/*******************************************************************-o-******
* test_genKu
*
* Returns:
* Number of failures.
*
*
* Test generation of usmUser master key from a passphrase.
*
* ASSUMES Passphrase is made of printable characters!
*/
int
test_genKu(void)
{
int rval = SNMPERR_SUCCESS,
failcount = 0,
properlength = BYTESIZE(SNMP_TRANS_AUTHLEN_HMACMD5), kulen;
char *hashname = "usmHMACMD5AuthProtocol.", *s;
u_char Ku[LOCAL_MAXBUF];
oid *hashtype = usmHMACMD5AuthProtocol;
OUTPUT("Test of generate_Ku --");
/*
* Set passphrase.
*/
if (!passphrase) {
passphrase = PASSPHRASE_DEFAULT;
}
if (!bequiet)
fprintf(stdout, "Passphrase%s:\n\t%s\n\n",
(passphrase == PASSPHRASE_DEFAULT) ? " (default)" : "",
passphrase);
test_genKu_again:
memset(Ku, 0, LOCAL_MAXBUF);
kulen = LOCAL_MAXBUF;
rval = generate_Ku(hashtype, USM_LENGTH_OID_TRANSFORM,
passphrase, strlen(passphrase), Ku, &kulen);
FAILED(rval, "generate_Ku().");
if (kulen != properlength) {
FAILED(SNMPERR_GENERR, "Ku length is wrong for this hashtype.");
}
binary_to_hex(Ku, kulen, &s);
if (!bequiet)
fprintf(stdout, "Ku (len=%d): %s\n", kulen, s);
free_zero(s, kulen);
SUCCESS(hashname);
if (!bequiet)
fprintf(stdout, "\n");
if (hashtype == usmHMACMD5AuthProtocol) {
hashtype = usmHMACSHA1AuthProtocol;
hashname = "usmHMACSHA1AuthProtocol.";
properlength = BYTESIZE(SNMP_TRANS_AUTHLEN_HMACSHA1);
goto test_genKu_again;
}
return failcount;
} /* end test_genKu() */
/**
* Returns pointer to allocaed & set buffer on success, size contains
* number of random bytes filled. buf is NULL and *size set to KMT
* error value upon failure.
*
* @param size Number of bytes to malloc() and fill with random bytes.
*
* @return a malloced buffer
*
*/
u_char *
malloc_random(size_t * size)
{
int rval = SNMPERR_SUCCESS;
u_char *buf = (u_char *) calloc(1, *size);
if (buf) {
rval = sc_random(buf, size);
if (rval < 0) {
free_zero(buf, *size);
buf = NULL;
} else {
*size = rval;
}
}
return buf;
} /* end malloc_random() */
/**
* hex_to_binary2
* @param *input Printable data in base16.
* @param len Length in bytes of data.
* @param **output Binary data equivalent to input.
*
* @return SNMPERR_GENERR on failure, otherwise length of allocated string.
*
* Input of an odd length is right aligned.
*
* FIX Another version of "hex-to-binary" which takes odd length input
* strings. It also allocates the memory to hold the binary data.
* Should be integrated with the official hex_to_binary() function.
*/
int
hex_to_binary2(const u_char * input, size_t len, char **output)
{
u_int olen = (len / 2) + (len % 2);
char *s = (char *) calloc(1, (olen) ? olen : 1), *op = s;
const u_char *ip = input;
*output = NULL;
*op = 0;
if (len % 2) {
if (!isxdigit(*ip))
goto hex_to_binary2_quit;
*op++ = HEX2VAL(*ip);
ip++;
}
while (ip - input < (int) len) {
if (!isxdigit(*ip))
goto hex_to_binary2_quit;
*op = HEX2VAL(*ip) << 4;
ip++;
if (!isxdigit(*ip))
goto hex_to_binary2_quit;
*op++ += HEX2VAL(*ip);
ip++;
}
*output = s;
return olen;
hex_to_binary2_quit:
free_zero(s, olen);
return -1;
} /* end hex_to_binary2() */
/*******************************************************************-o-******
* test_genkul
*
* Returns:
* Number of failures.
*
*
* Test of generate_kul().
*
* A passphrase and engineID are hashed into a master key Ku using
* both known hash transforms. Localized keys, also using both hash
* transforms, are generated from each of these master keys.
*
* ASSUME generate_Ku is already tested.
* ASSUME engineID is initially a NULL terminated string.
*/
int
test_genkul(void)
{
int rval = SNMPERR_SUCCESS,
failcount = 0,
properlength, kulen, kul_len, engineID_len, isdefault = FALSE;
char *s = NULL,
*testname = "Using HMACMD5 to create master key.",
*hashname_Ku = "usmHMACMD5AuthProtocol", *hashname_kul;
u_char Ku[LOCAL_MAXBUF], kul[LOCAL_MAXBUF];
oid *hashtype_Ku = usmHMACMD5AuthProtocol, *hashtype_kul;
OUTPUT("Test of generate_kul --");
/*
* Set passphrase and engineID.
