From 743ceef54fbd68c872cf8a7e9a7f1d51f87d09c5 Mon Sep 17 00:00:00 2001 From: Saturneic Date: Mon, 11 Feb 2019 19:11:04 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E4=B8=8E=E6=B7=BB=E5=8A=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 一些功能的问题进行了修复工作,编写了端对端加密报文的内容。 --- include/rsa.h | 4 +- include/server.h | 26 +++++++----- src/controller.cpp | 5 ++- src/rsa.cpp | 22 ++++------ src/server.cpp | 101 +++++++++++++++++++++++++++++---------------- 5 files changed, 93 insertions(+), 65 deletions(-) diff --git a/include/rsa.h b/include/rsa.h index 84bfd16..d9c016c 100755 --- a/include/rsa.h +++ b/include/rsa.h @@ -25,12 +25,12 @@ void rsa_gen_keys(struct public_key_class *pub, struct private_key_class *priv, // This function will encrypt the data pointed to by message. It returns a pointer to a heap // array containing the encrypted data, or NULL upon failure. This pointer should be freed when // you are finished. The encrypted data will be 8 times as large as the original data. -long long *rsa_encrypt(const unsigned char *message, const unsigned long message_size, const struct public_key_class *pub); +uint64_t *rsa_encrypt(const unsigned char *message, const unsigned long message_size, const struct public_key_class *pub); // This function will decrypt the data pointed to by message. It returns a pointer to a heap // array containing the decrypted data, or NULL upon failure. This pointer should be freed when // you are finished. The variable message_size is the size in bytes of the encrypted message. // The decrypted data will be 1/8th the size of the encrypted data. -unsigned char *rsa_decrypt(const long long *message, const unsigned long message_size, const struct private_key_class *pub); +unsigned char *rsa_decrypt(const uint64_t *message, const unsigned long message_size, const struct private_key_class *pub); #endif diff --git a/include/server.h b/include/server.h index b4a6232..8f94a46 100644 --- a/include/server.h +++ b/include/server.h @@ -95,15 +95,6 @@ public: ~packet(); }; -//注册客户端管理 -struct client_register{ -// 客户端id - uint64_t client_id; -// 通信密钥 - rng::rng128 key; - -}; - //带标签的二进制串管理结构 class raw_data{ public: @@ -153,6 +144,7 @@ struct aes_key256{ // 生成新的随机密钥 aes_key256(); const uint8_t *GetKey(void); + }; //UDP分包 @@ -191,6 +183,17 @@ struct box_listener{ void free_boxs(void); }; +//注册客户端管理 +struct client_register{ +// 客户端id + uint64_t client_id; +// 通信密钥 + aes_key256 key; + string name; + string tag; + uint32_t clicks; +}; + //通用服务器类 class Server{ protected: @@ -271,7 +274,7 @@ protected: // 请求数据包 list req_list; // 注册客户端管理 - list client_lst; + map client_lst; // 加密端对端报文 listpost_lst; public: @@ -285,8 +288,10 @@ public: static void Post2Packet(packet &pkt, encrypt_post &pst, aes_key256 &key); static void Packet2Post(packet &pkt, encrypt_post &pst, aes_key256 &key); + static void GetPostInfo(packet &pkt, encrypt_post &pst); }; +//通用客户端类 class Client{ // 请求监听列表 list req_lst; @@ -325,7 +330,6 @@ public: friend void *clientRespondDeamon(void *); // 友元客户端控制器 friend int client(string instruct, vector &configs, vector &lconfigs, vector &targets); - }; //设置服务器守护线程的时钟 diff --git a/src/controller.cpp b/src/controller.cpp index 18c81ef..014812a 100644 --- a/src/controller.cpp +++ b/src/controller.cpp @@ -369,9 +369,10 @@ int client(string instruct, vector &configs, vector &lconfigs, v StringBuffer strbuff; Writer writer(strbuff); reqdata.Accept(writer); - + string json_str = strbuff.GetString(); + printf("JSON: %s\n",json_str.data()); // 已获得主广场服务器的密钥,进行启动客户端守护进程前的准备工作 - nclt.NewRequest(&preq, msqe_ip, msqe_port, "client-register