The program emulates the scp program, i.e. the program to copy files encrypted and encapsulated inside a ssh connection/tunnel, authentication is done using HMAC
-
There is a server program
- forks
- child process : creates a tcp socket which binds to port no 9999 and recieves the encrypted payload
- parent process : first does HMAC validation, then
-
Client program
- forks
- child process : encrypts the plaintext, generates random IV using /dev/urandom , implements HMAC signature
- Parent process : connects to port 9999, sends to the server where payload is “HMAC signature || Cipher text || IV“
-
Used sockets API for TCP scokets generation.
-
Used EVP cbc encrypt and decrypt functions for ciphertext generation.
-
Used HMAC signing with message digest.
-
To check for tampering the signature : uncomment the code in server program from line 284-294, it shows the errors such as :
-
If everything works properly , we can see output like this:
Other smaple runs , where it is encrypted and decrypted properly , which might differ due to randomisation.
Due to randomly generated bytes by /dev/urandom for IV : the text is decrypted properly only sometimes as the randomised and encrypted string might have deliminator(”||”) which I used here. So the output might differ in some runs. But if we do repetitively for 2-3 times , it works fine.
For netcat file transfer:
https://medium.com/iostrap/how-to-transfer-files-between-servers-using-netcat-d8bc13eebea
Netcat over ssh
https://gist.github.com/ramn/3794292
socket pipes
https://www.bogotobogo.com/cplusplus/multithreading_ipc.php
Encrypt and decrypt
https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption
https://wiki.openssl.org/index.php/EVP_Signing_and_Verifying#Verifying_HMAC
https://medium.com/@amit.kulkarni/encrypting-decrypting-a-file-using-openssl-evp-b26e0e4d28d4
https://home.uncg.edu/cmp/faculty/srtate/580.s13/digest_ex.php
http://www.askyb.com/cpp/openssl-hmac-hasing-example-in-cpp/
use socket and netcat
https://stackoverflow.com/questions/25433264/using-netcat-to-pipe-unix-socket-to-tcp-socket
https://www.cs.swarthmore.edu/~aviv/classes/f12/cs43/labs/lab4/lab4.pdf
https://stackoverflow.com/questions/9889492/how-to-do-encryption-using-aes-in-openssl