int rsa_get_public_key_fingerprint(rsa_context *rsa, uint64_t *fingerprint, char fingerprint_ascii[FLETCHER_SIZE_STR]) { int ret; if ((ret = rsa_check_pubkey(rsa)) != 0) { char err[128]; error_strerror(ret, err, sizeof err); dolog(D_ENC, "ERROR verifying public key: %s\n", err); return -ERR_NO_PUBKEY; } uint8_t pk[2048]; // public key is not bigger than this int pk_len = asn1_encode_public_key_der(pk, sizeof pk, rsa); if (pk_len <= 0) { return -ERR_UNKNOWN(901); } uint64_t fp; if (fingerprint == NULL ) { fingerprint = &fp; } *fingerprint = fletcher64(pk, pk_len); if (fingerprint_ascii) fletcher64_to_str(fingerprint_ascii, fingerprint); return 0; }
int upload_public_key(VCRYPT_CTX *ctx) { // checking the public key first int ret; if ((ret = rsa_check_pubkey(&ctx->ssl_req.rsa)) != 0) { return -ERR_RSA_NO_KEYS; } VCRYPT_PACKET *packet = packet_new(DEST_SERVER, NULL, REQ_PUBKEY_UPLOAD, 1024); if (packet == NULL ) goto err; int pk_len = asn1_encode_public_key_der((uint8_t*) packet->payload + 8, packet->payload_len - 8, &ctx->ssl_req.rsa); if (pk_len <= 0) goto err; uint64_t fp = fletcher64(packet->payload + 8, pk_len); // consistency check assert(ctx->public_key_fp_local == fp); memcpy(packet->payload, &fp, 8); packet->payload_len = pk_len + 8; return vqueue_add_packet(&ctx->packet_queue, packet, VCRYPT_TIMEOUT_SERVER, 1); err: // if (packet) packet_free(packet); return -ERR_UNKNOWN(908); }
int main(int argc, char *argv[]) { START(argc, argv, "checksum"); if (argc < 2) FATAL("usage: %s files...", argv[0]); for (int arg = 1; arg < argc; arg++) { int fd = OPEN(argv[arg], O_RDONLY); struct stat stbuf; FSTAT(fd, &stbuf); void *addr = MMAP(0, stbuf.st_size, PROT_READ|PROT_WRITE, MAP_PRIVATE, fd, 0); close(fd); uint64_t *ptr = addr; /* * Loop through, selecting successive locations * where the checksum lives in this block, and * let util_checksum() insert it so it can be * verified against the gold standard fletcher64 * routine in this file. */ while ((void *)(ptr + 1) < addr + stbuf.st_size) { /* save whatever was at *ptr */ uint64_t oldval = *ptr; /* mess with it */ *ptr = htole64(0x123); /* * calc a checksum and have it installed */ util_checksum(addr, stbuf.st_size, ptr, 1); uint64_t csum = *ptr; /* * verify inserted checksum checks out */ ASSERT(util_checksum(addr, stbuf.st_size, ptr, 0)); /* put a zero where the checksum was installed */ *ptr = 0; /* calculate a checksum */ uint64_t gold_csum = fletcher64(addr, stbuf.st_size); /* put the old value back */ *ptr = oldval; /* * verify checksum now fails */ ASSERT(!util_checksum(addr, stbuf.st_size, ptr, 0)); /* * verify the checksum matched the gold version */ ASSERTeq(csum, gold_csum); OUT("%s:%lu 0x%lx", argv[arg], (void *)ptr - addr, csum); ptr++; } } DONE(NULL); }
static void exec_commands(void) { uint8_t command, memid, status; uint16_t i, j; uint16_t packet_id, psc; uint8_t* mem_ptr = 0; uint32_t address, length, last_len = 0, num_transfers = 0; uint64_t check = 0; clear_current_command(); if(xQueueReceive(obc_to_mem_fifo, current_command, xTimeToWait) == pdTRUE) // Check for a command from the OBC packet router. { command = current_command[146]; packet_id = ((uint16_t)current_command[140]) << 8; packet_id += (uint16_t)current_command[139]; psc = ((uint16_t)current_command[138]) << 8; psc += (uint16_t)current_command[137]; memid = current_command[136]; address = ((uint32_t)current_command[135]) << 24; address += ((uint32_t)current_command[134]) << 16; address += ((uint32_t)current_command[133]) << 8; address += (uint32_t)current_command[132]; length = ((uint32_t)current_command[131]) << 24; length += ((uint32_t)current_command[130]) << 16; length += ((uint32_t)current_command[129]) << 8; length += (uint32_t)current_command[128]; switch(command) { case MEMORY_LOAD_ABS: if(!memid) { mem_ptr = address; for(i = 0; i < length; i++) { *(mem_ptr + i) = current_command[i]; } } else { if(spimem_write(address, current_command, length) < 0) // FAILURE_RECOVERY send_tc_execution_verify(0xFF, packet_id, psc); } send_tc_execution_verify(1, packet_id, psc); case DUMP_REQUEST_ABS: clear_current_command(); // Only clears lower data section. last_len = 0; if(length > 128) { num_transfers = length / 128; } for (j = 0; j < num_transfers; j++) { if(!memid) { mem_ptr = address; for (i = 0; i < length; i++) { current_command[i] = *(mem_ptr + i); } } else { if(spimem_read(address, current_command, length) < 0) // FAILURE_RECOVERY send_tc_execution_verify(0xFF, packet_id, psc); } current_command[146] = MEMORY_DUMP_ABS; current_command[145] = num_transfers - j; xQueueSendToBack(mem_to_obc_fifo, current_command, (TickType_t)1); // FAILURE_RECOVERY if this doesn't return pdTrue taskYIELD(); // Give the packet router a chance to downlink the dump packet. } send_tc_execution_verify(1, packet_id, psc); case CHECK_MEM_REQUEST: if(!memid) { check = fletcher64(address, length); send_tc_execution_verify(1, packet_id, psc); } else { check = fletcher64_on_spimem(address, length, &status); if(status > 1) { send_tc_execution_verify(0xFF, packet_id, psc); return; } send_tc_execution_verify(1, packet_id, psc); } current_command[146] = MEMORY_CHECK_ABS; current_command[7] = ((uint8_t)(check & 0xFF00000000000000)) >> 56; current_command[6] = ((uint8_t)(check & 0xFF00000000000000)) >> 48; current_command[5] = ((uint8_t)(check & 0xFF00000000000000)) >> 40; current_command[4] = ((uint8_t)(check & 0xFF00000000000000)) >> 32; current_command[3] = ((uint8_t)(check & 0xFF00000000000000)) >> 24; current_command[2] = ((uint8_t)(check & 0xFF00000000000000)) >> 26; current_command[1] = ((uint8_t)(check & 0xFF00000000000000)) >> 8; current_command[0] = (uint8_t)(check & 0xFF00000000000000); xQueueSendToBack(mem_to_obc_fifo, current_command, (TickType_t)1); default: return; } }
int main(int argc, char *argv[]) { START(argc, argv, "checksum"); if (argc < 2) UT_FATAL("usage: %s files...", argv[0]); for (int arg = 1; arg < argc; arg++) { int fd = OPEN(argv[arg], O_RDONLY); os_stat_t stbuf; FSTAT(fd, &stbuf); size_t size = (size_t)stbuf.st_size; void *addr = MMAP(NULL, size, PROT_READ|PROT_WRITE, MAP_PRIVATE, fd, 0); uint64_t *ptr = addr; /* * Loop through, selecting successive locations * where the checksum lives in this block, and * let util_checksum() insert it so it can be * verified against the gold standard fletcher64 * routine in this file. */ while ((char *)(ptr + 1) < (char *)addr + size) { /* save whatever was at *ptr */ uint64_t oldval = *ptr; /* mess with it */ *ptr = htole64(0x123); /* * calculate a checksum and have it installed */ util_checksum(addr, size, ptr, 1, 0); uint64_t csum = *ptr; /* * verify inserted checksum checks out */ UT_ASSERT(util_checksum(addr, size, ptr, 0, 0)); /* put a zero where the checksum was installed */ *ptr = 0; /* calculate a checksum */ uint64_t gold_csum = fletcher64(addr, size); /* put the old value back */ *ptr = oldval; /* * verify checksum now fails */ UT_ASSERT(!util_checksum(addr, size, ptr, 0, 0)); /* * verify the checksum matched the gold version */ UT_ASSERTeq(csum, gold_csum); UT_OUT("%s:%" PRIu64 " 0x%" PRIx64, argv[arg], (char *)ptr - (char *)addr, csum); ptr++; } uint64_t *addr2 = MMAP(NULL, size, PROT_READ|PROT_WRITE, MAP_PRIVATE, fd, 0); uint64_t *csum = (uint64_t *)addr; /* * put a zero where the checksum will be installed * in the second map */ *addr2 = 0; for (size_t i = size / 8 - 1; i > 0; i -= 1) { /* calculate a checksum and have it installed */ util_checksum(addr, size, csum, 1, i * 8); /* * put a zero in the second map where an ignored part is */ *(addr2 + i) = 0; /* calculate a checksum */ uint64_t gold_csum = fletcher64(addr2, size); /* * verify the checksum matched the gold version */ UT_ASSERTeq(*csum, gold_csum); } CLOSE(fd); MUNMAP(addr, size); MUNMAP(addr2, size); } DONE(NULL); }