From: cajus Date: Thu, 6 Dec 2007 12:10:28 +0000 (+0000) Subject: Fixed handling of iv vectors X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=35a367e8f20f5c49329348c4aa432a8fee403029;p=gosa.git Fixed handling of iv vectors git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@8042 594d385d-05f5-0310-b6e9-bd551577e9d8 --- diff --git a/contrib/socket_server/client.php b/contrib/socket_server/client.php index 8cf8f2f2e..d3a1b396b 100755 --- a/contrib/socket_server/client.php +++ b/contrib/socket_server/client.php @@ -4,31 +4,15 @@ require_once("../../include/class_socketClient.inc"); error_reporting(E_ALL); -echo "\n\nTry to connect"; $sock = new Socket_Client("10.89.1.182","10000",TRUE,1); -$sock->SetEncryptionKey("ferdinand_frost"); +$sock->setEncryptionKey("ferdinand_frost"); + if($sock->connected()){ - echo "... successful\n"; - echo "|--Reading welcome message : \n"; - echo $sock->read(); - /* Prepare a hunge bunch of data to be send */ - $data = "HullaHorst"; - echo "|--Sending ".strlen($data)."bytes of data to socket.\n"; - $sock->send($data); - echo "|--Done!\n"; + $data = "Hallo Andi. Alles wird toll."; + $sock->write($data); echo $sock->read(); - echo "|--".$sock->bytes_read()."bytes read.\n"; - echo "|--Sending 'exit' command to socket.\n"; - $sock->send("exit"); - echo "|--Reading message:\n"; - echo $sock->read()."\n"; - - echo "|--Closing connection.\n"; $sock->close(); - echo "|--Done!\n"; - echo "|--End\n\n"; - }else{ echo "... FAILED!\n"; } diff --git a/contrib/socket_server/server.php b/contrib/socket_server/server.php index 29a0736ca..8f6473ec5 100755 --- a/contrib/socket_server/server.php +++ b/contrib/socket_server/server.php @@ -32,9 +32,22 @@ socket_listen($socket,$max_clients); $clients = array('0' => array('socket' => $socket)); -echo "\nServer startet on port : ".$bind_port." -You may use telnet to connect to the server -"; +echo "\nServer startet on port : $bind_port\n"; + + +/* Open the cipher */ +$td = mcrypt_module_open('rijndael-256', '', 'cbc', ''); + +/* Create the IV and determine the keysize length */ +$iv = substr(md5('GONICUS GmbH'),0, mcrypt_enc_get_iv_size($td)); +$ks = mcrypt_enc_get_key_size($td); + +/* Create key */ +$key = substr(md5('ferdinand_frost'), 0, $ks); +echo "Key: $key\n"; + +/* Intialize encryption */ +mcrypt_generic_init($td, $key, $iv); /* Accept connections till server is killed */ while(TRUE) { @@ -47,14 +60,9 @@ while(TRUE) { } } - /* Check each socket listed in array $read for readable data. - * We must do this to prevent the server from freezing if the socket is blocked. - * All sockets that are readable will remain in the array, all blocked sockets will be removed. - */ $ready = socket_select($read,$write=NULL,$except=NULL,0); - /* Handle incoming connections / Incoming data - */ + /* Handle incoming connections / Incoming data */ if(in_array($socket,$read)) { /* Check each client slot for a new connection */ @@ -66,11 +74,6 @@ while(TRUE) { socket_getpeername($clients[$i]['socket'],$ip); $clients[$i]['ipaddy'] = $ip; - socket_write($clients[$i]['socket'],encrypt( -"Welcome to GOsa Test Server -============================ -Type some text here:",$encrypt_key)); - echo("New client connected: " . $clients[$i]['ipaddy'] . " \n"); break; } @@ -83,12 +86,10 @@ Type some text here:",$encrypt_key)); } } - /* Check if there is data to read from the client sockets - */ + /* Check if there is data to read from the client sockets */ for($i=1;$i<$max_clients+1;$i++) { - /* Check if socket has send data to the server - */ + /* Check if socket has send data to the server */ if(isset($clients[$i]) && in_array($clients[$i]['socket'],$read)) { /* Read socket data */ @@ -97,60 +98,19 @@ Type some text here:",$encrypt_key)); /* Client disconnected */ if ($data === FALSE) { unset($clients[$i]); - echo "Client disconnected! \n"; + echo "Client disconnected!\n"; continue; } - $data = trim(decrypt($data,$encrypt_key)); - echo "Client (".$clients[$i]['ipaddy'].") send : ".substr($data,0,30)."... \n"; - - if($data == "exit"){ - /* Close conenction */ - socket_write($clients[$i]['socket'],encrypt("Bye Bye!",$encrypt_key)); - @socket_close($clients[$i]); - echo "Client disconnected! bye bye!".$clients[$i]['ipaddy']."\n"; - }else{ - /* Send some data back to the client */ - $data = encrypt(strrev($data),$encrypt_key); - socket_write($clients[$i]['socket'],$data); - } - } - } -} + $data = mdecrypt_generic($td, trim($data)); + echo "Client (".$clients[$i]['ipaddy'].") sent: ".$data."... \n"; + echo "Sending reply... \n"; + socket_write($clients[$i]['socket'],mcrypt_generic($td, $data)); - -function encrypt($data,$key) -{ - global $enable_encryption; - - $data= str_repeat("0", 16 - strlen($data)%16).$data; - echo "1EEE>>>>>>>>>>>>>>>>>".strlen($data)."