/* generate a transaction id as the MD5 hash of an public key
* the transaction id is also used as a unique serial number
*/
void
scep_generate_transaction_id(const RSA_public_key_t *rsak
, chunk_t *transID, chunk_t *serialNumber)
{
char buf[MD5_DIGEST_SIZE];
chunk_t digest = { buf, sizeof(buf) };
chunk_t public_key = pkcs1_build_publicKeyInfo(rsak);
bool msb_set;
u_char *pos;
compute_digest(public_key, OID_MD5, &digest);
pfree(public_key.ptr);
/* is the most significant bit of the digest set? */
msb_set = (*digest.ptr & 0x80) == 0x80;
/* allocate space for the serialNumber */
serialNumber->len = msb_set + digest.len;
serialNumber->ptr = alloc_bytes(serialNumber->len, "serialNumber");
/* the serial number as the two's complement of the digest */
pos = serialNumber->ptr;
if (msb_set)
{
*pos++ = 0x00;
}
memcpy(pos, digest.ptr, digest.len);
/* the transaction id is the serial number in hex format */
transID->len = 2*digest.len;
transID->ptr = alloc_bytes(transID->len + 1, "transID");
datatot(digest.ptr, digest.len, 16, transID->ptr, transID->len + 1);
}
bool dtls_verify_digest(rtpp_stream* st, const X509 *cert)
{
unsigned char digest[EVP_MAX_MD_SIZE];
size_t digest_length;
if (compute_digest(cert, st->remote_fp_algorithm,
digest, sizeof(digest), &digest_length))
{
#ifdef DEBUG_DTLS
char *fp = NULL;
fp_to_hex(digest,digest_length,&fp);
rtpp_log_write(RTPP_LOG_INFO, glog,"fingerprint recvd [%s] \n", fp);
free(fp);
fp = NULL;
fp_to_hex((const unsigned char *)st->remote_fp_value,st->remote_fp_len,&fp);
rtpp_log_write(RTPP_LOG_INFO, glog,"fingerprint from the command [%s] \n", fp);
free(fp);
rtpp_log_write(RTPP_LOG_INFO, glog,"fingerprint digest_len:%d remote cmd len:%d \n",
digest_length, st->remote_fp_len );
#endif
if (strncmp((const char *)digest, (const char *)st->remote_fp_value,
min(digest_length,st->remote_fp_len)) != 0)
{
rtpp_log_write(RTPP_LOG_INFO, glog,"fingerprint verification failed st:%p fd:%d ssl:%\n",st, st->fd, st->ssl);
return false;
}
return true;
}
rtpp_log_write(RTPP_LOG_INFO, glog,"fingerprint verification compute_digest failed st:%p fd:%d ssl:%\n",st, st->fd, st->ssl);
return false;
}
/* generates a unique fingerprint of the pkcs10 request
* by computing an MD5 hash over it
*/
void
scep_generate_pkcs10_fingerprint(chunk_t pkcs10, chunk_t *fingerprint)
{
char buf[MD5_DIGEST_SIZE];
chunk_t digest = { buf, sizeof(buf) };
/* the fingerprint is the MD5 hash in hexadecimal format */
compute_digest(pkcs10, OID_MD5, &digest);
fingerprint->len = 2*digest.len;
fingerprint->ptr = alloc_bytes(fingerprint->len + 1, "fingerprint");
datatot(digest.ptr, digest.len, 16, fingerprint->ptr, fingerprint->len + 1);
}
void *parallel_SHA_Dig_Calc(void *params){
int index;
parameters *param=(parameters *)params;
if (PRINT)
printf("Worker number %d: started calculating digest.\n",param->no);
for (index=param->s_index; index<param->e_index; index++){
compute_digest(index);
}
if (PRINT)
