void
handle_packet(const u_char *packet, int length) {
static int n = 0;
static unsigned char initial_hello[] = {
0x16, 0xfe, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
uint8 *data;
size_t data_length, rlen;
int i, res;
#if DTLS_VERSION == 0xfeff
#ifndef SHA1_DIGEST_LENGTH
#define SHA1_DIGEST_LENGTH 20
#endif
uint8 hash_buf[16 + SHA1_DIGEST_LENGTH];
#elif DTLS_VERSION == 0xfefd
uint8 hash_buf[DTLS_SHA256_DIGEST_LENGTH];
#endif
#define verify_data_length 12
int is_client;
n++;
SKIP_ETH_HEADER(packet, length);
SKIP_IP_HEADER(packet, length);
/* determine from port if this is a client */
is_client = dtls_uint16_to_int(packet) != 20220;
SKIP_UDP_HEADER(packet, length);
while (length) {
rlen = dtls_uint16_to_int(packet + 11) + sizeof(dtls_record_header_t);
if (!rlen) {
fprintf(stderr, "invalid length!\n");
return;
}
/* skip packet if it is from a different epoch */
if (dtls_uint16_to_int(packet + 3) != epoch[is_client])
goto next;
res = decrypt_verify(is_client, packet, rlen,
&data, &data_length);
if (res <= 0)
goto next;
printf("packet %d (from %s):\n", n, is_client ? "client" : "server");
hexdump(packet, sizeof(dtls_record_header_t));
printf("\n");
hexdump(data, data_length);
printf("\n");
if (packet[0] == 22 && data[0] == 1) { /* ClientHello */
if (memcmp(packet, initial_hello, sizeof(initial_hello)) == 0)
goto next;
memcpy(dtls_kb_client_iv(OTHER_CONFIG), data + 14, 32);
clear_hash();
#if DTLS_VERSION == 0xfeff
hs_hash[0] = dtls_new_hash(HASH_MD5);
hs_hash[1] = dtls_new_hash(HASH_SHA1);
hs_hash[0]->init(hs_hash[0]->data);
hs_hash[1]->init(hs_hash[1]->data);
#elif DTLS_VERSION == 0xfefd
dtls_hash_init(hs_hash[0]);
#endif
}
if (packet[0] == 22 && data[0] == 2) { /* ServerHello */
memcpy(dtls_kb_server_iv(OTHER_CONFIG), data + 14, 32);
/* FIXME: search in ciphers */
OTHER_CONFIG->cipher = TLS_PSK_WITH_AES_128_CCM_8;
}
if (packet[0] == 20 && data[0] == 1) { /* ChangeCipherSpec */
printf("client random: ");
dump(dtls_kb_client_iv(OTHER_CONFIG), 32);
printf("\nserver random: ");
dump(dtls_kb_server_iv(OTHER_CONFIG), 32);
printf("\n");
master_secret_len =
dtls_prf(pre_master_secret, pre_master_len,
(unsigned char *)"master secret", 13,
dtls_kb_client_iv(OTHER_CONFIG), 32,
dtls_kb_server_iv(OTHER_CONFIG), 32,
master_secret, DTLS_MASTER_SECRET_LENGTH);
printf("master_secret:\n ");
for(i = 0; i < master_secret_len; i++)
printf("%02x", master_secret[i]);
printf("\n");
/* create key_block from master_secret
* key_block = PRF(master_secret,
"key expansion" + server_random + client_random) */
dtls_prf(master_secret, master_secret_len,
(unsigned char *)"key expansion", 13,
dtls_kb_server_iv(OTHER_CONFIG), 32,
dtls_kb_client_iv(OTHER_CONFIG), 32,
OTHER_CONFIG->key_block,
dtls_kb_size(OTHER_CONFIG));
OTHER_CONFIG->read_cipher =
dtls_cipher_new(OTHER_CONFIG->cipher,
dtls_kb_client_write_key(OTHER_CONFIG),
dtls_kb_key_size(OTHER_CONFIG));
if (!OTHER_CONFIG->read_cipher) {
warn("cannot create read cipher\n");
} else {
dtls_cipher_set_iv(OTHER_CONFIG->read_cipher,
dtls_kb_client_iv(OTHER_CONFIG),
dtls_kb_iv_size(OTHER_CONFIG));
}
OTHER_CONFIG->write_cipher =
dtls_cipher_new(OTHER_CONFIG->cipher,
dtls_kb_server_write_key(OTHER_CONFIG),
dtls_kb_key_size(OTHER_CONFIG));
if (!OTHER_CONFIG->write_cipher) {
warn("cannot create write cipher\n");
} else {
dtls_cipher_set_iv(OTHER_CONFIG->write_cipher,
dtls_kb_server_iv(OTHER_CONFIG),