\n"; - - /* Encrypt data */ - if($enable_encryption){ - $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC); - $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); - echo "Size: $iv_size\n"; - $data = mcrypt_encrypt (MCRYPT_RIJNDAEL_256, $key, $data, MCRYPT_MODE_CBC, $iv); - } - echo "2EEE>>>>>>>>>>>>>>>>>".strlen($data)."\n"; - return($data); -} - -function decrypt($data,$key) -{ - global $enable_encryption; - - /* Decrypt data */ - if($enable_encryption){ - $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC); - $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); - $data = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $data, MCRYPT_MODE_CBC, $iv); - $data = ltrim($data,"0"); + @socket_close($clients[$i]); + } } - return($data); } - ?> diff --git a/include/class_socketClient.inc b/include/class_socketClient.inc index b2957e450..ec8ff5a7a 100755 --- a/include/class_socketClient.inc +++ b/include/class_socketClient.inc @@ -12,60 +12,64 @@ class Socket_Client private $bytes_read = 0; private $error = ""; - private $encrypt = FALSE; - private $crypt_key = ""; - + /* Crypto information */ + private $td= NULL; + private $ckey= ""; + private $ks; private $iv; - public function __construct($host, $port, $connect = TRUE,$timeout = 3){ - $this->host = $host; - $this->port = $port; - $this->timeout = $timeout; + + public function __construct($host, $port, $connect = TRUE, $timeout = 3){ + $this->host= $host; + $this->port= $port; + $this->timeout= $timeout; + + /* Connect if needed */ if($connect){ - $this->connect(); + $this->open(); } } - public function SetEncryptionKey($data) + + public function setEncryptionKey($key) { if(!function_exists("mcrypt_get_iv_size")){ - $this->error = _("The mcrypt module was not found. Please install php5-mcrypt.") ; - return(FALSE); - }else{ - $this->encrypt = TRUE; - $this->iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC); - $this->crypt_key= str_pad($data, $this->iv_size, $data); - echo "Setting key to $this->crypt_key\n"; - $this->iv = mcrypt_create_iv($this->iv_size, MCRYPT_RAND); - return(TRUE); + $this->error = _("The mcrypt module was not found. Please install php5-mcrypt."); + $this->ckey = ""; + return FALSE ; } + + if ($this->connected()){ + $this->ckey = substr(md5($key), 0, $this->ks); + echo "Key: $this->ckey\n"; + mcrypt_generic_init($this->td, $this->ckey, $this->iv); + return TRUE; + } + + return FALSE; } + private function encrypt($data) { - /* Encrypt data */ - if($this->encrypt){ - $data = mcrypt_encrypt (MCRYPT_RIJNDAEL_256, $this->crypt_key, $data, MCRYPT_MODE_CBC, $this->iv); - } - echo "EEEE>>>>>>>>>>>>>>>>>>>>>>>>> ".strlen($data)."\n"; - return($data); + return mcrypt_generic($this->td, $data); } + private function decrypt($data) { - echo "DDDD>>>>>>>>>>>>>>>>>>>>>>>>> ".strlen($data)."\n"; /* decrypt data */ - $data = mcrypt_decrypt (MCRYPT_RIJNDAEL_256, $this->crypt_key, rtrim($data), MCRYPT_MODE_CBC, $this->iv); - $data = ltrim($data,"0"); - return($data); + return mdecrypt_generic($this->td, $data); } + public function connected() { - return($this->handle == TRUE); + return ($this->handle == TRUE); } - public function connect() + + public function open() { $this->handle = @fsockopen($this->host, $this->port, $this->errno, $this->errstr, $this->timeout); if(!$this->handle){ @@ -73,40 +77,37 @@ class Socket_Client $this->error = $this->errstr; }else{ $this->b_data_send = TRUE; + + /* Open the cipher */ + $this->td = mcrypt_module_open('rijndael-256', '', 'cbc', ''); + + /* Create the IV and determine the keysize length */ + $this->iv = substr(md5('GONICUS GmbH'),0, mcrypt_enc_get_iv_size($this->td)); + $this->ks = mcrypt_enc_get_key_size($this->td); } } + public function get_error() { - return($this->error); + return $this->error; } - public function write($data){ - return($this->send($data)); - } - public function send($data) - { - $data= str_repeat("0", 16 - strlen($data)%16).$data; + public function write($data){ if($this->handle){ $data = $this->encrypt($data); - $data = trim($data); fputs($this->handle, $data."\n"); $this->b_data_send = TRUE; - return(TRUE); }else{ - return(FALSE); + $this->b_data_send = FALSE; } - } - public function close() - { - if($this->handle){ - fclose($this->handle); - } + return $this->b_data_send; } - - private function _read() + + + public function read() { $str = FALSE; if($this->handle){ @@ -126,18 +127,26 @@ class Socket_Client $this->b_data_send = FALSE; $str = $this->decrypt($str); } - return($str); + return $str; } - public function read() + + public function bytes_read() { - return($this->_read()); + return $this->bytes_read; } - public function bytes_read() + + public function close() { - return($this->bytes_read); + if($this->handle){ + fclose($this->handle); + } + + /* Terminate decryption handle and close module */ + mcrypt_generic_deinit($this->td); } + }