*
* If engineID begins with 0x, assume it is written in (printable)
* hex and convert it to binary data.
*/
if (!passphrase) {
passphrase = PASSPHRASE_DEFAULT;
}
if (!bequiet)
fprintf(stdout, "Passphrase%s:\n\t%s\n\n",
(passphrase == PASSPHRASE_DEFAULT) ? " (default)" : "",
passphrase);
if (!engineID) {
engineID = ENGINEID_DEFAULT;
isdefault = TRUE;
}
engineID_len = strlen(engineID);
if (tolower(*(engineID + 1)) == 'x') {
engineID_len = hex_to_binary2(engineID + 2, engineID_len - 2, &s);
if (engineID_len < 0) {
FAILED((rval = SNMPERR_GENERR),
"Could not resolve hex engineID.");
}
engineID = s;
binary_to_hex(engineID, engineID_len, &s);
}
if (!bequiet)
fprintf(stdout, "engineID%s (len=%d): %s\n\n",
(isdefault) ? " (default)" : "",
engineID_len, (s) ? s : engineID);
if (s) {
SNMP_FREE(s);
}
/*
* Create a master key using both hash transforms; create localized
* keys using both hash transforms from each master key.
*/
test_genkul_again_master:
memset(Ku, 0, LOCAL_MAXBUF);
kulen = LOCAL_MAXBUF;
hashname_kul = "usmHMACMD5AuthProtocol";
hashtype_kul = usmHMACMD5AuthProtocol;
properlength = BYTESIZE(SNMP_TRANS_AUTHLEN_HMACMD5);
rval = generate_Ku(hashtype_Ku, USM_LENGTH_OID_TRANSFORM,
passphrase, strlen(passphrase), Ku, &kulen);
FAILED(rval, "generate_Ku().");
binary_to_hex(Ku, kulen, &s);
if (!bequiet)
fprintf(stdout,
"\n\nMaster Ku using \"%s\":\n\t%s\n\n", hashname_Ku, s);
free_zero(s, kulen);
test_genkul_again_local:
memset(kul, 0, LOCAL_MAXBUF);
kul_len = LOCAL_MAXBUF;
rval = generate_kul(hashtype_kul, USM_LENGTH_OID_TRANSFORM,
engineID, engineID_len, Ku, kulen, kul, &kul_len);
if ((hashtype_Ku == usmHMACMD5AuthProtocol)
&& (hashtype_kul == usmHMACSHA1AuthProtocol)) {
if (rval == SNMPERR_SUCCESS) {
FAILED(SNMPERR_GENERR,
"generate_kul SHOULD fail when Ku length is "
"less than hash transform length.");
}
} else {
FAILED(rval, "generate_kul().");
if (kul_len != properlength) {
FAILED(SNMPERR_GENERR,
"kul length is wrong for the given hashtype.");
}
binary_to_hex(kul, kul_len, &s);
fprintf(stdout, "kul (%s) (len=%d): %s\n",
((hashtype_Ku == usmHMACMD5AuthProtocol) ? "MD5" : "SHA"),
kul_len, s);
free_zero(s, kul_len);
}
/*
* Create localized key using the other hash transform, but from
* * the same master key.
*/
if (hashtype_kul == usmHMACMD5AuthProtocol) {
hashtype_kul = usmHMACSHA1AuthProtocol;
hashname_kul = "usmHMACSHA1AuthProtocol";
properlength = BYTESIZE(SNMP_TRANS_AUTHLEN_HMACSHA1);
goto test_genkul_again_local;
}
SUCCESS(testname);
/*
* Re-create the master key using the other hash transform.
