void Set::from_json( const bp::ptree& ptree ) { /* TODO: Verify ptree (19/03/2014 20:48, jkotur) */ set_desc = ptree; params.clear(); name = set_desc.get<std::string>("@name"); auto& pdesc = set_desc.get_child("params"); /** Convert orders to doubles and find maximal order value */ double max_order = 0; for( auto ic=pdesc.begin() ; ic!=pdesc.end() ; ++ic ) { auto so = ic->second.get_optional<double>("@order"); if( !so ) continue; try { double o = boost::lexical_cast<double>(*so); ic->second.put("@order",o); max_order = std::max( max_order , o ); } catch( boost::bad_lexical_cast& e ) { sz_log(0, "Invalid order in param %s" , ic->second.get<std::string>("@name").c_str()); ic->second.erase("@order"); } } convert_color_names_to_hex(); /** Put params without order at the end */ int i = 0; for( auto ic=pdesc.begin() ; ic!=pdesc.end() ; ++ic ) { auto o = ic->second.get_optional<double>("@order"); if( !o ) ic->second.put("@order",max_order+ ++i); } for( auto ic=pdesc.begin() ; ic!=pdesc.end() ; ++ic ) { bp::ptree pt = ic->second; pt.erase("@order"); params.insert( ParamId { ic->second.get<std::string>("@name") , ic->second.get<double>("@order") , pt } ); } set_desc.erase("params"); generate_colors_like_draw3(); update_hash(); }
hashval String::hash_str(const unsigned char *bp, unsigned int sz) { unsigned char* be = (unsigned char*)bp + sz; hashval hv = FNVOffsetBasis; while(bp < be) { hv = update_hash(hv, *bp++); } return finish_hash(hv); }
hashval String::hash_str(const char *bp) { hashval hv; hv = FNVOffsetBasis; while(*bp) { hv = update_hash(hv, *bp++); } return finish_hash(hv); }
static int sh_write(const char *path, char *buf, size_t size, off_t offset, struct fuse_file_info *fi) { struct user* user = find_user(root, path+1); char uname[9]; printf("write\n"); if(user != NULL || strcmp(path, "/") == 0) return -ENOENT; int i = user_from_path(path, uname); user = find_user(root, uname); i+=2; if(user == NULL) return -ENOENT; if(strcmp(path+i, "password-hash") == 0) { char *hashed; hashed = hashword(buf); update_hash(root, uname, hashed); update_daysSinceChanged(root, uname, shadow_time()); } else if(strcmp(path+i, "days_since_changed") == 0) { update_daysSinceChanged(root, uname, atoi(buf)); } else if(strcmp(path+i, "days_until_can_change") == 0) { update_daysUntilCanChange(root, uname, atoi(buf)); } else if(strcmp(path+i, "days_until_must_change") == 0) { update_daysUntilMustChange(root, uname, atoi(buf)); } else if(strcmp(path+i, "days_before_warning") == 0) { update_daysBeforeWarning(root, uname, atoi(buf)); } else if(strcmp(path+i, "days_until_expiration") == 0) { update_daysUntilExpiration(root, uname, atoi(buf)); } else if(strcmp(path+i, "days_since_account_deactivated") == 0) { update_daysSinceDeactivation(root, uname, atoi(buf)); } else if(strcmp(path+i, "reserved") == 0) { update_reserved(root, uname, buf); } return size; }
static int sh_unlink(const char *path) { struct user* user = find_user(root, path+1); char uname[9]; printf("unlink\n"); if(user != NULL || strcmp(path, "/") == 0) return -ENOENT; int i = user_from_path(path, uname); user = find_user(root, uname); i+=2; if(user == NULL) return -ENOENT; if(strcmp(path+i, "password-hash") == 0) { update_hash(root, uname, "!"); } else if(strcmp(path+i, "days_since_changed") == 0) { update_daysSinceChanged(root, uname, shadow_time()); } else if(strcmp(path+i, "days_until_can_change") == 0) { update_daysUntilCanChange(root, uname, 0); } else if(strcmp(path+i, "days_until_must_change") == 0) { update_daysUntilMustChange(root, uname, 99999); } else if(strcmp(path+i, "days_before_warning") == 0) { update_daysBeforeWarning(root, uname, 7); } else if(strcmp(path+i, "days_until_expiration") == 0) { update_daysUntilExpiration(root, uname, 0); } else if(strcmp(path+i, "days_since_account_deactivated") == 0) { update_daysSinceDeactivation(root, uname, 0); } else if(strcmp(path+i, "reserved") == 0) { update_reserved(root, uname, NULL); } return 0; }
