int hu_aap_start (byte ep_in_addr, byte ep_out_addr) { // Starts USB/ACC/OAP, then AA protocol w/ VersReq(1), SSL handshake, Auth Complete if (iaap_state == hu_STATE_STARTED) { loge ("CHECK: iaap_state: %d (%s)", iaap_state, state_get (iaap_state)); return (0); } iaap_state = hu_STATE_STARTIN; logd (" SET: iaap_state: %d (%s)", iaap_state, state_get (iaap_state)); int ret = hu_usb_start (ep_in_addr, ep_out_addr); // Start USB/ACC/OAP if (ret) { iaap_state = hu_STATE_STOPPED; logd (" SET: iaap_state: %d (%s)", iaap_state, state_get (iaap_state)); return (ret); // Done if error } byte vr_buf [] = {0, 3, 0, 6, 0, 1, 0, 1, 0, 1}; // Version Request ret = hu_aap_usb_set (0, 3, 1, vr_buf, sizeof (vr_buf)); ret = hu_aap_usb_send (vr_buf, sizeof (vr_buf), 1000); // Send Version Request if (ret < 0) { loge ("Version request send ret: %d", ret); hu_aap_stop (); return (-1); } byte buf [DEFBUF] = {0}; errno = 0; ret = hu_aap_usb_recv (buf, sizeof (buf), 1000); // Get Rx packet from USB: Wait for Version Response if (ret <= 0) { loge ("Version response recv ret: %d", ret); hu_aap_stop (); return (-1); } logd ("Version response recv ret: %d", ret); //* ret = hu_ssl_handshake (); // Do SSL Client Handshake with AA SSL server if (ret) { hu_aap_stop (); return (ret); } byte ac_buf [] = {0, 3, 0, 4, 0, 4, 8, 0}; // Status = OK ret = hu_aap_usb_set (0, 3, 4, ac_buf, sizeof (ac_buf)); ret = hu_aap_usb_send (ac_buf, sizeof (ac_buf), 1000); // Auth Complete, must be sent in plaintext if (ret < 0) { loge ("hu_aap_usb_send() ret: %d", ret); hu_aap_stop (); return (-1); } hu_ssl_inf_log (); iaap_state = hu_STATE_STARTED; logd (" SET: iaap_state: %d (%s)", iaap_state, state_get (iaap_state)); //*/ return (0); }
int hu_aap_enc_send (int chan, byte * buf, int len) { // Send encrypted data: type,... if (iaap_state != hu_STATE_STARTED) { loge ("CHECK: iaap_state: %d (%s)", iaap_state, state_get (iaap_state)); return (-1); } if (ena_log_verbo && ena_log_send) { #ifndef NDEBUG hu_aad_dmp ("ES: ", 1, buf, len); #endif } int bytes_written = SSL_write (hu_ssl_ssl, buf, len); // Write plaintext to SSL if (bytes_written <= 0) { loge ("SSL_write() bytes_written: %d", bytes_written); hu_ssl_ret_log (bytes_written); hu_ssl_inf_log (); hu_aap_stop (); return (-1); } if (bytes_written != len) loge ("SSL_write() len: %d bytes_written: %d chan: %d", len, bytes_written, chan); else if (ena_log_verbo && ena_log_send) logd ("SSL_write() len: %d bytes_written: %d chan: %d", len, bytes_written, chan); int bytes_read = BIO_read (hu_ssl_wm_bio, & enc_buf [4], sizeof (enc_buf) - 4); // Read encrypted from SSL BIO to enc_buf if (bytes_read <= 0) { loge ("BIO_read() bytes_read: %d", bytes_read); hu_aap_stop (); return (-1); } if (ena_log_verbo && ena_log_send) logd ("BIO_read() bytes_read: %d", bytes_read); int flags = 0x0b; // Flags = First + Last + Encrypted if (chan != 0 && buf [0] == 0) { // If msg_type = 0 - 255 flags = 0x0f; // Control //logd ("Setting control"); } hu_aap_usb_set (chan, flags, -1, enc_buf, bytes_read + 4); // -1 for type so encrypted type position is not overwritten !! hu_aap_usb_send (enc_buf, bytes_read + 4, iaap_send_tmo); // Send encrypted data to AA Server return (0); }
