Network Security Lab Experiments and Programming

Shri Rawatpura Sarkar Institute Of Technology-II, New Raipur
CHHATTISGARH SWAMI VIVEKANAND TECHNICAL UNIVERSITY,
BHILAI (C.G.)
Semester: VIII Branch: Computer Science & Engg.
Subject: Network Securities Lab Practical Code: 322822 (22)
Total Practical Periods: 40
Total Marks in End Semester Exam: 40.
List of Experiments to be performed:
1. Networking Security Programming with TCP/IP for Application layer, Transport layer,
Network layer, Datalink layer protocols.
2. Socket Security Programming for address structures, byte manipulation & address
conversion functions, elementary socket system calls.
3. APIs security Programming for windows socket API, window socket & blocking I/O
model, blocking sockets, blocking functions, timeouts for blocking I/O.
4. Web Security Programming for firewall and others.
5. Web databases security programming.
6. Component Security Programming for CORBA.
7. CGI Security programming and Firewall
8. Programming for Cryptography and Digital Signature.
9. Java network Security programming.
10. Client Server Security Programming.
Recommended Books:-
1. Steven.W.R: UNIX Network Programming, PHI (VOL I& II)
2. Window Socket Programming by Bobb Quinn and Dave Schutes
3. Davis.R.: Windows Network Programming, Addison Wesley
CSE/8th
/NS Lab/Prepared by Vivek Kumar Sinha

EXPERIMENT NO. 01
Aim: Networking Security Programming with TCP/IP for Application layer,
Transport layer, Network layer, Datalink layer protocols
Program:-
import java.io.*;
public class
{
public static void main(String args[])
{
int sd[MAX_SOCKS]; /* one per TCP/IPv6, UDP/IPv6, TCP/IP, UDP/IP */
char *port, *addr = NULL;
struct addrinfo *res, hints;
port = argv[1]; /* port number as a string – must not be NULL */
if(argc == 3) addr = argv[2]; /* hostname – NULL implies ANY address */
memset(&hints, '0', sizeof(hints));
hints.ai_flags = AI_PASSIVE; /* if usrreq.addr NULL, sets sockaddr to ANY */
err = getaddrinfo(usrreq.addr, usrreq.port, &hints, &res);
if(err) { if(err == EAI_SYSTEM) perror("getaddrinfo");
else printf("getaddrinfo error %d - %s", err, gai_strerror(err)); return 1;
}
i = 0;
for(aip = res; aip; aip = aip->ai_next)
{
if(aip->ai_family != AF_INET && aip->ai_family != AF_INET6) continue; /*
create a socket for this protocol */
sd[i] = socket(res->ai_family, res->ai_socktype, res->ai_protocol); if(sd[i] < 0)
{perror("socket");
return sd[i];
}
CSE/8th

err = socket_options(sd[i], aip); /* set SO_REUSEADDR, SO_REUSPORT etc. */
if(err == -1) {perror("socket_options");
return 1;
}
err = bind(sd[i], res->ai_addr, res->ai_addrlen);
if(err == -1) {perror("bind"); return 1;
} /** perform other per-socket work here – e.g. maybe create threads etc **/
if(i == NUM_ELT(sd)) {printf("Insufficient socket elementsn");
break;
}
i++;
}
CSE/8th

EXPERIMENT NO. 02
Aim: Socket Security Programming for address structures, byte manipulation &
address conversion functions, elementary socket system calls.
Program:-
import java.net.*;
public class host
{
socket address structure:
sockaddr_instruct in_addr
{
in_addr_t s_addr; /* 32-bit IPv4 address */ /* network byte ordered */
};
struct sockaddr_in { uint8_t sin_len; /* length of structure (16) */
sa_family_t sin_family; /* AF_INET */
in_port_t sin_port; /* 16-bit TCP or UDP port number */ /* network byte ordered */
struct in_addr sin_addr; /* 32-bit IPv4 address */ /* network byte ordered */ char
sin_zero[8]; /* unused */
};
int main(int argc, char *argv[])
{
int sockfd, numbytes;
char buf[MAXDATASIZE];
struct addrinfo hints, *servinfo, *p;
int rv;
char s[INET6_ADDRSTRLEN];
if (argc != 2) {
fprintf(stderr,"usage: client hostnamen");
exit(1);
}
CSE/8th

