int rsa_get_public_key_fingerprint(rsa_context *rsa, uint64_t *fingerprint,
char fingerprint_ascii[FLETCHER_SIZE_STR])
{
int ret;
if ((ret = rsa_check_pubkey(rsa)) != 0) {
char err[128];
error_strerror(ret, err, sizeof err);
dolog(D_ENC, "ERROR verifying public key: %s\n", err);
return -ERR_NO_PUBKEY;
}
uint8_t pk[2048]; // public key is not bigger than this
int pk_len = asn1_encode_public_key_der(pk, sizeof pk, rsa);
if (pk_len <= 0) {
return -ERR_UNKNOWN(901);
}
uint64_t fp;
if (fingerprint == NULL ) {
fingerprint = &fp;
}
*fingerprint = fletcher64(pk, pk_len);
if (fingerprint_ascii)
fletcher64_to_str(fingerprint_ascii, fingerprint);
return 0;
}
int upload_public_key(VCRYPT_CTX *ctx)
{
// checking the public key first
int ret;
if ((ret = rsa_check_pubkey(&ctx->ssl_req.rsa)) != 0) {
return -ERR_RSA_NO_KEYS;
}
VCRYPT_PACKET *packet = packet_new(DEST_SERVER, NULL, REQ_PUBKEY_UPLOAD,
1024);
if (packet == NULL )
goto err;
int pk_len = asn1_encode_public_key_der((uint8_t*) packet->payload + 8,
packet->payload_len - 8, &ctx->ssl_req.rsa);
if (pk_len <= 0)
goto err;
uint64_t fp = fletcher64(packet->payload + 8, pk_len);
// consistency check
assert(ctx->public_key_fp_local == fp);
memcpy(packet->payload, &fp, 8);
packet->payload_len = pk_len + 8;
return vqueue_add_packet(&ctx->packet_queue, packet, VCRYPT_TIMEOUT_SERVER,
1);
err: //
if (packet)
packet_free(packet);
return -ERR_UNKNOWN(908);
}
int
main(int argc, char *argv[])
{
START(argc, argv, "checksum");
if (argc < 2)
FATAL("usage: %s files...", argv[0]);
for (int arg = 1; arg < argc; arg++) {
int fd = OPEN(argv[arg], O_RDONLY);
struct stat stbuf;
FSTAT(fd, &stbuf);
void *addr =
MMAP(0, stbuf.st_size, PROT_READ|PROT_WRITE,
MAP_PRIVATE, fd, 0);
close(fd);
uint64_t *ptr = addr;
/*
* Loop through, selecting successive locations
* where the checksum lives in this block, and
* let util_checksum() insert it so it can be
* verified against the gold standard fletcher64
* routine in this file.
*/
while ((void *)(ptr + 1) < addr + stbuf.st_size) {
/* save whatever was at *ptr */
uint64_t oldval = *ptr;
/* mess with it */
*ptr = htole64(0x123);
/*
* calc a checksum and have it installed
*/
util_checksum(addr, stbuf.st_size, ptr, 1);
uint64_t csum = *ptr;
/*
* verify inserted checksum checks out
*/
ASSERT(util_checksum(addr, stbuf.st_size, ptr, 0));
/* put a zero where the checksum was installed */
*ptr = 0;
/* calculate a checksum */
uint64_t gold_csum = fletcher64(addr, stbuf.st_size);
/* put the old value back */
*ptr = oldval;
/*
* verify checksum now fails
*/
ASSERT(!util_checksum(addr, stbuf.st_size, ptr, 0));
/*
* verify the checksum matched the gold version
*/
ASSERTeq(csum, gold_csum);
OUT("%s:%lu 0x%lx", argv[arg],
(void *)ptr - addr, csum);
ptr++;
}
}
DONE(NULL);
}
static void exec_commands(void)
{
uint8_t command, memid, status;
uint16_t i, j;
uint16_t packet_id, psc;
uint8_t* mem_ptr = 0;
uint32_t address, length, last_len = 0, num_transfers = 0;
uint64_t check = 0;
clear_current_command();
if(xQueueReceive(obc_to_mem_fifo, current_command, xTimeToWait) == pdTRUE) // Check for a command from the OBC packet router.
{
command = current_command[146];
packet_id = ((uint16_t)current_command[140]) << 8;
packet_id += (uint16_t)current_command[139];
psc = ((uint16_t)current_command[138]) << 8;
psc += (uint16_t)current_command[137];
memid = current_command[136];
address = ((uint32_t)current_command[135]) << 24;
address += ((uint32_t)current_command[134]) << 16;
address += ((uint32_t)current_command[133]) << 8;
address += (uint32_t)current_command[132];
length = ((uint32_t)current_command[131]) << 24;
length += ((uint32_t)current_command[130]) << 16;
length += ((uint32_t)current_command[129]) << 8;
length += (uint32_t)current_command[128];
switch(command)
{
case MEMORY_LOAD_ABS:
if(!memid)
{
mem_ptr = address;
for(i = 0; i < length; i++)
{
*(mem_ptr + i) = current_command[i];
}
}
else
{
if(spimem_write(address, current_command, length) < 0) // FAILURE_RECOVERY
send_tc_execution_verify(0xFF, packet_id, psc);
}
send_tc_execution_verify(1, packet_id, psc);
case DUMP_REQUEST_ABS:
clear_current_command(); // Only clears lower data section.
