LD_PRELOAD環境変数を使ったライブラリ関数フックにより、OpenSSLの暗号化処理を覗くコードを書いてみる。
環境
Ubuntu 14.04.4 LTS 64bit版
$ uname -a Linux vm-ubuntu64 3.19.0-25-generic #26~14.04.1-Ubuntu SMP Fri Jul 24 21:16:20 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux $ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 14.04.4 LTS Release: 14.04 Codename: trusty $ gcc --version gcc (Ubuntu 4.8.4-2ubuntu1~14.04.1) 4.8.4
フックする共有ライブラリを作ってみる
OpenSSLの暗号化処理に関連する関数をフックする共有ライブラリのコードを書くと次のようになる。
/* hook_openssl.c */
/* for dlsym(3) */
#define _GNU_SOURCE
#include <dlfcn.h>
#include <stdio.h>
static int (*orig_EVP_EncryptUpdate)(void *ctx, unsigned char *out, int *outl, unsigned char *in, int inl);
static int (*orig_EVP_DecryptUpdate)(void *ctx, unsigned char *out, int *outl, unsigned char *in, int inl);
static int (*orig_EVP_DecryptFinal_ex)(void *ctx, unsigned char *outm, int *outl);
static int (*orig_SSL_write)(void *ssl, const void *buf, int num);
static int (*orig_SSL_read)(void *ssl, void *buf, int num);
static void __attribute__((constructor))
init()
{
orig_EVP_EncryptUpdate = dlsym(RTLD_NEXT, "EVP_EncryptUpdate");
orig_EVP_DecryptUpdate = dlsym(RTLD_NEXT, "EVP_DecryptUpdate");
orig_EVP_DecryptFinal_ex = dlsym(RTLD_NEXT, "EVP_DecryptFinal_ex");
orig_SSL_write = dlsym(RTLD_NEXT, "SSL_write");
orig_SSL_read = dlsym(RTLD_NEXT, "SSL_read");
}
void log_stderr(char *funcname, const char *buf, int len)
{
fprintf(stderr, "[%s] ", funcname);
fwrite(buf, len, 1, stderr);
fprintf(stderr, "\n");
}
int EVP_EncryptUpdate(void *ctx, unsigned char *out, int *outl, unsigned char *in, int inl)
{
log_stderr("EVP_EncryptUpdate", in, inl);
return (*orig_EVP_EncryptUpdate)(ctx, out, outl, in, inl);
}
int EVP_DecryptUpdate(void *ctx, unsigned char *out, int *outl, unsigned char *in, int inl)
{
int ret = (*orig_EVP_DecryptUpdate)(ctx, out, outl, in, inl);
log_stderr("EVP_DecryptUpdate", out, *outl);
return ret;
}
int EVP_DecryptFinal_ex(void *ctx, unsigned char *outm, int *outl)
{
int ret = (*orig_EVP_DecryptFinal_ex)(ctx, outm, outl);
log_stderr("EVP_DecryptFinal_ex", outm, *outl);
return ret;
}
int SSL_write(void *ssl, const void *buf, int num)
{
log_stderr("SSL_write", buf, num);
return (*orig_SSL_write)(ssl, buf, num);
}
int SSL_read(void *ssl, void *buf, int num)
{
int ret = (*orig_SSL_read)(ssl, buf, num);
log_stderr("SSL_read", buf, num);
return ret;
}
ここで、EVP系の関数は一般の暗号化処理、SSL系の関数はSSLの暗号化処理に使われる関数である。
コンパイルして共有ライブラリを作り、curlコマンドにLD_PRELOADで共有ライブラリを読み込ませると次のようになる。
$ gcc -fPIC -shared hook_openssl.c -o hook_openssl.so
$ LD_PRELOAD=./hook_openssl.so curl -s https://www.example.com/ >/dev/null
[SSL_write] GET / HTTP/1.1
User-Agent: curl/7.35.0
Host: www.example.com
Accept: */*
[SSL_read] HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=604800
Content-Type: text/html
Date: Mon, 14 Mar 2016 06:23:20 GMT
Etag: "359670651"
Expires: Mon, 21 Mar 2016 06:23:20 GMT
Last-Modified: Fri, 09 Aug 2013 23:54:35 GMT
Server: ECS (cpm/F845)
Vary: Accept-Encoding
X-Cache: HIT
x-ec-custom-error: 1
Content-Length: 1270
[SSL_read] <!doctype html>
<html>
<head>
(snip)
</head>
<body>
<div>
<h1>Example Domain</h1>
<p>This domain is established to be used for illustrative examples in documents. You may use this
domain in examples without prior coordination or asking for permission.</p>
<p><a href="http://www.iana.org/domains/example">More information...</a></p>
</div>
</body>
</html>
上の結果から、暗号化前および復号後のHTTPS通信の内容を取得できていることが確認できる。
一般の暗号化処理について調べてみる
上の例はSSLの暗号化処理であったが、一般の暗号化処理についても内容を取得できるか確認してみる。
まず、OpenSSLの開発用ライブラリをインストールする。
$ sudo apt-get install libssl-dev
下のページを参考に暗号化処理を行うテストコードを書くと次のようになる。
/* test.c */
#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <string.h>
int main (void)
{
/* Set up the key and iv. Do I need to say to not hard code these in a
* real application? :-)
*/
/* A 256 bit key */
unsigned char *key = (unsigned char *)"01234567890123456789012345678901";
/* A 128 bit IV */
unsigned char *iv = (unsigned char *)"01234567890123456";
/* Message to be encrypted */
unsigned char *plaintext =
