1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
#include <sys/socket.h>
#include <netinet/in.h>
#include <string.h>
#include <err.h>
#include <inttypes.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <mbedtls/pk.h>
#include <mbedtls/entropy.h>
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/gcm.h"
const unsigned short PORT = 58132;
static const unsigned char pubkey[] =
"-----BEGIN PUBLIC KEY-----\n"
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWlNmLHOOzZpdrfp+EAA\n"
"Nwqab0FhQwCyZ/u+ySBW5XxPf6mobySvtJrLdsWzdwnup/UfwZiEhJk/4wpD4Qf/\n"
"2+syuJi3Rf7L+Jfh//Qf9uXAS80+LYad7dW0c1r5nt+F9Can5fBn7futnd8n672T\n"
"+y8QpHRwX9GtaILvYQe5GQac8cfq2rGUd5iYj5KSdcaIZnJ4YgnjLHg2PMbtEJwq\n"
"cV+2oAkcOPzTAJoNE7XjLZTwXmLlFgL/2cN4uJZBDnwv3RZSAhpdYF4KOJmE2GFs\n"
"2jdvRUrYO7WSl8fM16vRH4vz5MNNcaprg2MlXheVTPQa+WMdcz7dyQx8s9kRVPPU\n"
"SwIDAQAB \n"
"-----END PUBLIC KEY----- \n";
static const unsigned char pp[] = "IJUHZGFDXTZKHJKHGFDHZLUÖDRTFGHHJGHH";
enum { SESSION_ID_LENGTH = 8, AES_KEY_LENGTH = 16, GCM_IV_LENGTH = 16, GCM_TAG_LENGTH = 16 };
static uint8_t session_id[8] = { 0xef, 0xcd, 0xab, 0x89, 0x67, 0x45, 0x23, 0x01 };
static uint8_t aes_key[16] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
void send_udp(int sock, mbedtls_ctr_drbg_context *ctr_drbg, const uint8_t *text, size_t len) {
uint8_t iv[GCM_IV_LENGTH];
mbedtls_ctr_drbg_random(ctr_drbg, iv, sizeof(GCM_IV_LENGTH));
const size_t total_length = 1 + SESSION_ID_LENGTH + GCM_IV_LENGTH + GCM_TAG_LENGTH + len;
uint8_t *output = alloca(total_length);
output[0] = 1;
memcpy(output + 1, session_id, SESSION_ID_LENGTH);
memcpy(output + 1 + SESSION_ID_LENGTH, iv, GCM_IV_LENGTH);
mbedtls_gcm_context ctx;
mbedtls_gcm_init(&ctx);
mbedtls_gcm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, aes_key, 8 * AES_KEY_LENGTH);
if (!mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_ENCRYPT, len, iv, GCM_IV_LENGTH, session_id, SESSION_ID_LENGTH,
text, output + 1 + SESSION_ID_LENGTH + GCM_IV_LENGTH + GCM_TAG_LENGTH, GCM_TAG_LENGTH,
output + 1 + SESSION_ID_LENGTH + GCM_IV_LENGTH)) {
struct sockaddr_in to;
memset(&to, 0, sizeof(to));
to.sin_family = AF_INET;
to.sin_addr.s_addr = inet_addr("127.0.0.1");
to.sin_port = htons(PORT);
sendto(sock, output, total_length, 0, (struct sockaddr*)&to, sizeof(to));
}
mbedtls_gcm_free(&ctx);
}
void new_session(int sock, mbedtls_ctr_drbg_context *ctr_drbg) {
mbedtls_ctr_drbg_random(ctr_drbg, session_id, sizeof(session_id));
mbedtls_ctr_drbg_random(ctr_drbg, aes_key, sizeof(aes_key));
unsigned char output[512];
output[0] = 0;
memcpy(output + 1, session_id, SESSION_ID_LENGTH);
mbedtls_pk_context pk;
mbedtls_pk_init(&pk);
int ret = 0;
if ((ret = mbedtls_pk_parse_public_key(&pk, pubkey, sizeof(pubkey)) ) != 0 )
errx(-1, "mbedtls_pk_parse_public_keyfile returned -0x%04x\n", -ret );
size_t olen = 0;
if ((ret = mbedtls_pk_encrypt(&pk, aes_key, AES_KEY_LENGTH, output + 1 + SESSION_ID_LENGTH, &olen,
sizeof(output) - 1 - SESSION_ID_LENGTH, mbedtls_ctr_drbg_random, ctr_drbg)) != 0)
errx(-1, "mbedtls_pk_encrypt returned -0x%04x\n", -ret );
mbedtls_pk_free(&pk);
struct sockaddr_in to;
memset(&to, 0, sizeof(to));
to.sin_family = AF_INET;
to.sin_addr.s_addr = inet_addr("127.0.0.1");
to.sin_port = htons(PORT);
sendto(sock, output, olen + 1 + SESSION_ID_LENGTH, 0, (struct sockaddr*)&to, sizeof(to));
}
int main() {
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_entropy_context entropy;
mbedtls_entropy_init(&entropy);
mbedtls_ctr_drbg_init(&ctr_drbg);
mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, pp, sizeof(pp));
int sock = socket(AF_INET, SOCK_DGRAM, 0);
new_session(sock, &ctr_drbg);
sleep(3);
const unsigned char *logline = (const unsigned char*)"Juchuuu, es klappt!\n";
send_udp(sock, &ctr_drbg, logline, strlen((char*)logline));
close(sock);
}
|