last_len = 0;
if(length > 128)
{
num_transfers = length / 128;
}
for (j = 0; j < num_transfers; j++)
{
if(!memid)
{
mem_ptr = address;
for (i = 0; i < length; i++)
{
current_command[i] = *(mem_ptr + i);
}
}
else
{
if(spimem_read(address, current_command, length) < 0) // FAILURE_RECOVERY
send_tc_execution_verify(0xFF, packet_id, psc);
}
current_command[146] = MEMORY_DUMP_ABS;
current_command[145] = num_transfers - j;
xQueueSendToBack(mem_to_obc_fifo, current_command, (TickType_t)1); // FAILURE_RECOVERY if this doesn't return pdTrue
taskYIELD(); // Give the packet router a chance to downlink the dump packet.
}
send_tc_execution_verify(1, packet_id, psc);
case CHECK_MEM_REQUEST:
if(!memid)
{
check = fletcher64(address, length);
send_tc_execution_verify(1, packet_id, psc);
}
else
{
check = fletcher64_on_spimem(address, length, &status);
if(status > 1)
{
send_tc_execution_verify(0xFF, packet_id, psc);
return;
}
send_tc_execution_verify(1, packet_id, psc);
}
current_command[146] = MEMORY_CHECK_ABS;
current_command[7] = ((uint8_t)(check & 0xFF00000000000000)) >> 56;
current_command[6] = ((uint8_t)(check & 0xFF00000000000000)) >> 48;
current_command[5] = ((uint8_t)(check & 0xFF00000000000000)) >> 40;
current_command[4] = ((uint8_t)(check & 0xFF00000000000000)) >> 32;
current_command[3] = ((uint8_t)(check & 0xFF00000000000000)) >> 24;
current_command[2] = ((uint8_t)(check & 0xFF00000000000000)) >> 26;
current_command[1] = ((uint8_t)(check & 0xFF00000000000000)) >> 8;
current_command[0] = (uint8_t)(check & 0xFF00000000000000);
xQueueSendToBack(mem_to_obc_fifo, current_command, (TickType_t)1);
default:
return;
}
}
int
main(int argc, char *argv[])
{
START(argc, argv, "checksum");
if (argc < 2)
UT_FATAL("usage: %s files...", argv[0]);
for (int arg = 1; arg < argc; arg++) {
int fd = OPEN(argv[arg], O_RDONLY);
os_stat_t stbuf;
FSTAT(fd, &stbuf);
size_t size = (size_t)stbuf.st_size;
void *addr =
MMAP(NULL, size, PROT_READ|PROT_WRITE,
MAP_PRIVATE, fd, 0);
uint64_t *ptr = addr;
/*
* Loop through, selecting successive locations
* where the checksum lives in this block, and
* let util_checksum() insert it so it can be
* verified against the gold standard fletcher64
* routine in this file.
*/
while ((char *)(ptr + 1) < (char *)addr + size) {
/* save whatever was at *ptr */
uint64_t oldval = *ptr;
/* mess with it */
*ptr = htole64(0x123);
/*
* calculate a checksum and have it installed
*/
util_checksum(addr, size, ptr, 1, 0);
uint64_t csum = *ptr;
/*
* verify inserted checksum checks out
*/
UT_ASSERT(util_checksum(addr, size, ptr, 0, 0));
/* put a zero where the checksum was installed */
*ptr = 0;
/* calculate a checksum */
uint64_t gold_csum = fletcher64(addr, size);
/* put the old value back */
*ptr = oldval;
/*
* verify checksum now fails
*/
UT_ASSERT(!util_checksum(addr, size, ptr,
0, 0));
/*
* verify the checksum matched the gold version
*/
UT_ASSERTeq(csum, gold_csum);
UT_OUT("%s:%" PRIu64 " 0x%" PRIx64, argv[arg],
(char *)ptr - (char *)addr, csum);
ptr++;
}
uint64_t *addr2 =
MMAP(NULL, size, PROT_READ|PROT_WRITE,
MAP_PRIVATE, fd, 0);
uint64_t *csum = (uint64_t *)addr;
/*
* put a zero where the checksum will be installed
* in the second map
*/
*addr2 = 0;
for (size_t i = size / 8 - 1; i > 0; i -= 1) {
/* calculate a checksum and have it installed */
util_checksum(addr, size, csum, 1, i * 8);
/*
* put a zero in the second map where an ignored part is
*/
*(addr2 + i) = 0;
/* calculate a checksum */
uint64_t gold_csum = fletcher64(addr2, size);
/*
* verify the checksum matched the gold version
*/
UT_ASSERTeq(*csum, gold_csum);
}
CLOSE(fd);
MUNMAP(addr, size);
MUNMAP(addr2, size);
}
DONE(NULL);
}
