Home Explore Help
Sign In
strysg
/
babeld-lor
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
babeld-lor
/
lorauth.c

lorauth.c 5.6 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222 
  1. /* 
    2. 

  2.    babeld-lor
    3. 

  3.     Copyright (C) 2017  Rodrigo Garcia
    4. 

  4. 

  5.     This program is free software: you can redistribute it and/or modify
    6. 

  6.     it under the terms of the GNU General Public License as published by
    7. 

  7.     the Free Software Foundation, either version 3 of the License, or
    8. 

  8.     (at your option) any later version.
    9. 

  9. 

  10.     This program is distributed in the hope that it will be useful,
    11. 

  11.     but WITHOUT ANY WARRANTY; without even the implied warranty of
    12. 

  12.     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13. 

  13.     GNU General Public License for more details.
    14. 

  14. 

  15.     You should have received a copy of the GNU General Public License
    16. 

  16.     along with this program.  If not, see <https://www.gnu.org/licenses/>.
    17. 

  17. */
    18. 

  18. 

  19. #include "lorauth.h"
    20. 

  20. #include "decrypt.h"
    21. 

  21. #include "babeld.h"
    22. 

  22. 

  23. /**
    24. 

  24.  * \brief
    25. 

  25.  * Opens LORAUTH_TOKENS_DIR and LORAUTH_TOKENS_FILE to get the ciphered token
    26. 

  26.  * to be sent in the next update, according to `seqno' and `id' passed as 
    27. 

  27.  * arguments, if the token is found it is stored on `dest', if it is not
    28. 

  28.  * , does not change `dest'
    29. 

  29.  * \return
    30. 

  30.  * Returns 0 if found, -1 if not found.
    31. 

  31.  *
    32. 

  32.  * \docs
    33. 

  33.  * See: docs-lorauth/babel-integration.es.md
    34. 

  34.  */
    35. 

  35. int 
    36. 

  36. lorauth_token(unsigned char *dest, unsigned char id[8], 
    37. 

  37. 	      unsigned short seqno)
    38. 

  38. {
    39. 

  39.     char *file_abs_path = calloc(1, 150);
    40. 

  40.     strcat(file_abs_path, LORAUTH_TOKENS_DIR);
    41. 

  41.     strcat(file_abs_path, "/");
    42. 

  42.     strcat(file_abs_path, LORAUTH_TOKENS_FILE);
    43. 

  43.     
    44. 

  44.     FILE *fp = fopen(file_abs_path, "rt");
    45. 

  45.     int c = 0;
    46. 

  46.     if (fp)
    47. 

  47.       {
    48. 

  48. 	// include here LORAUTH_CIPHER_LEN + 1
    49. 

  49. 	char *line = (char *)malloc(513);
    50. 

  50. 	size_t len = 0;
    51. 

  51.       
    52. 

  52. 	unsigned int index = lorauth_token_index(id, seqno);
    53. 

  53. 	// getting respective index token.
    54. 

  54. 	while (getline(&line, &len, fp) != -1)
    55. 

  55. 	  {
    56. 

  56. 	    if(c == index)
    57. 

  57. 	      {
    58. 

  58. 		strcpy((char *)dest, line);
    59. 

  59. 		break;
    60. 

  60. 	      }
    61. 

  61. 	    c++;
    62. 

  62. 	  }
    63. 

  63. 

  64. 	if(fclose(fp)){
    65. 

  65. 	  printf(" Error fclose ");
    66. 

  66. 	  return -1;
    67. 

  67. 	}
    68. 

  68. 	
    69. 

  69. 	free(file_abs_path);
    70. 

  70. 	free(line);
    71. 

  71. 

  72. 	if(c!=index)
    73. 

  73. 	  {
    74. 

  74. 	    printf(" c %d index: %d\n", c, index);
    75. 

  75. 	    return -1;
    76. 

  76. 	  }
    77. 

  77. 

  78. 	return 0;
    79. 

  79.       }
    80. 

  80.     else{
    81. 

  81.       fprintf(stderr, "Couldn't read %s file\n", file_abs_path);
    82. 

  82.       free(file_abs_path);
    83. 

  83.       if(fclose(fp)){
    84. 

  84. 	printf(" Error fclose ");
    85. 

  85.       }
    86. 

  86.       return -1;
    87. 

  87.     }
    88. 

  88. }
    89. 

  89. 

  90. /**
    91. 

  91.  \brief
    92. 

  92.  Returns the index using:
    93. 

  93.   (((seqno*7)+1) xor (((router_id>>32)>>3) & (router_id&0xFFFFFFFF))) % 100
    94. 

  94.  */
    95. 

  95. int
    96. 

  96. lorauth_token_index(unsigned char id[8], unsigned short seqno)
    97. 

  97. {
    98. 

  98.     unsigned int index = 0;
    99. 

  99. 

  100.     unsigned char idh[] = {id[0],id[1],id[2],id[3]};
    101. 

  101.     unsigned char idl[] = {id[4],id[5],id[6],id[7]};
    102. 

  102. 

  103.     unsigned long long H=0;
    104. 

  104.     unsigned long long L=0;
    105. 

  105. 

  106.     int i=0;
    107. 

  107.     for(i=0; i<4; i++){
    108. 

  108.       H |= (unsigned long long) (idh[i]<<8*(3-i));
    109. 

  109.       L |= (unsigned long long) (idl[i]<<8*(3-i));
    110. 

  110.     }
    111. 

  111.     index = seqno*7;
    112. 

  112.     index += 1;
    113. 

  113.     index ^= (H>>3) & L;
    114. 

  114.     index %= 100;
    115. 

  115. 

