int main()
{
char *digest="SHA1";
OpenSSL_add_all_digests ();
do_digest(digest);
return 0;
}
BAREBOX_CMD_END
#endif /* CMD_CMD_MD5SUM */
#ifdef CONFIG_CMD_SHA1SUM
static int do_sha1(struct command *cmdtp, int argc, char *argv[])
{
return do_digest("sha1", argc, argv);
}
static int dev_crypto_md5_update(EVP_MD_CTX *ctx, const void *data,
unsigned long len)
{
MD_DATA *md_data = ctx->md_data;
if (ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)
return do_digest(md_data->sess.ses, md_data->md, data, len);
md_data->data = OPENSSL_realloc(md_data->data, md_data->len + len);
memcpy(md_data->data + md_data->len, data, len);
md_data->len += len;
return 1;
}
static int __init sha1_init(void)
{
char *result;
int i;
int ret;
ret = do_digest(code1, &result);
if (result) {
kfree(result);
return -1;
}
for (i = 0; i < 50; i++)
printk(KERN_ALERT "%2x ", (unsigned int)(*result++));
kfree(result);
return 0;
}
static int dev_crypto_md5_final(EVP_MD_CTX *ctx, unsigned char *md)
{
int ret;
MD_DATA *md_data = ctx->md_data;
if (ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) {
memcpy(md, md_data->md, MD5_DIGEST_LENGTH);
ret = 1;
} else {
ret = do_digest(md_data->sess.ses, md, md_data->data, md_data->len);
OPENSSL_free(md_data->data);
md_data->data = NULL;
md_data->len = 0;
}
return ret;
}
void atm_process_command(ATM *atm, char *command)
{
unsigned char recvline[1025 + 16 + EVP_MAX_BLOCK_LENGTH], sendline[1025 + 16 + EVP_MAX_BLOCK_LENGTH];
unsigned char enc_in[1024], dec_in[1025 + EVP_MAX_BLOCK_LENGTH];
unsigned char *digest, rec_digest[129], *outbuf, iv[16];
char username[251], *cmd_arg, *arg, user_card_filename[256], pin_in[10], message[1025];
char cardkey[33], username_cardkey[33];
int input_error = 1, username_pin, pin, ret, cmd_pos = 0, pos = 0, amt, int_arg, n=0;
int crypt_len, in_len, digest_len;
User *current_user;
FILE *card;
time_t t, start;
cmd_arg = malloc(251);
arg = malloc(251);
outbuf = malloc(1025 + EVP_MAX_BLOCK_LENGTH);
digest = malloc(129);
//clear strings
sendline[0] = 0;
outbuf[0] = 0;
enc_in[0] = 0;
ret = get_ascii_arg(command, pos, &cmd_arg);
cmd_pos += ret + 1;
if (strcmp(cmd_arg, "begin-session") == 0){
//get username
if(atm->logged_in){
printf("A user is already logged in\n");
return;
}
pos = cmd_pos;
ret = get_letter_arg(command, pos, &arg);
if (ret > 0 && ret <= 250){
pos += ret + 1;
memcpy(username, arg, ret);
username[ret] = 0;
//should be no more args
if(get_ascii_arg(command, pos, &arg) != 0){
printf("Usage: begin-session <user-name>\n");
return;
}
//send request to bank for User username
// Write message
sprintf(message, "%lu authenticate-user %s",atm->counter++, username);
// Compute Digest
digest_len = do_digest(message, &digest);
// To encrypt: digest_len digest message
sprintf(enc_in, "%s %s", digest, message);
//null bytes seem to screw things up so try until no null bytes
do{
do{
RAND_bytes(iv, sizeof(iv));
} while(strlen(iv) < 16);
crypt_len = do_crypt(enc_in, strlen(enc_in), 1, atm->key, iv, &outbuf);
} while (strlen(outbuf) != crypt_len || crypt_len == 0);
//concat iv and outbuf
strncat(sendline, iv, sizeof(iv));
strncat(sendline, outbuf, crypt_len);
atm_send(atm, sendline, crypt_len + sizeof(iv));
//process response from bank
n = atm_recv(atm,recvline, 1024 + EVP_MAX_BLOCK_LENGTH);
if(n < 0 ){
printf("Communication error occurred. Please try again.\n");
return;
}
recvline[n]=0;
//clear strings
outbuf[0] = 0;
dec_in[0] = 0;
//first 16 bytes are iv, rest is cipher to decrypt
memcpy(iv, recvline, sizeof(iv));
in_len = n - sizeof(iv);
memcpy(dec_in, recvline + sizeof(iv), in_len);
dec_in[in_len] = 0;
//decrypt cipher
crypt_len = do_crypt(dec_in, in_len, 0, atm->key, iv, &outbuf);
//first 64 characters are digest, rest is message
memcpy(rec_digest, outbuf, 128);
rec_digest[128]=0;
memcpy(message, outbuf+129, crypt_len - 129);
message[crypt_len - 129] = 0;
//do_digest on message and verify it matches sent digest
digest_len = do_digest(message, &digest);
digest[128]=0;
if(strcmp(digest, rec_digest) != 0){
printf("Digests don't match, message was tampered with. Ignorning...\n");
return;
}
//check counter
pos = 0;
ret = get_digit_arg(message, pos, &int_arg);
pos += ret + 1;
if(int_arg < atm->counter){
//Atm got message with an invalid counter. Ignoring...