void Set::from_xml( const bp::ptree& ptree ) { set_desc = ptree; fold_xmlattr( set_desc ); name = set_desc.get<std::string>("@name"); /** * Convert obsolete color format to new one */ convert_colour( set_desc , "@background_color" ); convert_colour( set_desc , "@background_text_color" ); convert_colour( set_desc , "@text_color" ); convert_float( set_desc , "@spacing_vertical" ); convert_float( set_desc , "@spacing_horizontal" ); params.clear(); for( auto& c : set_desc ) if( c.first == "param" ) { auto name = c.second.get<std::string>("@name"); auto pt = c.second; upgrade_option( pt , "@bg_color" , "@background_color" ); upgrade_option( pt , "@color" , "@graph_color" ); convert_colour( pt , "@background_color" ); convert_colour( pt , "@graph_color" ); pt.erase("@order"); params.insert( ParamId { name , c.second.get<double>("@order") , pt } ); } set_desc.erase( "param" ); update_hash(); }
void handle_packet(const u_char *packet, int length) { static int n = 0; static unsigned char initial_hello[] = { 0x16, 0xfe, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; uint8 *data; size_t data_length, rlen; int i, res; #if DTLS_VERSION == 0xfeff #ifndef SHA1_DIGEST_LENGTH #define SHA1_DIGEST_LENGTH 20 #endif uint8 hash_buf[16 + SHA1_DIGEST_LENGTH]; #elif DTLS_VERSION == 0xfefd uint8 hash_buf[DTLS_SHA256_DIGEST_LENGTH]; #endif #define verify_data_length 12 int is_client; n++; SKIP_ETH_HEADER(packet, length); SKIP_IP_HEADER(packet, length); /* determine from port if this is a client */ is_client = dtls_uint16_to_int(packet) != 20220; SKIP_UDP_HEADER(packet, length); while (length) { rlen = dtls_uint16_to_int(packet + 11) + sizeof(dtls_record_header_t); if (!rlen) { fprintf(stderr, "invalid length!\n"); return; } /* skip packet if it is from a different epoch */ if (dtls_uint16_to_int(packet + 3) != epoch[is_client]) goto next; res = decrypt_verify(is_client, packet, rlen, &data, &data_length); if (res <= 0) goto next; printf("packet %d (from %s):\n", n, is_client ? "client" : "server"); hexdump(packet, sizeof(dtls_record_header_t)); printf("\n"); hexdump(data, data_length); printf("\n"); if (packet[0] == 22 && data[0] == 1) { /* ClientHello */ if (memcmp(packet, initial_hello, sizeof(initial_hello)) == 0) goto next; memcpy(dtls_kb_client_iv(OTHER_CONFIG), data + 14, 32); clear_hash(); #if DTLS_VERSION == 0xfeff hs_hash[0] = dtls_new_hash(HASH_MD5); hs_hash[1] = dtls_new_hash(HASH_SHA1); hs_hash[0]->init(hs_hash[0]->data); hs_hash[1]->init(hs_hash[1]->data); #elif DTLS_VERSION == 0xfefd dtls_hash_init(hs_hash[0]); #endif } if (packet[0] == 22 && data[0] == 2) { /* ServerHello */ memcpy(dtls_kb_server_iv(OTHER_CONFIG), data + 14, 32); /* FIXME: search in ciphers */ OTHER_CONFIG->cipher = TLS_PSK_WITH_AES_128_CCM_8; } if (packet[0] == 20 && data[0] == 1) { /* ChangeCipherSpec */ printf("client random: "); dump(dtls_kb_client_iv(OTHER_CONFIG), 32); printf("\nserver random: "); dump(dtls_kb_server_iv(OTHER_CONFIG), 32); printf("\n"); master_secret_len = dtls_prf(pre_master_secret, pre_master_len, (unsigned char *)"master secret", 13, dtls_kb_client_iv(OTHER_CONFIG), 32, dtls_kb_server_iv(OTHER_CONFIG), 32, master_secret, DTLS_MASTER_SECRET_LENGTH); printf("master_secret:\n "); for(i = 0; i < master_secret_len; i++) printf("%02x", master_secret[i]); printf("\n"); /* create key_block from master_secret * key_block = PRF(master_secret, "key expansion" + server_random + client_random) */ dtls_prf(master_secret, master_secret_len, (unsigned char *)"key expansion", 13, dtls_kb_server_iv(OTHER_CONFIG), 32, dtls_kb_client_iv(OTHER_CONFIG), 32, OTHER_CONFIG->key_block, dtls_kb_size(OTHER_CONFIG)); OTHER_CONFIG->read_cipher = dtls_cipher_new(OTHER_CONFIG->cipher, dtls_kb_client_write_key(OTHER_CONFIG), dtls_kb_key_size(OTHER_CONFIG)); if (!OTHER_CONFIG->read_cipher) { warn("cannot create read cipher\n"); } else { dtls_cipher_set_iv(OTHER_CONFIG->read_cipher, dtls_kb_client_iv(OTHER_CONFIG), dtls_kb_iv_size(OTHER_CONFIG)); } OTHER_CONFIG->write_cipher = dtls_cipher_new(OTHER_CONFIG->cipher, dtls_kb_server_write_key(OTHER_CONFIG), dtls_kb_key_size(OTHER_CONFIG)); if (!OTHER_CONFIG->write_cipher) { warn("cannot create write cipher\n"); } else { dtls_cipher_set_iv(OTHER_CONFIG->write_cipher, dtls_kb_server_iv(OTHER_CONFIG), dtls_kb_iv_size(OTHER_CONFIG)); } /* if (is_client) */ SWITCH_CONFIG; epoch[is_client]++; printf("key_block:\n"); printf(" client_MAC_secret:\t"); dump(dtls_kb_client_mac_secret(CURRENT_CONFIG), dtls_kb_mac_secret_size(CURRENT_CONFIG)); printf("\n"); printf(" server_MAC_secret:\t"); dump(dtls_kb_server_mac_secret(CURRENT_CONFIG), dtls_kb_mac_secret_size(CURRENT_CONFIG)); printf("\n"); printf(" client_write_key:\t"); dump(dtls_kb_client_write_key(CURRENT_CONFIG), dtls_kb_key_size(CURRENT_CONFIG)); printf("\n"); printf(" server_write_key:\t"); dump(dtls_kb_server_write_key(CURRENT_CONFIG), dtls_kb_key_size(CURRENT_CONFIG)); printf("\n"); printf(" client_IV:\t\t"); dump(dtls_kb_client_iv(CURRENT_CONFIG), dtls_kb_iv_size(CURRENT_CONFIG)); printf("\n"); printf(" server_IV:\t\t"); dump(dtls_kb_server_iv(CURRENT_CONFIG), dtls_kb_iv_size(CURRENT_CONFIG)); printf("\n"); } if (packet[0] == 22) { if (data[0] == 20) { /* Finished */ finalize_hash(hash_buf); /* clear_hash(); */ update_hash((unsigned char *)packet, sizeof(dtls_record_header_t), data, data_length); dtls_prf(master_secret, master_secret_len, is_client ? (unsigned char *)"client finished" : (unsigned char *)"server finished" , 15, hash_buf, sizeof(hash_buf), NULL, 0, data + sizeof(dtls_handshake_header_t), verify_data_length); printf("verify_data:\n"); dump(data, data_length); printf("\n"); } else { update_hash((unsigned char *)packet, sizeof(dtls_record_header_t), data, data_length); } } if (packet[0] == 23) { /* Application Data */ printf("Application Data:\n"); dump(data, data_length); printf("\n"); } next: length -= rlen; packet += rlen; } }
/*---------------------------------------------------------------------------* * NAME: fuzz_engine * DESC: fetch and parse each ad instructions *---------------------------------------------------------------------------*/ unsigned int fuzz_engine(config *conf) { int result; int error_occured = 0; /* debug */ debug(1, "<-----------------------[enter]\n"); /* if mode file, open the debugger file */ if (conf->type == 2) { if(create_debugger_file(conf)) return -1; } do { /* parse all the file */ while (conf->adc->offset < conf->adc->size) { /* fetch the instruction */ if (fetch_instruction(conf)) return -200; } /* compute the lengths */ update_length(conf); /* compute the hash values */ update_hash(conf); /* send the start message to the debugger. i.e. the fuzzer cannot speak with the debugger anymore, only the debugger send messages to the fuzzer */ if ((conf->dbg_mode) && (!conf->ring_zero)) if (dbg_send_msg(conf, INET_START_A_MSG, 0 , NULL, 0)) return -1; /* start the fuzzing */ result = start_fuzz(conf); if (result == -1) error_occured = 1; /* free the (big) fuzz buffer */ if (conf->buf_fuzz) { free(conf->buf_fuzz); conf->buf_fuzz = NULL; } /* free the blocks */ free_block(conf); /* free the lengths */ free_length(conf); /* free the hashes */ free_hash(conf); /* free the chronos */ free_chrono(conf); /* reset the offset */ conf->adc->offset = conf->adc->start; /* add a value to the fuzz counter */ conf->fuzz_file_id++; /* we close the debugger file */ if ((conf->type == 2) && (!conf->ring_zero)) { if(fclose(conf->fuzz_file_dbg)) { error_("error closing the debugger file.\n"); perror(""); error_("QUITTING!