printf("Worker number %d: finished calculating digest.\n",param->no);
}
svn_error_t *svn_ra_svn_cram_server(svn_ra_svn_conn_t *conn, apr_pool_t *pool,
svn_config_t *pwdb, const char **user,
svn_boolean_t *success)
{
apr_status_t status;
apr_uint64_t nonce;
char hostbuf[APRMAXHOSTLEN + 1];
unsigned char cdigest[APR_MD5_DIGESTSIZE], sdigest[APR_MD5_DIGESTSIZE];
const char *challenge, *sep, *password;
svn_ra_svn_item_t *item;
svn_string_t *resp;
*success = FALSE;
/* Send a challenge. */
status = make_nonce(&nonce);
if (!status)
status = apr_gethostname(hostbuf, sizeof(hostbuf), pool);
if (status)
return fail(conn, pool, "Internal server error in authentication");
challenge = apr_psprintf(pool,
"<%" APR_UINT64_T_FMT ".%" APR_TIME_T_FMT "@%s>",
nonce, apr_time_now(), hostbuf);
SVN_ERR(svn_ra_svn__write_tuple(conn, pool, "w(c)", "step", challenge));
/* Read the client's response and decode it into *user and cdigest. */
SVN_ERR(svn_ra_svn__read_item(conn, pool, &item));
if (item->kind != SVN_RA_SVN_STRING) /* Very wrong; don't report failure */
return SVN_NO_ERROR;
resp = item->u.string;
sep = strrchr(resp->data, ' ');
if (!sep || resp->len - (sep + 1 - resp->data) != APR_MD5_DIGESTSIZE * 2
|| !hex_decode(cdigest, sep + 1))
return fail(conn, pool, "Malformed client response in authentication");
*user = apr_pstrmemdup(pool, resp->data, sep - resp->data);
/* Verify the digest against the password in pwfile. */
svn_config_get(pwdb, &password, SVN_CONFIG_SECTION_USERS, *user, NULL);
if (!password)
return fail(conn, pool, "Username not found");
compute_digest(sdigest, challenge, password);
if (memcmp(cdigest, sdigest, sizeof(sdigest)) != 0)
return fail(conn, pool, "Password incorrect");
*success = TRUE;
return svn_ra_svn__write_tuple(conn, pool, "w()", "success");
}
void sequential_process(){
int index;
printf("******* Digest Calucation:Sequential Process *******\n");
for (index=0; index<no_files; index++){
if (PRINT){
printf("-------*******************************-------------------\n");
printf("Computing Digest for file: %s\n",in_file_list[index]);
}
compute_digest(index);
if (PRINT){
printf("Digest written to file: %s\n",out_file_list[index]);
printf("-------*******************************-------------------\n");
}
}
}
svn_error_t *svn_ra_svn__cram_client(svn_ra_svn_conn_t *conn, apr_pool_t *pool,
const char *user, const char *password,
const char **message)
{
const char *status, *str, *reply;
unsigned char digest[APR_MD5_DIGESTSIZE];
char hex[2 * APR_MD5_DIGESTSIZE + 1];
/* Read the server challenge. */
SVN_ERR(svn_ra_svn__read_tuple(conn, pool, "w(?c)", &status, &str));
if (strcmp(status, "failure") == 0 && str)
{
*message = str;
return SVN_NO_ERROR;
}
else if (strcmp(status, "step") != 0 || !str)
return svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
_("Unexpected server response to authentication"));
/* Write our response. */
compute_digest(digest, str, password);
hex_encode(hex, digest);
hex[sizeof(hex) - 1] = '\0';