dtls_kb_iv_size(OTHER_CONFIG));
}
/* if (is_client) */
SWITCH_CONFIG;
epoch[is_client]++;
printf("key_block:\n");
printf(" client_MAC_secret:\t");
dump(dtls_kb_client_mac_secret(CURRENT_CONFIG),
dtls_kb_mac_secret_size(CURRENT_CONFIG));
printf("\n");
printf(" server_MAC_secret:\t");
dump(dtls_kb_server_mac_secret(CURRENT_CONFIG),
dtls_kb_mac_secret_size(CURRENT_CONFIG));
printf("\n");
printf(" client_write_key:\t");
dump(dtls_kb_client_write_key(CURRENT_CONFIG),
dtls_kb_key_size(CURRENT_CONFIG));
printf("\n");
printf(" server_write_key:\t");
dump(dtls_kb_server_write_key(CURRENT_CONFIG),
dtls_kb_key_size(CURRENT_CONFIG));
printf("\n");
printf(" client_IV:\t\t");
dump(dtls_kb_client_iv(CURRENT_CONFIG),
dtls_kb_iv_size(CURRENT_CONFIG));
printf("\n");
printf(" server_IV:\t\t");
dump(dtls_kb_server_iv(CURRENT_CONFIG),
dtls_kb_iv_size(CURRENT_CONFIG));
printf("\n");
}
if (packet[0] == 22) {
if (data[0] == 20) { /* Finished */
finalize_hash(hash_buf);
/* clear_hash(); */
update_hash((unsigned char *)packet, sizeof(dtls_record_header_t),
data, data_length);
dtls_prf(master_secret, master_secret_len,
is_client
? (unsigned char *)"client finished"
: (unsigned char *)"server finished"
, 15,
hash_buf, sizeof(hash_buf),
NULL, 0,
data + sizeof(dtls_handshake_header_t),
verify_data_length);
printf("verify_data:\n");
dump(data, data_length);
printf("\n");
} else {
update_hash((unsigned char *)packet, sizeof(dtls_record_header_t),
data, data_length);
}
}
if (packet[0] == 23) { /* Application Data */
printf("Application Data:\n");
dump(data, data_length);
printf("\n");
}
next:
length -= rlen;
packet += rlen;
}
}
int
do_integrity_check (void)
{
int i,rows, err;
unsigned long start_addr = 0;
unsigned long end_addr = 0;
unsigned char runtime_hmac[32];
struct hash_desc desc;
const char * builtime_hmac = 0;
unsigned int size = 0;
err = init_hash (&desc);
if (err)
{
printk (KERN_ERR "FIPS(%s): init_hash failed", __FUNCTION__);
return -1;
}
rows = (unsigned int) sizeof (symtab) / sizeof (symtab[0]);
for (i = 0; i < rows; i++)
{
err = query_symbol_addresses (symtab[i][1], symtab[i][2], &start_addr, &end_addr);
if (err)
{
printk (KERN_ERR "FIPS(%s): Error to get start / end addresses", __FUNCTION__);
crypto_free_hash (desc.tfm);
return -1;
}
#ifdef FIPS_DEBUG
dump_bytes(symtab[i][0], symtab[i][1], symtab[i][2]);
#endif
size = end_addr - start_addr;
err = update_hash (&desc, (unsigned char *)start_addr, size);
if (err)
{
printk (KERN_ERR "FIPS(%s): Error to update hash", __FUNCTION__);
crypto_free_hash (desc.tfm);
return -1;
}
}
err = finalize_hash (&desc, runtime_hmac, sizeof(runtime_hmac));
crypto_free_hash (desc.tfm);
if (err)
{
printk (KERN_ERR "FIPS(%s): Error in finalize", __FUNCTION__);
return -1;
}
builtime_hmac = get_builtime_crypto_hmac();
if (!builtime_hmac)
{
printk (KERN_ERR "FIPS(%s): Unable to retrieve builtime_hmac", __FUNCTION__);
return -1;
}
#ifdef FIPS_DEBUG
print_hex_dump_bytes ("FIPS CRYPTO RUNTIME : runtime hmac = ",DUMP_PREFIX_NONE, runtime_hmac, sizeof(runtime_hmac));
print_hex_dump_bytes ("FIPS CRYPTO RUNTIME : builtime_hmac = ",DUMP_PREFIX_NONE, builtime_hmac , sizeof(runtime_hmac));
#endif
if (!memcmp (builtime_hmac, runtime_hmac, sizeof(runtime_hmac)))
{
printk (KERN_INFO "FIPS: Integrity Check Passed");
return 0;
}
else
{
printk (KERN_ERR "FIPS(%s): Integrity Check Failed", __FUNCTION__);
set_in_fips_err();
return -1;
}
return -1;
}