request", strbuff.GetString(), true); + nclt.NewRequest(&preq, msqe_ip, msqe_port, "client-register request", json_str, true); nclt.NewRequestListener(preq, 9999, psql,registerSQECallback); if_wait = 1; diff --git a/src/rsa.cpp b/src/rsa.cpp index 1095b28..0b6ba83 100755 --- a/src/rsa.cpp +++ b/src/rsa.cpp @@ -139,13 +139,10 @@ void rsa_gen_keys(struct public_key_class *pub, struct private_key_class *priv, } -long long *rsa_encrypt(const unsigned char *message, const unsigned long message_size, - const struct public_key_class *pub) -{ - int64_t *encrypted = (int64_t *) malloc(sizeof(int64_t)*message_size); +uint64_t *rsa_encrypt(const unsigned char *message, const unsigned long message_size,const struct public_key_class *pub){ + uint64_t *encrypted = (uint64_t *) malloc(sizeof(int64_t)*message_size); if(encrypted == NULL){ - fprintf(stderr, - "Error: Heap allocation failed.\n"); + fprintf(stderr, "Error: Heap allocation failed.\n"); return NULL; } long long i = 0; @@ -156,26 +153,23 @@ long long *rsa_encrypt(const unsigned char *message, const unsigned long message } -unsigned char *rsa_decrypt(const long long *message, - const unsigned long message_size, - const struct private_key_class *priv) -{ - if(message_size % sizeof(long long) != 0){ +unsigned char *rsa_decrypt(const uint64_t *message, const unsigned long message_size, const struct private_key_class *priv){ + if(message_size % sizeof(uint64_t) != 0){ fprintf(stderr, "Error: message_size is not divisible by %d, so cannot be output of rsa_encrypt\n", (int)sizeof(long long)); return NULL; } // We allocate space to do the decryption (temp) and space for the output as a char array // (decrypted) - unsigned char *decrypted = (unsigned char *) malloc(message_size/sizeof(long long)); - char *temp = (char *) malloc(message_size); + unsigned char *decrypted = (unsigned char *) malloc(message_size/sizeof(uint64_t)); + unsigned char *temp = (unsigned char *) malloc(message_size); if((decrypted == NULL) || (temp == NULL)){ fprintf(stderr, "Error: Heap allocation failed.\n"); return NULL; } // Now we go through each 8-byte chunk and decrypt it. - long long i = 0; + uint64_t i = 0; for(i=0; i < message_size/8; i++){ temp[i] = rsa_modExp(message[i], priv->exponent, priv->modulus); } diff --git a/src/server.cpp b/src/server.cpp index 8e86245..72016fd 100644 --- a/src/server.cpp +++ b/src/server.cpp @@ -15,7 +15,7 @@ extern rng::rng128 rand128; -pthread_mutex_t mutex,mutex_rp,mutex_pktreq,mutex_sndpkt,mutex_box; +pthread_mutex_t mutex,mutex_rp,mutex_pktreq,mutex_sndpkt,mutex_box,mutex_cltreg; void setServerClock(Server *psvr, int clicks){ if(!clicks) throw "clock clicks error"; @@ -72,12 +72,13 @@ void setServerClock(Server *psvr, int clicks){ pncr->rawclick = clicks*2.5+1; pncr->func = boxsCleaningProcessorDeamon; pncr->arg = (void *)psvr; - //newClock(pncr); + newClock(pncr); } void setServerClockForSquare(SQEServer *psvr, int clicks){ setServerClock(psvr, clicks); pthread_mutex_init(&mutex_pktreq, NULL); + pthread_mutex_init(&mutex_cltreg, NULL); // 注册标准数据包处理守护时钟 clock_register *pncr = new clock_register(); pncr->if_thread = true; @@ -265,10 +266,6 @@ void Client::SendRawData(raw_data *trdt){ uint64_t aidx = 0,bidx = 0; int64_t alls = trdt->msg_size; uint64_t tmp_cnt = (trdt->msg_size/256), tmp_idx = 0; - printf("MSG_LEN: %lu\n",trdt->msg_size); - string md5; - MD5EncryptEasy(md5, trdt->msg, trdt->msg_size); - printf("MD5: %s\n",md5.data()); while(bidx < trdt->msg_size-1){ alls -= 256; if(alls > 256) bidx = aidx+255; @@ -280,7 +277,6 @@ void Client::SendRawData(raw_data *trdt){ nnb.idx = tmp_idx; UByte *f_byte = (UByte *)&trdt->msg[aidx]; nnb.set(f_byte,bidx-aidx+1); - //printf("BOX_SIZE: %lu",bidx-aidx+1); nnb.build(); send_socket.SendRAW((Byte *)nnb.send_data, nnb.sdt_size); @@ -296,22 +292,22 @@ int Server::SentRawdata(struct raw_data *trdt){ if(trdt->msg_size > 256){ uint64_t aidx = 0,bidx = 0; int64_t alls = trdt->msg_size; - uint64_t tmp_cnt = trdt->msg_size/256, tmp_idx = 0; - printf("MSG_SIZE: %lu\n",trdt->msg_size); - while(alls > 0){ - if((alls-256) > 256) bidx = aidx+256; - else bidx = trdt->msg_size; + uint64_t tmp_cnt = (trdt->msg_size/256), tmp_idx = 0; + while(bidx < trdt->msg_size-1){ + alls -= 256; + if(alls > 256) bidx = aidx+255; + else bidx = trdt->msg_size-1; // 构造UDP分包 net_box nnb; - UByte *f_byte = (UByte *)&trdt->msg[aidx], *b_byte = (UByte *)&trdt->msg[bidx]; nnb.b_id = trdt->r_id; nnb.cnt = tmp_cnt; nnb.idx = tmp_idx; - nnb.set(f_byte, b_byte-f_byte+1); + UByte *f_byte = (UByte *)&trdt->msg[aidx]; + nnb.set(f_byte,bidx-aidx+1); + nnb.build(); send_socket.SendRAW((Byte *)nnb.send_data, nnb.sdt_size); aidx = bidx+1; - alls -= 256; tmp_idx++; } } @@ -366,14 +362,14 @@ void Server::ProcessSignedRawMsg(char *p_rdt, ssize_t size, raw_data &rdt){ void Server::DecryptRSARawMsg(raw_data &rdt, private_key_class &pkc){ UByte *p_data = rdt.data; - rdt.data = rsa_decrypt((const long long *) p_data, rdt.size, &pkc); + rdt.data = rsa_decrypt((const uint64_t *) p_data, rdt.size, &pkc); rdt.size /= 8; free(p_data); } void Server::EncryptRSARawMsg(raw_data &rdt, public_key_class &pkc){ UByte *p_data = rdt.data; - rdt.data = (unsigned char *)rsa_encrypt((const unsigned char *)p_data, rdt.size, &pkc); + rdt.data = (UByte *)rsa_encrypt((const UByte *)p_data, rdt.size, &pkc); rdt.size *= 8; free(p_data); } @@ -395,7 +391,6 @@ void *serverDeamon(void *pvcti){ if(tlen > 0){ // 记录UDP分包 if(Server::CheckNetBox(str, tlen)){ - //printf("BOX_STRING_LEN: %llu\n",tlen); net_box *pnbx = new net_box(); Server::ProcessNetBox(*pnbx, str); auto pnbxl_itr = psvr->boxls.end(); @@ -426,7 +421,6 @@ void *serverDeamon(void *pvcti){ if (pthread_mutex_lock(&mutex_box) != 0) throw "lock error"; psvr->boxls.insert({pnbxl->b_id,pnbxl}); pthread_mutex_unlock(&mutex_box); - printf("New NetBox Listener. %lu\n",psvr->boxls.size()); } @@ -467,13 +461,11 @@ void *boxProcessorDeamon(void *pvcti){ for(auto boxl_pair : psvr->boxls){ box_listener *pboxl = boxl_pair.second; if(pboxl->clicks < 0) continue; - printf("PBOXL: %u/%u\n",pboxl->nbn,pboxl->cnt); if(pboxl->cnt == pboxl->nbn){ raw_data *pnrdt = new raw_data(); pboxl->TogtRawData(*pnrdt); pnrdt->r_id = pboxl->b_id; psvr->rawdata_in.push_back(pnrdt); - printf("NetBox Completed.\n"); pboxl->clicks = -1; pboxl->free_boxs(); } @@ -490,7 +482,6 @@ void *boxProcessorDeamon(void *pvcti){ for(auto i = psvr->boxls.begin(); i != psvr->boxls.end();){ if(i->second->clicks == -1){ delete i->second; - printf("Delete NetBox Listener.\n"); i = psvr->boxls.erase(i); } @@ -579,8 +570,7 @@ void Server::ProcessRawData(void){ } // 编码加密包 else if(!memcmp(&prdt->info, "RPKT", sizeof(uint32_t))){ - printf("GET:RPKT!!!\n"); - /*if (pthread_mutex_lock(&mutex_rp) != 0) throw "lock error"; + if (pthread_mutex_lock(&mutex_rp) != 0) throw "lock error"; packet *pnpkt = new packet(); // 标记数据已被加密 pnpkt->if_encrypt = true; @@ -589,7 +579,7 @@ void Server::ProcessRawData(void){ pnpkt->address = prdt->address; packets_in.push_back(pnpkt); // 解锁 - pthread_mutex_unlock(&mutex_rp);*/ + pthread_mutex_unlock(&mutex_rp); } else{ @@ -623,6 +613,15 @@ void SQEServer::ProcessPacket(void){ req_list.push_back(pnreq); pthread_mutex_unlock(&mutex_pktreq); } + if(ppkt->type == ENCRYPT_POST_TYPE){ + encrypt_post *ecpst = new encrypt_post(); + GetPostInfo(*ppkt, *ecpst); + auto