#include #include #include #include #include #include #include #include #include #include "mbedtls/ctr_drbg.h" #include "mbedtls/gcm.h" const unsigned short PORT = 58132; static const unsigned char pubkey[] = "-----BEGIN PUBLIC KEY-----\n" "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWlNmLHOOzZpdrfp+EAA\n" "Nwqab0FhQwCyZ/u+ySBW5XxPf6mobySvtJrLdsWzdwnup/UfwZiEhJk/4wpD4Qf/\n" "2+syuJi3Rf7L+Jfh//Qf9uXAS80+LYad7dW0c1r5nt+F9Can5fBn7futnd8n672T\n" "+y8QpHRwX9GtaILvYQe5GQac8cfq2rGUd5iYj5KSdcaIZnJ4YgnjLHg2PMbtEJwq\n" "cV+2oAkcOPzTAJoNE7XjLZTwXmLlFgL/2cN4uJZBDnwv3RZSAhpdYF4KOJmE2GFs\n" "2jdvRUrYO7WSl8fM16vRH4vz5MNNcaprg2MlXheVTPQa+WMdcz7dyQx8s9kRVPPU\n" "SwIDAQAB \n" "-----END PUBLIC KEY----- \n"; static const unsigned char pp[] = "IJUHZGFDXTZKHJKHGFDHZLUÖDRTFGHHJGHH"; enum { SESSION_ID_LENGTH = 8, AES_KEY_LENGTH = 16, GCM_IV_LENGTH = 16, GCM_TAG_LENGTH = 16 }; static uint8_t session_id[8] = { 0xef, 0xcd, 0xab, 0x89, 0x67, 0x45, 0x23, 0x01 }; static uint8_t aes_key[16] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; void send_udp(int sock, mbedtls_ctr_drbg_context *ctr_drbg, const uint8_t *text, size_t len) { uint8_t iv[GCM_IV_LENGTH]; mbedtls_ctr_drbg_random(ctr_drbg, iv, sizeof(GCM_IV_LENGTH)); const size_t total_length = 1 + SESSION_ID_LENGTH + GCM_IV_LENGTH + GCM_TAG_LENGTH + len; uint8_t *output = alloca(total_length); output[0] = 1; memcpy(output + 1, session_id, SESSION_ID_LENGTH); memcpy(output + 1 + SESSION_ID_LENGTH, iv, GCM_IV_LENGTH); mbedtls_gcm_context ctx; mbedtls_gcm_init(&ctx); mbedtls_gcm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, aes_key, 8 * AES_KEY_LENGTH); if (!mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_ENCRYPT, len, iv, GCM_IV_LENGTH, session_id, SESSION_ID_LENGTH, text, output + 1 + SESSION_ID_LENGTH + GCM_IV_LENGTH + GCM_TAG_LENGTH, GCM_TAG_LENGTH, output + 1 + SESSION_ID_LENGTH + GCM_IV_LENGTH)) { struct sockaddr_in to; memset(&to, 0, sizeof(to)); to.sin_family = AF_INET; to.sin_addr.s_addr = inet_addr("127.0.0.1"); to.sin_port = htons(PORT); sendto(sock, output, total_length, 0, (struct sockaddr*)&to, sizeof(to)); } mbedtls_gcm_free(&ctx); } void new_session(int sock, mbedtls_ctr_drbg_context *ctr_drbg) { mbedtls_ctr_drbg_random(ctr_drbg, session_id, sizeof(session_id)); mbedtls_ctr_drbg_random(ctr_drbg, aes_key, sizeof(aes_key)); unsigned char output[512]; output[0] = 0; memcpy(output + 1, session_id, SESSION_ID_LENGTH); mbedtls_pk_context pk; mbedtls_pk_init(&pk); int ret = 0; if ((ret = mbedtls_pk_parse_public_key(&pk, pubkey, sizeof(pubkey)) ) != 0 ) errx(-1, "mbedtls_pk_parse_public_keyfile returned -0x%04x\n", -ret ); size_t olen = 0; if ((ret = mbedtls_pk_encrypt(&pk, aes_key, AES_KEY_LENGTH, output + 1 + SESSION_ID_LENGTH, &olen, sizeof(output) - 1 - SESSION_ID_LENGTH, mbedtls_ctr_drbg_random, ctr_drbg)) != 0) errx(-1, "mbedtls_pk_encrypt returned -0x%04x\n", -ret ); mbedtls_pk_free(&pk); struct sockaddr_in to; memset(&to, 0, sizeof(to)); to.sin_family = AF_INET; to.sin_addr.s_addr = inet_addr("127.0.0.1"); to.sin_port = htons(PORT); sendto(sock, output, olen + 1 + SESSION_ID_LENGTH, 0, (struct sockaddr*)&to, sizeof(to)); } int main() { mbedtls_ctr_drbg_context ctr_drbg; mbedtls_entropy_context entropy; mbedtls_entropy_init(&entropy); mbedtls_ctr_drbg_init(&ctr_drbg); mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, pp, sizeof(pp)); int sock = socket(AF_INET, SOCK_DGRAM, 0); new_session(sock, &ctr_drbg); sleep(3); const unsigned char *logline = (const unsigned char*)"Juchuuu, es klappt!\n"; send_udp(sock, &ctr_drbg, logline, strlen((char*)logline)); close(sock); }