memset(&hints, 0, sizeof hints);
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
if ((rv = getaddrinfo(argv[1], PORT, &hints, &servinfo)) != 0) {
fprintf(stderr, "getaddrinfo: %sn", gai_strerror(rv));
return 1;
}
// loop through all the results and connect to the first we can
for(p = servinfo; p != NULL; p = p->ai_next) {
if ((sockfd = socket(p->ai_family, p->ai_socktype,
p->ai_protocol)) == -1) {
perror("client: socket");
continue;
}
if (connect(sockfd, p->ai_addr, p->ai_addrlen) == -1) {
close(sockfd);
perror("client: connect");
continue;
}
CSE/8th

EXPERIMENT NO. 03
Aim : APIs security Programming for windows socket API, window socket &
blocking I/O model, blocking sockets, blocking functions, timeouts for blocking I/O.
Program:-
import java.net.*;
public class test
{
{
// Create a non-blocking socket and check for connections
try {
// Create a non-blocking socket channel on port 8080
SocketChannel sChannel = createSocketChannel("www.xxx", 8080);
// Before the socket is usable, the connection must be completed
// by calling finishConnect(), which is non-blocking
while (!sChannel.finishConnect()) {
// Do something else
System.out.println("wonderful");
}
// Socket channel is now ready to use
}
catch (IOException e) {
}
}
// Creates a non-blocking socket channel for the specified host name and port.
// connect() is called on the new channel before it is returned.
public static SocketChannel createSocketChannel(String hostName, int port) throws
IOException
{
// Create a non-blocking socket channel
SocketChannel sChannel = SocketChannel.open();
sChannel.configureBlocking(false);
// Send a connection request to the server; this method is non-blocking
sChannel.connect(new InetSocketAddress(hostName, port));
return sChannel;
}
}
CSE/8th

EXPERIMENT NO. 04
Aim: Web Security Programming for firewall and others.
Program:-
import java.net.*;
import java.io.*;
public class
{
{
try
{
BufferedReader br=new BufferedReader(new
InputStreamReader(System.in));
ServerSocket ss=new ServerSocket(2345);
Socket skt=ss.accept( );
BufferedReader skt_in=new BufferedReader(new
InputStreamReader(skt.getInputStream( )));
PrintStream skt_out=new PrintStream(skt.getOutputStream( ));
while(true)
{
System.out.println(skt_in.readLine( ));
skt_out.println(“What is your name”);
yourname=skt_in.readLine( );
System.out.println(yourname);
String s=skt_in.readLine( );
System.out.println(s);
String myname=br.readLine( );
skt_out.println(myname);
break;
}
while(true)
{
String recv=skt_in.readLine( );
System.out.println(yourname+”:”+recv);
String send=br.readLine( );
skt_out.println(send);
}
}
catch(Exception e)
{
System.out.println(“Exception :”+e);
} }
CSE/8th

import java.net.*;
import java.io.*;
public class ChatClient
{
{
try
{
BufferedReader br=new BufferedReader(new
InputStreamReader(System.in));
Socket skt=new Socket(“rungtaibm”,2345);
BufferedReader skt_in=new BufferedReader(new
InputStreamReader(skt.getInputStream( )));
PrintStream skt_out=new PrintStream(skt.getOutputStream( ));
while(true)
{
skt_out.println(“hello can I connect”);
skt_out.println(skt_in.readLine( ));
String myname=br.readLine( );
skt_out.println(myname);
skt_out.println(“What is yours”);
String yourname=skt_in.readLine( );
System.out.println(yourname);
break;
}
while(true)
{
String send=br.readLine( );
skt_out.println(send);
String recv=skt_in.readLine( );
System.out.println(yourname +”:”+recv);
}
}
catch(Exception e)
{
System.out.println(“Exception :”+e);
}
}
}
CSE/8th

