0

I am writing a simple free software to encode and decode bash script, mainly.

The goal is to obtain executable script files where nobody can read the source code inside, root and the owner included. To encode/decode files I choice to use gcrypt library with 3DES algorithm. But unfortunately, the only available documentation is for who already use the library (eg. reference guide).

You can find my code at the following address: wScriptObfuscator.c

At the moment I am stopped at the first of the two step: encode the script file. You can read the core of this step in the following code lines:

char secKey[(WSO_KEYSIZE + 1)];
char inVector[(WSO_KEYSIZE + 1)];

memcpy(secKey, WSO_SYMKEY, WSO_KEYSIZE);
secKey[WSO_KEYSIZE] = '\0';
memcpy(inVector, WSO_INIVECTOR, WSO_KEYSIZE);
inVector[WSO_KEYSIZE] = '\0';
#if __DEBUG__ > 0
printf("Key:    %s\nVector: %s\n", secKey, inVector);
#endif

resData = malloc(st.st_size + sizeof(char));

// End initialization process
gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);

// This function creates the context handle required for most of the other cipher functions
if (gcry_cipher_open(&hd, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_ECB, 0) == GPG_ERR_NO_ERROR) {

  // Set the key used for encryption or decryption operations
  if (gcry_cipher_setkey(hd, secKey, gcry_cipher_get_algo_keylen(GCRY_CIPHER_3DES)) == GPG_ERR_NO_ERROR) {

    // Set the initialization vector used for encryption or decryption
    if (gcry_cipher_setiv(hd, inVector, WSO_KEYSIZE) == GPG_ERR_NO_ERROR) {

      // Encription
      if (
        gcry_cipher_encrypt(
          hd,
          resData, (st.st_size + sizeof(char)),
          data, (st.st_size + sizeof(char))
        ) == GPG_ERR_NO_ERROR
        ) {

        // Encripted data saving...
        fd = open(sFileName, O_WRONLY);
        idx = 0;
        t = 1;
        if (fd > 0) {
          while (idx < st.st_size && t > 0) {
            t = write(fd, (data + idx), (st.st_size - idx));
            if (t > 0) idx = idx + t;
          }
        }
        close(fd);

      }
      else {
        fprintf(stderr, "ERROR! Encription procedure failed\n");
        err = WSO_ERROR_ENCRIPTFAILURE;
      }
    }
    else {
      fprintf(stderr, "ERROR! gcry_cipher_setiv() failed\n");
      err = WSO_ERROR_ENCRIPTFAILURE;
    }
  }
  else {
    fprintf(stderr, "ERROR! Key initialization failed\n");
    err = WSO_ERROR_ENCRIPTFAILURE;
  }

  gcry_cipher_close(hd);

}
else {
  fprintf(stderr, "ERROR! Encripted channel opening procedure failed\n");
  err = WSO_ERROR_ENCRIPTFAILURE;
}

if (resData != NULL) free(resData);

Everything looks like fine but not the last encoder process function gcry_cipher_encrypt(). It is very strange because it requires the well initialized gcry_cipher_hd_t structure, an encoded data buffer, its size, a source data buffer, its size, that is all. It looks like easy.... but is does not work.

Unfortunately, I have not found a documentation about the returned error codes.

You can download the code also by sourceforge :

svn checkout https://svn.code.sf.net/p/linuxwoodo/code/trunk linuxwoodo-code

The wScriptObfuscator.c file is in the following folder: trunk/prj__wScriptObfuscator/b1/src

Jabberwocky
  • 48,281
  • 17
  • 65
  • 115
Silvano
  • 1
  • 1
  • I have changed algorithm to AES, and I have added the error code evaluation. – Silvano Feb 01 '17 at 16:21
  • [src]$ ./wScriptObfuscator test.sh File size: 34 File type: Bourne/BASH script Key: sckDLVW!.V!FLVNA Vector: 171298ey39r8y2de Src size: 34 Res size: 48 *** ERROR! FILE="wScriptObfuscator.c"; LINE=231; PID=1066 *** gcrypt(): Invalid length – Silvano Feb 01 '17 at 16:23
  • This is what I get: [src]$ ./wScriptObfuscator test.sh File size: 34 File type: Bourne/BASH script Key: sckDLVW!.V!FLVNA Vector: 171298ey39r8y2de Src size: 34 Res size: 48 *** ERROR! FILE="wScriptObfuscator.c"; LINE=231; PID=1066 *** gcrypt(): Invalid length – Silvano Feb 01 '17 at 16:24

0 Answers0