Example #1
0
extern size_t decrypt(unsigned char * key, size_t keylen, unsigned char * in, size_t inlen, unsigned char * out)
{
  size_t outlen = decrypt_len(key, keylen, in, inlen);

  memcpy(out, in + 7, outlen);

  return outlen;
}
Example #2
0
int recv_response(RPCstate * ctx)
{
  unsigned char * m2_e;
  uint32_t m2_e_len;

  recv(&(ctx->conn_fd), (unsigned char*) &m2_e_len, sizeof(m2_e_len));
  // Check if the read length is within bounds
  if (m2_e_len < MIN_MSG2_LENGTH || m2_e_len > MAX_MSG2_LENGTH)
    fail("client: msg2 has wrong length: %d", m2_e_len);

  m2_e = malloc(m2_e_len);
  if (m2_e == NULL)
    return -1;
  recv(&(ctx->conn_fd), m2_e, m2_e_len);

#ifdef VERBOSE
  printf("Client: Received encrypted message: ");
  print_buffer(m2_e,m2_e_len);
  fflush(stdout);
#endif

  ctx->response_len = decrypt_len(ctx->k, ctx->k_len, m2_e, m2_e_len);
  if (ctx->response_len > MAX_PAYLOAD_LENGTH)
  {
    free(m2_e);
    return -1;
  }

  ctx->response = malloc(ctx->response_len);
  if (ctx->response == NULL)
  {
    free(m2_e);
    return -1;
  }
  // this call returns 0 if not encrypted with the right key
  ctx->response_len = decrypt(ctx->k, ctx->k_len, m2_e, m2_e_len, ctx->response);
  if (ctx->response_len == 0)
  {
    free(m2_e);
    return -1;
  }

  if(ctx->response_len < MIN_PAYLOAD_LENGTH || ctx->response_len > MAX_PAYLOAD_LENGTH)
    fail("Client: response too long: %d", ctx->response_len);

#ifdef VERBOSE
  printf("Client: Received and authenticated response: ");
  print_text_buffer(ctx->response,ctx->response_len);
  printf("\n");
  fflush(stdout);
#endif

  return 0;
}
Example #3
0
extern size_t decrypt_len_proxy(unsigned char * key, size_t keylen, unsigned char * in, size_t inlen)
{
  size_t ret = decrypt_len(key, keylen, in, inlen);

  symL("decrypt_len", "len", sizeof(ret), FALSE);
  store_buf(&ret);

  if(ret < 0) exit(1);

  return ret;
}
Example #4
0
int main(int argc, char ** argv)
{
  unsigned char * pkey, * skey, * xkey;
  size_t pkey_len, skey_len, xkey_len;

  unsigned char * m1, * m1_all;
  unsigned char * Na;
  size_t m1_len, m1_e_len, m1_all_len;

  unsigned char * m2, * m2_e;
  unsigned char * xNb;
  size_t m2_len, m2_e_len;
  size_t m2_l1, m2_l2;

  unsigned char * m3_e;
  size_t m3_e_len;

  unsigned char * p;

  // for encryption tags
  unsigned char * etag = malloc(4);

  BIO * bio = socket_connect();

  pkey = get_pkey(&pkey_len, 'A');
  skey = get_skey(&skey_len, 'A');
  xkey = get_xkey(&xkey_len, 'A');

#ifdef VERBOSE
  printf("pkey = ");
  print_buffer(pkey, pkey_len);
  printf("\n");

  printf("skey = ");
  print_buffer(skey, skey_len);
  printf("\n");

  printf("xkey = ");
  print_buffer(xkey, xkey_len);
  printf("\n");
#endif

  /* Send message 1 */

  m1_len = SIZE_NONCE + 4 + pkey_len
      + sizeof(size_t);
  p = m1 = malloc(m1_len);

  memcpy(p, "msg1", 4);
  p += 4;
  * (size_t *) p = SIZE_NONCE;
  p += sizeof(size_t);
  Na = p;
  nonce(Na);
  p += SIZE_NONCE;
  memcpy(p, pkey, pkey_len);

  m1_e_len = encrypt_len(xkey, xkey_len,
                         m1, m1_len);
  m1_all_len = m1_e_len + sizeof(size_t) + 4;
  m1_all = malloc(m1_all_len);
  memcpy(m1_all, "encr", 4);
  m1_e_len =
      encrypt(xkey, xkey_len, m1,
              m1_len,
              m1_all + sizeof(m1_e_len) + 4);
  m1_all_len = m1_e_len + sizeof(size_t) + 4;
  * (size_t *) (m1_all + 4) = m1_e_len;

  send(bio, m1_all, m1_all_len);

#ifdef VERBOSE
    printf("A: m1_e sent, m1_e = ");
    print_buffer(m1_all, m1_all_len);
    printf("\n");
    fflush(stdout);
#endif