EXPERIMENT NO. 05
Aim: Component Security Programming for CORBA.
Program:-
package cs652.corba.server;
import org.omg.CosNaming.*;
import org.omg.CosNaming.NamingContextPackage.*;
import org.omg.CORBA.*;
import org.omg.PortableServer.*;
public class HelloWorldServer {
public static void main(String[] args) {
try{
// create and initialize the ORB
ORB orb = ORB.init(args, null);
// get reference to rootpoa & activate the POAManager
POA rootpoa =
POAHelper.narrow(orb.resolve_initial_references("RootPOA"));
rootpoa.the_POAManager().activate();
// create servant and get the CORBA reference of it
HelloWorldServiceImpl helloWorldImpl = new HelloWorldServiceImpl();
org.omg.CORBA.Object ref =
rootpoa.servant_to_reference(helloWorldImpl);
HelloWorldService helloWorldService =
HelloWorldServiceHelper.narrow(ref);
// get the root naming context and narrow it to the NamingContextExt object
org.omg.CORBA.Object objRef =
orb.resolve_initial_references("NameService");
NamingContextExt ncRef = NamingContextExtHelper.narrow(objRef);
// bind the Object Reference in Naming
NameComponent path[] = ncRef.to_name("HelloWorldService");
ncRef.rebind(path, helloWorldService);
// wait for invocations from clients
orb.run();
} catch (Exception e) {}
}
}
CSE/8th

EXPERIMENT NO. 06
Aim: Programming for Cryptography and Digital Signature.
Program:-
PublicKeyCryptography
import java.security.*;
import java.security.cert.*;
import javax.crypto.*;
import sun.misc.BASE64Encoder;
import sun.misc.BASE64Decoder;
public class PublicKeyCryptography {
SymmetricEncrypt encryptUtil = new SymmetricEncrypt();
String strDataToEncrypt = "Hello World";
byte[] byteDataToTransmit = strDataToEncrypt.getBytes();
// Generating a SecretKey for Symmetric Encryption
SecretKey senderSecretKey = SymmetricEncrypt.getSecret();
//1. Encrypt the data using a Symmetric Key
byte[] byteCipherText =
encryptUtil.encryptData(byteDataToTransmit,senderSecretKey,"AES");
String strCipherText = new BASE64Encoder().encode(byteCipherText);
//2. Encrypt the Symmetric key using the Receivers public key
try{
// 2.1 Specify the Keystore where the Receivers certificate has been
imported
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
char [] password = "testpwd".toCharArray();
java.io.FileInputStream fis = new
java.io.FileInputStream("/home/Joebi/workspace/OWASP_Crypto/org/owasp/crypto/test
keystore.ks");
ks.load(fis, password);
fis.close();
// 2.2 Creating an X509 Certificate of the Receiver
X509Certificate recvcert ;
CSE/8th

MessageDigest md = MessageDigest.getInstance("MD5");
recvcert = (X509Certificate)ks.getCertificate("testrecv");
// 2.3 Getting the Receivers public Key from the Certificate
PublicKey pubKeyReceiver = recvcert.getPublicKey();
// 2.4 Encrypting the SecretKey with the Receivers public Key
byte[] byteEncryptWithPublicKey =
encryptUtil.encryptData(senderSecretKey.getEncoded(),pubKeyReceiver,"RSA/ECB/PK
CS1Padding");
String strSenbyteEncryptWithPublicKey = new
BASE64Encoder().encode(byteEncryptWithPublicKey);
// 3. Create a Message Digest of the Data to be transmitted
md.update(byteDataToTransmit);
byte byteMDofDataToTransmit[] = md.digest();
String strMDofDataToTransmit = new String();
for (int i = 0; i < byteMDofDataToTransmit.length; i++){
strMDofDataToTransmit = strMDofDataToTransmit +
Integer.toHexString((int)byteMDofDataToTransmit[i] & 0xFF) ;
}
// 3.1 Message to be Signed = Encrypted Secret Key + MAC of the data to be
transmitted
String strMsgToSign = strSenbyteEncryptWithPublicKey + "|" +
strMDofDataToTransmit;
// 4. Sign the message
// 4.1 Get the private key of the Sender from the keystore by providing the password
set for the private key while creating the keys using keytool
char[] keypassword = "send123".toCharArray();
Key myKey = ks.getKey("testsender", keypassword);
PrivateKey myPrivateKey = (PrivateKey)myKey;
// 4.2 Sign the message
Signature mySign = Signature.getInstance("MD5withRSA");
mySign.initSign(myPrivateKey);
mySign.update(strMsgToSign.getBytes());
byte[] byteSignedData = mySign.sign();
// 5. The Values byteSignedData (the signature) and strMsgToSign (the data
which was signed) can be sent across to the receiver
// 6.Validate the Signature
// 6.1 Extracting the Senders public Key from his certificate
X509Certificate sendercert ;
CSE/8th

