authentication.c

rsh身份验证

#include <windows.h>
#include <stdio.h>
#include <malloc.h>
#include <string.h>
#include "BigInt.h"
#include "blowfish.h"
#include "sha.h"
#include "Authentication.h"
#include "Communication.h"


int main()
{
	unsigned char *h;
		
	SOCKET ClientSock;
	char DefaultIPAddr[] = "210.30.102.196";
	
	if ((ClientSock=CommInit(DefaultIPAddr))==-1)
	{
		printf("Connecting Server Failed!");
		return -1;
	}
	h = DoAuth(ClientSock);
	return 0;
}

void fill(char *str, int count)
{
	int i=0;
	while (str[i]!='\0')
		i++;
	while (i<count)
	{
		str[i++]=' ';
	}
}


unsigned char* DoAuth(SOCKET sd)
{
	BLOWFISH_CTX ctx;
	char buf[100];
	char authen[21];
	char pw[17];
	char A[17];
	char B[17];
	char pw_hash[41];
	sBigInt p, g, g_x, x, g_y, y, g_yx;
	unsigned long gyx[4], gy[4];
	int i=0;
	unsigned char h[41]="";
	char ABgyx[49]="";
	
	BigIntInit(&g);
	BigIntInit(&g_x);
	BigIntInit(&x);
	BigIntInit(&y);
	BigIntInit(&g_y);
	BigIntInit(&g_yx);
	g_x = GetSessionKey(&x, &p);
	
	printf("%s", "Username(equal to or less than 16): ");
	scanf("%s", buf);
	while(strlen(buf) > 16)
	{
		printf("%s", "\nUsername must be equal to or less than 16!\nUsername:\n ");
		scanf("%s", buf);
	}
	strncpy(A, buf, 16);

	
	printf("%s", "Password(equal to or less than 16): ");
	scanf("%s", buf);
	while(strlen(buf) > 16)
	{
		printf("%s", "\nPassword must be equal to or less than 16!\nPassword: ");
		scanf("%s", buf);
	}
// 	buf[0]=getch();
//	while(buf[i]!='\r')
//	{
//		if(buf[i]=='\b') {printf("\b \b"); i--;}
//		else printf("*");
//		buf[++i]=getch();
//	}
//	buf[++i]='\0';
//	while(i > 16)
//	{
//		printf("%s", "\nPassword must be equal to or less than 16!\nPassword: ");
//		i=0;
//		buf[i]=getch();
//		while(buf[i]!='\r')
//		{
//			if(buf[i]=='\b') {printf("\b \b"); i--;}
//			else printf("*");
//			buf[++i]=getch();
//		}
//		buf[++i]='\0';
//		
//	}
	strncpy(pw, buf, 16);

	/*H(pw#a)*/
	shaDriver(pw, pw_hash);
//	printf("\n%s\n", pw_hash);
//	printf("gx:%x %x %x %x\n",g_x.m_ulValue[3],g_x.m_ulValue[2],g_x.m_ulValue[1],g_x.m_ulValue[0]);

	/*E(H(pw#a), gx)*/
	Blowfish_Init (&ctx, (unsigned char*)pw_hash, 40);
	Blowfish_Encrypt(&ctx, &g_x.m_ulValue[0], &g_x.m_ulValue[1]);
	Blowfish_Encrypt(&ctx, &g_x.m_ulValue[2], &g_x.m_ulValue[3]);

	/*分别发送A的用户名和E(H(pw#a), gx)*/
	fill(A, 16);
//	printf("gx_Encrypted:%x %x %x %x\n", g_x.m_ulValue[3],g_x.m_ulValue[2],g_x.m_ulValue[1],g_x.m_ulValue[0]);
	
	writen(sd, A, 16);
	writen(sd, g_x.m_ulValue, 16);

	/*接受B的名字和E(H(pw#a), gy)*/
	if(readn(sd, B, 16)==0)
		printf("read failed!");
//	printf("B:%s\n", B);
	if(readn(sd, gy, 16)==0)
		printf("read failed!");
	for (i=0;i<4;i++)
	{
		g_y.m_ulValue[i]=gy[i];
	}
	g_y.m_nLength=4;
//	printf("gy:%x %x %x %x\n",g_y.m_ulValue[3],g_y.m_ulValue[2],g_y.m_ulValue[1],g_y.m_ulValue[0]);
	/*解密gy*/
	Blowfish_Decrypt(&ctx, &g_y.m_ulValue[0], &g_y.m_ulValue[1]);
	Blowfish_Decrypt(&ctx, &g_y.m_ulValue[2], &g_y.m_ulValue[3]);
	/*求gyx*/
//	printf("gy_decrypted:%x %x %x %x\n",g_y.m_ulValue[3],g_y.m_ulValue[2],g_y.m_ulValue[1],g_y.m_ulValue[0]);
//	printf("x:%x %x %x %x\n",x.m_ulValue[3],x.m_ulValue[2],x.m_ulValue[1],x.m_ulValue[0]);
//	printf("p:%x %x %x %x\n",p.m_ulValue[3],p.m_ulValue[2],p.m_ulValue[1],p.m_ulValue[0]);

	g_yx = RsaTrans(&g_y, x, p);
//	printf("gyx:%x %x %x %x\n",g_yx.m_ulValue[3],g_yx.m_ulValue[2],g_yx.m_ulValue[1],g_yx.m_ulValue[0]);
	
	for (i = 0; i < 4; i++)
		gyx[i] = g_yx.m_ulValue[i];
	
	strncat(ABgyx, (const char*)A, 16);
	ABgyx[16]='\0';
	strncat(ABgyx, (const char*)B, 16);
	ABgyx[32]='\0';
	strncat(ABgyx, (const char*)gyx, 16);
	ABgyx[48]='\0';
//	printf("ABgyx:%s\n",ABgyx);
	
	shaDriver(ABgyx, h);
// 	printf("h:%s\n",h);
	writen(sd, h, 40);

	readn(sd,buf,20);
	strncpy(authen,buf,7);
	if (strcmp(authen,"succeed"))
		return NULL;
	else
		return h;
}