一、概述
针对客户端发起的end请求,服务端应作出对应的响应,本文重点介绍服务端解析end请求的过程及构造响应消息的过程。
二、源码分析
这一模块的源码位于:/base/security/deviceauth。
1. 首先解析收到的消息数据:parse_pake_client_confirm函数。
scss
/*
函数功能:解析pake客户端confirm消息
函数参数:
payload:消息负载部分
data_type:数据类型
函数返回值:
返回pake_end_request_data结构的confirm消息
*/
void *parse_pake_client_confirm(const char *payload, enum json_object_data_type data_type)
{
struct pake_end_request_data *pake_client_confirm =
(struct pake_end_request_data *)MALLOC(sizeof(struct pake_end_request_data));//申请pake_end_request_data结构体空间
if (pake_client_confirm == NULL) {
return NULL;
}
(void)memset_s(pake_client_confirm, sizeof(*pake_client_confirm), 0, sizeof(*pake_client_confirm));//清空该空间
json_pobject obj = parse_payload(payload, data_type);//如果消息负载为json格式的字符串,则将json格式的数据解析成cjson结构体对象
if (obj == NULL) {
LOGE("Parse Pake Client Confirm parse payload failed");
goto error;
}
/* challenge */
int32_t result = byte_convert(obj, FIELD_CHALLENGE, pake_client_confirm->challenge.challenge,
&pake_client_confirm->challenge.length, CHALLENGE_BUFF_LENGTH);//获取challenge值,字节转换函数,将十六进制字符串转换为byte数组
if (result != HC_OK) {
LOGE("Parse Pake Client Confirm failed, field is null in challenge");
goto error;
}
/* kcfData */
result = byte_convert(obj, FIELD_KCF_DATA, pake_client_confirm->kcf_data.hmac,
&pake_client_confirm->kcf_data.length, HC_HMAC_LEN);//获取kcfData,字节转换函数,将十六进制字符串转换为byte数组
if (result != HC_OK) {
LOGE("Parse Pake Client Confirm failed, field is null in kcfData");
goto error;
}
/* epk */
result = byte_convert(obj, FIELD_EPK, pake_client_confirm->epk.epk,
&pake_client_confirm->epk.length, PAKE_EPK_LENGTH);//获取epk,字节转换函数,将十六进制字符串转换为byte数组
if (result != HC_OK) {
LOGE("Parse Pake Client Confirm failed, field is null in epk");
goto error;
}
free_payload(obj, data_type);
return (void *)pake_client_confirm;
error:
free_payload(obj, data_type);
FREE(pake_client_confirm);
return NULL;
}
2. 然后调用函数proc_pake_request_message处理数据。
rust
/*
函数功能:处理pake请求消息
函数参数:
handle:hichain实例
nav:消息头分析导航
receive:接收的消息
send:待发送消息地址
函数返回值:
成功:0
失败:error
*/
static int32_t proc_pake_request_message(struct hichain *handle, struct header_analysis *nav,
struct message *receive, struct message *send)
#if !(defined(_CUT_PAKE_) || defined(_CUT_PAKE_SERVER_))
{
DBG_OUT("Object %u proc pake %d request message", pake_server_sn(handle->pake_server), nav->msg_type);
int32_t ret;
if (nav->msg_type == PAKE_START_MSG) {//如果是start请求
ret = send_pake_start_response(handle->pake_server, receive, send);//针对start请求构造发送响应消息
} else if (nav->msg_type == PAKE_END_MSG) {//如果是end请求
ret = send_pake_end_response(handle->pake_server, receive, send);//针对end请求发送响应消息
if (ret == HC_OK) {
handle->cb.set_session_key(&handle->identity, &handle->pake_server->service_key);//设置会话密钥为service_key
(void)memset_s(handle->pake_server->service_key.session_key, HC_SESSION_KEY_LEN, 0, HC_SESSION_KEY_LEN);//清空会话密钥空间
}
} else {
return HC_UNKNOW_MESSAGE;
}
return ret;
}
3. 根据消息类型为PAKE_END_MSG,应执行send_pake_end_response函数,针对end请求发送响应消息。
scss
/*
函数功能:准备待发送的end响应数据
函数参数:
pake_server:pake服务端对象
receive:接收到的消息
send:待发送的数据缓冲区地址
函数返回值:
成功:0
失败:error num
*/
int32_t send_pake_end_response(struct pake_server *pake_server, struct message *receive, struct message *send)
{
check_ptr_return_val(pake_server, HC_INPUT_ERROR);//检查参数有效性
check_ptr_return_val(receive, HC_INPUT_ERROR);
check_ptr_return_val(send, HC_INPUT_ERROR);
DBG_OUT("Receive pake end request message object %u success", pake_server_sn(pake_server));
struct pake_end_request_data *receive_data = receive->payload;//用pake_end_request_data结构接收消息负载
struct pake_end_response_data *send_data =
