Show page

Differences

This shows you the differences between two versions of the page.

--- ic:laboratoare:09 [2019/11/09 20:19]
dan.dragan
+++ ic:laboratoare:09 [2020/11/05 17:54] (current)
acosmin.maria
@@ Line 10: / Line 10: @@
 For this exercise, use OpenSSL commands to:
-  - generate a 16 byte random key
+  - generate a 16 byte random key;
-  - use the key to compute the SHA-1 HMAC of the page downloaded in the previous exercise
+  - use the key to compute the SHA-1 HMAC of the following message: "Laborator IC";
+  - use the same key to compute the SHA-1 HMAC of the following message: "Laborator IC!". Notice the difference between the messages - a single character (e.g "!"). Observe that the message authentication codes are completely different.
@@ Line 48: / Line 49: @@
 </note>
-<hidden>The solution is {{:ic:laboratoare:lab9_sol.zip|here}}.</hidden>
-Before you start solving the exercises below, download the {{:ic:laboratoare:ic_lab10.zip|lab archive from here}}.
+==== Exercise 3 ====
-==== Exercise 1 ====
+Before you start solving the exercises below, download the {{:ic:laboratoare:aesgcm.zip|lab archive from here}}.
-The archive contains the source code for Exercise 2, but sadly it is encrypted. Luckily, we forgot to remove the password file from the archive.
+The archive contains the source code for Exercise 4, but sadly it is encrypted. Luckily, we forgot to remove the password file from the archive.
 Use ''openssl'' commands to decrypt the source file.
@@ Line 63: / Line 63: @@
 </note>
+==== Exercise 4 ====
-==== Exercise 2 ====
+<hidden>
+<note hint>
+The problem has been fixed, so no more code for students!
+</note>
+In case you didn't manage to solve Exercise 3 (more recent versions of openssl are not compatible with respect to the encryption/decryption using password), here is the lab starting code:
+<code>
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <string.h>
+void hexdump(unsigned char * string, int length) {
+    int i;
+    for (i = 0; i < length; i++) {
+        printf("%02x", string[i]);
+    }
+}
+int aes_gcm_encrypt(unsigned char * ptext,
+        int plen,
+        unsigned char * key,
+        unsigned char * iv,
+        unsigned char ** ctext,
+        int * clen) {
+    EVP_CIPHER_CTX * ctx;
+    /* TODO Create new EVP Context */
+    /* TODO Initialize context using 256-bit AES-GCM, Encryption operation */
+    /* TODO Initialize Key and IV for the new context */
+    /* TODO Encrypt data */
+    /* TODO Finalize encryption context (computes and appends auth tag) */
+    /* TODO Print tag */
+    /* TODO Destroy context */
+    return 0;
+}
+int aes_gcm_decrypt(unsigned char * ctext,
+        int clen,
+        unsigned char * key,
+        unsigned char * iv,
+        unsigned char ** ptext,
+        int * plen) {
+    EVP_CIPHER_CTX * ctx;
+    /* TODO Create new EVP Context */
+    /* TODO Initialize context using 256-bit AES-GCM, Decryption operation */
+    /* TODO Initialize Key and IV for the new context */
+    /* TODO Submit tag data */
+    /* TODO Decrypt data */
+    /* TODO Finalize decryption context (verifies auth tag) */
+    /* TODO Destroy context */
+    return 0;
+}
+int main(int argc, char * argv[]) {
+    ERR_load_crypto_strings();
+    unsigned char key[] = "0123456789abcdef0123456789abcdef"; /* 256-bit key */
+    unsigned char iv[] = "0123456789ab";                      /* 96-bit IV   */
+    unsigned char * ptext = (unsigned char *)"Hello, SSLWorld!\n";
+    int plen = strlen((const char *)ptext);
+    unsigned char * ctext;
+    int clen;
+    printf("Plaintext = %s\n", ptext);
+    printf("Plaintext  (hex) = "); hexdump(ptext, plen); printf("\n");
+    aes_gcm_encrypt(ptext, plen, key, iv, &ctext, &clen);
+    printf("Ciphertext (hex) = "); hexdump(ctext, clen - 16); printf("\n");
+    unsigned char * ptext2;
+    int plen2;
+    aes_gcm_decrypt(ctext, clen, key, iv, &ptext2, &plen2);
+    printf("Done decrypting!\n");
+    ptext2[plen2] = '\0';
+    printf("Plaintext = %s\n", ptext2);
+    if (memcmp(ptext, ptext2, strlen((const char *)ptext)) == 0) {
+        printf("Ok!\n");
+    } else {
+        printf("Not ok :(\n");
+    }
+    return 0;
+}
+</code>
+</hidden>
 In this exercise we'll use OpenSSL to encrypt and decrypt with AES-128-GCM. Unfortunately, AES-GCM is not supported by the command line utilities of OpenSSL so we'll have to implement it ourselves.
@@ Line 124: / Line 236: @@
 See the open ssl manual [[https://www.openssl.org/docs/man1.1.0/crypto/EVP_aes_256_gcm.html|here]] page for EVP encrypt to see the usage of the EVP functions and an example similar to the one above.
 </note>
-<hidden>
-The solution is {{:ic:laboratoare:lab10_sol.zip|here}}.
-Alternative solution: [[https://paste.ubuntu.com/p/4XZpMtt9ZZ/|Source code]]
-</hidden>

Administrativ

Cursuri

Laboratoare

Resurse

Teme

Tema 1 (2025)

ic/laboratoare/09.1573323545.txt.gz · Last modified: 2019/11/09 20:19 by dan.dragan

Show page Old revisions

Media Manager Back to top