  /* Receive message 2 */

  recv(bio, etag, 4);
  recv(bio, (unsigned char*) &m2_e_len,
       sizeof(m2_e_len));
  m2_e = malloc(m2_e_len);
  recv(bio, m2_e, m2_e_len);

  m2_len = decrypt_len(skey, skey_len,
                       m2_e, m2_e_len);
  m2 = malloc(m2_len);
  m2_len =
      decrypt(skey, skey_len,
              m2_e, m2_e_len, m2);

  if(xkey_len + 2 * SIZE_NONCE
      + 2 * sizeof(size_t) + 4 != m2_len)
  {
    printf("A: m2 has wrong length\n");
    exit(1);
  }

  if(memcmp(m2, "msg2", 4))
  {
    printf("A: m2 not properly tagged\n");
    exit(1);
  }

  m2_l1 = *(size_t *) (m2 + 4);
  m2_l2 = *(size_t *) (m2 + 4 + sizeof(size_t));

  if(m2_l1 != SIZE_NONCE)
  {
    printf("A: m2 has wrong length for xNa\n");
    exit(1);
  }

  if(m2_l2 != SIZE_NONCE)
  {
    printf("A: m2 has wrong length for xNb\n");
    exit(1);
  }

  if(memcmp(m2 + 4 + 2 * sizeof(size_t),
            Na, m2_l1))
  {
    printf("A: xNa in m2 doesn't match Na\n");
    exit(1);
  }

#ifndef LOWE_ATTACK
  if(memcmp(m2 + m2_l1 + m2_l2
            + 2 * sizeof(size_t) + 4,
            xkey,  xkey_len))
  {
    printf("A: x_xkey in m2 doesn't match xkey\n");
    exit(1);
  }
#endif

  xNb = m2 + m2_l1 + 2 * sizeof(size_t) + 4;

#ifdef VERBOSE
    printf("A: m2 received and checked");
    printf("\n");
    fflush(stdout);
#endif

  /* Send message 3 */

  m3_e_len = encrypt_len(xkey, xkey_len,
                         xNb, m2_l2);
  m3_e = malloc(m3_e_len + sizeof(size_t) + 4);
  memcpy(m3_e, "encr", 4);
  m3_e_len =
      encrypt(xkey, xkey_len, xNb,
              m2_l2, m3_e + sizeof(m3_e_len) + 4);
  * (size_t *)(m3_e + 4) = m3_e_len;

  send(bio, m3_e, m3_e_len + sizeof(m3_e_len) + 4);

#ifdef VERBOSE
    printf("A: m3 sent");
    printf("\n");
    fflush(stdout);
#endif

#ifdef VERBOSE
    printf("A: Na = ");
    print_buffer(Na, SIZE_NONCE);
    printf("\n");
    printf("A: Nb = ");
    print_buffer(xNb, SIZE_NONCE);
    printf("\n");
    fflush(stdout);
#endif

  return 0;
}
Example #5
0
int main(int argc, char ** argv)
{
  // our identity and the identity of the other partner
  unsigned char * host, * xhost;
  size_t host_len, xhost_len;

  unsigned char * pkey, * skey, * xkey;
  size_t pkey_len, skey_len, xkey_len;

  unsigned char * m1, * m1_e;
  unsigned char * xNa, * xNb;
  size_t m1_len, m1_e_len;
  size_t m1_l;

  unsigned char * m2, * m2_e;
  unsigned char * Nb;
  size_t m2_len, m2_e_len;

  unsigned char * m3, * m3_e;
  size_t m3_len, m3_e_len;

  unsigned char * p;

  // for dropping encryption tags
  unsigned char * dummy = malloc(4);

  BIO * bio = socket_listen();

  host = get_host(&host_len, 'B');

  pkey = get_pkey(&pkey_len, 'B');
  skey = get_skey(&skey_len, 'B');

#ifdef VERBOSE
  printf("B pkey = ");
  print_buffer(pkey, pkey_len);
  printf("\n");

  printf("B skey = ");
  print_buffer(skey, skey_len);
  printf("\n");
#endif


  /* Receive message 1 */

  recv(bio, (unsigned char*) &m1_e_len, sizeof(m1_e_len));

  if(m1_e_len > MAX_SIZE_CIPHER)
    fail("Server: cipher in message 1 too long");

  m1_e = malloc(m1_e_len);
  recv(bio, m1_e, m1_e_len);

  m1_len = decrypt_len(skey, skey_len, m1_e, m1_e_len);
  m1 = malloc(m1_len);
  m1_len = decrypt(skey, skey_len, m1_e, m1_e_len, m1);