return;
}
atm->counter = int_arg + 1;
//process response
ret = get_ascii_arg(message, pos, &arg);
if(ret<= 0 ){
//shouldn't happen bc verifying digest
return;
}
else{
if(strcmp("found", arg) == 0){
pos += ret + 1;
//username
atm->current_username = malloc(251);
ret = get_letter_arg(message, pos, &arg);
pos += ret + 1;
strncpy(atm->current_username, arg, strlen(arg));
atm->current_username[strlen(arg)]=0;
//pin
ret = get_digit_arg(message, pos, &int_arg);
pos += ret + 1;
username_pin = int_arg;
//card
memcpy(username_cardkey, message+pos, 32);
username_cardkey[32]=0;
//look for the card file and check can read
sprintf(user_card_filename,"%s.card", atm->current_username);
card = fopen(user_card_filename, "r");
if(card == NULL){
printf("Unable to access %s's card - null card\n", atm->current_username);
return;
}
ret = fread(cardkey, 1, sizeof(cardkey), card);
cardkey[32]=0;
if(strncmp(cardkey, username_cardkey, sizeof(username_cardkey)) != 0){
printf("Unable to access %s's card - cardkey mismatch\n", atm->current_username);
return;
}
//prompt for pin
printf("PIN? ");
fgets(pin_in, 10, stdin);
pos = 0;
ret = get_digit_arg(pin_in, pos, &int_arg);
pin = int_arg;
pos += ret + 1;
if(pin != username_pin || get_ascii_arg(pin_in, pos, &arg)){
printf("Not Authorized\n");
//If 3 failed attempts in 30 seconds, shut down
if((time(&t) - atm->fail_time1) <= 30){
printf("There have been 3 failed login attempts in the past 30 seconds.\nPlease wait 2 minutes before trying again.\n");
sleep(120);
}
else{
atm->fail_time1 = atm->fail_time2;
atm->fail_time2 = time(&t);
}
return;
}
else{
printf("Authorized\n");
atm->logged_in=1;
atm->current_user = current_user;
return;
}
}
else if(strcmp("not-found", arg) == 0){
printf("No such user\n");
return;
}
}
}
else{
printf("Usage: begin-sesion <user-name>\n");
}
}
//Withdraw
else if (strcmp(cmd_arg, "withdraw") == 0){
if(!atm->logged_in){
printf("No user logged in\n");
return;
}
//get amt from user input
pos = cmd_pos;
ret = get_digit_arg(command, pos, &int_arg);
if (ret > 0){
amt = int_arg;
pos += ret + 1;
//should be no more args
if(get_ascii_arg(command, pos, &arg) == 0){
// Write message
sprintf(message, "%lu withdraw %s %d",atm->counter++, atm->current_username, amt);
// Compute Digest
digest_len = do_digest(message, &digest);
// To encrypt: digest_len digest message
sprintf(enc_in, "%s %s", digest, message);
//null bytes seem to screw things up so try until no null bytes
do{
do{
RAND_bytes(iv, sizeof(iv));
} while(strlen(iv) < 16);
crypt_len = do_crypt(enc_in, strlen(enc_in), 1, atm->key, iv, &outbuf);
} while (strlen(outbuf) != crypt_len || crypt_len == 0);
//concat iv and outbuf
strncat(sendline, iv, sizeof(iv));
strncat(sendline, outbuf, crypt_len);
atm_send(atm, sendline, crypt_len + sizeof(iv));
//process response from bank
n = atm_recv(atm,recvline, 1024 + EVP_MAX_BLOCK_LENGTH);
if(n < 0 ){
printf("Communication error occurred. Please try again.\n");
return;
}
recvline[n]=0;
//clear sendline and outbuf
outbuf[0] = 0;
dec_in[0] = 0;
//first 16 bytes are iv, rest is cipher to decrypt
memcpy(iv, recvline, sizeof(iv));
in_len = n - sizeof(iv);
memcpy(dec_in, recvline + sizeof(iv), in_len);
dec_in[in_len] = 0;
//decrypt cipher
crypt_len = do_crypt(dec_in, in_len, 0, atm->key, iv, &outbuf);
//first 64 characters are digest, rest is message
memcpy(rec_digest, outbuf, 128);
rec_digest[128]=0;
memcpy(message, outbuf+129, crypt_len - 129);
message[crypt_len - 129] = 0;
//do_digest on message and verify it matches sent digest
digest_len = do_digest(message, &digest);
digest[128]=0;
if(strcmp(digest, rec_digest) != 0){
printf("Digests don't match, message was tampered with. Ignorning...\n");
return;
}
//check counter
pos = 0;
ret = get_digit_arg(message, pos, &int_arg);
pos += ret + 1;
if(int_arg < atm->counter){
//ATM got message with an invalid counter. Ignoring...