reply = apr_psprintf(pool, "%s %s", user, hex);
SVN_ERR(svn_ra_svn__write_cstring(conn, pool, reply));
/* Read the success or failure response from the server. */
SVN_ERR(svn_ra_svn__read_tuple(conn, pool, "w(?c)", &status, &str));
if (strcmp(status, "failure") == 0 && str)
{
*message = str;
return SVN_NO_ERROR;
}
else if (strcmp(status, "success") != 0 || str)
return svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
_("Unexpected server response to authentication"));
*message = NULL;
return SVN_NO_ERROR;
}
static void *
cworker(void *p)
{
struct cw_args *cwp;
struct mkuz_cfg *cfp;
struct mkuz_blk *oblk, *iblk;
struct mkuz_conveyor *cvp;
void *c_ctx;
cwp = (struct cw_args *)p;
cfp = cwp->cfp;
cvp = cwp->cvp;
free(cwp);
c_ctx = cfp->handler->f_init(cfp->blksz);
for (;;) {
iblk = mkuz_fqueue_deq(cvp->wrk_queue);
if (iblk == MKUZ_BLK_EOF) {
/* Let other threads to see the EOF block */
mkuz_fqueue_enq(cvp->wrk_queue, iblk);
break;
}
if (cfp->no_zcomp == 0 &&
mkuz_memvcmp(iblk->data, '\0', iblk->info.len) != 0) {
/* All zeroes block */
oblk = mkuz_blk_ctor(0);
} else {
oblk = cfp->handler->f_compress(c_ctx, iblk);
if (cfp->en_dedup != 0) {
compute_digest(oblk);
}
}
oblk->info.blkno = iblk->info.blkno;
mkuz_fqueue_enq(cvp->results, oblk);
free(iblk);
}
return (NULL);
}
/* build an ocsp location from certificate information
* without unsharing its contents
*/
static bool
build_ocsp_location(const x509cert_t *cert, ocsp_location_t *location)
{
static u_char digest[SHA1_DIGEST_SIZE]; /* temporary storage */
location->uri = (cert->accessLocation.ptr != NULL)
? cert->accessLocation : ocsp_default_uri;
/* abort if no ocsp location uri is defined */
if (location->uri.ptr == NULL)
return FALSE;
setchunk(location->authNameID, digest, SHA1_DIGEST_SIZE);
compute_digest(cert->issuer, OID_SHA1, &location->authNameID);
location->next = NULL;
location->issuer = cert->issuer;
location->authKeyID = cert->authKeyID;
location->authKeySerialNumber = cert->authKeySerialNumber;
if (cert->authKeyID.ptr == NULL)
{
x509cert_t *authcert = get_authcert(cert->issuer
, cert->authKeySerialNumber, cert->authKeyID, AUTH_CA);
if (authcert != NULL)
{
location->authKeyID = authcert->subjectKeyID;
location->authKeySerialNumber = authcert->serialNumber;
}
}
location->nonce = empty_chunk;
location->certinfo = NULL;
return TRUE;
}
int64_t compress(const char* in_filename, const char* out_filename, uint32_t dict_size, uint32_t ht_size, uint8_t flags) {
struct bitio *bd = bstdout;
struct dictionary *d = NULL;
struct stat file_stat;
time_t t;
FILE *fin = stdin;
char *md5_str;
int c, read_count = 0;
uint8_t bits, initial_bits;
uint32_t bitMask, cur, next_record, y;
uint64_t filesize = 0;
unsigned char *md5;
if (out_filename != NULL && in_filename != NULL && strcmp(in_filename, out_filename) == 0) {
errno = EINVAL;
goto error;
}
if (in_filename != NULL) {
fin = fopen(in_filename, "r");
if (fin == NULL)
goto error;
}
if (out_filename != NULL) {
bd = bitio_open(out_filename, 'w');
