extern size_t encrypt_len_proxy(unsigned char * key, size_t keylen, unsigned char * in, size_t inlen)
{
size_t ret = encrypt_len(key, keylen, in, inlen);
symL("encrypt_len", "len", sizeof(ret), FALSE);
store_buf(&ret);
if(ret < 0) exit(1);
return ret;
}
extern size_t encrypt(unsigned char * key, size_t keylen, unsigned char * in, size_t inlen, unsigned char * out)
{
if(memcmp(key, "pk", 2))
{
fprintf(stderr, "encrypt: wrong key type\n");
exit(1);
}
memcpy(out, "encrypt", 7);
memcpy(out + 7, in, inlen);
return encrypt_len(key, keylen, in, inlen);
}
int send_request(RPCstate * ctx)
{
uint32_t m1_len, m1_e_len, full_len;
unsigned char * m1, * p, * m1_e;
#ifdef VERBOSE
printf("Client: Preparing to send request: ");
print_text_buffer(ctx->request,ctx->request_len);
printf("\nand session key: ");
print_buffer(ctx->k,ctx->k_len);
fflush(stdout);
#endif
m1_len = 1 + ctx->k_len + sizeof(ctx->request_len) + ctx->request_len;
p = m1 = malloc(m1_len);
if (m1 == NULL) return -1;
memcpy(p, "p", 1);
p += 1;
*((uint32_t *) p) = ctx->request_len;
p += sizeof(ctx->request_len);
memcpy(p, ctx->request, ctx->request_len);
p += ctx->request_len;
memcpy(p, ctx->k, ctx->k_len);
full_len = 1 + sizeof(ctx->self_len) + ctx->self_len + encrypt_len(ctx->k_ab, ctx->k_ab_len, m1, m1_len);
p = m1_e = malloc(full_len);
if (m1_e == NULL)
{
free(m1);
return -1;
}
memcpy(p, "p", 1);
p += 1;
*((uint32_t *) p) = ctx->self_len;
p += sizeof(ctx->self_len);
memcpy(p, ctx->self, ctx->self_len);
p += ctx->self_len;
m1_e_len = encrypt(ctx->k_ab, ctx->k_ab_len, m1, m1_len, p);
if (m1_e_len == 0)
{
free(m1);
return -1;
}
full_len = 1 + sizeof(ctx->self_len) + ctx->self_len + m1_e_len;
#ifdef VERBOSE
printf("Client: Sending message: %.1s | %u | ", m1_e, *((uint32_t*) (m1_e + 1)));
print_text_buffer(m1_e + 1 + sizeof(uint32_t),ctx->self_len);
printf(" | ");
print_buffer(p,m1_e_len);
fflush(stdout);
#endif
send(&(ctx->conn_fd), (unsigned char *) &full_len, sizeof(full_len));
send(&(ctx->conn_fd), m1_e, full_len);
free(m1);
free(m1_e);
return 0;
}
int main(int argc, char ** argv)
{
unsigned char * pkey, * skey, * xkey;
size_t pkey_len, skey_len, xkey_len;
unsigned char * m1, * m1_all;
unsigned char * Na;
size_t m1_len, m1_e_len, m1_all_len;
unsigned char * m2, * m2_e;
unsigned char * xNb;
size_t m2_len, m2_e_len;
size_t m2_l1, m2_l2;
unsigned char * m3_e;
size_t m3_e_len;
unsigned char * p;
// for encryption tags
unsigned char * etag = malloc(4);
BIO * bio = socket_connect();
pkey = get_pkey(&pkey_len, 'A');
skey = get_skey(&skey_len, 'A');
xkey = get_xkey(&xkey_len, 'A');
#ifdef VERBOSE
printf("pkey = ");
print_buffer(pkey, pkey_len);
printf("\n");
printf("skey = ");
print_buffer(skey, skey_len);
printf("\n");
printf("xkey = ");
print_buffer(xkey, xkey_len);
printf("\n");
#endif
/* Send message 1 */
m1_len = SIZE_NONCE + 4 + pkey_len
+ sizeof(size_t);
p = m1 = malloc(m1_len);
memcpy(p, "msg1", 4);
p += 4;
* (size_t *) p = SIZE_NONCE;
p += sizeof(size_t);
Na = p;
nonce(Na);
p += SIZE_NONCE;
memcpy(p, pkey, pkey_len);
m1_e_len = encrypt_len(xkey, xkey_len,
m1, m1_len);