sendercert = (X509Certificate)ks.getCertificate("testsender");
PublicKey pubKeySender = sendercert.getPublicKey();
// 6.2 Verifying the Signature
Signature myVerifySign = Signature.getInstance("MD5withRSA");
myVerifySign.initVerify(pubKeySender);
myVerifySign.update(strMsgToSign.getBytes());
boolean verifySign = myVerifySign.verify(byteSignedData);
if (verifySign == false)
{
System.out.println(" Error in validating Signature ");
}
else
System.out.println(" Successfully validated Signature ");
// 7. Decrypt the message using Recv private Key to get the Symmetric Key
char[] recvpassword = "recv123".toCharArray();
Key recvKey = ks.getKey("testrecv", recvpassword);
PrivateKey recvPrivateKey = (PrivateKey)recvKey;
// Parsing the MessageDigest and the encrypted value
String strRecvSignedData = new String (byteSignedData);
String[] strRecvSignedDataArray = new String [10];
strRecvSignedDataArray = strMsgToSign.split("|");
int intindexofsep = strMsgToSign.indexOf("|");
String strEncryptWithPublicKey = strMsgToSign.substring(0,intindexofsep);
String strHashOfData = strMsgToSign.substring(intindexofsep+1);
// Decrypting to get the symmetric key
byte[] bytestrEncryptWithPublicKey = new
BASE64Decoder().decodeBuffer(strEncryptWithPublicKey);
byte[] byteDecryptWithPrivateKey =
encryptUtil.decryptData(byteEncryptWithPublicKey,recvPrivateKey,"RSA/ECB/PKCS1
Padding");
// 8. Decrypt the data using the Symmetric Key
javax.crypto.spec.SecretKeySpec secretKeySpecDecrypted = new
javax.crypto.spec.SecretKeySpec(byteDecryptWithPrivateKey,"AES");
byte[] byteDecryptText =
encryptUtil.decryptData(byteCipherText,secretKeySpecDecrypted,"AES");
String strDecryptedText = new String(byteDecryptText);
System.out.println(" Decrypted data is " +strDecryptedText);
// 9. Compute MessageDigest of data + Signed message
MessageDigest recvmd = MessageDigest.getInstance("MD5");
CSE/8th

recvmd.update(byteDecryptText);
byte byteHashOfRecvSignedData[] = recvmd.digest();
String strHashOfRecvSignedData = new String();
for (int i = 0; i < byteHashOfRecvSignedData.length; i++){
strHashOfRecvSignedData = strHashOfRecvSignedData +
Integer.toHexString((int)byteHashOfRecvSignedData[i] & 0xFF) ;
}
// 10. Validate if the Message Digest of the Decrypted Text matches the
Message Digest of the Original Message
if (!strHashOfRecvSignedData.equals(strHashOfData))
{
System.out.println(" Message has been tampered ");
}
}
catch(Exception exp)
{
System.out.println(" Exception caught " + exp);
exp.printStackTrace()
CSE/8th

