pubnub_bymebl_t pbaes256_decrypt_alloc(pubnub_bymebl_t data, uint8_t const* key, uint8_t const* iv)
{
int decrypt_result;
EVP_CIPHER_CTX *aes256;
pubnub_bymebl_t result;
result.size = data.size + EVP_CIPHER_block_size(EVP_aes_256_cbc()) + 1;
result.ptr = (uint8_t*)malloc(result.size);
if (NULL == result.ptr) {
return result;
}
aes256 = EVP_CIPHER_CTX_new();
if (NULL == aes256) {
PUBNUB_LOG_ERROR("Failed to allocate AES-256 decryption context\n");
free(result.ptr);
result.ptr = NULL;
return result;;
}
decrypt_result = do_decrypt(aes256, data, key, iv, &result);
EVP_CIPHER_CTX_free(aes256);
if (decrypt_result != 0) {
PUBNUB_LOG_ERROR("Failed AES-256 decryption\n");
free(result.ptr);
result.ptr = NULL;
}
return result;
}
secure_vector<byte> PK_Decryptor::decrypt(const byte in[], size_t length) const
{
byte valid_mask = 0;
secure_vector<byte> decoded = do_decrypt(valid_mask, in, length);
if(valid_mask == 0)
throw Decoding_Error("Invalid public key ciphertext, cannot decrypt");
return decoded;
}
secure_vector<byte>
PK_Decryptor::decrypt_or_random(const byte in[],
size_t length,
size_t expected_pt_len,
RandomNumberGenerator& rng,
const byte required_content_bytes[],
const byte required_content_offsets[],
size_t required_contents_length) const
{
const secure_vector<byte> fake_pms = rng.random_vec(expected_pt_len);
//CT::poison(in, length);
byte valid_mask = 0;
secure_vector<byte> decoded = do_decrypt(valid_mask, in, length);
valid_mask &= CT::is_equal(decoded.size(), expected_pt_len);
decoded.resize(expected_pt_len);
for(size_t i = 0; i != required_contents_length; ++i)
{
/*
These values are chosen by the application and for TLS are constants,
so this early failure via assert is fine since we know 0,1 < 48
If there is a protocol that has content checks on the key where
the expected offsets are controllable by the attacker this could
still leak.
Alternately could always reduce the offset modulo the length?
*/
const byte exp = required_content_bytes[i];
const byte off = required_content_offsets[i];
BOTAN_ASSERT(off < expected_pt_len, "Offset in range of plaintext");
valid_mask &= CT::is_equal(decoded[off], exp);
}
CT::conditional_copy_mem(valid_mask,
/*output*/decoded.data(),
/*from0*/decoded.data(),
/*from1*/fake_pms.data(),
expected_pt_len);
//CT::unpoison(in, length);
//CT::unpoison(decoded.data(), decoded.size());
return decoded;
}
int SendToDestination(int netfd, int tapfd, unsigned char *buffer, int len, ClientConf *Client)
{
int cr_size = 0, dcr_size = 0;
unsigned char dcr_buffer[BUFSIZ], cr_buffer[BUFSIZ];
register int i = 0;
struct iphdr *header;
struct in_addr dst;
/* If Client == NULL, then the packet is a raw packet from the tun/tap device, so it must not be decrypted */
if (Client != NULL) {
if (len == 0)
return 0;
/* Decrypt the message to get the destination */
if (do_decrypt(&(Client->ctx), Client->PrivKey, Client->IV, buffer, len, dcr_buffer, &dcr_size) < 0) {
fprintf(stderr, "SendToDestination : do_decrypt\n");
return -1;
}
/* Empty packet. Drop it */
if (!*dcr_buffer)
return 0;
}
/* Get the header and the destination address */
header = (Client == NULL ? (struct iphdr *)buffer : (struct iphdr *)dcr_buffer);
dst.s_addr = header->daddr;
/* Get the destination client's information if we have it */
for (i = 0; i < CurrentClients; i++)
if (dst.s_addr == Clients[i].ns.data.sin_addr.s_addr)
Client = Clients + i;
if (Client != NULL) {
printf("SENT!\n");
/* Encrypt the message with the destination key */
if (do_encrypt(&(Client->ctx), Client->PrivKey, Client->IV, dcr_buffer, dcr_size, cr_buffer, &cr_size) < 0) {
fprintf(stderr, "SendToDestination : do_encrypt\n");
return -1;
}
}
else
return 0;