return;
}
atm->counter = int_arg + 1;
//process response
ret = get_ascii_arg(message, pos, &arg);
if(strcmp(arg, "success") == 0)
printf("$%d dispensed\n", amt);
else if (strcmp(arg, "insufficient-funds") == 0)
printf("Insufficient funds\n");
return;
}
}
printf("Usage: withdraw <amt>\n");
return;
}
else if (strcmp(cmd_arg, "balance") == 0){
if(!atm->logged_in){
printf("No user logged in\n");
return;
}
pos = cmd_pos;
if (get_ascii_arg(command, pos, &arg) != 0){
printf("Usage: balance\n");
return;
}
// Write message
sprintf(message, "%lu balance %s",atm->counter++, atm->current_username);
// Compute Digest
digest_len = do_digest(message, &digest);
// To encrypt: digest_len digest message
sprintf(enc_in, "%s %s", digest, message);
//null bytes seem to screw things up so try until no null bytes
do{
do{
RAND_bytes(iv, sizeof(iv));
} while(strlen(iv) < 16);
crypt_len = do_crypt(enc_in, strlen(enc_in), 1, atm->key, iv, &outbuf);
} while (strlen(outbuf) != crypt_len || crypt_len == 0);
//concat iv and outbuf
strncat(sendline, iv, sizeof(iv));
strncat(sendline, outbuf, crypt_len);
atm_send(atm, sendline, crypt_len + sizeof(iv));
//process response from bank
n = atm_recv(atm,recvline, 1024 + EVP_MAX_BLOCK_LENGTH);
if(n < 0 ){
printf("Communication error occurred. Please try again.\n");
return;
}
recvline[n]=0;
//clear sendline and outbuf
outbuf[0] = 0;
dec_in[0] = 0;
//first 16 bytes are iv, rest is cipher to decrypt
memcpy(iv, recvline, sizeof(iv));
in_len = n - sizeof(iv);
memcpy(dec_in, recvline + sizeof(iv), in_len);
dec_in[in_len] = 0;
//decrypt cipher
crypt_len = do_crypt(dec_in, in_len, 0, atm->key, iv, &outbuf);
//first 64 characters are digest, rest is message
memcpy(rec_digest, outbuf, 128);
rec_digest[128]=0;
memcpy(message, outbuf+129, crypt_len - 129);
message[crypt_len - 129] = 0;
//do_digest on message and verify it matches sent digest
digest_len = do_digest(message, &digest);
digest[128]=0;
if(strcmp(digest, rec_digest) != 0){
printf("Digests don't match, message was tampered with. Ignorning...\n");
return;
}
//check counter
pos = 0;
ret = get_digit_arg(message, pos, &int_arg);
pos += ret + 1;
if(int_arg < atm->counter){
//ATM got message with an invalid counter. Ignoring...