\n"); return -1; } } /* we are no more in the ring zero mode */ conf->ring_zero = 1; } while (!fuzz_finished(conf) && (error_occured == 0)); /* free the fuzz */ if (conf->fuzz) { struct struct_fuzz *fuzz; struct struct_fuzz *fuzz_to_free; fuzz = conf->fuzz; while (fuzz) { fuzz_to_free = fuzz; fuzz = fuzz->next; /* before freeing fuzz, free source */ if (fuzz_to_free->source) { struct struct_source *source; struct struct_source *source_to_free; source = fuzz_to_free->source; /* free the filename first */ while(source) { source_to_free = source; source = source->next; debug(3, "free source: %d filename: \"%s\"\n", source_to_free->id, source_to_free->filename); if (source_to_free->filename) free(source_to_free->filename); free(source_to_free); } } debug(3, "free fuzz[%d]\n", fuzz_to_free->id); free(fuzz_to_free); } conf->fuzz = NULL; } /* debug */ debug(1, "<-----------------------[quit]\n"); /* return value */ return 0; }
void GarbledCct::evl_next_gate(const Gate ¤t_gate) { __m128i current_key, a; Bytes::const_iterator it; static Bytes tmp; if (current_gate.m_tag == Circuit::GEN_INP) { uint8_t bit = m_gen_inp_mask.get_ith_bit(m_gen_inp_ix); Bytes::iterator it = m_i_bufr_ix + bit*Env::key_size_in_bytes(); tmp = m_M[m_gen_inp_ix].to_bytes().hash(Env::k()); tmp.resize(16, 0); current_key = _mm_loadu_si128(reinterpret_cast<__m128i*>(&tmp[0])); tmp.assign(it, it+Env::key_size_in_bytes()); tmp.resize(16, 0); a = _mm_loadu_si128(reinterpret_cast<__m128i*>(&tmp[0])); m_i_bufr_ix += Env::key_size_in_bytes()*2; current_key = _mm_xor_si128(current_key, a); m_gen_inp_ix++; } else if (current_gate.m_tag == Circuit::EVL_INP) { uint8_t bit = m_evl_inp.get_ith_bit(m_evl_inp_ix); Bytes::iterator it = m_i_bufr_ix + bit*Env::key_size_in_bytes(); tmp = (*m_ot_keys)[m_evl_inp_ix]; tmp.resize(16, 0); current_key = _mm_loadu_si128(reinterpret_cast<__m128i*>(&tmp[0])); tmp.assign(it, it+Env::key_size_in_bytes()); tmp.resize(16, 0); a = _mm_loadu_si128(reinterpret_cast<__m128i*>(&tmp[0])); m_i_bufr_ix += Env::key_size_in_bytes()*2; current_key = _mm_xor_si128(current_key, a); m_evl_inp_ix++; } else { const vector<uint64_t> &inputs = current_gate.m_input_idx; #ifdef FREE_XOR if (is_xor(current_gate)) { current_key = inputs.size() == 2? _mm_xor_si128(m_w[inputs[0]], m_w[inputs[1]]) : _mm_load_si128(m_w+inputs[0]); } else #endif if (inputs.size() == 2) // 2-arity gates { __m128i aes_key[2], aes_plaintext, aes_ciphertext; aes_plaintext = _mm_set1_epi64x(m_gate_ix); aes_key[0] = _mm_load_si128(m_w+inputs[0]); aes_key[1] = _mm_load_si128(m_w+inputs[1]); const uint8_t perm_x = _mm_extract_epi8(aes_key[0], 0) & 0x01; const uint8_t perm_y = _mm_extract_epi8(aes_key[1], 0) & 0x01; KDF256((uint8_t*)&aes_plaintext, (uint8_t*)&aes_ciphertext, (uint8_t*)aes_key); aes_ciphertext = _mm_and_si128(aes_ciphertext, m_clear_mask); uint8_t garbled_ix = (perm_y<<1) | (perm_x<<0); #ifdef GRR if (garbled_ix == 0) { current_key = _mm_load_si128(&aes_ciphertext); } else { it = m_i_bufr_ix+(garbled_ix-1)*Env::key_size_in_bytes(); tmp.assign(it, it+Env::key_size_in_bytes()); tmp.resize(16, 0); a = _mm_loadu_si128(reinterpret_cast<__m128i*>(&tmp[0])); current_key = _mm_xor_si128(aes_ciphertext, a); } m_i_bufr_ix += 3*Env::key_size_in_bytes(); #else it = m_i_bufr_ix + garbled_ix*Env::key_size_in_bytes(); tmp.assign(it, it+Env::key_size_in_bytes()); tmp.resize(16, 0); current_key = _mm_loadu_si128(reinterpret_cast<__m128i*>(&tmp[0])); current_key = _mm_xor_si128(current_key, aes_ciphertext); m_i_bufr_ix += 4*Env::key_size_in_bytes(); #endif } else // 1-arity gates { __m128i aes_key, aes_plaintext, aes_ciphertext; aes_plaintext = _mm_set1_epi64x(m_gate_ix); aes_key = _mm_load_si128(m_w+inputs[0]); KDF128((uint8_t*)&aes_plaintext, (uint8_t*)&aes_ciphertext, (uint8_t*)&aes_key); aes_ciphertext = _mm_and_si128(aes_ciphertext, m_clear_mask); const uint8_t perm_x = _mm_extract_epi8(aes_key, 0) & 0x01; #ifdef GRR if (perm_x == 0) { current_key = _mm_load_si128(&aes_ciphertext); } else { tmp.assign(m_i_bufr_ix, m_i_bufr_ix+Env::key_size_in_bytes()); tmp.resize(16, 0); a = _mm_loadu_si128(reinterpret_cast<__m128i*>(&tmp[0])); current_key = _mm_xor_si128(aes_ciphertext, a); } m_i_bufr_ix += Env::key_size_in_bytes(); #else it = m_i_bufr_ix + garbled_ix*Env::key_size_in_bytes(); tmp.assign(it, it+Env::key_size_in_bytes()); tmp.resize(16, 0); current_key = _mm_loadu_si128(reinterpret_cast<__m128i*>(&tmp[0])); current_key = _mm_xor_si128(current_key, aes_ciphertext); m_i_bufr_ix += 2*Env::key_size_in_bytes(); #endif } if (current_gate.m_tag == Circuit::EVL_OUT) { uint8_t out_bit = _mm_extract_epi8(current_key, 0) & 0x01; out_bit ^= *m_i_bufr_ix; m_evl_out.set_ith_bit(m_evl_out_ix, out_bit); m_i_bufr_ix++; m_evl_out_ix++; } else if (current_gate.m_tag == Circuit::GEN_OUT) { // TODO: Ki08 implementation uint8_t out_bit = _mm_extract_epi8(current_key, 0) & 0x01; out_bit ^= *m_i_bufr_ix; m_gen_out.set_ith_bit(m_gen_out_ix, out_bit); m_i_bufr_ix++; // m_C[2*m_gen_out_ix+0] = Bytes(m_i_bufr_ix, m_i_bufr_ix+Env::key_size_in_bytes()); // m_i_bufr_ix += Env::key_size_in_bytes(); // // m_C[2*m_gen_out_ix+1] = Bytes(m_i_bufr_ix, m_i_bufr_ix+Env::key_size_in_bytes()); // m_i_bufr_ix += Env::key_size_in_bytes(); m_gen_out_ix++; } } _mm_store_si128(m_w+current_gate.m_idx, current_key); update_hash(m_i_bufr); m_gate_ix++; }
void GarbledCct::com_next_gate(const Gate ¤t_gate) { gen_next_gate(current_gate); update_hash(m_o_bufr); m_o_bufr.clear(); // flush the output buffer }
int do_integrity_check (void) { int i,rows, err; unsigned long start_addr = 0; unsigned long end_addr = 0; unsigned char runtime_hmac[32]; struct hash_desc desc; const char * builtime_hmac = 0; unsigned int size = 0; err = init_hash (&desc); if (err) { printk (KERN_ERR "FIPS(%s): init_hash failed", __FUNCTION__); return -1; } rows = (unsigned int) sizeof (symtab) / sizeof (symtab[0]); for (i = 0; i < rows; i++) { err = query_symbol_addresses (symtab[i][1], symtab[i][2], &start_addr, &end_addr); if (err) { printk (KERN_ERR "FIPS(%s): Error to get start / end addresses", __FUNCTION__); crypto_free_hash (desc.tfm); return -1; } #ifdef FIPS_DEBUG dump_bytes(symtab[i][0], symtab[i][1], symtab[i][2]); #endif size = end_addr - start_addr; err = update_hash (&desc, (unsigned char *)start_addr, size); if (err) { printk (KERN_ERR "FIPS(%s): Error to update hash", __FUNCTION__); crypto_free_hash (desc.tfm); return -1; } } err = finalize_hash (&desc, runtime_hmac, sizeof(runtime_hmac)); crypto_free_hash (desc.tfm); if (err) { printk (KERN_ERR "FIPS(%s): Error in finalize", __FUNCTION__); return -1; } builtime_hmac = get_builtime_crypto_hmac(); if (!builtime_hmac) { printk (KERN_ERR "FIPS(%s): Unable to retrieve builtime_hmac", __FUNCTION__); return -1; } #ifdef FIPS_DEBUG print_hex_dump_bytes ("FIPS CRYPTO RUNTIME : runtime hmac = ",DUMP_PREFIX_NONE, runtime_hmac, sizeof(runtime_hmac)); print_hex_dump_bytes ("FIPS CRYPTO RUNTIME : builtime_hmac = ",DUMP_PREFIX_NONE, builtime_hmac , sizeof(runtime_hmac)); #endif if (!memcmp (builtime_hmac, runtime_hmac, sizeof(runtime_hmac))) { printk (KERN_INFO "FIPS: Integrity Check Passed"); return 0; } else { printk (KERN_ERR "FIPS(%s): Integrity Check Failed", __FUNCTION__); set_in_fips_err(); return -1; } return -1; }
void Block::from_buffer (unsigned char *buffer, int block_size) { size = block_size; this->buffer = buffer; update_hash (); }
/** * Parse attribute data based on attribute type * * \details * Parses the attribute data based on the passed attribute type. * Parsed_data will be updated based on the attribute data parsed. * * \param [in] attr_type Attribute type * \param [in] attr_len Length of the attribute data * \param [in] data Pointer to the attribute data * \param [out] parsed_update Reference to parsed_update; will be updated with all parsed data */ void parseBgpLib::parseAttrData(u_char attr_type, uint16_t attr_len, u_char *data, parsed_update &update, MD5 &hash) { u_char ipv4_raw[4]; char ipv4_char[16]; uint32_t value32bit; uint16_t value16bit; if (p_info) hash.update((unsigned