if (bd == NULL)
goto error;
}
//write metadata
if (flags & META_DICT_SIZE)
if (meta_write(bd, META_DICT_SIZE, &dict_size, sizeof(dict_size)) < 0)
goto error;
if (flags & META_MD5) {
if (fin != stdin) {
int md5_size;
md5 = compute_digest(fin, "md5", &md5_size);
if (meta_write(bd, META_MD5, md5, md5_size) < 0)
goto error;
md5_str = sprinth(md5, md5_size);
PRINT(1, "md5sum:\t\t\t%s\n", md5_str);
free(md5);
free(md5_str);
}
else
PRINT(1, "md5sum:\t\t\tNot availabe when reading from stdin\n");
}
if ((flags & META_NAME) && in_filename != NULL) { //don't put META_NAME if input = stdin
c = path_len(in_filename);
if (meta_write(bd, META_NAME, (void*)&in_filename[c], strlen(in_filename) - c + 1) < 0)
goto error;
}
if ((flags & META_TIMESTAMP) && in_filename != NULL) { //don't put META_TIMESTAMP if input = stdin
fstat(fileno(fin), &file_stat);
t = file_stat.st_mtime;
if (meta_write(bd, META_TIMESTAMP, &t, sizeof(t)) < 0)
goto error;
}
if (meta_finalize(bd) < 0)
goto error;
d = dict_new(dict_size, 1, ht_size, NUM_SYMBOLS);
if (d == NULL)
goto error;
next_record = dict_init(d);
initial_bits = 0;
bitMask = 1;
while (bitMask < next_record) {
bitMask <<= 1;
initial_bits++;
}
bits = initial_bits;
bitMask = 1 << bits;
cur = ROOT_NODE;
for(;;) {
c = fgetc(fin);
if (c == EOF) {
//emit last word
if (emit(bd, cur, bits) < 0)
goto error;
//emit EOF
dict_lookup(d, ROOT_NODE, EOF_SYMBOL, &y);
if (emit(bd, y, bits) < 0)
goto error;
break;
}
filesize++;
if (VERBOSE_LEVEL > 0 && ++read_count >= COUNT_THRESHOLD) {
read_count = 0;
PRINT(1, ".");
}
if (!dict_lookup(d, cur, (uint16_t) c, &y)) { //node not found
if (emit(bd, cur, bits) < 0)
goto error;
dict_fill(d, y, cur, (uint16_t) c, next_record++);
if (next_record & bitMask) {
bitMask <<= 1;
bits++;
}
if (next_record == dict_size) {
next_record = dict_reinit(d);
bits = initial_bits;
bitMask = 1 << bits;
}
// search again starting from last unmatched symbol
dict_lookup(d, ROOT_NODE, (uint16_t) c, &y);
}
cur = dict_next(d, y);
}
PRINT(1, "\nCompression Finished\n\n");
dict_delete(d);
bitio_flush(bd);
if (bd != bstdout)
bitio_close(bd);
if (fin != NULL)
fclose(fin);
return filesize;
error:
PRINT(1, "\n");
dict_delete(d);
bitio_flush(bd);
if (bd != bstdout)
bitio_close(bd);
if (fin != NULL)
fclose(fin);
return -1;
}
static void usb_rx_cmd_complete(struct usb_request *req, unsigned actual, int status)
{
if(status != 0) return;
if(actual > 4095) actual = 4095;
cmdbuf[actual] = 0;
dprintf("\n> %s\n",cmdbuf);
// dprintf("usb_rx_cmd_complete() '%s'\n", cmdbuf);
if(memcmp(cmdbuf, "reboot", 6) == 0) {
tx_status("OKAY");
rx_cmd();
mdelay(100);
board_reboot();
}
#if 0
if(memcmp(cmdbuf, "debug:", 6) == 0) {
void debug(char *cmd, char *resp);
memcpy(cmdbuf, "OKAY", 5);
tx_status(cmdbuf);
rx_cmd();
mdelay(5000);
dprintf("NOW!\n");
debug(cmdbuf + 6, cmdbuf + 4);
return;
}
#endif
if(memcmp(cmdbuf, "getvar:", 7) == 0) {
char response[64];
strcpy(response,"OKAY");
if(!strcmp(cmdbuf + 7, "version")) {
