Skip to content
/ scypo-Bachelor.SE00SP-AE_CQ2022-22 Public template

This repos is the source code and document repository of group 07 project, Application Encryption course CQ2022/22, University of Science, VNU-HCM, Vietnam

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

zjqingzun/scypo-Bachelor.SE00SP-AE_CQ2022-22

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

62 Commits
.vscode
.vscode
 
 
config
config
 
 
docs
docs
 
 
include
include
 
 
logs
logs
 
 
scripts
scripts
 
 
src
src
 
 
.gitignore
.gitignore
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 

Repository files navigation

NETEM - Network Authentication System

Introduction

Built a NAC authentication system using EAP-TTLS (802.1X), employing SSL/TLS, SHA-256 and digital certificates to establish a secure tunnel and eliminate the need for inner authentication methods like PAP/MSCHAPv2.

Scale: 5 members
Programming Language: C/C++
Tools and Platform: OpenSSL, Winsock2, Windows (optional cross-platform)

Setup Environment

Optional 1: SET UP VIRTUAL MACHINE

Optional 2: SET UP MSYS2 MINGW64

Verify all development tools installation:

  1. Verify GCC compiler:
gcc --version
  1. Verify Git:
git --version
  1. Verify OpenSSL:
openssl version
  1. Verify Make:
make --version

msys2-verify

Usage

Clone the project source code repository

git clone https://github.com/zjqingzun/scypo-Bachelor.SE00SP-AE_CQ2022-22.git

Run the program

Compile the entire program

make clean
make all

Important Note: The server must be started before running the supplicant. The supplicant will fail to connect if the server is not running.

Important Note: You should run server and supplicant in 2 different terminal

1. Using Shell Script

Grant Perrmision

chmod +x ./scripts/grant.sh
./scripts/grant.sh

[Optional] Setup Environment

./scripts/setup.sh

Run the Server

./scripts/server.sh

Run the Supplicant

./scripts/supplicant.sh

Default Credentials for Testing Supplicant

  • Username: usertest
  • Password: 123456

Run the Command-line Interface (CLI)

./scripts/cli.sh

2. Using Make Commands

The project includes several make commands for convenience:

# Build all components
make all

# Clean build files
make clean

# Run specific components
make run-cli
make run-server
make run-supplicant

TEST

  1. Open two terminal windows

  2. In the first terminal, run the Server:

./scripts/server.sh

Output:

[SERVER]          Server is listening on port...
[SERVER]          Client connected
...
[SERVER]          Client authenticated successfully.
  1. In the second terminal, run the Supplicant:
./scripts/supplicant.sh

Output:

[SUPPLICANT]      Enter username: usertest
[SUPPLICANT]      Enter password: 123456
[SUPPLICANT]      Connected to server
...
[SUPPLICANT]      Authentication successful!

NETWORK ACCESS CONTROL

  1. Open two terminal windows

  2. In the first terminal, run the Server:

./scripts/server.sh

Output:

[SERVER]          Server is listening on port...
[SERVER]          Client connected
...
[SERVER]          Starting EAP-TTLS authentication process ...
  1. In the second terminal, run the Supplicant:
./scripts/suppplicant.sh

Output:

[SUPPLICANT]      Enter username: usertest
[SUPPLICANT]      Enter password: 123456
[SUPPLICANT]      Connected to server
  1. Server show username and IP address which can be used to modify /config/access-rules.json:
[SERVER]          Received username: usertest
[SERVER]          Client IP: 127.0.0.1
  1. Server then decide to authenticate or reject Client:
[SERVER]          Waiting for challenge response...
[SERVER]          Received challenge response, verifying...
[SERVER]          Client authenticated successfully.
[SUPPLICANT]      Waiting for authentication result...
[SUPPLICANT]      Authentication successful!

Or

[SERVER]          Client authenticated successfully.
[SERVER]          Access denied by NAC policy
[SUPPLICANT]      Waiting for authentication result...
[SUPPLICANT]      Authentication failed: Access denied by policy
[SUPPLICANT]      Authentication failed!

Folder

Makefile : Manage automatic full program compilation.
src : Contains the entire main source code for the server, supplicant, EAP protocol, and CLI interface.
include : Contains the header files (*.h) accompanying the C source code to separate the interface from the implementation.
config : Contains access rule files, for example, access-rules.json, which defines allowed or blocked MAC/IP addresses.
scripts : Bash scripts to quickly run the program, start the server, supplicant, or perform tests.
logs : Log files are recorded during execution.
docs : Architecture documents, authentication flow, etc., for presentation and reporting purposes.

References

See additional details in the CONTRIBUTING file for external contribution acknowledgments.

License (used)

scyl-SPv1.0

scyl-SPv1.0

Purpose: Standards, principles, regulations, clauses.
Ref: https://github.com/zjqingzun/scyl-SPv1.0

MIT License

Purpose: Graphics, algorithms, structures, machine learning, search.
Ref: https://opensource.org/license/mit

About

This repos is the source code and document repository of group 07 project, Application Encryption course CQ2022/22, University of Science, VNU-HCM, Vietnam

Topics

application encryption openssl network eap wireshark nac

Resources

Readme

License

MIT license

Contributing

Contributing

Security policy

Security policy
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Contributors 4

  •  
  •  
  •  
  •  

Languages