authen.c

采用非对称密钥加密方式的应用系统认证系统

  if ((MsgLen=HexToInt(Buf,MSGLEN_BYTES))<0) {
      CommonShow("Received a non hex string, ReadRemotePackage");
      return(-4);      
      }
   
  if ((n=Readn(ConnFd,Buf+MSGLEN_BYTES,MsgLen-MSGLEN_BYTES))<0) {
      CommonShow("ReadRemotePackage error when read lenth");
      return(-5);
  }
  else if (n==0) return(-6);
  return(n+MSGLEN_BYTES);
}
 
int SendRemotePakeage(int ConnFd, char *BufBack, int iLen)
{  
  int n;    
  fd_set ConnSet;
  struct timeval tvConnTimeOut;
  
  FD_ZERO(&ConnSet);
  FD_SET(ConnFd, &ConnSet); 
  tvConnTimeOut.tv_sec=TIME_OUT;
        
  if ((n=select(1,NULL,&ConnSet,NULL,&tvConnTimeOut))<=0) {
      CommonShow("select出错！SendRemotePakeage"); 
      return(-1);          
  } 
  
  /**/
  if ((n=send(ConnFd, BufBack, iLen, NULL))!=iLen) {
      CommonShow("SendRemotePackage error");
      return(-2);
      }
  return n;    
}
/************************************************************/ 
/*验证处理函数 
 *ReturnValue: 返回包的字节数                               */
/************************************************************/ 
int ProcessPackage(char *Buf, char *BufBack, int iMsgLen, char *ClientPublicKey, int *ClientPublicKeyReady) 
{
  char MsgType[3];
  char MsgBodyText[MAX_BUFFER_SIZE]; /*需要发送的未加密包体*/
  int  MsgBodyTextLen;
  char RecvText[MAX_BUFFER_SIZE];
  char SendText[MAX_BUFFER_SIZE];
  int  RecvTextLen;
  
  char foperator[7];
  char fpassword[26];
  char fdepart[8];
  char fareacode[2];
  char fgsmusername[11];
  char fgsmpassword[21];
  char fcdrusername[11];
  char fcdrpassword[21];
  char fipaddress[16];
  char fappname[21];
  char fprocessid[11];
  
  int  iLen;
  int  MsgLen;
  int  BodyLen;
  int  iStatus;
  char *pCur;
  char *Msg1="公钥交换长度不匹配！";
  char *Msg2="无法识别包类型!";
  char *Msg3="登录前应该交换公钥!";
  char *Msg4="登录数据包解密失败!";
  char *Msg5="十六进制转化出错！";
  char Msg8[80];char ReturnCode[5];
  