int HUServer::hu_aap_enc_send (int retry,int chan, byte * buf, int len, int overrideTimeout) { // Encrypt data and send: type,... if (iaap_state != hu_STATE_STARTED) { logw ("CHECK: iaap_state: %d (%s)", iaap_state, state_get (iaap_state)); //logw ("chan: %d len: %d buf: %p", chan, len, buf); //hex_dump (" W/ hu_aap_enc_send: ", 16, buf, len); // Byebye: hu_aap_enc_send: 00000000 00 0f 08 00 return (-1); } byte base_flags = HU_FRAME_ENCRYPTED; uint16_t message_type = be16toh(*((uint16_t*)buf)); if (chan != AA_CH_CTR && message_type >= 2 && message_type < 0x8000) { // If not control channel and msg_type = 0 - 255 = control type message base_flags |= HU_FRAME_CONTROL_MESSAGE; // Set Control Flag (On non-control channels, indicates generic/"control type" messages //logd ("Setting control"); } for (int frag_start = 0; frag_start < len; frag_start += MAX_FRAME_PAYLOAD_SIZE) { byte flags = base_flags; if (frag_start == 0) { flags |= HU_FRAME_FIRST_FRAME; } int cur_len = MAX_FRAME_PAYLOAD_SIZE; if ((frag_start + MAX_FRAME_PAYLOAD_SIZE) >= len) { flags |= HU_FRAME_LAST_FRAME; cur_len = len - frag_start; } #ifndef NDEBUG // if (ena_log_verbo && ena_log_aap_send) { if (log_packet_info) { // && ena_log_aap_send) char prefix [MAX_FRAME_SIZE] = {0}; snprintf (prefix, sizeof (prefix), "S %d %s %1.1x", chan, chan_get (chan), flags); // "S 1 VID B" int rmv = hu_aad_dmp (prefix, "HU", chan, flags, &buf[frag_start], cur_len); } #endif int bytes_written = SSL_write (hu_ssl_ssl, &buf[frag_start], cur_len); // Write plaintext to SSL if (bytes_written <= 0) { loge ("SSL_write() bytes_written: %d", bytes_written); hu_ssl_ret_log (bytes_written); hu_ssl_inf_log (); hu_aap_stop (); return (-1); } if (bytes_written != cur_len) loge ("SSL_write() cur_len: %d bytes_written: %d chan: %d %s", cur_len, bytes_written, chan, chan_get (chan)); else if (ena_log_verbo && ena_log_aap_send) logd ("SSL_write() cur_len: %d bytes_written: %d chan: %d %s", cur_len, bytes_written, chan, chan_get (chan)); enc_buf [0] = (byte) chan; // Encode channel and flags enc_buf [1] = flags; int header_size = 4; if ((flags & HU_FRAME_FIRST_FRAME) & !(flags & HU_FRAME_LAST_FRAME)) { //write total len *((uint32_t*)&enc_buf[header_size]) = htobe32(len); header_size += 4; } int bytes_read = BIO_read (hu_ssl_wm_bio, & enc_buf [header_size], sizeof (enc_buf) - header_size); // Read encrypted from SSL BIO to enc_buf + if (bytes_read <= 0) { loge ("BIO_read() bytes_read: %d", bytes_read); hu_aap_stop (); return (-1); } if (ena_log_verbo && ena_log_aap_send) logd ("BIO_read() bytes_read: %d", bytes_read); *((uint16_t*)&enc_buf[2]) = htobe16(bytes_read); int ret = 0; ret = hu_aap_tra_send (retry, enc_buf, bytes_read + header_size, overrideTimeout < 0 ? iaap_tra_send_tmo : overrideTimeout); // Send encrypted data to AA Server if (retry) return (ret); } return (0); }