return;
}
atm->counter = int_arg + 1;
//process response
ret = get_digit_arg(message, pos, &int_arg);
printf("$%d\n", int_arg);
return;
}
// log user out - set logged-in to false and username to null
else if (strcmp(cmd_arg, "end-session") == 0){
if(!atm->logged_in){
printf("No user logged in\n");
return;
}
free(atm->current_username);
atm->current_username = NULL;
atm->logged_in = 0;
printf("User logged out\n");
return;
}
else{
printf("Invalid command\n");
return;
}
}
int main(int argc, char *argv[])
{
char *fname = NULL;
/* operation flags */
int is_breakevents = 0;
int is_count = 0;
int is_maxmin = 0;
int is_average = 0;
int is_digest = 0;
int is_exp_ratio = 0;
int is_exp = 0;
uint64_t start_time = 0;
uint64_t time_scale = 0;
uint64_t end_time = 0;
struct option long_options [] = {
/* short options are listed correspondingly */
{ "version", 0, NULL, 'v' },
{ "help", 0, NULL, 'h' },
/* list Cx entires one by one */
{ "digest", 0, NULL, 'd' },
/* ignored when digest is disabled */
{ "start", 1, NULL, 's' },
{ "end", 1, NULL, 'e' },
{ "scale", 1, NULL, 'l' },
/* give summary about breakevents info */
{ "breakevents", 0, NULL, 'b' },
{ "count", 0, NULL, 'c' },
{ "average", 0, NULL, 'a' },
/* list max/min residency for each Cx */
{ "maxmin", 0, NULL, 'm' },
{ "tsc2us", 1, NULL, 'u' },
{ "px", 0, NULL, 'p' },
{ "tsc2phase", 1, NULL, 'n' },
{ "exp-ratio", 0, NULL, 'z' },
{ "exp-pred", 0, NULL, 'x' },
{ NULL, 0, NULL, 0 },
};
while (1) {
int ch, opt_idx;
ch = getopt_long(argc, argv, "vhds:e:l:bcmaupnzx",
long_options, &opt_idx);
if (ch == -1)
break;
switch (ch) {
case 'v':
show_version();
exit(EXIT_SUCCESS);
case 'h':
show_help();
exit(EXIT_SUCCESS);
case 'p':
is_px = 1;
break;
case 'x':
is_exp = 1;
break;
case 'z':
is_exp_ratio = 1;
break;
case 'n':
tsc2phase = atoll(optarg);
if (tsc2phase <= 0)
tsc2phase = 55800000UL;
case 'd':
is_digest = 1;
break;
case 's':
start_time = atoll(optarg);
break;
case 'e':
end_time = atoll(optarg);
break;
case 'l':
time_scale = atoll(optarg);
break;
case 'b':
is_breakevents = 1;
break;
case 'c':
is_count = 1;
break;
case 'm':
is_maxmin = 1;
break;
case 'a':
is_average = 1;
break;
case 'u':
tsc2us = atoll(optarg);
tsc2ms = tsc2us * 1000UL;
break;
case '?':
default:
show_help();
exit(EXIT_FAILURE);
}
}
if (argc - optind > 1) {
printf("Multiple file specified?\n");
show_help();
exit(EXIT_FAILURE);
}
fname = argv[optind];
if (load_file(fname))
exit(EXIT_FAILURE);
width = 10;
if (is_digest) {
/* if people not specify the time related number,
* use the default one from the record.
*/
if (!start_time)
start_time = data[0].tsc;
if (!end_time)
end_time = data[data_cur-1].tsc;
if (!time_scale)
time_scale = 10UL * tsc2ms; /* default: 10 ms */
do_digest(start_time, end_time, time_scale);
}
if (is_breakevents)
do_breakevents();
if (is_count && !is_px)
do_count();
if (is_count && is_px)
do_px_count();
if (is_maxmin)
do_maxmin();
if (is_average)
do_average();
if (is_exp_ratio)
do_exp_ratio();
if (is_exp)
do_exp_pred();
exit(EXIT_SUCCESS);
}
static int do_md5(struct command *cmdtp, int argc, char *argv[])
{
return do_digest("md5", argc, argv);
}
void digest_media_verify()
{
int i;
char buf[256], *device = NULL;
hd_t *hd;
update_device_list(0);
iso.err = 1;
if(config.device) get_info(device = config.device);
if(iso.err) {
for(hd = fix_device_names(hd_list(config.hd_data, hw_cdrom, 0, NULL)); hd; hd = hd->next) {
if(hd->is.notready) continue;
get_info(device = hd->unix_dev_name);
if(!iso.err) break;
}
}
if(iso.err) {
if(dia_message("Insert Installation CD-ROM or DVD.", MSGTYPE_INFO)) return;
for(hd = fix_device_names(hd_list(config.hd_data, hw_cdrom, 0, NULL)); hd; hd = hd->next) {
if(hd->is.notready) continue;
get_info(device = hd->unix_dev_name);
if(!iso.err) break;
}
}
if(iso.err) {
dia_message("No CD-ROM or DVD found.", MSGTYPE_ERROR);
config.manual=1;
return;
}
fprintf(stderr,
" app: %s\nmedia: %s%d\n size: %u kB\n pad: %u kB\n",
iso.app_id,
iso.media_type,
iso.media_nr ?: 1,
iso.size,
iso.pad
);
fprintf(stderr, " ref: ");
if(iso.digest.got_old) for(i = 0; i < iso.digest.size; i++) fprintf(stderr, "%02x", iso.digest.old[i]);
fprintf(stderr, "\n");
if(!*iso.app_id || !iso.digest.got_old || iso.pad >= iso.size) {
sprintf(buf, "This is not a %s CD-ROM.", config.product);
dia_message(buf, MSGTYPE_ERROR);
config.manual=1;
return;
}
do_digest(device);
if(iso.err_ofs) {
fprintf(stderr, " err: sector %u\n", iso.err_ofs >> 1);
}