if (WriteH(netfd, (struct sockaddr *)&Client->ns.data, (Client != NULL) ? cr_buffer : dcr_buffer, (Client != NULL) ? cr_size : dcr_size) < 0) {
fprintf(stderr, "SendToDestination : WriteH\n");
return -1;
}
return 0;
}
void measure_decrypt(int size_input, mpz_t *plain,
mpz_t *cipher, int prime_size, mpz_t prime) {
vector<double> measurements(NUM_SAMPLES, 0);
char scratch_str[BUFLEN];
for (int i=0; i<NUM_SAMPLES; i++) {
do_encrypt(size_input, plain, cipher, prime_size, prime);
measurements[i] = do_decrypt(size_input, plain, cipher, prime_size, prime)/size_input;
}
snprintf(scratch_str, BUFLEN-1, "d_%d", prime_size);
print_stats(scratch_str, measurements);
}
int pbaes256_decrypt(pubnub_bymebl_t data, uint8_t const* key, uint8_t const* iv, pubnub_bymebl_t *msg)
{
int result;
EVP_CIPHER_CTX *aes256;
if (msg->size < data.size + EVP_CIPHER_block_size(EVP_aes_256_cbc()) + 1) {
PUBNUB_LOG_ERROR("Not enough room to save AES-256 decrypted data\n");
return -1;
}
aes256 = EVP_CIPHER_CTX_new();
if (NULL == aes256) {
PUBNUB_LOG_ERROR("Failed to allocate AES-256 decryption context\n");
return -1;
}
result = do_decrypt(aes256, data, key, iv, msg);
EVP_CIPHER_CTX_free(aes256);
return result;
}
int main(int argc, char **argv)
{
int encrypt_opt = 0;
int decrypt_opt = 0;
int input_opt = 0;
int output_opt = 0;
char *input_filename = NULL;
char *output_filename = NULL;
int input_fd;
int output_fd;
off_t file_len;
char *p;
char buf[sizeof(image_header_t) + 3];
image_header_t *header;
while (1) {
static struct option long_options[] = {
{"encrypt", no_argument, 0, 'e'},
{"decrypt", no_argument, 0, 'd'},
{"input", required_argument, 0, 'i'},
{"output", required_argument, 0, 'o'},
{0, 0, 0, 0 }
};
int option_index = 0;
int c = getopt_long(argc, argv, "dei:o:",
long_options, &option_index);
if (c == -1)
break;
switch (c) {
case 'd':
decrypt_opt++;
if (decrypt_opt > 1) {
fprintf(stderr, "%s: decrypt may only be specified once\n",
argv[0]);
show_usage(argv[0]);
}
break;
case 'e':
encrypt_opt++;
if (encrypt_opt > 1) {
fprintf(stderr, "%s: encrypt may only be specified once\n",
argv[0]);
show_usage(argv[0]);
}
break;
case 'i':
input_opt++;
if (input_opt > 1) {
fprintf(stderr, "%s: only one input file may be specified\n",
argv[0]);
show_usage(argv[0]);
}
if (strcmp("-", optarg) != 0) {
input_filename = optarg;
}
break;
case 'o':
output_opt++;
if (output_opt > 1) {
fprintf(stderr, "%s: only one output file may be specified\n",
argv[0]);
show_usage(argv[0]);
}
if (strcmp("-", optarg) != 0) {
output_filename = optarg;
}
break;
case '?':
exit(-1);
default:
abort();
}
}
if (decrypt_opt && encrypt_opt) {
fprintf(stderr, "%s: decrypt and encrypt may not be used together\n",
argv[0]);
show_usage(argv[0]);
}
if (!decrypt_opt && !encrypt_opt) {
fprintf(stderr, "%s: neither decrypt or encrypt were specified\n",
argv[0]);
show_usage(argv[0]);
}
temp_fd = fileno(tmpfile());
if (temp_fd < 0) {
fprintf(stderr, "Can't create temporary file\n");
exit(EXIT_FAILURE);
}
atexit(exit_cleanup);
DES_set_key_unchecked((const_DES_cblock *)DES_KEY, &schedule);
if (input_filename) {
input_fd = open(input_filename, O_RDONLY);
if (input_fd < 0) {
fprintf(stderr, "Can't open %s for reading: %s\n", input_filename,
strerror(errno));
exit(EXIT_FAILURE);
}
copy_file(input_fd, temp_fd);
close(input_fd);
}
else {
copy_file(STDIN_FILENO, temp_fd);
}
file_len = lseek(temp_fd, 0, SEEK_CUR);
if (file_len < 64) {
fprintf(stderr, "Not enough data\n");
exit(EXIT_FAILURE);
}
p = mmap(0, file_len, PROT_READ|PROT_WRITE, MAP_SHARED, temp_fd, 0);
if (p == MAP_FAILED) {
fprintf(stderr, "mmap failed: %s\n", strerror(errno));
exit(EXIT_FAILURE);
}
if (encrypt_opt) {
header = (image_header_t *)p;
off_t len = min(file_len,
ntohl(header->ih_size) + sizeof(image_header_t));
if (ntohl(header->ih_magic) != IH_MAGIC) {