(struct pake_end_response_data *)MALLOC(sizeof(struct pake_end_response_data));//申请待发送的数据缓冲结构pake_end_response_data空间
if (send_data == NULL) {
LOGE("Malloc struct pake_end_response_data failed");
send->msg_code = INFORM_MESSAGE;
return HC_MALLOC_FAILED;
}
(void)memset_s(send_data, sizeof(*send_data), 0, sizeof(*send_data));//清空该结构体空间
int32_t ret = send_end_response(pake_server, receive_data, send_data);//构造end响应数据,保存到send_data结构体中
if (ret != HC_OK) {//失败
LOGE("Object %u called send_end_response failed, error code is %d", pake_server_sn(pake_server), ret);
FREE(send_data);
send_data = NULL;
send->msg_code = INFORM_MESSAGE;
} else {//成功
LOGI("Object %u called send_end_response success", pake_server_sn(pake_server));
send->msg_code = PAKE_SERVER_CONFIRM_RESPONSE;//设置消息码为:PAKE_SERVER_CONFIRM_RESPONSE
send->payload = send_data//将准备好的消息数据负载赋值给待发送的消息send
}
return ret;
}
4. send_end_response函数,发送end响应消息,首先解析end请求数据,然后构造end响应消息。
scss
/*
函数功能:发送end响应消息,首先解析end请求数据,然后构造end响应消息
函数参数:
handle:句柄,可用相关结构体获取
receive_data:接收的数据
send_data:待发送数据地址
函数返回值:
成功:0
失败:error
*/
int32_t send_end_response(void *handle, void *receive_data, void *send_data)
{
check_ptr_return_val(handle, HC_INPUT_ERROR);//检查参数有效性
check_ptr_return_val(receive_data, HC_INPUT_ERROR);
check_ptr_return_val(send_data, HC_INPUT_ERROR);
struct key_agreement_server *server = handle;//以密钥协商服务端对象接收该对象
struct key_agreement_protocol *base = &server->protocol_base_info;//赋值协议基础信息
DBG_OUT("Object %u begin receive end request data and send end response data", base->sn);
if (is_state_error(server, SEND_END_RESPONSE)) {//判断协议状态是否错误
LOGE("Object %u state error", base->sn);
return PROTOCOL_STATE_ERROR;
}
const struct server_virtual_func_group *funcs = &server->package_funcs;//赋值服务端打包函数
int32_t ret = funcs->parse_end_request_data(handle, receive_data);//执行解析函数解析end请求数据
if (ret != HC_OK) {//解析失败
set_state(base, PROTOCOL_ERROR);
LOGE("Object %u parse end request data failed, error code is %d", base->sn, ret);
return ret;
}
ret = funcs->build_end_response_data(handle, send_data);//调用回调函数构造end响应消息
if (ret != HC_OK) {
set_state(base, PROTOCOL_ERROR);
LOGE("Object %u build end response data failed, error code is %d", base->sn, ret);
return ret;
}
set_state(base, PROTOCOL_FINISH);//设置协议状态为:PROTOCOL_FINISH
set_last_time_sec(base);//设置上一次的时间
DBG_OUT("Object %u receive end request data send end response data succcess", base->sn);
return HC_OK;
}
5. 在函数send_end_response中首先执行回调函数parse_end_request_data进一步解析end请求数据。
rust
/*
函数功能:解析end请求数据
函数参数:
handle:pake服务端对象
receive_data:接收数的消息数据
函数返回值:
成功:0
失败:error num
*/
static int32_t parse_end_request_data(void *handle, void *receive_data)
{
struct pake_server *pake_server = handle;//接收对象
struct pake_end_request_data *data = receive_data;//接收数据
DBG_OUT("Object %u begin parse PAKE end request data", pake_server_sn(pake_server));
pake_server->peer_challenge = data->challenge;//赋值pake服务端对象的对端challenge值
int32_t ret = generate_session_key(pake_server, &data->epk);//根据对端epk和本端esk生成服务端会话密钥保存在pake服务端对象中
if (ret != HC_OK) {
LOGE("Object %u generate session key failed", pake_server_sn(pake_server));
return ret;
}
if (verify_proof_is_ok(pake_server, &data->kcf_data) != true) {//验证对端proof是否ok
LOGE("Object %u verify proof failed", pake_server_sn(pake_server));
return HC_VERIFY_PROOF_FAILED;
}
generate_output_key(pake_server);//生成服务端output密钥
return HC_OK;
}
/*
函数功能:生成pake服务端会话密钥
函数参数:
pake_server:pake服务端对象
peer_epk:对端epk
函数返回值:
成功:0
失败:error num
*/
static int32_t generate_session_key(struct pake_server *pake_server, struct epk *peer_epk)
{
struct pake_shared_secret shared_secret = { 0, {0} };//定义共享密钥
uint32_t prime_len = (pake_server->prime_type == NUM_LEN_384) ?
