示例#1
0
// Devuelve 0 si todo bien, 1 si error
int Revolver::RxStr(char *rx, int *len)
{
	char	bufrx[256];
	unsigned char cksm = 0, rcksm, add;
	int		c;
	int		nIntentos=0; //Para dar error en caso de que no haya respuesta por el COM

	bufrx[0] = bufrx[1] = 0;

	do
    {
		c = SioRxQue(m_RPF_parameters.com);
        ++nIntentos;
    }
	while(c < 12 && nIntentos<MAX_INTENTOS_RESPUESTA_COM);
    if (nIntentos>=MAX_INTENTOS_RESPUESTA_COM)
        return 1;

	SioGets(m_RPF_parameters.com, bufrx, 80);
	if(bufrx[0] != '$')
		return 1;
	add = HexBin(&bufrx[1]);
	if(add != m_Addr)
	return 2;
	cksm += bufrx[1];
	cksm += bufrx[2];
	for(c = 3; c < 80; c++)
	{
		if(bufrx[c] != '#')
		{
			cksm += bufrx[c];
			rx[c - 3] = bufrx[c];
		}
		else
		{
			c++;
			rcksm = HexBin(&bufrx[c]);
			rx[c-4]=0;
			break;
		}
	}
	if(rcksm != cksm)
		return 1;
	*len = c - 3;
	return 0;
}
示例#2
0
////////////////////////////////////////////////////////////////////////////////////
//The Signing Method
//Sign.getSignedHash
// in:
//		sHash -- hash string
//		selectedCert -- reserved (if 0 cleans the KeyContainerName cache)
// out:
//		signed hash in hex form
////Additionaly change values of attributes corresponding with signing cert (SigningKeyContainerName, SigningCSPName, SigningCertName, SigningCertIssuer)
////////////////////////////////////////////////////////////////////////////////////
STDMETHODIMP CSign::getSignedHash(BSTR sHash, long selectedCert, BSTR *SignedHash)
////////////////////////////////////////////////////////////////////////////////////
{

    PCCERT_CONTEXT pCertContext;
    BYTE pbHash[20];
    //char * sHashHex;
    char sHashHex[41];
    DWORD dwSelectedCert;

    DWORD dwSignature=1024; //RSA signatuuri pikkus - this parameter specifies the max size of signature value buffer
    BYTE cSignature[1025]; //the buffer receiving signature value
    TCHAR pbhSignature[2049]; //2*256 + 1 for null-terminating char

    BOOL fResult, fFreeProv;

    HCRYPTPROV hProv = NULL;
    HCRYPTKEY hPubKey = NULL;
    DWORD dwKeySpec;
    DWORD dwResult;
    char pSignatureRev[1025]; //the buffer for reversed signature value
    int i;

    memset(cSignature,0,1025);
    memset(pbhSignature,0,2049);
    memset(pSignatureRev,0,1025);
    memset(sHashHex,0,41);

    if(sHash=='\0')
        goto SIGDONE;

    for(i=0; i< 40; i++)
    {
        sHashHex[i]=(TCHAR)sHash[i];
        if(sHashHex[i]==0) break;
    }
    if(strlen(sHashHex)!=40)
        goto SIGDONE;


    HexBin(sHashHex,(char *)pbHash,20);

    dwSelectedCert=selectedCert;
    pCertContext=DigiCrypt_FindContext(0, &dwResult, &dwSelectedCert);

    if(!pCertContext)
        goto SIGDONE;

    fResult = GetRSAKeyFromCert(pCertContext,&hProv,&hPubKey, &dwKeySpec,&fFreeProv);
    if(fResult==NULL)
        goto SIGDONE;

    fResult = SignHashString(hProv,hPubKey,dwKeySpec,pbHash,cSignature,&dwSignature/*this parameter will be updated with the actual value of the signature*/);
    if(fResult==NULL)
        goto SIGDONE;

    BinHex((char*)pbHash,20,sHashHex);

    for(i=dwSignature-1; i>=0; i--) //allowed indexes for an array of size N are from 0 to N-1, this is fixed now
    {
        pSignatureRev[dwSignature-1-i]=cSignature[i];
    }
    pSignatureRev[dwSignature]=0;


    BinHex((char *)pSignatureRev, dwSignature, pbhSignature);

    *SignedHash=_bstr_t((LPCTSTR)pbhSignature).copy();

SIGDONE:
    if(fFreeProv)
    {
        if(hPubKey)
        {
            CryptDestroyKey(hPubKey);
        }
        if(hProv)
            CryptReleaseContext(hProv, 0);
    }
    pCertContext=NULL;

    return S_OK;
}
示例#3
0
/*
 * Authenticate a user
 */
int Bank_GetUserAuth(const char *Salt, const char *Username, const char *Password)
{
	#if USE_LDAP
	uint8_t	hash[20];
	uint8_t	h[20];
	 int	ofs = strlen(Username) + strlen(Salt);
	char	input[ ofs + 40 + 1];
	char	tmp[4 + strlen(Username) + 1];	// uid=%s
	char	*passhash;
	#endif
	
	#if 1
	// Only here to shut GCC up (until password auth is implemented)
	if( Salt == NULL )
		return -1;
	if( Password == NULL )
		return -1;
	#endif
	
	#if HACK_TPG_NOAUTH
	if( strcmp(Username, "tpg") == 0 )
		return Bank_GetAcctByName("tpg");
	#endif
	#if HACK_ROOT_NOAUTH
	if( strcmp(Username, "root") == 0 ) {
		int ret = Bank_GetAcctByName("root");
		if( ret == -1 )
			return Bank_CreateAcct("root");
		return ret;
	}
	#endif
	
	#if USE_LDAP
	HexBin(hash, 20, Password);
	
	// Build string to hash
	strcpy(input, Username);
	strcpy(input, Salt);
	
	// TODO: Get user's SHA-1 hash
	sprintf(tmp, "uid=%s", Username);
	printf("tmp = '%s'\n", tmp);
	passhash = ReadLDAPValue(tmp, "userPassword");
	if( !passhash ) {
		return -1;
	}
	printf("LDAP hash '%s'\n", passhash);
	
	sprintf(input+ofs, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
		h[ 0], h[ 1], h[ 2], h[ 3], h[ 4], h[ 5], h[ 6], h[ 7], h[ 8], h[ 9],
		h[10], h[11], h[12], h[13], h[14], h[15], h[16], h[17], h[18], h[19]
		);
	// Then create the hash from the provided salt
	// Compare that with the provided hash

	# if 1
	{
		 int	i;
		printf("Password hash ");
		for(i=0;i<20;i++)
			printf("%02x", hash[i]&0xFF);
		printf("\n");
	}
	# endif
	
	#endif
	
	return -1;
}