I'm trying to connect with google.com with port 443 SSL but when i call to WinHttpReadData returns encrypted text, but with WinHttpQueryHeaders i'm getting plain/text response headers from server.
Not sure at all why happens that, im referring to Headers no encrypted and Body yes, my objective is get the response body decrypted.
The source is here:
// ConsoleApplication3.cpp : Este archivo contiene la función "main". La ejecución del programa comienza y termina ahí.
//
#include "pch.h"
#include <windows.h>
#include <winhttp.h>
#include <iostream>
#include <string>
#include <algorithm>
int main(){
DWORD dwSize = 2000;
DWORD dwDownloaded = 0;
LPSTR pszOutBuffer;
DWORD headerSize = 0;
char * lpOutBuffer = new char[dwSize / sizeof(char)];
HINTERNET hSession = NULL;
HINTERNET hConnect = NULL;
HINTERNET hRequest = NULL;
// Use WinHttpOpen to obtain a session handle.
hSession = WinHttpOpen(L"WinHTTP Example/1.0",
WINHTTP_ACCESS_TYPE_DEFAULT_PROXY,
WINHTTP_NO_PROXY_NAME,
WINHTTP_NO_PROXY_BYPASS, 0);
// Specify an HTTP server.
if (hSession)
hConnect = WinHttpConnect(hSession, L"google.com",
443, 0); //443 port for SSL/TLS
std::cout << "hConnect " << hConnect << std::endl;
// Create an HTTP request handle.
if (hConnect)
hRequest = WinHttpOpenRequest(hConnect, L"GET", L"/",
L"HTTP/1.1", WINHTTP_NO_REFERER,
NULL,
WINHTTP_FLAG_SECURE); //SECURE FLAG
std::cout << "hRequest " << hRequest << std::endl;
if (hRequest) { //Adding Headers
std::cout << "Añadiendo headers!\n";
WinHttpAddRequestHeaders(hRequest,
L"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
-1L,
WINHTTP_ADDREQ_FLAG_ADD);
WinHttpAddRequestHeaders(hRequest,
L"Accept-Encoding: gzip, deflate, br",
-1L,
WINHTTP_ADDREQ_FLAG_ADD);
WinHttpAddRequestHeaders(hRequest,
L"Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3",
-1L,
WINHTTP_ADDREQ_FLAG_ADD);
WinHttpAddRequestHeaders(hRequest,
L"Connection: keep-alive",
-1L,
WINHTTP_ADDREQ_FLAG_ADD);
WinHttpAddRequestHeaders(hRequest,
L"Host: google.com",
-1L,
WINHTTP_ADDREQ_FLAG_ADD);
WinHttpAddRequestHeaders(hRequest,
L"Upgrade-Insecure-Requests: 1",
-1L,
WINHTTP_ADDREQ_FLAG_ADD);
WinHttpAddRequestHeaders(hRequest,
L"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0",
-1L,
WINHTTP_ADDREQ_FLAG_ADD);
}
// Send a request.
BOOL bResults;
if (hRequest)
bResults = WinHttpSendRequest(hRequest,
WINHTTP_NO_ADDITIONAL_HEADERS,
0, WINHTTP_NO_REQUEST_DATA, 0,
0, 0);
std::cout << "bResults " << bResults << " " << GetLastError() << std::endl;
if (bResults)
bResults = WinHttpReceiveResponse(hRequest, NULL);
std::cout << "bResults " << bResults << " " << GetLastError() << std::endl;
if (bResults)
{
WinHttpQueryHeaders(hRequest, WINHTTP_QUERY_RAW_HEADERS,
WINHTTP_HEADER_NAME_BY_INDEX, NULL,
&dwSize, WINHTTP_NO_HEADER_INDEX);
printf("Tamaño de los headers: %d", dwSize);
// Allocate memory for the buffer.
if (GetLastError() == ERROR_INSUFFICIENT_BUFFER)
{
lpOutBuffer = new char[dwSize / sizeof(char)];
// Now, use WinHttpQueryHeaders to retrieve the header.
bResults = WinHttpQueryHeaders(hRequest, WINHTTP_QUERY_RAW_HEADERS,
WINHTTP_HEADER_NAME_BY_INDEX,
lpOutBuffer, &dwSize,
WINHTTP_NO_HEADER_INDEX);
if (bResults){
char * headers_aqui = new char[dwSize / sizeof(char)];
int dwSize2 = 0;
for (int i = 0,i2 = 0; i < dwSize; i++) {
//std::cout << (int)str[i] << std::endl;
if ((int)lpOutBuffer[i] != 0) {
headers_aqui[i2] = lpOutBuffer[i];
dwSize2 = i2;
i2++;
}
}
std::cout << "Tamaño ahora: " << dwSize2 << std::endl;
std::string str(headers_aqui, dwSize2);
std::cout << "Header contents: \n" << str << "\n\n\n\n\n"; //No encrypted or compressed.
}
}
}
if (bResults)
{
do
{
// Check for available data.
dwSize = 0;
if (!WinHttpQueryDataAvailable(hRequest, &dwSize))
printf("Error %u in WinHttpQueryDataAvailable.\n",
GetLastError());
// Allocate space for the buffer.
pszOutBuffer = new char[dwSize + 1];
if (!pszOutBuffer)
{
printf("Out of memory\n");
dwSize = 0;
}
else
{
// Read the data.
ZeroMemory(pszOutBuffer, dwSize + 1);
if (!WinHttpReadData(hRequest, (LPVOID)pszOutBuffer,
dwSize, &dwDownloaded))
printf("Error %u in WinHttpReadData.\n", GetLastError());
else
printf("%s", pszOutBuffer); //Encrypted or compressed, think SSL encryption.
// Free the memory allocated to the buffer.
delete[] pszOutBuffer;
}
} while (dwSize > 0);
}
// Report any errors.
if (!bResults)
printf("Error %d has occurred.\n", GetLastError());
// Close any open handles.
if (hRequest) WinHttpCloseHandle(hRequest);
if (hConnect) WinHttpCloseHandle(hConnect);
if (hSession) WinHttpCloseHandle(hSession);
//std::cout << "Hello World!\n";
}
Output here: https://pastebin.com/cSkEugDT
I read the documentation but don't find anything about decryption of content in WinHttpReadData, obviously this happens only with https, when i test http it's return plain/text.
I suspect about some parameter to before calls to WinHttpReadData.