HC_BIG_PRIME_MAX_LEN_384 : HC_BIG_PRIME_MAX_LEN_256;//获取素数长度
int32_t ret = cal_bignum_exp((struct var_buffer *)peer_epk, (struct var_buffer *)&pake_server->self_esk,
prime_len, (struct big_num *)&shared_secret);//根据对端的epk和本端的esk计算大素数指数作为共享密钥shared_secret
if (ret != HC_OK) {
LOGE("Object %u generate shared secret failed, error code is %d", pake_server_sn(pake_server), ret);
goto error;
}
struct hkdf hkdf = { 0, {0} };//hkdf派生密钥
ret = compute_hkdf((struct var_buffer *)&shared_secret, &pake_server->salt,
HICHAIN_SPEKE_SESSIONKEY_INFO, HC_HKDF_SECRET_LEN, (struct var_buffer *)&hkdf);//基于HKDF算法的密钥派生函数,根据密钥派生种子和salt值计算出派生密钥保存在secret中
if (ret != HC_OK) {
LOGE("Object %u generate hkdf failed, error code is %d", pake_server_sn(pake_server), ret);
goto error;
}
(void)memcpy_s(pake_server->session_key.key, sizeof(pake_server->session_key.key),
hkdf.hkdf, PAKE_SESSION_KEY_LENGTH);//将计算出来的hkdf派生密钥拷贝给pake服务端的会话密钥
(void)memcpy_s(pake_server->hmac_key.key, sizeof(pake_server->hmac_key.key),
hkdf.hkdf + PAKE_SESSION_KEY_LENGTH, PAKE_HMAC_KEY_LENGTH);//将计算出来的"hkdf派生密钥+会话密钥长度"拷贝给pake服务端的HMAC密钥
pake_server->session_key.length = PAKE_SESSION_KEY_LENGTH;//会话密钥长度
pake_server->hmac_key.length = PAKE_HMAC_KEY_LENGTH;//HMAC密钥长度
return HC_OK;
error://错误处理
pake_server->session_key.length = 0;
pake_server->hmac_key.length = 0;
return HC_GENERATE_SESSION_KEY_FAILED;
}
6. 在函数parse_end_request_data中执行verify_proof_is_ok函数验证对端proof是否正确。
arduino
/*
函数功能:验证客户端发来的proof是否ok
函数参数:
pake_server:pake服务端对象
kcf_data:来自客户端的proof数据
函数返回值:
正确:true
错误:false
详细:
本函数的目的在于根据对端epk和challenge值+本端esk和challenge值生成一个验证proof,然后与对端发来的proof作比较,
如果相等,则返回true,否则返回false。
*/
static bool verify_proof_is_ok(struct pake_server *pake_server, struct hmac *kcf_data)
{
struct uint8_buff challenge = {.size = CHALLENGE_BUFF_LENGTH + CHALLENGE_BUFF_LENGTH};//定义challenge缓冲区
challenge.val = (uint8_t *)MALLOC(challenge.size);//为该缓冲区申请空间
if (challenge.val == NULL) {
LOGE("Object %u MALLOC verify proof buffer failed", pake_server_sn(pake_server));
return false;
}
(void)memcpy_s(challenge.val, challenge.size, pake_server->peer_challenge.challenge, CHALLENGE_BUFF_LENGTH);//将对端challenge值拷贝到该challenge buf中
challenge.length = CHALLENGE_BUFF_LENGTH;
(void)memcpy_s(challenge.val + challenge.length, challenge.size - challenge.length,
pake_server->self_challenge.challenge, CHALLENGE_BUFF_LENGTH);//将本端challenge值拷贝到该challenge buf中
