void aesctr_encrypt(unsigned char *indata,unsigned char *outdata ,int bytes_read, char ckey[16]){
int i=0;
int mod_len=0;
AES_set_encrypt_key(ckey, KEY_SIZE, &key);
if( bytes_read < BYTES_SIZE){
struct ctr_state state;
init_ctr(&state, iv);
AES_ctr128_encrypt(indata, outdata, bytes_read, &key, state.ivec, state.ecount, &state.num);
return;
}
// loop block size = [ BYTES_SIZE ]
for(i=BYTES_SIZE; i <= bytes_read ;i+=BYTES_SIZE){
struct ctr_state state;
init_ctr(&state, iv);
AES_ctr128_encrypt(indata, outdata, BYTES_SIZE, &key, state.ivec, state.ecount, &state.num);
indata+=BYTES_SIZE;
outdata+=BYTES_SIZE;
}
mod_len = bytes_read % BYTES_SIZE;
if( mod_len != 0 ){
struct ctr_state state;
init_ctr(&state, iv);
AES_ctr128_encrypt(indata, outdata, mod_len, &key, state.ivec, state.ecount, &state.num);
}
}
static void
init_raw_ctr(const char *arg, struct argp_state *state)
{
assert(is_raw_event(arg));
const char *ctr = arg + sizeof(prefix_raw_event) - 1;
long event = perf_argp_parse_long("EVENT", ctr, state);
init_ctr(PERF_TYPE_RAW, event);
}
void init_in(const unsigned char *enc_key, const unsigned char iv[16]) {
// Initializing the encryption KEY
if (AES_set_encrypt_key(enc_key, 128, &key) < 0) {
fprintf(stderr, "Could not set encryption key.");
exit(1);
}
init_ctr(&in_state, iv); // Counter call
}
static void
init_hwc_ctr(const char *arg, struct argp_state *state)
{
assert(is_hwc_event(arg));
const char *ctr = arg + sizeof(prefix_hwc_event) - 1;
const event_name_id_t *event = find_event(hwc_events, ctr, 1);
if (event) {
const int event_name_len = strlen(event->name);
const char *cur = ctr + event_name_len;
uint8_t cache_id = (uint8_t)event->id;
uint8_t op_id;
uint8_t res_id;
if (cur[0] != ':' || cur[1] == '\0')
argp_error(state, "No cache op specified.\n");
switch (*(++cur)) {
case 'r':
op_id = PERF_COUNT_HW_CACHE_OP_READ;
break;
case 'w':
op_id = PERF_COUNT_HW_CACHE_OP_WRITE;
break;
case 'p':
op_id = PERF_COUNT_HW_CACHE_OP_PREFETCH;
break;
default:
argp_error(state, "Invalid cache op specified.\n");
}
cur++;
if (cur[0] != ':' || cur[1] == '\0')
argp_error(state, "No cache result specified.\n");
switch (*(++cur)) {
case 'a':
res_id = PERF_COUNT_HW_CACHE_RESULT_ACCESS;
break;
case 'm':
res_id = PERF_COUNT_HW_CACHE_RESULT_MISS;
break;
default:
argp_error(state, "Invalid cache result specified.\n");
}
cur++;
if (cur[0] != '\0')
argp_error(state, "Illegal HWC string specified.\n");
init_ctr(PERF_TYPE_HW_CACHE,
(res_id << 16) | (op_id << 8) | cache_id);
} else
argp_error(state, "Invalid cache specified.\n");
}
static void
init_hw_ctr(const char *arg, struct argp_state *state)
{
assert(is_hw_event(arg));
const char *ctr = arg + sizeof(prefix_hw_event) - 1;
const event_name_id_t *event = find_event(hw_events, ctr, 0);
if (event)
init_ctr(PERF_TYPE_HARDWARE, event->id);
else
argp_error(state, "Invalid hardware event specified.\n");
}
void aesEncrypt(char* read, char* write, const unsigned char* enc_key)
{
if(!RAND_bytes(iv, AES_BLOCK_SIZE))
{
fprintf(stderr, "Could not create random bytes.");
exit(1);
}
readFile = fopen(read,"rb"); // The b is required in windows.
