Lots of changes: Fix Valgrind hits, send RESULT on license, try to send (encrypted...
authorSteinar H. Gunderson <sesse@samfundet.no>
Sun, 6 Feb 2005 01:35:18 +0000 (01:35 +0000)
committerSteinar H. Gunderson <sesse@samfundet.no>
Sun, 6 Feb 2005 01:35:18 +0000 (01:35 +0000)
licence.c
mcs.c
proto.h
secure.c

index f862ecd..28c035b 100644 (file)
--- a/licence.c
+++ b/licence.c
@@ -62,3 +62,44 @@ licence_generate_keys(uint8 * client_key, uint8 * server_key, uint8 * client_rsa
        }
 }
 
+// "TEST" in UTF-16
+unsigned char license_token[] = {
+       0x54, 0x00, 0x45, 0x00, 0x53, 0x00, 0x54, 0x00, 0x00, 0x00
+};
+
+void
+send_authreq()
+{
+       RC4_KEY crypt_key;
+       uint8 in_token[LICENCE_TOKEN_SIZE], encrypt_token[LICENCE_TOKEN_SIZE];
+       uint8 signature[LICENCE_SIGNATURE_SIZE];
+
+       STREAM s = sec_init(38, SEC_LICENCE_NEG);
+       
+       out_uint8(s, LICENCE_TAG_AUTHREQ);
+       out_uint8(s, 3);  // version
+       out_uint16_le(s, 38); // length
+
+       // unknown
+       out_uint16_le(s, 0xffff);
+       out_uint16_le(s, 0xffff);
+       out_uint16_le(s, 0x0000);
+
+       out_uint16_le(s, LICENCE_TOKEN_SIZE);
+       memcpy(in_token, license_token, LICENCE_TOKEN_SIZE);
+
+       // encrypt the token
+       RC4_set_key(&crypt_key, 16, g_licence_key);
+       RC4(&crypt_key, LICENCE_TOKEN_SIZE, in_token, encrypt_token);
+
+       out_uint8p(s, encrypt_token, LICENCE_TOKEN_SIZE);
+
+       // what are we supposed to sign here, really? guess at the
+       // token, nothing else has been sent...
+       sec_sign(signature, 16, g_licence_sign_key, 16, encrypt_token, LICENCE_TOKEN_SIZE);
+       out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);
+
+       s_mark_end(s);
+       sec_send(s, SEC_LICENCE_NEG);
+}
+
diff --git a/mcs.c b/mcs.c
index 6c5bbb7..b0ddff7 100644 (file)
--- a/mcs.c
+++ b/mcs.c
@@ -398,6 +398,7 @@ mcs_send_connect_response()
                const unsigned char *ptr = buf;
                memcpy(buf, private_key, sizeof(private_key));
                privkey = d2i_RSAPrivateKey(NULL, &ptr, sizeof(private_key));
+               RSA_blinding_off(privkey);   // fix Valgrind hits -- YES, I know it's evil
                free(buf);
 
                printf("Loaded private key (%u bytes)\n", sizeof(private_key));
diff --git a/proto.h b/proto.h
index ac1baac..ea5eeda 100644 (file)
--- a/proto.h
+++ b/proto.h
@@ -36,6 +36,7 @@ BOOL iso_recv_connect(int server_sock);
 void iso_disconnect(void);
 /* licence.c */
 void licence_process(STREAM s);
+void send_authreq();
 /* mcs.c */
 STREAM mcs_init(int length);
 BOOL mcs_recv_connect_initial();
index a52a134..1282a7f 100644 (file)
--- a/secure.c
+++ b/secure.c
@@ -342,10 +342,10 @@ sec_init(uint32 flags, int maxlen)
        int hdrlen;
        STREAM s;
 
-       /*if (!g_licence_issued) */
+       if (!g_licence_issued) 
                hdrlen = (flags & SEC_ENCRYPT) ? 12 : 4;
-/*     else
-               hdrlen = (flags & SEC_ENCRYPT) ? 12 : 0; */
+       else
+               hdrlen = (flags & SEC_ENCRYPT) ? 12 : 0; 
        s = mcs_init(maxlen + hdrlen);
        s_push_layer(s, sec_hdr, hdrlen);
 
@@ -361,8 +361,9 @@ sec_send_to_channel(STREAM s, uint32 flags, uint16 channel)
 //     DEBUG(("sending packet to channel %u\n", channel));
        
        s_pop_layer(s, sec_hdr);
-//     if (!g_licence_issued || (flags & SEC_ENCRYPT))
+       if (!g_licence_issued || (flags & SEC_ENCRYPT)) {
                out_uint32_le(s, flags);
+       }
 
        if (flags & SEC_ENCRYPT)
        {
@@ -375,6 +376,7 @@ sec_send_to_channel(STREAM s, uint32 flags, uint16 channel)
 #endif
 
                sec_sign(s->p, 8, sec_sign_key, rc4_key_len, s->p + 8, datalen);
+               printf("First byte of signature is 0x%x, at %p\n", (s->p)[0], s->p);
                sec_encrypt(s->p + 8, datalen);
        }
 