  strncpy(MsgType, Buf+4, 2); MsgType[2]=0;
  if (strcmp(MsgType, "EX")==0) {
      iLen=HexToInt(Buf+12, 4);
      if (iLen!=sizeof(ClientPublicKey)) {
          sprintf(MsgBodyText, "%4X", strlen(Msg1));
          memcpy(MsgBodyText+4, Msg1, strlen(Msg1));
          BodyLen=strlen(Msg1)+4;
          MsgLen=BuildPackage(BufBack, MsgBodyText, BodyLen, 1, "MG", "0007");
          }
      else {  
          memcpy(&ClientPublicKey, Buf+12+4, sizeof(ClientPublicKey));
          *ClientPublicKeyReady=1;
          /*返回共钥交换包*/      
          sprintf(MsgBodyText, "%4X", sizeof(ServerPublicKey));
          memcpy(MsgBodyText+4, &ServerPublicKey, sizeof(ServerPublicKey));      
          BodyLen=sizeof(ServerPublicKey)+4;
          MsgLen=BuildPackage(BufBack, MsgBodyText, BodyLen, 1, "EX", "0000");
      }
      /*EX end*/
  }
  else if (strcmp(MsgType, "RQ")==0) {          
          if (*ClientPublicKeyReady==1) {
              /*解密包体*/
              bzero(RecvText, MAX_BUFFER_SIZE);
              pthread_mutex_lock(&KeyMutex);
              iStatus=RSAPrivateDecrypt(RecvText, &RecvTextLen, Buf+12, iMsgLen-12, &ServerPrivateKey);
              pthread_mutex_unlock(&KeyMutex);
              if (iStatus==IDOK) {
                  /*取解密后的字段，RecvText*/
                  bzero(foperator,7);
                  bzero(fpassword,26);
                  bzero(fdepart,8);
                  bzero(fareacode,2);
                  bzero(fgsmusername,11);
                  bzero(fgsmpassword,21);
                  bzero(fcdrusername,11);
                  bzero(fcdrpassword,21);
                  bzero(fipaddress,16);
                  bzero(fappname,21);
                  bzero(fprocessid,11);
                  /*解开工号和口令等*/
                  pCur=RecvText;
                  if ((iLen=HexToInt(pCur, 4))<0) goto HexToIntError;
                  memcpy(foperator,pCur+4,iLen);foperator[6]=0;pCur=pCur+4+iLen;
                  if ((iLen=HexToInt(pCur, 4))<0) goto HexToIntError;
                  memcpy(fpassword,pCur+4,iLen);foperator[25]=0;pCur=pCur+4+iLen;
                  if ((iLen=HexToInt(pCur, 4))<0) goto HexToIntError;
                  memcpy(fipaddress,pCur+4,iLen);fipaddress[15]=0;pCur=pCur+4+iLen;
                  if ((iLen=HexToInt(pCur, 4))<0) goto HexToIntError;
                  memcpy(fappname,pCur+4,iLen);fappname[20]=0;pCur=pCur+4+iLen;
                  if ((iLen=HexToInt(pCur, 4))<0) goto HexToIntError;
                  memcpy(fprocessid,pCur+4,iLen);fprocessid[10]=0;pCur=pCur+4+iLen;
                  
                  /*访问数据库*/
                  pthread_mutex_lock(&DatabaseMutex);
                  iStatus=CheckOperator(foperator, fpassword, fdepart, fareacode, fgsmusername, fgsmpassword, fcdrusername, fcdrpassword);
                  pthread_mutex_unlock(&DatabaseMutex);      
                  if (iStatus!=0) {
                      if (iStatus==-1) {strcpy(Msg8, "口令不正确!"); strcpy(ReturnCode, "0001");}
                      if (iStatus==-2) {strcpy(Msg8, "用户名不存在!"); strcpy(ReturnCode, "0002");}
                      else             {strcpy(Msg8, "数据库错误!"); strcpy(ReturnCode, "0003");}
                      sprintf(MsgBodyText, "%4X", strlen(Msg8));
                      memcpy(MsgBodyText+4, Msg8, strlen(Msg8));
                      BodyLen=strlen(Msg8)+4;
                      MsgLen=BuildPackage(BufBack, MsgBodyText, BodyLen, 1, "MG", ReturnCode);                                         
                  }
                  else {
                      /*生成发送包体明文*/
                      bzero(SendText, MAX_BUFFER_SIZE);
                      pCur=SendText;
                      iLen=strlen(foperator);
                      sprintf(pCur, "%4X", iLen);
                      memcpy(pCur+4, foperator, iLen); pCur=pCur+4+iLen;                  
                      iLen=strlen(fpassword);
                      sprintf(pCur, "%4X", iLen);
                      memcpy(pCur+4, fpassword, iLen); pCur=pCur+4+iLen;                  
                      iLen=strlen(fdepart);
                      sprintf(pCur, "%4X", iLen);
                      memcpy(pCur+4, fdepart, iLen); pCur=pCur+4+iLen;                  
                      iLen=strlen(fareacode);
                      sprintf(pCur, "%4X", iLen);
                      memcpy(pCur+4, fareacode, iLen); pCur=pCur+4+iLen;                  
                      iLen=strlen(fgsmusername);
                      sprintf(pCur, "%4X", iLen);
                      memcpy(pCur+4, fgsmusername, iLen); pCur=pCur+4+iLen;                  
                      iLen=strlen(fgsmpassword);
                      sprintf(pCur, "%4X", iLen);
                      memcpy(pCur+4, fgsmpassword, iLen); pCur=pCur+4+iLen;                  
                      iLen=strlen(fcdrusername);
                      sprintf(pCur, "%4X", iLen);
                      memcpy(pCur+4, fcdrusername, iLen); pCur=pCur+4+iLen;
                      iLen=strlen(fcdrpassword);
                      sprintf(pCur, "%4X", iLen);
                      memcpy(pCur+4, fcdrpassword, iLen); pCur=pCur+4+iLen;
                      pCur=0;                 
                      /*加密包体*/
                      pthread_mutex_lock(&KeyMutex);
                      RSAPublicEncrypt(MsgBodyText, &MsgBodyTextLen, SendText, (pCur-SendText), ClientPublicKey, &randomStruct);
                      pthread_mutex_unlock(&KeyMutex);
                   