tgtclt = client_lst.find(ecpst->client_id); + if(tgtclt != client_lst.end()){ + client_register *pclr = tgtclt->second; + Packet2Post(*ppkt, *ecpst, pclr->key); + } + } freePcaketServer(*ppkt); delete ppkt; ppkt = nullptr; @@ -658,10 +657,12 @@ SQEServer::SQEServer(int port):Server(port){ void SQEServer::Packet2Request(packet &pkt, request &req){ if(pkt.type == REQUSET_TYPE){ req.r_id = *(uint64_t *)pkt.buffs[0].second; - req.type = (const char *)pkt.buffs[1].second; - req.data = (const char *)pkt.buffs[2].second; - req.t_addr = Addr(*(struct sockaddr_in *)pkt.buffs[3].second); - req.recv_port = *(uint32_t *)pkt.buffs[4].second; + uint64_t type_size = *(uint64_t *)pkt.buffs[1].second; + req.type = string((const char *)pkt.buffs[2].second,type_size); + uint64_t data_size = *(uint64_t *)pkt.buffs[3].second; + req.data = string((const char *)pkt.buffs[4].second,data_size); + req.t_addr = Addr(*(struct sockaddr_in *)pkt.buffs[5].second); + req.recv_port = *(uint32_t *)pkt.buffs[6].second; } } @@ -669,11 +670,15 @@ void SQEServer::Request2Packet(packet &pkt, request &req){ pkt.address = *req.t_addr.Obj(); // 请求的类型标识号 pkt.type = REQUSET_TYPE; - pkt.AddBuff((void *)&req.r_id, sizeof(rng::rng64)); - pkt.AddBuff((void *)req.type.data(), (uint32_t)req.type.size()); - pkt.AddBuff((void *)req.data.data(), (uint32_t)req.data.size()); - pkt.AddBuff((void *)req.t_addr.Obj(), sizeof(struct sockaddr_in)); - pkt.AddBuff((void *)&req.recv_port, sizeof(uint32_t)); + pkt.AddBuff((void *)&req.r_id, sizeof(uint64_t));//0 + uint64_t type_size = req.type.size(); + pkt.AddBuff((void *)&type_size, sizeof(uint64_t));//1 + pkt.AddBuff((void *)req.type.data(), (uint32_t)req.type.size());//2 + uint64_t data_size = req.data.size(); + pkt.AddBuff((void *)&data_size, sizeof(uint64_t));//3 + pkt.AddBuff((void *)req.data.data(), (uint32_t)req.data.size());//4 + pkt.AddBuff((void *)req.t_addr.Obj(), sizeof(struct sockaddr_in));//5 + pkt.AddBuff((void *)&req.recv_port, sizeof(uint32_t));//6 } void packet::AddBuff(const void *pbuff, uint32_t size){ @@ -707,7 +712,25 @@ void SQEServer::ProcessRequset(void){ } } else if(preq->type == "client-register request"){ - printf("Get!"); +// 解析JSON结构 + preq->req_doc.Parse(preq->data.data()); + Document &jdoc = preq->req_doc; + if(1){ + client_register *pclr = new client_register(); + pclr->client_id = rand64(); + uint8_t *pkey = (uint8_t *) pclr->key.key; + uint32_t idx = 0; + for(auto &kitem : jdoc["key"].GetArray()) + pkey[idx++] = kitem.GetInt(); + + pclr->name = jdoc["name"].GetString(); + pclr->tag = jdoc["tag"].GetString(); + if(pthread_mutex_lock(&mutex_cltreg) != 0) throw "lock error"; + client_lst.insert({pclr->client_id,pclr}); + pthread_mutex_unlock(&mutex_cltreg); + } + + } delete preq; preq = nullptr; @@ -805,6 +828,13 @@ void SQEServer::Post2Packet(packet &pkt, encrypt_post &pst, aes_key256 &key){ pkt.AddBuff((void *)MD5_HEX.data(), (uint32_t)MD5_HEX.size());//5 } +void SQEServer::GetPostInfo(packet &pkt, encrypt_post &pst){ + pst.client_id = *(uint64_t *)pkt.buffs[0].second; + pst.p_id = *(uint64_t *)pkt.buffs[1].second; + pst.ip = (const char *)pkt.buffs[2].second; + pst.port = *(uint32_t *)pkt.buffs[3].second; +} + void SQEServer::Packet2Post(packet &pkt, encrypt_post &pst, aes_key256 &key){ pst.client_id = *(uint64_t *)pkt.buffs[0].second; pst.p_id = *(uint64_t *)pkt.buffs[1].second; @@ -901,7 +931,6 @@ void box_listener::TogtRawData(raw_data &trdt){ } Byte *pbyt = (Byte *)malloc(msg_size); Byte *idx = pbyt; - printf("MSG_SIZE: %u\n",msg_size); for(int i = 0; i < cnt; i++){ net_box *pnb = boxs[i]; memcpy(idx, pnb->data, pnb->data_size);