char *) p_info->peer_hash_str.c_str(), p_info->peer_hash_str.length()); /* * Parse based on attribute type */ switch (attr_type) { case ATTR_TYPE_ORIGIN : // Origin update.attrs[LIB_ATTR_ORIGIN].official_type = ATTR_TYPE_ORIGIN; update.attrs[LIB_ATTR_ORIGIN].name = parse_bgp_lib::parse_bgp_lib_attr_names[LIB_ATTR_ORIGIN]; switch (data[0]) { case 0 : update.attrs[LIB_ATTR_ORIGIN].value.push_back(std::string("igp")); break; case 1 : update.attrs[LIB_ATTR_ORIGIN].value.push_back(std::string("egp")); break; case 2 : update.attrs[LIB_ATTR_ORIGIN].value.push_back(std::string("incomplete")); break; } update_hash(&update.attrs[LIB_ATTR_ORIGIN].value, &hash); break; case ATTR_TYPE_AS_PATH : // AS_PATH parseAttrDataAsPath(attr_len, data, update); update_hash(&update.attrs[LIB_ATTR_AS_PATH].value, &hash); break; case ATTR_TYPE_NEXT_HOP : // Next hop v4 memcpy(ipv4_raw, data, 4); inet_ntop(AF_INET, ipv4_raw, ipv4_char, sizeof(ipv4_char)); update.attrs[LIB_ATTR_NEXT_HOP].official_type = ATTR_TYPE_NEXT_HOP; update.attrs[LIB_ATTR_NEXT_HOP].name = parse_bgp_lib::parse_bgp_lib_attr_names[LIB_ATTR_NEXT_HOP]; update.attrs[LIB_ATTR_NEXT_HOP].value.push_back(std::string(ipv4_char)); update_hash(&update.attrs[LIB_ATTR_NEXT_HOP].value, &hash); break; case ATTR_TYPE_MED : // MED value { memcpy(&value32bit, data, 4); parse_bgp_lib::SWAP_BYTES(&value32bit); std::ostringstream numString; numString << value32bit; update.attrs[LIB_ATTR_MED].official_type = ATTR_TYPE_MED; update.attrs[LIB_ATTR_MED].name = parse_bgp_lib::parse_bgp_lib_attr_names[LIB_ATTR_MED]; update.attrs[LIB_ATTR_MED].value.push_back(numString.str()); update_hash(&update.attrs[LIB_ATTR_MED].value, &hash); break; } case ATTR_TYPE_LOCAL_PREF : // local pref value { memcpy(&value32bit, data, 4); parse_bgp_lib::SWAP_BYTES(&value32bit); std::ostringstream numString; numString << value32bit; char numstring[100] = {0}; update.attrs[LIB_ATTR_LOCAL_PREF].official_type = ATTR_TYPE_LOCAL_PREF; update.attrs[LIB_ATTR_LOCAL_PREF].name = parse_bgp_lib::parse_bgp_lib_attr_names[LIB_ATTR_LOCAL_PREF]; update.attrs[LIB_ATTR_LOCAL_PREF].value.push_back(numString.str()); update_hash(&update.attrs[LIB_ATTR_LOCAL_PREF].value, &hash); break; } case ATTR_TYPE_ATOMIC_AGGREGATE : // Atomic aggregate update.attrs[LIB_ATTR_ATOMIC_AGGREGATE].official_type = ATTR_TYPE_ATOMIC_AGGREGATE; update.attrs[LIB_ATTR_ATOMIC_AGGREGATE].name = parse_bgp_lib::parse_bgp_lib_attr_names[LIB_ATTR_ATOMIC_AGGREGATE]; update.attrs[LIB_ATTR_ATOMIC_AGGREGATE].value.push_back(std::string("1")); break; case ATTR_TYPE_AGGREGATOR : // Aggregator parseAttrDataAggregator(attr_len, data, update); update_hash(&update.attrs[LIB_ATTR_AGGREGATOR].value, &hash); break; case ATTR_TYPE_ORIGINATOR_ID : // Originator ID memcpy(ipv4_raw, data, 4); inet_ntop(AF_INET, ipv4_raw, ipv4_char, sizeof(ipv4_char)); update.attrs[LIB_ATTR_ORIGINATOR_ID].official_type = ATTR_TYPE_ORIGINATOR_ID; update.attrs[LIB_ATTR_ORIGINATOR_ID].name = parse_bgp_lib::parse_bgp_lib_attr_names[LIB_ATTR_ORIGINATOR_ID]; update.attrs[LIB_ATTR_ORIGINATOR_ID].value.push_back(std::string(ipv4_char)); break; case ATTR_TYPE_CLUSTER_LIST : // Cluster List (RFC 4456) // According to RFC 4456, the value is a sequence of cluster id's update.attrs[LIB_ATTR_CLUSTER_LIST].official_type = ATTR_TYPE_CLUSTER_LIST; update.attrs[LIB_ATTR_CLUSTER_LIST].name = parse_bgp_lib::parse_bgp_lib_attr_names[LIB_ATTR_CLUSTER_LIST]; for (int i = 0; i < attr_len; i += 4) { memcpy(ipv4_raw, data, 4); data += 4; inet_ntop(AF_INET, ipv4_raw, ipv4_char, sizeof(ipv4_char)); update.attrs[LIB_ATTR_CLUSTER_LIST].value.push_back(std::string(ipv4_char)); } break; case ATTR_TYPE_COMMUNITIES : // Community list { update.attrs[LIB_ATTR_COMMUNITIES].official_type = ATTR_TYPE_COMMUNITIES; update.attrs[LIB_ATTR_COMMUNITIES].name = parse_bgp_lib::parse_bgp_lib_attr_names[LIB_ATTR_COMMUNITIES]; for (int i = 0; i < attr_len; i += 