m1_all_len = m1_e_len + sizeof(size_t) + 4;
m1_all = malloc(m1_all_len);
memcpy(m1_all, "encr", 4);
m1_e_len =
encrypt(xkey, xkey_len, m1,
m1_len,
m1_all + sizeof(m1_e_len) + 4);
m1_all_len = m1_e_len + sizeof(size_t) + 4;
* (size_t *) (m1_all + 4) = m1_e_len;
send(bio, m1_all, m1_all_len);
#ifdef VERBOSE
printf("A: m1_e sent, m1_e = ");
print_buffer(m1_all, m1_all_len);
printf("\n");
fflush(stdout);
#endif
/* Receive message 2 */
recv(bio, etag, 4);
recv(bio, (unsigned char*) &m2_e_len,
sizeof(m2_e_len));
m2_e = malloc(m2_e_len);
recv(bio, m2_e, m2_e_len);
m2_len = decrypt_len(skey, skey_len,
m2_e, m2_e_len);
m2 = malloc(m2_len);
m2_len =
decrypt(skey, skey_len,
m2_e, m2_e_len, m2);
if(xkey_len + 2 * SIZE_NONCE
+ 2 * sizeof(size_t) + 4 != m2_len)
{
printf("A: m2 has wrong length\n");
exit(1);
}
if(memcmp(m2, "msg2", 4))
{
printf("A: m2 not properly tagged\n");
exit(1);
}
m2_l1 = *(size_t *) (m2 + 4);
m2_l2 = *(size_t *) (m2 + 4 + sizeof(size_t));
if(m2_l1 != SIZE_NONCE)
{
printf("A: m2 has wrong length for xNa\n");
exit(1);
}
if(m2_l2 != SIZE_NONCE)
{
printf("A: m2 has wrong length for xNb\n");
exit(1);
}
if(memcmp(m2 + 4 + 2 * sizeof(size_t),
Na, m2_l1))
{
printf("A: xNa in m2 doesn't match Na\n");
exit(1);
}
#ifndef LOWE_ATTACK
if(memcmp(m2 + m2_l1 + m2_l2
+ 2 * sizeof(size_t) + 4,
xkey, xkey_len))
{
printf("A: x_xkey in m2 doesn't match xkey\n");
exit(1);
}
#endif
xNb = m2 + m2_l1 + 2 * sizeof(size_t) + 4;
#ifdef VERBOSE
printf("A: m2 received and checked");
printf("\n");
fflush(stdout);
#endif
/* Send message 3 */
m3_e_len = encrypt_len(xkey, xkey_len,
xNb, m2_l2);
m3_e = malloc(m3_e_len + sizeof(size_t) + 4);
memcpy(m3_e, "encr", 4);
m3_e_len =
encrypt(xkey, xkey_len, xNb,
m2_l2, m3_e + sizeof(m3_e_len) + 4);
* (size_t *)(m3_e + 4) = m3_e_len;
send(bio, m3_e, m3_e_len + sizeof(m3_e_len) + 4);
#ifdef VERBOSE
printf("A: m3 sent");
printf("\n");
fflush(stdout);
#endif
#ifdef VERBOSE
printf("A: Na = ");
print_buffer(Na, SIZE_NONCE);
printf("\n");
printf("A: Nb = ");
print_buffer(xNb, SIZE_NONCE);
printf("\n");
fflush(stdout);
#endif
return 0;
}
int main(int argc, char ** argv)
{
// our identity and the identity of the other partner
unsigned char * host, * xhost;
size_t host_len, xhost_len;
unsigned char * pkey, * skey, * xkey;
size_t pkey_len, skey_len, xkey_len;
unsigned char * m1, * m1_e;
unsigned char * xNa, * xNb;
size_t m1_len, m1_e_len;
size_t m1_l;
unsigned char * m2, * m2_e;
unsigned char * Nb;
size_t m2_len, m2_e_len;
unsigned char * m3, * m3_e;
size_t m3_len, m3_e_len;
unsigned char * p;
// for dropping encryption tags
unsigned char * dummy = malloc(4);
BIO * bio = socket_listen();
host = get_host(&host_len, 'B');
pkey = get_pkey(&pkey_len, 'B');
skey = get_skey(&skey_len, 'B');
#ifdef VERBOSE
printf("B pkey = ");
print_buffer(pkey, pkey_len);
printf("\n");
printf("B skey = ");
print_buffer(skey, skey_len);
printf("\n");
#endif
/* Receive message 1 */
recv(bio, (unsigned char*) &m1_e_len, sizeof(m1_e_len));
if(m1_e_len > MAX_SIZE_CIPHER)
fail("Server: cipher in message 1 too long");
m1_e = malloc(m1_e_len);
recv(bio, m1_e, m1_e_len);
