Assignment 7 revised: 10/19/06 Assigned: 10/3/06 Due: 6:00pm 10/21/06 Objective: adding encryption (AES) to your ncp client from asnmt 4 Points: 15 Description: Add AES CBC encryption to the client program you developed for assignment 4. Use the OpenSSL AES_cbc_encrypt() function to encrypt the entire packet structure (e.g., outpkt) just before the sendto() and to decrypt the encrypted packet from the server right after the recvfrom(). For your 16-byte AES encryption key use the MD5 hash of the string aeskey06 (don't include the null in the hash). Your program must calculate the length of the buffer needed to hold the encrypted output. Be sure to use this length when sending the buffer to the server. Verify that the recvfrom() returns this length or write an error message and exit. For testing with whisper, again use the password secret06 For the 16-byte IV, use MD5 to hash the port number as an int in network byte order (htonl(port)) with the password (don't include the null). WARNINGS: 1. Fix any errors in your client code that were noted in grading for assignment 4. 2. Remember, encryption output will usually be bigger than the input so provide a temporary buffer big enough, and you'll need to use a bigger buffer in the recvfrom too 3. You'll need to reset the IV because AES_cbc_encrypt() modifies the IV 4. A "bad hmac" from the server may mean your encryption is broken. 5. All packets from the server will be encrypted. You must test your client with the server running on whisper. The server is running on port 4322 Your test results must include an ncp to and from whisper. Include in your ANSWERS file the first-byte authenticator values, and the value of the data[] field in the response packet you get back from whisper. whisper will only accept write's to a file called out.tmp and read's from a file called in.tmp. You must use the password secret06 Examples ncp-aes 4322 secret06 myfile.dat whisper:out.tmp ncp-aes 4322 secret06 whisper:in.tmp my.tmp Note: the user_authenticator and msg_authenticator should be valid from the server on whisper, so check your logic/coding if you are getting error codes (not OK) back from the server. For your own testing, you may wish to modify ncpd.c to work with your client, but the server program will not be graded. Your client program must work with the server on whisper.cs.utk.edu Don't forget to add required comments to your source code. Remember that encryption software is subject to export restrictions. See the class policy page. Place your ANSWERS and source files, Makefile, etc. in a directory and use 594cns_submit to submit your results to the TA.