challenge.length += CHALLENGE_BUFF_LENGTH;
struct hmac verify_proof = { 0, {0} };//定义验证proof
//这里的挑战值在缓冲区的顺序为:{客户端challenge,服务端challenge}
int32_t ret = compute_hmac((struct var_buffer *)&pake_server->hmac_key, &challenge, &verify_proof);//根据hmac密钥和双端challenge值计算HMAC值保存在验证verify_proof中
FREE(challenge.val);
challenge.val = NULL;
if (ret != HC_OK) {
LOGE("Object %u verify proof hmac failed, error code is %d", pake_server_sn(pake_server), ret);
return false;
}
ret = memcmp(&verify_proof, kcf_data, sizeof(verify_proof));//比较本端生成的verify_proof与对端发过来的proof数据kcf_data是否相等
LOGI("Object %u verify proof hmac result is %d", pake_server_sn(pake_server), ret);
return (ret == 0);
}
7. 在parse_end_request_data函数中执行generate_output_key函数生成服务端output密钥。
scss
//生成服务端output密钥
static void generate_output_key(struct pake_server *pake_server)
{
DBG_OUT("pake server generate output key");
int32_t ret = compute_hkdf((struct var_buffer *)&pake_server->session_key, &pake_server->salt,
HICHAIN_RETURN_KEY, pake_server->key_length,
(struct var_buffer *)&pake_server->service_key);//将服务端会话密钥作为种子,加上服务端salt值,生成hkdf作为服务端的服务密钥service_key
if (ret != HC_OK) {
LOGE("Object %u generate output key failed, error code is %d", pake_server_sn(pake_server), ret);
}
}
8.回到函数send_end_response中继续执行回调函数build_end_response_data,构造end响应数据。
arduino
/*
函数功能:构造end响应数据
函数参数:
handle:pake服务端对象
send_data:待发送的数据缓冲区
函数返回值:
成功:0
失败:error
*/
static int32_t build_end_response_data(void *handle, void *send_data)
{
struct pake_server *pake_server = handle;//获取服务端对象
struct pake_end_response_data *data = send_data;//用pake_end_response_data结构准备待发送的数据
DBG_OUT("Object %u begin build PAKE end response data", pake_server_sn(pake_server));
data->kcf_data = generate_proof(pake_server);//根据hmac密钥和双端challenge值生成一个HMAC值proof(服务端)
if (data->kcf_data.length == 0) {//如果proof生成失败,则返回HC_GENERATE_PROOF_FAILED
LOGE("Object %u generate proof failed", pake_server_sn(pake_server));
return HC_GENERATE_PROOF_FAILED;
}
return HC_OK;
}
DD一下: 欢迎大家关注公众号<程序猿百晓生>,可以了解到以下知识点。
erlang
`欢迎大家关注公众号<程序猿百晓生>,可以了解到以下知识点。`
1.OpenHarmony开发基础
2.OpenHarmony北向开发环境搭建
3.鸿蒙南向开发环境的搭建
4.鸿蒙生态应用开发白皮书V2.0 & V3.0
5.鸿蒙开发面试真题(含参考答案)
6.TypeScript入门学习手册
7.OpenHarmony 经典面试题(含参考答案)
8.OpenHarmony设备开发入门【最新版】
9.沉浸式剖析OpenHarmony源代码
10.系统定制指南
11.【OpenHarmony】Uboot 驱动加载流程
12.OpenHarmony构建系统--GN与子系统、部件、模块详解
13.ohos开机init启动流程
14.鸿蒙版性能优化指南
.......