(unsigned char *)"The quick brown fox jumps over the lazy dog";
/* Buffer for ciphertext. Ensure the buffer is long enough for the
* ciphertext which may be longer than the plaintext, dependant on the
* algorithm and mode
*/
unsigned char ciphertext[128];
/* Buffer for the decrypted text */
unsigned char decryptedtext[128];
int decryptedtext_len, ciphertext_len;
/* Initialise the library */
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
OPENSSL_config(NULL);
/* Encrypt the plaintext */
ciphertext_len = encrypt (plaintext, strlen ((char *)plaintext), key, iv,
ciphertext);
/* Do something useful with the ciphertext here */
printf("Ciphertext is:\n");
BIO_dump_fp (stdout, (const char *)ciphertext, ciphertext_len);
/* Decrypt the ciphertext */
decryptedtext_len = decrypt(ciphertext, ciphertext_len, key, iv,
decryptedtext);
/* Add a NULL terminator. We are expecting printable text */
decryptedtext[decryptedtext_len] = '\0';
/* Show the decrypted text */
printf("Decrypted text is:\n");
printf("%s\n", decryptedtext);
/* Clean up */
EVP_cleanup();
ERR_free_strings();
return 0;
}
void handleErrors(void)
{
ERR_print_errors_fp(stderr);
abort();
}
int encrypt(unsigned char *plaintext, int plaintext_len, unsigned char *key,
unsigned char *iv, unsigned char *ciphertext)
{
EVP_CIPHER_CTX *ctx;
int len;
int ciphertext_len;
/* Create and initialise the context */
if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors();
/* Initialise the encryption operation. IMPORTANT - ensure you use a key
* and IV size appropriate for your cipher
* In this example we are using 256 bit AES (i.e. a 256 bit key). The
* IV size for *most* modes is the same as the block size. For AES this
* is 128 bits */
if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv))
handleErrors();
/* Provide the message to be encrypted, and obtain the encrypted output.
* EVP_EncryptUpdate can be called multiple times if necessary
*/
if(1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len))
handleErrors();
ciphertext_len = len;
/* Finalise the encryption. Further ciphertext bytes may be written at
* this stage.
*/
if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len)) handleErrors();
ciphertext_len += len;
/* Clean up */
EVP_CIPHER_CTX_free(ctx);
return ciphertext_len;
}
int decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *key,
unsigned char *iv, unsigned char *plaintext)
{
EVP_CIPHER_CTX *ctx;
int len;
int plaintext_len;
/* Create and initialise the context */
if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors();
/* Initialise the decryption operation. IMPORTANT - ensure you use a key
* and IV size appropriate for your cipher
* In this example we are using 256 bit AES (i.e. a 256 bit key). The
* IV size for *most* modes is the same as the block size. For AES this
* is 128 bits */
if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv))
handleErrors();
/* Provide the message to be decrypted, and obtain the plaintext output.
* EVP_DecryptUpdate can be called multiple times if necessary
*/
if(1 != EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len))
handleErrors();
plaintext_len = len;
/* Finalise the decryption. Further plaintext bytes may be written at
* this stage.
*/
if(1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len)) handleErrors();
plaintext_len += len;
/* Clean up */
EVP_CIPHER_CTX_free(ctx);
return plaintext_len;
}
テストコードをコンパイルし、LD_PRELOADで共有ライブラリを読み込ませた上で実行してみる。
$ gcc test.c -o test -lcrypto $ LD_PRELOAD=./hook_openssl.so ./test [EVP_EncryptUpdate] The quick brown fox jumps over the lazy dog Ciphertext is: 0000 - e0 6f 63 a7 11 e8 b7 aa-9f 94 40 10 7d 46 80 a1 .oc.......@.}F.. 0010 - 17 99 43 80 ea 31 d2 a2-99 b9 53 02 d4 39 b9 70 ..C..1....S..9.p 0020 - 2c 8e 65 a9 92 36 ec 92-07 04 91 5c f1 a9 8a 44 ,.e..6.....\...D [EVP_DecryptUpdate] The quick brown fox jumps over t [EVP_DecryptFinal_ex] he lazy dog Decrypted text is: The quick brown fox jumps over the lazy dog
上の結果から、一般の暗号化処理についても、暗号化前および復号後のメッセージの内容が取得できていることが確認できる。