*/
if (hashtype_Ku == usmHMACMD5AuthProtocol) {
hashtype_Ku = usmHMACSHA1AuthProtocol;
hashname_Ku = "usmHMACSHA1AuthProtocol";
testname = "Using HMACSHA1 to create master key.";
goto test_genkul_again_master;
}
return failcount;
} /* end test_genkul() */
void read_from_file(struct pcap_pkthdr *header)
{
float sec_dif=0,usec_dif=0;
static int first_packet_flag=0;
if(first_packet_flag==0)
{
sec1=header->ts.tv_sec;
usec1=header->ts.tv_usec;
sec2=sec1;
usec2=usec1;
first_packet_flag=1;
}
else
{
sec2=header->ts.tv_sec;
usec2=header->ts.tv_usec;
}
sec_dif=sec2 - sec1;
usec_dif=usec2 - usec1;
if((sec_dif*1000000) + usec_dif <=epoch*1000000)
{
// do nothing
}
else
{
sec1=sec1 + epoch;
usec1=usec1 + 0;
print_readfile_stats(sec1-epoch,usec1); // coz you have to print from the start time
total_count=0;
total_bytes=0;
count_tcp=0;
count_udp=0;
count_icmp=0;
count_default=0;
while((sec2-sec1)*1000000 +(usec2 -usec1) > epoch*1000000)
{
if(read_file!=NULL && write_file==NULL)
{
//no_of_flows=0;
sec1=sec1 + epoch;
usec1=usec1 + 0;
printf(" %ld.%ld ",sec1-epoch,usec1);
printf(" %d %d ",total_count,total_bytes);
if(flag_z==1)
{
printf("%d ",no_of_flows);
}
if(flag_verbose == 1)
{
printf("%d %d %d %d",count_tcp,count_udp,count_icmp,count_default);
if(flag_z==1)
{
printf(" %d %d \n",tcp_flow,udp_flow/*,icmp_flow */);
free_zero();
}
else
{
printf("\n");
}
}
else
{
printf("\n");
/* Free the linked list */
free_zero();
}
}
if(read_file!=NULL && write_file!=NULL)
{
//no_of_flows=0;
sec1=sec1 + epoch;
usec1=usec1 + 0;
fprintf(filew," %ld.%ld ",sec1-epoch,usec1);
fprintf(filew," %d %d ",total_count,total_bytes);
if(flag_z==1)
{
fprintf(filew,"%d ",no_of_flows);
}
if(flag_verbose == 1)
{
fprintf(filew,"%d %d %d %d",count_tcp,count_udp,count_icmp,count_default);
if(flag_z==1)
{
fprintf(filew," %d %d \n",tcp_flow,udp_flow/*,icmp_flow */);
free_zero();
}
else
{
fprintf(filew,"\n");
}
}
else
{
fprintf(filew,"\n");
/* Free the linked list */
free_zero();
}
}
}
}
}
void alarm_printhandler(int signo)
{
//fprintf(stdout,"Source_count:%d\n",total_source); // project
if(write_file == NULL)
{
printf("%lu.%ld ",current_time.tv_sec,current_time.tv_usec);
printf(" %d %u ",total_count,total_bytes);
if(flag_z==1)
{
printf("%d ",no_of_flows);
}
/* If -v is supplied */
if(flag_verbose == 1)
{
fprintf(stdout,"%d %d %d %d",count_tcp,count_udp,count_icmp,count_default);
if(flag_z==1)
{
printf(" %d %d\n",tcp_flow,udp_flow);
//free_zero(); CHANGED ON 04/19/14
}
else
{
printf("\n");
}
free_zero(); //PREVIOUSLY ON 411
}
else
{
printf("\n");
/* Free the linked list */
free_zero();
}
}
else
{
fprintf(filew,"%lu.%ld ",current_time.tv_sec,current_time.tv_usec);
fprintf(filew," %d %u ",total_count,total_bytes);
if(flag_z==1)
{
fprintf(filew,"%d ",no_of_flows);
}
/* If -v is supplied */
if(flag_verbose == 1)
{
fprintf(filew,"%d %d %d %d",count_tcp,count_udp,count_icmp,count_default);
if(flag_z==1)
{
fprintf(filew," %d %d\n",tcp_flow,udp_flow);
free_zero();
}
else
{
fprintf(filew,"\n");
}
}
else
{
fprintf(filew,"\n");
/* Free the linked list */
if(flag_z==1)
free_zero();
}
}
current_time.tv_sec=current_time.tv_sec + epoch; /* this is the start time */
total_count=0;
total_bytes=0;
count_tcp=0;
count_udp=0;
count_icmp=0;
count_default=0;
}
void print_readfile_stats(long sec1,long usec1)
{
if(read_file!=NULL && write_file==NULL)
{
fprintf(stdout," %ld.%ld ",sec1,usec1);
fprintf(stdout," %d %d ",total_count,total_bytes);
if(flag_z==1)
{
printf("%d ",no_of_flows);
}
/* If -v is supplied */
if(flag_verbose == 1)
{
fprintf(stdout,"%d %d %d %d",count_tcp,count_udp,count_icmp,count_default);
if(flag_z==1)
{
fprintf(stdout," %d %d \n",tcp_flow,udp_flow/*,icmp_flow*/);
free_zero();
}
else
{
printf("\n");
}
}
else
{
printf("\n");
/*Free linked list */
free_zero();
}
}
if(read_file!=NULL && write_file!=NULL)
{
fprintf(filew," %ld.%ld ",sec1,usec1);
fprintf(filew," %d %d ",total_count,total_bytes);
if(flag_z==1)
{
fprintf(filew,"%d ",no_of_flows);
}
/* If -v is supplied */
if(flag_verbose == 1)
{
fprintf(filew,"%d %d %d %d",count_tcp,count_udp,count_icmp,count_default);
if(flag_z==1)
{
fprintf(filew," %d %d \n",tcp_flow,udp_flow/*,icmp_flow*/);
free_zero();
}
else
{
fprintf(filew,"\n");
}
}
else
{
fprintf(filew,"\n");
/*Free linked list */
free_zero();
}
}
}