9. 在build_end_response_data函数中执行generate_proof函数根据hmac密钥和双端challenge值生成一个HMAC值proof(服务端)。
ini
/*
函数功能:根据hmac密钥和双端challenge值生成一个HMAC值proof(服务端)
函数参数:
pake_server:pake服务端对象
函数返回值:
返回生成的proof值
*/
static struct hmac generate_proof(struct pake_server *pake_server)
{
struct hmac proof = { 0, {0} };//定义并初始化proof
struct uint8_buff challenge = {//定义一个challenge buf存放本端challenge值和对端challenge值
.val = NULL,
.length = 0,
.size = CHALLENGE_BUFF_LENGTH + CHALLENGE_BUFF_LENGTH
};
challenge.val = (uint8_t *)MALLOC(challenge.size);//为该challenge缓冲区申请空间
if (challenge.val == NULL) {
LOGE("Object %u MALLOC generate proof buffer failed", pake_server_sn(pake_server));
return proof;
}
(void)memcpy_s(challenge.val, challenge.size, pake_server->self_challenge.challenge, CHALLENGE_BUFF_LENGTH);//将本端challenge值拷贝到该challenge buf中
challenge.length = CHALLENGE_BUFF_LENGTH;//赋值challenge长度
(void)memcpy_s(challenge.val + challenge.length, challenge.size - challenge.length,
pake_server->peer_challenge.challenge, CHALLENGE_BUFF_LENGTH);//将对端challenge值拷贝到该challenge buf中
challenge.length += CHALLENGE_BUFF_LENGTH;//加上challenge长度
//这里的challenge值在缓冲区的顺序为:{服务端challenge,客户端challenge}
int32_t ret = compute_hmac((struct var_buffer *)&pake_server->hmac_key, &challenge, &proof);//根据hmac密钥和双端challenge值计算HMAC值保存在proof中
FREE(challenge.val);
challenge.val = NULL;
if (ret != HC_OK) {
LOGE("Object %u generate proof hmac failed, error code is %d", pake_server_sn(pake_server), ret);
proof.length = 0;
}
DBG_OUT("Object %u generate proof success", pake_server_sn(pake_server));
return proof;
}
10. 最后回到receive_data函数中,执行build_send_data_by_struct函数构造通知消息,然后再build_send_data_by_struct函数中根据消息码选择对应构造消息函数,此处应是make_pake_server_confirm函数。
scss
/*
函数功能:构造pake服务端confirm消息
函数参数:
data:待发送数据
函数返回值:
json格式的字符串
*/
char *make_pake_server_confirm(void *data)
{
struct pake_end_response_data *pake_server_confirm = data;//pake_end_response_data结构接收数据
/* kcfData */
uint8_t *tmp_kcf_data_hex = raw_byte_to_hex_string(pake_server_confirm->kcf_data.hmac,
pake_server_confirm->kcf_data.length);//将kcfData值转换为十六进制格式的字符串
if (tmp_kcf_data_hex == NULL) {
return NULL;
}
char *ret_str = (char *)MALLOC(RET_STR_LENGTH);//申请2048字节的空间以存放待发送消息
if (ret_str == NULL) {
FREE(tmp_kcf_data_hex);
return NULL;
}
(void)memset_s(ret_str, RET_STR_LENGTH, 0, RET_STR_LENGTH);//清空该地址空间
if (snprintf_s(ret_str, RET_STR_LENGTH, RET_STR_LENGTH - 1, "{\"%s\":%d,\"%s\":{\"%s\":\"%s\"}}", FIELD_MESSAGE,
PAKE_SERVER_CONFIRM_RESPONSE, FIELD_PAYLOAD, FIELD_KCF_DATA, tmp_kcf_data_hex) < 0) {
LOGE("String generate failed");
FREE(ret_str);
ret_str = NULL;
}//生成json格式的消息字符串
FREE(tmp_kcf_data_hex);
return ret_str;
}
三、小结
经过分析,服务端生成的响应消息的格式如下:
json
{
"message":0x8002, //消息码:PAKE_SERVER_CONFIRM_RESPONSE
"payload":
{
"kcfData":"十六进制格式的字符串" //kcfData,用于身份认证,根据hmac密钥和双端challenge值生成的HMAC值
}
}
服务端接收到来自客户端的challenge、epk等信息,根据这些信息及本端的challenge、salt、esk等信息生成验证认证证据verify_proof,然后与客户端发送来的proof进行对比,如果验证正确,则根据服务端session_key和salt值等信息基于hkdf算法生成服务端的service_key。然后服务端基于hmac_key和双端challenge(与客户端的存储顺序相反)根据HMAC算法生成服务端的proof保存在kcfData字段中回复给客户端。