,
+                          0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+                          0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f};
+    uint8_t c_ciphers[] = {0xcc, 0xa8, 0xcc, 0xa9, 0xc0, 0x2f, 0xc0, 0x30,
+                           0xc0, 0x2b, 0xc0, 0x2c, 0xc0, 0x13, 0xc0, 0x9,
+                           0xc0, 0x14, 0xc0, 0xa,  0x0,  0x9c, 0x0,  0x9d,
+                           0x0,  0x2f, 0x0,  0x35, 0xc0, 0x12, 0x0,  0xa};
+    uint8_t c_extensions[] = {
+        0x0,  0x0,  0x0,  0x18, 0x0,  0x16, 0x0,  0x0,  0x13, 0x65, 0x78,
+        0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e, 0x75, 0x6c, 0x66, 0x68, 0x65,
+        0x69, 0x6d, 0x2e, 0x6e, 0x65, 0x74, 0x0,  0x5,  0x0,  0x5,  0x1,
+        0x0,  0x0,  0x0,  0x0,  0x0,  0xa,  0x0,  0xa,  0x0,  0x8,  0x0,
+        0x1d, 0x0,  0x17, 0x0,  0x18, 0x0,  0x19, 0x0,  0xb,  0x0,  0x2,
+        0x1,  0x0,  0x0,  0xd,  0x0,  0x12, 0x0,  0x10, 0x4,  0x1,  0x4,
+        0x3,  0x5,  0x1,  0x5,  0x3,  0x6,  0x1,  0x6,  0x3,  0x2,  0x1,
+        0x2,  0x3,  0xff, 0x1,  0x0,  0x1,  0x0,  0x0,  0x12, 0x0,  0x0};
+
+    printf("TEST: parsing tls1.2 client hello: START.\n");
+    int ret = cchello_parse(ch, ch_1_2, sizeof(ch_1_2));
+    assert(ret == sizeof(ch_1_2));
+
+    printf("tls version: %d\n", ch->version);
+    assert(ch->version == TLS_1_0);
+
+    printf("session id: ");
+    print_hex(ch->session_id, ch->session_id_len);
+    assert_array(ch->session_id, c_session_id, sizeof(c_session_id));
+
+    printf("random: ");
+    print_hex(ch->random, sizeof(ch->random));
+    assert_array(ch->random, c_random, sizeof(c_random));
+
+    printf("compression methods: ");
+    print_hex(ch->compression_methods, ch->compression_methods_len);
+    assert(ch->compression_methods[0] == 0x0);
+
+    printf("cipher suites: ");
+    print_hex(ch->cipher_suites, ch->cipher_suites_len);
+    assert_array(ch->cipher_suites, c_ciphers, sizeof(c_ciphers));
+
+    printf("extensions: ");
+    print_hex(ch->extensions, ch->extensions_len);
+    assert_array(ch->extensions, c_extensions, sizeof(c_extensions));
+
+    printf("TEST: parsing tls1.2 client hello: PASSED.\n\n");
+    cchello_client_hello_free(ch);
+}
+
+int main(void) {
+    test_ch_1_2();
+    test_ch_1_3();
+
+    printf("ALL TESTS PASSED.\n");
+
+    return 0;
+}