  116.     return index;
    117. 

  117. }
    118. 

  118. 

  119. /**
    120. 

  120.  \brief
    121. 

  121.  * Checks if the cipher text is a valid authentication token
    122. 

  122.  * and it is following the lorauth specs (see doc-lorauth/)
    123. 

  123.  \returns 
    124. 

  124.  * 0 if it is a valid ciphertext
    125. 

  125.  * -1 if the ciphertext is invalid or can't be decrypted using
    126. 

  126.  * the given public key.
    127. 

  127.  */
    128. 

  128. int 
    129. 

  129. check_lorauth_token(unsigned char id[8], 
    130. 

  130. 		    unsigned char prefix[16],
    131. 

  131. 		    unsigned short seqno,
    132. 

  132. 		    unsigned short clen,
    133. 

  133. 		    unsigned char *cipher)
    134. 

  134. {
    135. 

  135.     if(clen != strlen((char *)cipher))
    136. 

  136.       {
    137. 

  137. 	printf("\tcipher size (%d) different than clen %d",
    138. 

  138. 	       strlen((char*)cipher), clen);
    139. 

  139. 	return -1;
    140. 

  140.       }
    141. 

  141. 

  142.     /* if(clen < 513){ */
    143. 

  143.     /*   /\* Seems that rsa_decrypt expects a message which ends in \n (10)*\/ */
    144. 

  144.     /*   printf("\tcorrecting\t"); */
    145. 

  145.     /*   strcat((char*)cipher, "\n"); */
    146. 

  146.     /* } */
    147. 

  147.     /* printf("%s\n",cipher); */
    148. 

  148.     /* int i; */
    149. 

  149.     /* for(i=0; i<clen; i++) */
    150. 

  150.     /*   printf("%d ",(unsigned char)cipher[i]); */
    151. 

  151.     /* printf("-- %d \n",clen); */
    152. 

  152. 

  153.     //printf("rsA_result decrypted: %d\t",strlen((char *)rsa_result));
    154. 

  154.     int rc = rsa_decrypt(&rsa_context, &rsa_entropy, &rsa_ctr_drbg,
    155. 

  155. 			 (char *)cipher, (unsigned char *)&rsa_result);
    156. 

  156. 

  157.     if(rc!=0)
    158. 

  158.       {
    159. 

  159. 	printf("\tFailed to decrypt ciphertext\n");
    160. 

  160. 	return -1;
    161. 

  161.       }
    162. 

  162. 

  163.     /* looking for the given prefix in the decrypted token
    164. 

  164.        for now it looks a contiguous space, but the prefix may be
    165. 

  165.        contained in an arbitrary order in the ciphertext later on.
    166. 

  166.     */
    167. 

  167.     // ipv4
    168. 

  168.     /*TODO: Add automatic check, by parsing by "." in decrypted string.
    169. 

  169.     the prefix is received like  (0 0 0 0 0 0 0 0 0 0 255 255 80 0 1 0)
    170. 

  170.     */
    171. 

  171.     if(
    172. 

  172.        prefix[12] != (rsa_result[0]-48)*10 + (rsa_result[1]-48) || 
    173. 

  173.        prefix[13] != rsa_result[3]-48 ||
    174. 

  174.        prefix[14] != rsa_result[5]-48 ||
    175. 

  175.        prefix[15] != rsa_result[7]-48)
    176. 

  176.       {
    177. 

  177. 	printf("\tprefix not found in decrypted token (contiguous check)\n");
    178. 

  178. 	printf("\trsa_result: %s \nprefix: ", rsa_result);
    179. 

  179. 	int i;
    180. 

  180. 	for(i=0; i<16; i++)
    181. 

  181. 	  printf("%d ", (unsigned char)prefix[i]);
    182. 

  182. 	
    183. 

  183. 	return -1;
    184. 

  184.       }
    185. 

  185.     //TODO: implement ipv6 check
    186. 

  186.     //...
    187. 

  187.     unsigned int index = lorauth_token_index(id, seqno);
    188. 

  188.     size_t dc = strlen((char *)rsa_result);
    189. 

  189.     
    190. 

  190.     // only the last two (ascii) chars for now
    191. 

  191.     int ircv = (rsa_result[dc-2]-48)*10 + (rsa_result[dc-1]-48);
    192. 

  192.     if( ircv != index )
    193. 

  193.       {
    194. 

  194. 	printf("\tnot correct token index received (%d), expected %d\n", 
    195. 

  195. 	       ircv, index);
    196. 

  196. 	printf("\trsa_result: %s \n", rsa_result);
    197. 

  197. 	return -1;
    198. 

  198.       }
    199. 

  199.     return 0;
    200. 

  200. }
    201. 

  201. 

  202. /* Some utils */
    203. 

  203. const char* reduced_lorauth_token(const unsigned char *token){
    204. 

  204.      static char red[8];
    205. 

  205.      if(strlen((char*)token)<4)
    206. 

  206.       {
    207. 

  207. 	strcpy(red, "none.");
    208. 

  208. 	return red;
    209. 

  209.       }
    210. 

  210.     else
    211. 

  211.       {
    212. 

  212. 	strncpy(red, (char*)token, 3);
    213. 

  213. 	strcpy(red+3, "..");
    214. 

  214. 	strncpy(red+5, (char*)token+(LORAUTH_CIPHER_LEN-2), 2);
    215. 

  215. 	return red;
    216. 

  216.       }
    217. 

  217. }
    218. 

  218. 

  219. void clean_cipher(unsigned char *buffered_cipher){
    220. 

  220.     memset(buffered_cipher, 0, 514);
    221. 

  221. }
    222. 

  222.