                      MsgLen=BuildPackage(BufBack, MsgBodyText, MsgBodyTextLen, 8, "RP", "0000");                              
                  }
              }
              else { /*登录数据包解密失败*/
                  sprintf(MsgBodyText, "%4X", strlen(Msg4));
                  memcpy(MsgBodyText+4, Msg4, strlen(Msg4));
                  BodyLen=strlen(Msg4)+4;
                  MsgLen=BuildPackage(BufBack, MsgBodyText, BodyLen, 1, "MG", "0009"); 
              }              
          }
          else {  /*0006：登录前应该交换公钥!*/                
              sprintf(MsgBodyText, "%4X", strlen(Msg3));
              memcpy(MsgBodyText+4, Msg3, strlen(Msg3));
              BodyLen=strlen(Msg3)+4;
              MsgLen=BuildPackage(BufBack, MsgBodyText, BodyLen, 1, "MG", "0006"); 
          } 
          /*RQ end*/          
      }
      else { /*处理其它类型数据包*/
          sprintf(MsgBodyText, "%4X", strlen(Msg2));
          memcpy(MsgBodyText+4, Msg2, strlen(Msg2));
          BodyLen=strlen(Msg2)+4;
          MsgLen=BuildPackage(BufBack, MsgBodyText, BodyLen, 1, "MG", "0008"); /*0008:无法识别包类型*/      
      } 
  return(MsgLen);
HexToIntError:
  sprintf(MsgBodyText, "%4X", strlen(Msg5));
  memcpy(MsgBodyText+4, Msg5, strlen(Msg5));
  BodyLen=strlen(Msg5)+4;
  MsgLen=BuildPackage(BufBack, MsgBodyText, BodyLen, 1, "MG", "0005"); /*0005:十六进制转化出错*/      
  return(MsgLen);  
}

/************************************************************/ 
/*验证处理函数 
 *ReturnValue: 返回包的字节数                               */
/************************************************************/ 
int BuildPackage(char *BufBack, char *MsgBodyText, char *MsgType, int MsgBodyLen, int FieldsCount, char *ReturnCode) 
{
  char Msg[40];
  if (MsgBodyLen >= (MAX_BUFFER_SIZE-12)) {
      strcpy (Msg, "数据包溢出！");  
      sprintf(MsgBodyText, "%4X", strlen(Msg));
      strcpy (MsgBodyText+4, Msg);  
      strcpy (MsgType, "MG");
      MsgBodyLen=4+strlen(Msg);
      FieldsCount=1;
      strcpy(ReturnCode, "0004");
  }
  sprintf(BufBack, "%4X", MsgBodyLen+12);
  memcpy (BufBack+4, MsgType, 2);
  sprintf(BufBack+6, "%2X", FieldsCount);
  memcpy (BufBack+8, ReturnCode, 4);
  memcpy (BufBack+12,MsgBodyText,MsgBodyLen);
}
/************************************************************/