EXPERIMENT NO. 07
Aim : Java network Security programming.
Program:-
SymmetricEncrypt
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.Cipher;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.InvalidKeyException;
import java.security.InvalidAlgorithmParameterException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import sun.misc.BASE64Encoder;
public class SymmetricEncrypt {
String strDataToEncrypt = new String();
String strCipherText = new String();
String strDecryptedText = new String();
static KeyGenerator keyGen;
private static String strHexVal = "0123456789abcdef";
public static SecretKey getSecret(){
try{
keyGen = KeyGenerator.getInstance("AES");
keyGen.init(128);
}
catch(Exception exp)
{
System.out.println(" Exception inside constructor "
+exp);
}
CSE/8th

SecretKey secretKey = keyGen.generateKey();
return secretKey;
}
/**
* Step2. Create a Cipher by specifying the following parameters
* a. Algorithm name - here it is AES
*/
public byte[] encryptData(byte[] byteDataToEncrypt, Key secretKey,
String Algorithm) {
byte[] byteCipherText = new byte[200];
try {
Cipher aesCipher = Cipher.getInstance(Algorithm);
/**
* Step 3. Initialize the Cipher for Encryption
*/
if(Algorithm.equals("AES")){
aesCipher.init(Cipher.ENCRYPT_MODE,secretKey,aesCipher.getParameters());
}
else
if(Algorithm.equals("RSA/ECB/PKCS1Padding")){
aesCipher.init(Cipher.ENCRYPT_MODE,secretKey);
}
byteCipherText = aesCipher.doFinal(byteDataToEncrypt);
strCipherText = new BASE64Encoder().encode(byteCipherText);
}
catch (NoSuchAlgorithmException noSuchAlgo)
{
System.out.println(" No Such Algorithm exists " +
noSuchAlgo);
}
catch (NoSuchPaddingException noSuchPad)
{
CSE/8th

System.out.println(" No Such Padding
exists " + noSuchPad);
}
catch (InvalidKeyException invalidKey)
{
System.out.println(" Invalid
Key " + invalidKey);
}
catch (BadPaddingException
badPadding)
{
System.out.println(" Bad
Padding " + badPadding);
}
catch (IllegalBlockSizeException
illegalBlockSize)
{
System.out.println(" Illegal
Block Size " + illegalBlockSize);
illegalBlockSize.printStackTrace();
}
catch (Exception exp)
{
exp.printStackTrace();
}
return byteCipherText;
}
public byte[] decryptData(byte[] byteCipherText, Key secretKey,
String Algorithm) {
byte[] byteDecryptedText = new byte[200];
try{
Cipher aesCipher = Cipher.getInstance(Algorithm);
if(Algorithm.equals("AES")){
aesCipher.init(Cipher.DECRYPT_MODE,secretKey,aesCipher.getParameters());
}
else if(Algorithm.equals("RSA/ECB/PKCS1Padding")){
CSE/8th

aesCipher.init(Cipher.DECRYPT_MODE,secretKey);
}
byteDecryptedText = aesCipher.doFinal(byteCipherText);
strDecryptedText = new String(byteDecryptedText);
}
catch (NoSuchAlgorithmException noSuchAlgo)
{
System.out.println(" No Such Algorithm exists " +
noSuchAlgo);
}
catch (NoSuchPaddingException noSuchPad)
{
System.out.println(" No Such Padding exists " +
noSuchPad);
}
catch (InvalidKeyException invalidKey)
{
System.out.println(" Invalid Key " +
invalidKey);
invalidKey.printStackTrace();
}
catch (BadPaddingException badPadding)
{
System.out.println(" Bad Padding " +
badPadding);
badPadding.printStackTrace();
}
catch (IllegalBlockSizeException illegalBlockSize)
{
System.out.println(" Illegal Block Size "
+ illegalBlockSize);
illegalBlockSize.printStackTrace();
}
catch (InvalidAlgorithmParameterException
invalidParam)
{
System.out.println(" Invalid Parameter "
+ invalidParam);
}
CSE/8th