@@ -729,6 +731,7 @@ sec_process_mcs_data(STREAM s)
 }
 
 extern unsigned char cacert[];
+extern BOOL g_licence_issued;
 
 unsigned char demand_license[] = {
        0x01, 0x03, 0x86, 0x00, 0x9c, 0x6e, 0xef, 0x5a, 0x26, 0x45, 0x88, 0x86, 0x0e, 0xdf, 0xa4, 0x4a,
@@ -741,13 +744,30 @@ unsigned char demand_license[] = {
        0x01, 0x00, 0x00, 0x00, 0x0e, 0x00, 0x0e, 0x00, 0x6d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66,
        0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x00 
 };
-unsigned char authreq_license[] = {
-       0x02, 0x03, 0x26, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x0a, 0x00, 0x37, 0x58, 0x0f, 0xc6,
-       0x59, 0xfb, 0x03, 0xb2, 0x2a, 0xb7, 0xfa, 0x65, 0xac, 0x02, 0x8d, 0x8b, 0xda, 0xf7, 0xc5, 0x20,
-       0x1b, 0xe3, 0x65, 0x26, 0xc4, 0x6a
-};
 unsigned char result_license[] = {
-        0xff, 0x03, 0x10, 0x00, 0x08, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x6a, 0xbd, 0x00, 0x00
+        0xff, 0x03, 0x10, 0x00, 0x07, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0xa0, 0x5f, 0x00, 0x00
+};
+
+unsigned char demand_active[] = {
+       0x24, 0x01, 0x11, 0x00, 0xea, 0x03, 0xea, 0x03, 0x01, 0x00, 0x04, 0x00, 0x0e, 0x01, 0x52, 0x44,
+       0x50, 0x00, 0x09, 0x00, 0x00, 0x00, 0x09, 0x00, 0x08, 0x00, 0xea, 0x03, 0x40, 0xe4, 0x01, 0x00,
+       0x18, 0x00, 0x01, 0x00, 0x03, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x11, 0x04, 0x00, 0x00,
+       0x00, 0x00, 0x00, 0x00, 0x01, 0x01, 0x0e, 0x00, 0x04, 0x00, 0x02, 0x00, 0x1c, 0x00, 0x08, 0x00,
+       0x01, 0x00, 0x01, 0x00, 0x01, 0x00, 0x20, 0x03, 0x58, 0x02, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00,
+       0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x03, 0x00, 0x58, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x42, 0x0f, 0x00, 0x01, 0x00,
+       0x14, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x22, 0x00, 0x01, 0x01, 0x01, 0x01, 0x01, 0x00,
+       0x00, 0x00, 0x01, 0x00, 0x01, 0x01, 0x00, 0x00, 0x00, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
+       0x01, 0x00, 0x01, 0x01, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0xa1, 0x06, 0x00, 0x00, 0x40, 0x42,
+       0x0f, 0x00, 0x40, 0x42, 0x0f, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0a, 0x00,
+       0x08, 0x00, 0x06, 0x00, 0x00, 0x00, 0x12, 0x00, 0x08, 0x00, 0x01, 0x00, 0x00, 0x00, 0x08, 0x00,
+       0x0a, 0x00, 0x01, 0x00, 0x19, 0x00, 0x19, 0x00, 0x0d, 0x00, 0x58, 0x00, 0x35, 0x00, 0x00, 0x00,
+       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xc0, 0xed, 0xbf, 0xa5, 0xcd, 0xb1, 0xae, 0xbe,
+       0x88, 0x35, 0x56, 0xe5, 0xc2, 0x01, 0xaf, 0xbe, 0xc8, 0xed, 0xbf, 0xa5, 0x8c, 0x33, 0x40, 0xe4,
+       0x08, 0x30, 0x40, 0xe4, 0x01, 0x00, 0x00, 0x00, 0x08, 0x30, 0x40, 0xe4, 0x00, 0x00, 0x00, 0x00,
+       0xc0, 0xed, 0xbf, 0xa5, 0x34, 0xf5, 0xae, 0xbe, 0x08, 0x30, 0x40, 0xe4, 0xb4, 0xed, 0xbf, 0xa5,
+       0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x0a, 0x00, 0x01, 0x00, 0x19, 0x00, 0x19, 0x00, 0x00, 0x00,
+       0x00, 0x00, 0x00, 0x00
 };
 
 #define EXPECT8(value) { in_uint8(s, unknown); if (unknown != (value)) printf("Unknown value on code line %u; expected 0x%x, got 0x%x\n", __LINE__, (value), unknown); }
@@ -806,6 +826,7 @@ process_presented_license(STREAM s)
 
        // now we can generate the keys we need
        licence_generate_keys(client_license_random, demand_license + 4, client_license_rsa_data);
+//     send_authreq();
 }
 
 /* Receive secure transport packet */
@@ -838,9 +859,21 @@ sec_recv(void)
                                
                                if (tag == LICENCE_TAG_PRESENT) {
                                        process_presented_license(s);
+
+                                       s = sec_init(sizeof(result_license), SEC_LICENCE_NEG);
+                                       out_uint8p(s, result_license, sizeof(result_license));
+                                       s_mark_end(s);
+                                       sec_send(s, SEC_LICENCE_NEG);
+                                       
+                                       //g_licence_issued = 1;
+                                       
+                                       printf("Sending DEMAND_ACTIVE (0x%x bytes)\n", sizeof(demand_active));
+                                       s = sec_init(sizeof(demand_active), SEC_ENCRYPT);
+                                       out_uint8p(s, demand_active, sizeof(demand_active));
+                                       s_mark_end(s);
+                                       sec_send(s, SEC_ENCRYPT);
                                }
                                
-                               //licence_process(s);
                                continue;
                        }