4) { std::ostringstream numString; // Add entry memcpy(&value16bit, data, 2); data += 2; parse_bgp_lib::SWAP_BYTES(&value16bit); numString << value16bit; numString << ":"; memcpy(&value16bit, data, 2); data += 2; parse_bgp_lib::SWAP_BYTES(&value16bit); numString << value16bit; update.attrs[LIB_ATTR_COMMUNITIES].value.push_back(numString.str()); } update_hash(&update.attrs[LIB_ATTR_COMMUNITIES].value, &hash); break; } case ATTR_TYPE_EXT_COMMUNITY : // extended community list (RFC 4360) { update.attrs[LIB_ATTR_EXT_COMMUNITY].official_type = ATTR_TYPE_EXT_COMMUNITY; update.attrs[LIB_ATTR_EXT_COMMUNITY].name = parse_bgp_lib::parse_bgp_lib_attr_names[LIB_ATTR_EXT_COMMUNITY]; parse_bgp_lib::ExtCommunity ec(this, logger, debug); ec.parseExtCommunities(attr_len, data, update); update_hash(&update.attrs[LIB_ATTR_EXT_COMMUNITY].value, &hash); break; } case ATTR_TYPE_IPV6_EXT_COMMUNITY : // IPv6 specific extended community list (RFC 5701) { update.attrs[LIB_ATTR_IPV6_EXT_COMMUNITY].official_type = ATTR_TYPE_IPV6_EXT_COMMUNITY; update.attrs[LIB_ATTR_IPV6_EXT_COMMUNITY].name = parse_bgp_lib::parse_bgp_lib_attr_names[LIB_ATTR_IPV6_EXT_COMMUNITY]; parse_bgp_lib::ExtCommunity ec6(this, logger, debug); ec6.parsev6ExtCommunities(attr_len, data, update); break; } case ATTR_TYPE_MP_REACH_NLRI : // RFC4760 { parse_bgp_lib::MPReachAttr mp(this, logger, debug); mp.parseReachNlriAttr(attr_len, data, update); break; } case ATTR_TYPE_MP_UNREACH_NLRI : // RFC4760 { parse_bgp_lib::MPUnReachAttr mp(this, logger, debug); mp.parseUnReachNlriAttr(attr_len, data, update); break; } case ATTR_TYPE_AS_PATHLIMIT : // deprecated { break; } case ATTR_TYPE_BGP_LS: { MPLinkStateAttr ls(this, logger, &update, debug); ls.parseAttrLinkState(attr_len, data); break; } case ATTR_TYPE_AS4_PATH: { SELF_DEBUG("%sAttribute type AS4_PATH is not yet implemented, skipping for now.", debug_prepend_string.c_str()); break; } case ATTR_TYPE_AS4_AGGREGATOR: { SELF_DEBUG("%sAttribute type AS4_AGGREGATOR is not yet implemented, skipping for now.", debug_prepend_string.c_str()); break; } default: LOG_INFO("%sAttribute type %d is not yet implemented or intentionally ignored, skipping for now.", debug_prepend_string.c_str(), attr_type); break; } // END OF SWITCH ATTR TYPE }
/** * Parses the BGP prefixes (advertised and withdrawn) in the update * * \details * Parses all attributes. Decoded values are updated in 'parsed_data' * * \param [in] data Pointer to the start of the prefixes to be parsed * \param [in] len Length of the data in bytes to be read * \param [in] nlri_list Reference to parsed_update_data nlri list; */ void parseBgpLib::parseBgpNlri_v4(u_char *data, uint16_t len, std::list<parse_bgp_lib_nlri> &nlri_list) { u_char ipv4_raw[4]; char ipv4_char[16]; u_char addr_bytes; uint32_t path_id; u_char prefix_len; std::ostringstream numString; if (len <= 0 or data == NULL) return; // Loop through all prefixes for (size_t read_size = 0; read_size < len; read_size++) { parse_bgp_lib_nlri nlri; nlri.afi = parse_bgp_lib::BGP_AFI_IPV4; nlri.safi = parse_bgp_lib::BGP_SAFI_UNICAST; nlri.type = parse_bgp_lib::LIB_NLRI_TYPE_NONE; // Generate the hash MD5 hash; bzero(ipv4_raw, sizeof(ipv4_raw)); // Parse add-paths if enabled bool peer_info_addpath = p_info and p_info->add_path_capability.isAddPathEnabled(bgp::BGP_AFI_IPV4, bgp::BGP_SAFI_UNICAST); if ((peer_info_addpath or addPathCap[BGP_AFI_IPV4_INTERNAL][BGP_SAFI_UNICAST_INTERNAL]) and (len - read_size) >= 4) { memcpy(&path_id, data, 4); parse_bgp_lib::SWAP_BYTES(&path_id); data += 4; read_size += 4; } else path_id = 0; numString.str(std::string()); numString << path_id; nlri.nlri[LIB_NLRI_PATH_ID].name = parse_bgp_lib::parse_bgp_lib_nlri_names[LIB_NLRI_PATH_ID]; nlri.nlri[LIB_NLRI_PATH_ID].value.push_back(numString.str()); if (path_id > 0) update_hash(&nlri.nlri[LIB_NLRI_PATH_ID].value, &hash); // set the address in bits length prefix_len = *data++; numString.str(std::string()); numString << static_cast<unsigned>(prefix_len); nlri.nlri[LIB_NLRI_PREFIX_LENGTH].name = parse_bgp_lib::parse_bgp_lib_nlri_names[LIB_NLRI_PREFIX_LENGTH]; nlri.nlri[LIB_NLRI_PREFIX_LENGTH].value.push_back(numString.str()); update_hash(&nlri.nlri[LIB_NLRI_PREFIX_LENGTH].value, &hash); // Figure out how many bytes the bits requires addr_bytes = prefix_len / 8; if (prefix_len % 8) ++addr_bytes; SELF_DEBUG("%sReading NLRI data prefix bits=%d bytes=%d", debug_prepend_string.c_str(), prefix_len, addr_bytes); if (addr_bytes <= 4) { memcpy(ipv4_raw, data, addr_bytes); read_size += addr_bytes; data += addr_bytes; // Convert the IP to string printed format inet_ntop(AF_INET, ipv4_raw, ipv4_char, sizeof(ipv4_char)); nlri.nlri[LIB_NLRI_PREFIX].name = parse_bgp_lib::parse_bgp_lib_nlri_names[LIB_NLRI_PREFIX]; nlri.nlri[LIB_NLRI_PREFIX].value.push_back(ipv4_char); update_hash(&nlri.nlri[LIB_NLRI_PREFIX].value, &hash); SELF_DEBUG("%sAdding prefix %s len %d", debug_prepend_string.c_str(), ipv4_char, prefix_len); // set the raw/binary address nlri.nlri[LIB_NLRI_PREFIX_BIN].name = parse_bgp_lib::parse_bgp_lib_nlri_names[LIB_NLRI_PREFIX_BIN]; nlri.nlri[LIB_NLRI_PREFIX_BIN].value.push_back(std::string(ipv4_raw, ipv4_raw + 4)); //Update hash to include peer hash id if (p_info) hash.update((unsigned char *) p_info->peer_hash_str.c_str(), p_info->peer_hash_str.length()); hash.finalize(); // Save the hash unsigned char *hash_raw = hash.raw_digest(); nlri.nlri[LIB_NLRI_HASH].name = parse_bgp_lib::parse_bgp_lib_nlri_names[LIB_NLRI_HASH]; nlri.nlri[LIB_NLRI_HASH].value.push_back(parse_bgp_lib::hash_toStr(hash_raw)); delete[] hash_raw; nlri.nlri[LIB_NLRI_IS_IPV4].name =parse_bgp_lib_nlri_names[LIB_NLRI_IS_IPV4]; nlri.nlri[LIB_NLRI_IS_IPV4].value.push_back(string("1")); // Add tuple to prefix list nlri_list.push_back(nlri); } else if (addr_bytes > 4) { LOG_NOTICE("%sNRLI v4 address is larger than 4 bytes bytes=%d len=%d", debug_prepend_string.c_str(), addr_bytes, prefix_len); } } }
void Trie::UpdateHash(){ root_hash_ = update_hash(root_).hash(); }
protocol::Child Trie::update_hash(NodeFrm::POINTER node){ int branch_count = 0; int onlybranch = -1; int64_t children_count = 0; ////////////////////////////////////////////////////////////// if (!node->leaf_deleted_){ if (node->leaf_ != nullptr){ protocol::Child* this_child = node->info_.mutable_children(16); #ifdef COUNT this_child->set_count(1); #endif this_child->set_sublocation(node->location_); this_child->set_hash(HashCrypto(*(node->leaf_))); this_child->set_childtype(protocol::LEAF); StorageSaveLeaf(node); } } else{ protocol::Child* ch = node->info_.mutable_children(16); ch->Clear(); StorageDeleteLeaf(node); } if (node->info_.children(16).childtype() != protocol::CHILDTYPE::NONE){ branch_count++; onlybranch = 16; children_count++; } for (int i = 0; i < 16; i++){ NodeFrm::POINTER child = node->children_[i]; if ((child != nullptr) && (child->modified_)){ protocol::Child childresult = update_hash(child); node->info_.mutable_children(i)->CopyFrom(childresult); } if (node->info_.children(i).childtype() != protocol::CHILDTYPE::NONE){ branch_count++; onlybranch = i; #ifdef COUNT if (node->info_.children(i).count() == 0){ printf("fatel error"); } children_count += node->info_.children(i).count(); #endif } } protocol::Child result; #ifdef COUNT result.set_count(children_count); #endif if (branch_count == 0 && node->location_ != rootl){ StorageDeleteNode(node); //node->indb_ = false; } else if (branch_count == 1 && node->location_ != rootl){ StorageDeleteNode(node); //node->indb_ = false; result.CopyFrom(node->info_.children(onlybranch)); } else { StorageSaveNode(node); result.set_hash(HashCrypto(node->info_.SerializeAsString())); result.set_sublocation(node->location_); result.set_childtype(protocol::CHILDTYPE::INNER); #ifdef COUNT result.set_count(children_count); #endif } node->modified_ = false; return result; }