strcpy(response + 4, VERSION);
} else if(!strcmp(cmdbuf + 7, "product")) {
strcpy(response + 4, PRODUCTNAME);
} else if(!strcmp(cmdbuf + 7, "serialno")) {
strcpy(response + 4, serialno);
} else {
board_getvar(cmdbuf + 7, response + 4);
}
tx_status(response);
rx_cmd();
return;
}
if(memcmp(cmdbuf, "download:", 9) == 0) {
char status[16];
rx_addr = kernel_addr;
rx_length = hex2unsigned(cmdbuf + 9);
if (rx_length > (64*1024*1024)) {
tx_status("FAILdata too large");
rx_cmd();
return;
}
kernel_size = rx_length;
dprintf("recv data addr=%x size=%x\n", rx_addr, rx_length);
strcpy(status,"DATA");
num_to_hex8(rx_length, status + 4);
tx_status(status);
rx_data();
return;
}
if(memcmp(cmdbuf, "erase:", 6) == 0){
struct ptentry *ptn;
ptn = flash_find_ptn(cmdbuf + 6);
if(ptn == 0) {
tx_status("FAILpartition does not exist");
rx_cmd();
return;
}
dprintf("erasing '%s'\n", ptn->name);
cprintf("erasing '%s'", ptn->name);
if(flash_erase(ptn)) {
tx_status("FAILfailed to erase partition");
rx_cmd();
cprintf(" - FAIL\n");
return;
} else {
dprintf("partition '%s' erased\n", ptn->name);
cprintf(" - OKAY\n");
}
tx_status("OKAY");
rx_cmd();
return;
}
if(memcmp(cmdbuf, "flash:", 6) == 0){
struct ptentry *ptn;
int extra = 0;
ptn = flash_find_ptn(cmdbuf + 6);
if(kernel_size == 0) {
tx_status("FAILno image downloaded");
rx_cmd();
return;
}
if(ptn == 0) {
tx_status("FAILpartition does not exist");
rx_cmd();
return;
}
if(!strcmp(ptn->name,"boot") || !strcmp(ptn->name,"recovery")) {
if(memcmp((void*) kernel_addr, BOOT_MAGIC, BOOT_MAGIC_SIZE)) {
tx_status("FAILimage is not a boot image");
rx_cmd();
return;
}
}
#if REQUIRE_SIGNATURE
{
unsigned char digest[DIGEST_SIZE];
compute_digest((void*) kernel_addr, kernel_size, digest);
if (is_signature_okay(digest, signature, key_engineering)) {
dprintf("verified by engineering key\n");
} else {
tx_status("FAILsignature did not verify");
rx_cmd();
return;
}
}
#endif
if(!strcmp(ptn->name,"system") || !strcmp(ptn->name,"userdata")) {
extra = 64;
} else {
kernel_size = (kernel_size + 2047) & (~2047);
}
dprintf("writing %d bytes to '%s'\n",
kernel_size, ptn->name);
cprintf("writing '%s' (%d bytes)", ptn->name, kernel_size);
if(flash_write(ptn, extra, (void*) kernel_addr, kernel_size)) {
tx_status("FAILflash write failure");
rx_cmd();
cprintf(" - FAIL\n");
return;
} else {
dprintf("partition '%s' updated\n", ptn->name);
cprintf(" - OKAY\n");
}
tx_status("OKAY");
rx_cmd();
return;
}
if(memcmp(cmdbuf, "boot", 4) == 0) {
if(init_boot_linux()) {
tx_status("FAILinvalid boot image");
rx_cmd();
return;
}
dprintf("booting linux...\n");
cprintf("\nbooting linux...\n");
tx_status("OKAY");
mdelay(10);
usb_shutdown();
boot_linux();
return;
}
if(memcmp(cmdbuf, "signature", 9) == 0) {
if (kernel_size != SIGNATURE_SIZE) {
tx_status("FAILsignature not 256 bytes long");
rx_cmd();
return;
}
memcpy(signature, (void*)kernel_addr, SIGNATURE_SIZE);
tx_status("OKAY");
rx_cmd();
return;
}
tx_status("FAILinvalid command");
rx_cmd();
}