m1_len = decrypt_len(skey, skey_len, m1_e, m1_e_len);
m1 = malloc(m1_len);
m1_len = decrypt(skey, skey_len, m1_e, m1_e_len, m1);
if(sizeof(size_t) + SIZE_NONCE + 4 > m1_len)
{
fprintf(stderr, "m1 has wrong length\n");
exit(1);
}
if(memcmp(m1, "msg1", 4))
{
fprintf(stderr, "B: m1 not properly tagged, aborting\n");
exit(1);
}
m1_l = * (size_t *) (m1 + 4);
if(m1_l != SIZE_NONCE)
{
fprintf(stderr, "A: m1 contains wrong length for xNa\n");
exit(1);
}
xhost_len = m1_len - (4 + sizeof(size_t) + m1_l);
xhost = m1 + 4 + sizeof(size_t) + m1_l;
if(xhost_len > MAX_SIZE_HOST)
fail("B: host size in m1 too long");
#ifdef VERBOSE
printf("B xhost = ");
print_buffer(xhost, xhost_len);
printf("\n");
#endif
xkey = lookup_xkey(&xkey_len, xhost, xhost_len, 'B');
#ifdef VERBOSE
printf("B xkey = ");
print_buffer(xkey, xkey_len);
printf("\n");
#endif
/*
if(memcmp(m1 + sizeof(size_t) + m1_l + 4, xkey, xkey_len))
{
fprintf(stderr, "x_xkey in m1 doesn't match xkey\n");
exit(1);
}
*/
xNa = m1 + 4 + sizeof(size_t);
typehint(xNa, m1_l, "fixed_20_nonce");
#ifdef VERBOSE
fprintf(stderr, "B: m1 received and checked");
fprintf(stderr, "\n");
fflush(stderr);
#endif
#ifdef CSEC_VERIFY
#ifdef USE_EVENT_PARAMS
event2("server_begin", xhost, xhost_len, host, host_len);
#else
event0("server_begin");
#endif
#endif
/* Send message 2 */
m2_len = 2 * SIZE_NONCE + 2 * sizeof(size_t) + 4 + host_len;
p = m2 = malloc(m2_len);
memcpy(p, "msg2", 4);
p += 4;
* (size_t *) p = m1_l;
p += sizeof(size_t);
* (size_t *) p = SIZE_NONCE;
p += sizeof(size_t);
memcpy(p, xNa, m1_l);
p += m1_l;
Nb = p;
nonce(Nb);
p += SIZE_NONCE;
memcpy(p, host, host_len);
m2_e_len = encrypt_len(xkey, xkey_len, m2, m2_len);
if(m2_e_len > MAX_SIZE_CIPHER)
fail("Server: cipher in message 2 too long");
m2_e = malloc(m2_e_len);
m2_e_len = encrypt(xkey, xkey_len, m2, m2_len, m2_e);
send(bio, &m2_e_len, sizeof(m2_e_len));
send(bio, m2_e, m2_e_len);
#ifdef VERBOSE
printf("B: m2_e sent, m2_e = ");
print_buffer(m2_e, m2_e_len);
printf("\n");
fflush(stdout);
#endif
/* Receive message 3 */
recv(bio, (unsigned char*) &m3_e_len, sizeof(m3_e_len));
if(m3_e_len > MAX_SIZE_CIPHER)
fail("Server: cipher in message 3 too long");
m3_e = malloc(m3_e_len);
recv(bio, m3_e, m3_e_len);
m3_len = decrypt_len(skey, skey_len, m3_e, m3_e_len);
m3 = malloc(m3_len);
m3_len = decrypt(skey, skey_len, m3_e, m3_e_len, m3);
if(memcmp(m3, "msg3", 4))
{
fprintf(stderr, "B: m3 not properly tagged, aborting\n");
exit(1);
}
if(m3_len != SIZE_NONCE + 4)
{
fprintf(stderr, "B: m3 has wrong length\n");
exit(1);
}
xNb = m3 + 4;
typehint(xNb, SIZE_NONCE, "fixed_20_nonce");
if(memcmp(xNb, Nb, SIZE_NONCE))
{
fprintf(stderr, "xNb in m3 doesn't match Nb\n");
exit(1);
}
#ifdef VERBOSE
printf("B: Na = ");
print_buffer(xNa, SIZE_NONCE);
printf("\n");
printf("B: Nb = ");
print_buffer(Nb, SIZE_NONCE);
printf("\n");
fflush(stdout);
#endif
#ifdef CSEC_VERIFY
#ifdef USE_EVENT_PARAMS
event2("server_end", xhost, xhost_len, host, host_len);
#else
event0("server_end");
#endif
#endif
// wait for the client to close, to avoid "Address already in use" errors
wait_close(bio);
return 0;
}