return byteDecryptedText;
}
public static byte[] convertStringToByteArray(String strInput) {
strInput = strInput.toLowerCase();
byte[] byteConverted = new byte[(strInput.length() + 1) / 2];
int j = 0;
int interimVal;
int nibble = -1;
for (int i = 0; i < strInput.length(); ++i) {
interimVal =
strHexVal.indexOf(strInput.charAt(i));
if (interimVal >= 0) {
if (nibble < 0) {
nibble = interimVal;
} else {
byteConverted[j++] = (byte)
((nibble << 4) + interimVal);
nibble = -1;
}
}
}
if (nibble >= 0) {
byteConverted[j++] = (byte) (nibble << 4);
}
if (j < byteConverted.length) {
byte[] byteTemp = new byte[j];
System.arraycopy(byteConverted, 0, byteTemp, 0,
j);
byteConverted = byteTemp;
}
return byteConverted;
}
public static String convertByteArrayToString(byte[] block) {
StringBuffer buf = new StringBuffer();
for (int i = 0; i < block.length; ++i) {
buf.append(strHexVal.charAt((block[i] >>> 4) &
0xf));
buf.append(strHexVal.charAt(block[i] & 0xf));
}
return buf.toString();
}
CSE/8th

EXPERIMENT NO. 08
Aim: Client Server Security Connection programming.
Program:-
class Main
{
new TCPServer().start();
new TCPClient().start();
}
}
class TCPClient extends Thread {
// Connection properties
private static final String HOST = "127.0.0.1";
private static final int PORT = 56565;
public void run() {
// Socket class used for TCP connections
Socket sock = null;
// I/O components
BufferedReader input = null;
BufferedWriter output = null;
try {
// Connect our socket to the server.
sock = new Socket(HOST, PORT);
// Use a BufferedReader to read data from the server.
input = new BufferedReader(new InputStreamReader(sock.getInputStream()));
// Use a BufferedWriter to send data to the server.
output = new BufferedWriter(new OutputStreamWriter(sock.getOutputStream()));
// Send some data to the server.
String toServer = "Are you there, Server?";
System.out.println("ToServer: " + toServer);
output.write(toServer);
output.newLine();
output.flush();
// Wait for a response from the server and display it.
CSE/8th

String fromServer = input.readLine();
System.out.println("FromServer: " + fromServer);
} catch (final IOException ex) {
} finally {
// Do our best to ensure a clean close procedure.
// Closing the socket will also close input and output.
try {
if (sock != null) {
sock.close();
}
}
}
}
}
class TCPServer extends Thread {
// Connection properties
private static final int PORT = 56565;
public void run() {
// ServerSocket class used to accept TCP connections
ServerSocket server = null;
Socket sock = null;
// I/O components
BufferedReader input = null;
BufferedWriter output = null;
try {
// Create our server on the given port.
server = new ServerSocket(PORT);
// Wait for a client to connect to us.
sock = server.accept();
// Use a BufferedReader to read data from the client.
input = new BufferedReader(new InputStreamReader(sock.getInputStream()));
// Use a BufferedWriter to send data to the client.
output = new BufferedWriter(new OutputStreamWriter(sock.getOutputStream()));
// Wait for the client to talk to us.
String fromClient = input.readLine();
CSE/8th

System.out.println("FromClient: " + fromClient);
// Send them a response.
String toClient = "Yes, I'm here, Client.";
System.out.println("ToClient: " + toClient);
output.write(toClient);
output.newLine();
output.flush();
} finally {
// Do our best to ensure a clean close procedure.
// Closing the socket will also close input and output.
try {
if (sock != null) {
sock.close();
}
}
// Close the server socket, as well.
try {
if (server != null) {
server.close();
}
}
}
}
}
CSE/8th

CSE/8th

Network Security Lab Experiments and Programming

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (8)

Similar to Network Security Lab Experiments and Programming

Similar to Network Security Lab Experiments and Programming (20)

More from Vivek Kumar Sinha

More from Vivek Kumar Sinha (20)

Recently uploaded

Recently uploaded (20)

Network Security Lab Experiments and Programming