fprintf(stderr, "Header magic incorrect: "
"expected 0x%08X, got 0x%08X\n",
IH_MAGIC, ntohl(header->ih_magic));
munmap(p, file_len);
exit(EXIT_FAILURE);
}
do_encrypt(p, len);
munmap(p, file_len);
if (len != file_len) {
if (ftruncate(temp_fd, len) < 0) {
fprintf(stderr, "ftruncate failed: %s\n", strerror(errno));
exit(EXIT_FAILURE);
}
}
}
if (decrypt_opt) {
off_t header_len = min(file_len, sizeof(image_header_t) + 3);
memcpy(buf, p, header_len);
do_decrypt(buf, header_len);
header = (image_header_t *)buf;
if (ntohl(header->ih_magic) != IH_MAGIC) {
fprintf(stderr, "Header magic incorrect: "
"expected 0x%08X, got 0x%08X\n",
IH_MAGIC, ntohl(header->ih_magic));
exit(EXIT_FAILURE);
}
do_decrypt(p, file_len);
munmap(p, file_len);
}
lseek(temp_fd, 0, SEEK_SET);
if (output_filename) {
output_fd = creat(output_filename, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH);
if (output_fd < 0) {
fprintf(stderr, "Can't open %s for writing: %s\n",
output_filename, strerror(errno));
exit(EXIT_FAILURE);
}
copy_file(temp_fd, output_fd);
close(output_fd);
}
else {
copy_file(temp_fd, STDOUT_FILENO);
}
exit(EXIT_SUCCESS);
return 0;
}
int $UPROTO$_secure_server_proc(void *param) {
int ret;
unsigned int len;
int port;
char *first, *second, *third;
char cnt_str[30];
pj_sockaddr_in caddr;
char *caddr_str;
pj_time_val timeout;
pj_fd_set_t read_fds;
char buffer[USERVER_BUFSIZE];
$UPROTO$_request_t request;
// For lvc parsing
lvc_t lvc;
int len1;
char *val;
uint32_t *ts;
char sts[32];
char plain[USERVER_BUFSIZE];
char *pph;
char otp[32];
pj_str_t pjstr;
// End for lvc parsing
$UPROTO$_server_t *userver = ($UPROTO$_server_t *)param;
ansi_copy_str(cnt_str, userver->connect_str);
first = cnt_str;
second = strchr(first, ':');
EXIT_IF_TRUE(second == NULL, "Wrong connection string format\n");
*second = '\0';
second++;
if(0 == strcmp(first, "udp")) {
third = strchr(second, ':');
EXIT_IF_TRUE(third == NULL, "Wrong connection string format\n");
*third = '\0';
third++;
port = atoi(third);
open_udp_socket(userver, second, port);
if (userver->on_open_socket_f != NULL)
userver->on_open_socket_f(userver);
userver->recv_f = &udp_recvfrom;
userver->send_f = &udp_sendto;
}
else if( 0 == strcmp(first, "tty") ) {
open_tty(userver, second);
userver->recv_f = &tty_recvfrom;
userver->send_f = &tty_sendto;
}
else {
EXIT_IF_TRUE(1, "Unsuported protocol\n");
}
// thread loop
timeout.sec = 0;
timeout.msec = 100;
userver->is_end = 0;
while( !userver->is_end ) {
while (!userver->is_online) {
SHOW_LOG(3, "Server is currently offline...\n");
pj_thread_sleep(1000);
}
PJ_FD_ZERO(&read_fds);
PJ_FD_SET(userver->fd, &read_fds);
pj_mutex_lock(userver->mutex);
ret = pj_sock_select(userver->fd + 1, &read_fds, NULL, NULL, &timeout);
pj_mutex_unlock(userver->mutex);
EXIT_IF_TRUE(ret < 0, "Error on server socket\n");
if( PJ_FD_ISSET(userver->fd, &read_fds) ) {
len = sizeof(caddr);
pj_bzero(&caddr, len);
pj_mutex_lock(userver->mutex);
ret = userver->recv_f(userver->fd, buffer, USERVER_BUFSIZE, (void *)&caddr, &len);
pj_mutex_unlock(userver->mutex);
caddr_str = pj_inet_ntoa(caddr.sin_addr);
if( ret > 0 ) {
buffer[ret] = '\0';
lvc_init(&lvc, buffer, ret);
lvc_unpack(&lvc, &len, &val);
pj_strset(&pjstr, val, len);
pph = userver->get_pph_f(&pjstr);
if( pph != NULL ) {
lvc_unpack(&lvc, &len, &val);
ts = (uint32_t *)val;
ts2str(*ts, sts);
lvc_unpack(&lvc, &len, &val);
generate_otp(otp, pph, sts);
do_decrypt(val, len, plain, &len1, otp);
if( pj_ansi_strncmp(sts, plain, len1) == 0 ) {
lvc_unpack(&lvc, &len, &val);
do_decrypt(val, len, plain, &len1, otp);
plain[len1] = '\0';
$UPROTO$_parse_request(plain, len1, &request);
userver->on_request_f(userver, &request, caddr_str);
}
}
//else {
//}
}
}
pj_thread_sleep(100);
}
return 0;
}