writeFile = fopen(write,"wb");
if(readFile==NULL)
{
fprintf(stderr, "Read file is null.");
exit(1);
}
if(writeFile==NULL)
{
fprintf(stderr, "Write file is null.");
exit(1);
}
fwrite(iv, 1, 8, writeFile); // IV bytes 1 - 8
fwrite("\0\0\0\0\0\0\0\0", 1, 8, writeFile); // Fill the last 4 with null bytes 9 - 16
//Initializing the encryption KEY
if (AES_set_encrypt_key(enc_key, 128, &key) < 0)
{
fprintf(stderr, "Could not set encryption key.");
exit(1);
}
init_ctr(&state, iv); //Counter call
//Encrypting Blocks of 16 bytes and writing the output.txt with ciphertext
while(1)
{
bytes_read = fread(indata, 1, AES_BLOCK_SIZE, readFile);
AES_ctr128_encrypt(indata, outdata, bytes_read, &key, state.ivec, state.ecount, &state.num);
bytes_written = fwrite(outdata, 1, bytes_read, writeFile);
if (bytes_read < AES_BLOCK_SIZE)
{
break;
}
}
fclose(writeFile);
fclose(readFile);
}
void init_out(const unsigned char *enc_key) {
if (!RAND_bytes(out_iv, AES_BLOCK_SIZE)) {
fprintf(stderr, "Could not create random bytes.");
exit(1);
}
// Initializing the encryption KEY
if (AES_set_encrypt_key(enc_key, 128, &key) < 0) {
fprintf(stderr, "Could not set encryption key.");
exit(1);
}
init_ctr(&out_state, out_iv); // Counter call
}
void main(){
unsigned char * cypher = extochar("874d6191b620e3261bef6864990db6ce",32);
unsigned char * key = extochar("2b7e151628aed2a6abf7158809cf4f3c",32);
unsigned char * iv = extochar("f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",32);
unsigned char out[256]; //more than needed
AES_KEY aes_key;
int msg_len = 16;
struct ctr_state status;
if (!AES_set_encrypt_key(key, 16, &aes_key)){
printf("key error");
exit(-1);
}
init_ctr(&status, iv);
AES_ctr128_encrypt(cypher, out, msg_len, &aes_key, status.ivec, status.ecount, &status.num);
//expected plaintext: "6bc1bee22e409f96e93d7e117393172a"
}
void* server_process(void* ptr) {
if (!ptr) pthread_exit(0);
//int tid;
//tid = (int)pthread_getthreadid_np();
printf("New thread started\n");
connection_t *conn = (connection_t *)ptr;
char buffer[BUF_SIZE];
int ssh_fd, n;
boolean ssh_done = false;
ssh_fd = socket(AF_INET, SOCK_STREAM, 0);
if (connect(ssh_fd, (struct sockaddr *)&conn->sshaddr, sizeof(conn->sshaddr)) == -1) {
printf("Connection to ssh failed!\n");
pthread_exit(0);
} else {
printf("Connection to ssh established!\n");
}
int flags = fcntl(conn->sock, F_GETFL);
if (flags == -1) {
printf("read sock 1 flag error!\n");
printf("Closing connections and exit thread!\n");
close(conn->sock);
close(ssh_fd);
free(conn);
pthread_exit(0);
}
fcntl(conn->sock, F_SETFL, flags | O_NONBLOCK);
flags = fcntl(ssh_fd, F_GETFL);
if (flags == -1) {
printf("read ssh_fd flag error!\n");
pthread_exit(0);
}
fcntl(ssh_fd, F_SETFL, flags | O_NONBLOCK);
struct ctr_state state;
AES_KEY aes_key;
unsigned char iv[8];
if (AES_set_encrypt_key(conn->key, 128, &aes_key) < 0) {
fprintf(stderr, "Set encryption key error!\n");
exit(1);
}
while (1) {
while ((n = read(conn->sock, buffer, BUF_SIZE)) > 0) {
if (n < 8) {
printf("Packet length smaller than 8!\n");
close(conn->sock);
close(ssh_fd);
free(conn);
pthread_exit(0);
}
memcpy(iv, buffer, 8);
unsigned char decryption[n-8];
init_ctr(&state, iv);
AES_ctr128_encrypt(buffer+8, decryption, n-8, &aes_key, state.ivec, state.ecount, &state.num);
//printf("%.*s\n", n, buffer);
write(ssh_fd, decryption, n-8);
if (n < BUF_SIZE)
break;
};
while ((n = read(ssh_fd, buffer, BUF_SIZE)) >= 0) {
if (n > 0) {
if(!RAND_bytes(iv, 8)) {
fprintf(stderr, "Error generating random bytes.\n");
exit(1);
}
char *tmp = (char*)malloc(n + 8);
memcpy(tmp, iv, 8);
unsigned char encryption[n];
init_ctr(&state, iv);
AES_ctr128_encrypt(buffer, encryption, n, &aes_key, state.ivec, state.ecount, &state.num);
memcpy(tmp+8, encryption, n);
write(conn->sock, tmp, n + 8);
free(tmp);
}
if (ssh_done == false && n == 0)
ssh_done = true;
if (n < BUF_SIZE)
break;
}
if (ssh_done)
break;
}
printf("Closing connections and exit thread!\n");
close(conn->sock);
close(ssh_fd);
free(conn);
pthread_exit(0);
}
int main(int argc, char *argv[]) {
int opt = 0;
char *str_listen_port = NULL;
boolean server_mode = false;
char *key_file = NULL;
char *str_dst = NULL;