  if(sizeof(size_t) + SIZE_NONCE + 4 > m1_len)
  {
    fprintf(stderr, "m1 has wrong length\n");
    exit(1);
  }

  if(memcmp(m1, "msg1", 4))
  {
    fprintf(stderr, "B: m1 not properly tagged, aborting\n");
    exit(1);
  }

  m1_l = * (size_t *) (m1 + 4);

  if(m1_l !=  SIZE_NONCE)
  {
    fprintf(stderr, "A: m1 contains wrong length for xNa\n");
    exit(1);
  }

  xhost_len = m1_len - (4 + sizeof(size_t) + m1_l);
  xhost = m1 + 4 + sizeof(size_t) + m1_l;

  if(xhost_len > MAX_SIZE_HOST)
    fail("B: host size in m1 too long");

#ifdef VERBOSE
  printf("B xhost = ");
  print_buffer(xhost, xhost_len);
  printf("\n");
#endif

  xkey = lookup_xkey(&xkey_len, xhost, xhost_len, 'B');

#ifdef VERBOSE
  printf("B xkey = ");
  print_buffer(xkey, xkey_len);
  printf("\n");
#endif

  /*
  if(memcmp(m1 + sizeof(size_t) + m1_l + 4, xkey,  xkey_len))
  {
    fprintf(stderr, "x_xkey in m1 doesn't match xkey\n");
    exit(1);
  }
  */

  xNa = m1 + 4 + sizeof(size_t);
  typehint(xNa, m1_l, "fixed_20_nonce");

#ifdef VERBOSE
    fprintf(stderr, "B: m1 received and checked");
    fprintf(stderr, "\n");
    fflush(stderr);
#endif

#ifdef CSEC_VERIFY
#ifdef USE_EVENT_PARAMS
  event2("server_begin", xhost, xhost_len, host, host_len);
#else
  event0("server_begin");
#endif
#endif

  /* Send message 2 */

  m2_len = 2 * SIZE_NONCE + 2 * sizeof(size_t) + 4 + host_len;
  p = m2 = malloc(m2_len);

  memcpy(p, "msg2", 4);
  p += 4;
  * (size_t *) p = m1_l;
  p += sizeof(size_t);
  * (size_t *) p = SIZE_NONCE;
  p += sizeof(size_t);
  memcpy(p, xNa, m1_l);
  p += m1_l;
  Nb = p;
  nonce(Nb);
  p += SIZE_NONCE;
  memcpy(p, host, host_len);

  m2_e_len = encrypt_len(xkey, xkey_len, m2, m2_len);

  if(m2_e_len > MAX_SIZE_CIPHER)
    fail("Server: cipher in message 2 too long");

  m2_e = malloc(m2_e_len);
  m2_e_len = encrypt(xkey, xkey_len, m2, m2_len, m2_e);

  send(bio, &m2_e_len, sizeof(m2_e_len));
  send(bio, m2_e, m2_e_len);

#ifdef VERBOSE
  printf("B: m2_e sent, m2_e = ");
  print_buffer(m2_e, m2_e_len);
  printf("\n");
  fflush(stdout);
#endif

  /* Receive message 3 */

  recv(bio, (unsigned char*) &m3_e_len, sizeof(m3_e_len));

  if(m3_e_len > MAX_SIZE_CIPHER)
    fail("Server: cipher in message 3 too long");

  m3_e = malloc(m3_e_len);
  recv(bio, m3_e, m3_e_len);

  m3_len = decrypt_len(skey, skey_len, m3_e, m3_e_len);
  m3 = malloc(m3_len);
  m3_len = decrypt(skey, skey_len, m3_e, m3_e_len, m3);

  if(memcmp(m3, "msg3", 4))
  {
    fprintf(stderr, "B: m3 not properly tagged, aborting\n");
    exit(1);
  }

  if(m3_len != SIZE_NONCE + 4)
  {
    fprintf(stderr, "B: m3 has wrong length\n");
    exit(1);
  }

  xNb = m3 + 4;
  typehint(xNb, SIZE_NONCE, "fixed_20_nonce");

  if(memcmp(xNb, Nb, SIZE_NONCE))
  {
    fprintf(stderr, "xNb in m3 doesn't match Nb\n");
    exit(1);
  }

#ifdef VERBOSE
    printf("B: Na = ");
    print_buffer(xNa, SIZE_NONCE);
    printf("\n");
    printf("B: Nb = ");
    print_buffer(Nb, SIZE_NONCE);
    printf("\n");
    fflush(stdout);
#endif

#ifdef CSEC_VERIFY
#ifdef USE_EVENT_PARAMS
  event2("server_end", xhost, xhost_len, host, host_len);
#else
  event0("server_end");
#endif
#endif

  // wait for the client to close, to avoid "Address already in use" errors
  wait_close(bio);

  return 0;
}