char *str_dst_port = NULL;
while ((opt = getopt(argc, argv, "l:k:")) != -1) {
switch(opt) {
case 'l':
str_listen_port = optarg;
server_mode = true;
break;
case 'k':
key_file = optarg;
break;
case '?':
// when user didn't specify argument
if (optopt == 'l') {
fprintf(stderr, "Please specify port number to listen!\n");
return 0;
} else if (optopt == 'k') {
fprintf(stderr, "Please specify key file to use!\n");
return 0;
} else {
fprintf(stderr, "Unknown argument!\n");
return 0;
}
default:
fprintf(stderr, "Default case?!\n");
return 0;
}
}
// get destination ip and port
if (optind == argc - 2) {
str_dst = argv[optind];
str_dst_port = argv[optind+1];
} else {
fprintf(stderr, "optind: %d, argc: %d\n", optind, argc);
fprintf(stderr, "Incorrect destination and port arguments. Exiting...\n");
return 0;
}
if (key_file == NULL) {
fprintf(stderr, "Key file not specified!\n");
return 0;
}
fprintf(stderr, "\n\tInitializing pbproxy using following parameters:\n\
server mode: %s\n\
listening port: %s\n\
key file: %s\n\
destination addr: %s\n\
destination port: %s\n\n\n"\
, server_mode ? "true" : "false", str_listen_port, key_file,\
str_dst, str_dst_port);
unsigned const char *key = read_file(key_file);
if (!key) {
fprintf(stderr, "read key file failed!\n");
return 0;
}
int dst_port = (int)strtol(str_dst_port, NULL, 10);
struct hostent *nlp_host;
if ((nlp_host=gethostbyname(str_dst)) == 0) {
fprintf(stderr, "Resolve Error!\n");
return 0;
}
struct sockaddr_in servaddr, sshaddr;
bzero(&servaddr, sizeof(servaddr));
bzero(&servaddr, sizeof(sshaddr));
// pbproxy running in server mode
if (server_mode == true) {
connection_t *connection;
pthread_t thread;
int listen_fd;
int listen_port = (int)strtol(str_listen_port, NULL, 10);
listen_fd = socket(AF_INET, SOCK_STREAM, 0);
//ssh_fd = socket(AF_INET, SOCK_STREAM, 0);
servaddr.sin_family = AF_INET;
servaddr.sin_addr.s_addr = htons(INADDR_ANY);
servaddr.sin_port = htons(listen_port);
sshaddr.sin_family = AF_INET;
sshaddr.sin_port = htons(dst_port);
sshaddr.sin_addr.s_addr = ((struct in_addr *)(nlp_host->h_addr))->s_addr;
bind(listen_fd, (struct sockaddr *)&servaddr, sizeof(servaddr));
if (listen(listen_fd, 10) < 0) {
fprintf(stderr, "Attempting to listen failed!\n");
return 0;
};
while (1) {
connection = (connection_t *)malloc(sizeof(connection_t));
connection->sock = accept(listen_fd, &connection->address, &connection->addr_len);
if (connection->sock > 0) {
connection->sshaddr = sshaddr;
connection->key = key;
pthread_create(&thread, 0, server_process, (void*)connection);
pthread_detach(thread);
} else {
free(connection);
}
}
} else {
// pbproxy running in client mode
int sockfd, n;
char buffer[BUF_SIZE];
sockfd = socket(AF_INET, SOCK_STREAM, 0);
servaddr.sin_family = AF_INET;
servaddr.sin_port = htons(dst_port);
servaddr.sin_addr.s_addr = ((struct in_addr *)(nlp_host->h_addr))->s_addr;
if (connect(sockfd, (struct sockaddr *)&servaddr, sizeof(servaddr)) == -1) {
fprintf(stderr, "Connection failed!\n");
return 0;
}
fcntl(STDIN_FILENO, F_SETFL, O_NONBLOCK);
fcntl(sockfd, F_SETFL, O_NONBLOCK);
struct ctr_state state;
unsigned char iv[8];
AES_KEY aes_key;
if (AES_set_encrypt_key(key, 128, &aes_key) < 0) {
fprintf(stderr, "Set encryption key error!\n");
exit(1);
}
while(1) {
while ((n = read(STDIN_FILENO, buffer, BUF_SIZE)) > 0) {
if(!RAND_bytes(iv, 8)) {
fprintf(stderr, "Error generating random bytes.\n");
exit(1);
}
char *tmp = (char*)malloc(n + 8);
memcpy(tmp, iv, 8);
//write(sockfd, iv, 8);
unsigned char encryption[n];
init_ctr(&state, iv);
AES_ctr128_encrypt(buffer, encryption, n, &aes_key, state.ivec, state.ecount, &state.num);
memcpy(tmp+8, encryption, n);
//fprintf(stderr, "Then %d bytes encrypted message\n", n);
write(sockfd, tmp, n + 8);
free(tmp);
if (n < BUF_SIZE)
break;
}
while ((n = read(sockfd, buffer, BUF_SIZE)) > 0) {
if (n < 8) {
fprintf(stderr, "Packet length smaller than 8!\n");
close(sockfd);
return 0;
}
memcpy(iv, buffer, 8);
unsigned char decryption[n-8];
init_ctr(&state, iv);
AES_ctr128_encrypt(buffer+8, decryption, n-8, &aes_key, state.ivec, state.ecount, &state.num);
write(STDOUT_FILENO, decryption, n-8);
if (n < BUF_SIZE)
break;
}
}
}
return 1;
}
