Lines Matching refs:hSession
192 bool HdcDaemon::RedirectToTask(HTaskInfo hTaskInfo, HSession hSession, const uint32_t channelId,
422 bool HdcDaemon::HandDaemonAuthInit(HSession hSession, const uint32_t channelId, SessionHandShake &handshake)
424 hSession->tokenRSA = Base::GetSecureRandomString(SHA_DIGEST_LENGTH);
429 * Notice, before here is "handshake.buf = hSession->tokenRSA", but the server not use it
431 if (hSession->verifyType == AuthVerifyType::RSA_3072_SHA512) {
434 WRITE_LOG(LOG_INFO, "client support RSA_3072_SHA512 auth for %u session", hSession->sessionId);
437 Send(hSession->sessionId, channelId, CMD_KERNEL_HANDSHAKE,
441 InitSessionAuthInfo(hSession->sessionId, hSession->tokenRSA);
445 bool HdcDaemon::HandDaemonAuthPubkey(HSession hSession, const uint32_t channelId, SessionHandShake &handshake)
452 WRITE_LOG(LOG_FATAL, "get pubkey failed for %u", hSession->sessionId);
464 std::thread notifymsg([this, &handshake, channelId, sessionId = hSession->sessionId, &confirmmsg]() {
471 WRITE_LOG(LOG_FATAL, "user allow onece for %u", hSession->sessionId);
474 WRITE_LOG(LOG_FATAL, "user allow forever for %u", hSession->sessionId);
478 WRITE_LOG(LOG_FATAL, "user refuse for %u", hSession->sessionId);
484 SendAuthSignMsg(handshake, channelId, hSession->sessionId, pubkey, hSession->tokenRSA);
490 EchoHandshakeMsg(handshake, channelId, hSession->sessionId, notifymsg);
499 bool HdcDaemon::RsaSignVerify(HSession hSession, EVP_PKEY_CTX *ctx, const string &tokenSignBase64, const string &token)
508 WRITE_LOG(LOG_FATAL, "base64 decode token sign failed for session %u", hSession->sessionId);
513 WRITE_LOG(LOG_FATAL, "verify failed for session %u", hSession->sessionId);
517 WRITE_LOG(LOG_FATAL, "sign verify failed for session %u with exception %s", hSession->sessionId, e.what());
521 WRITE_LOG(LOG_FATAL, "sign verify success for session %u", hSession->sessionId);
525 bool HdcDaemon::AuthVerifyRsaSign(HSession hSession, const string &tokenSign, const string &token, RSA *rsa)
543 WRITE_LOG(LOG_FATAL, "invalid base64 sign size %zd for session %u", tokenSign.size(), hSession->sessionId);
564 signRet = RsaSignVerify(hSession, ctx, tokenSign, token);
576 bool HdcDaemon::AuthVerify(HSession hSession, const string &encryptToken, const string &token, const string &pubkey)
586 WRITE_LOG(LOG_FATAL, "bio failed for session %u", hSession->sessionId);
591 WRITE_LOG(LOG_FATAL, "bio write failed %d for session %u", wbytes, hSession->sessionId);
596 WRITE_LOG(LOG_FATAL, "rsa failed for session %u", hSession->sessionId);
599 if (hSession->verifyType == AuthVerifyType::RSA_3072_SHA512) {
600 verifyResult = AuthVerifyRsaSign(hSession, encryptToken, token, rsa);
602 verifyResult = AuthVerifyRsa(hSession, encryptToken, token, rsa);
616 bool HdcDaemon::AuthVerifyRsa(HSession hSession, const string &encryptToken, const string &token, RSA *rsa)
634 WRITE_LOG(LOG_FATAL, "decrypt failed(%lu) for session %u", ERR_get_error(), hSession->sessionId);
639 WRITE_LOG(LOG_FATAL, "auth failed for session %u)", hSession->sessionId);
645 bool HdcDaemon::HandDaemonAuthSignature(HSession hSession, const uint32_t channelId, SessionHandShake &handshake)
654 string token = GetSessionAuthToken(hSession->sessionId);
655 string pubkey = GetSessionAuthPubkey(hSession->sessionId);
656 if (!AuthVerify(hSession, handshake.buf, token, pubkey)) {
657 WRITE_LOG(LOG_FATAL, "auth failed for session %u", hSession->sessionId);
659 EchoHandshakeMsg(handshake, channelId, hSession->sessionId, "[E000010]:Auth failed, cannt login the device.");
663 WRITE_LOG(LOG_FATAL, "auth success for session %u", hSession->sessionId);
665 UpdateSessionAuthOk(hSession->sessionId);
666 SendAuthOkMsg(handshake, channelId, hSession->sessionId);
678 bool HdcDaemon::HandDaemonAuth(HSession hSession, const uint32_t channelId, SessionHandShake &handshake)
681 WRITE_LOG(LOG_INFO, "not enable secure, allow access for %u", hSession->sessionId);
682 UpdateSessionAuthOk(hSession->sessionId);
683 SendAuthOkMsg(handshake, channelId, hSession->sessionId);
686 WRITE_LOG(LOG_INFO, "auth bypass, allow access for %u", hSession->sessionId);
687 UpdateSessionAuthOk(hSession->sessionId);
688 SendAuthOkMsg(handshake, channelId, hSession->sessionId);
692 hSession->sessionId, handshake.version.c_str(), handshake.authType);
693 AuthRejectLowClient(handshake, channelId, hSession->sessionId);
695 } else if (GetSessionAuthStatus(hSession->sessionId) == AUTH_OK) {
696 WRITE_LOG(LOG_INFO, "session %u already auth ok", hSession->sessionId);
701 return HandDaemonAuthInit(hSession, channelId, handshake);
703 return HandDaemonAuthPubkey(hSession, channelId, handshake);
705 return HandDaemonAuthSignature(hSession, channelId, handshake);
707 WRITE_LOG(LOG_FATAL, "invalid auth state %d for session %u", handshake.authType, hSession->sessionId);
715 void HdcDaemon::GetServerCapability(HSession &hSession, SessionHandShake &handshake)
722 hSession->verifyType = AuthVerifyType::RSA_ENCRYPT;
724 WRITE_LOG(LOG_INFO, "maybe old version client for %u session", hSession->sessionId);
729 hSession->verifyType = AuthVerifyType::RSA_3072_SHA512;
731 WRITE_LOG(LOG_INFO, "client auth type is %u for %u session", hSession->verifyType, hSession->sessionId);
734 void HdcDaemon::DaemonSessionHandshakeInit(HSession &hSession, SessionHandShake &handshake)
737 uint32_t unOld = hSession->sessionId;
738 hSession->sessionId = handshake.sessionId;
739 hSession->connectKey = handshake.connectKey;
740 hSession->handshakeOK = false;
741 AdminSession(OP_UPDATE, unOld, hSession);
743 if (hSession->connType == CONN_SERIAL and clsUARTServ!= nullptr) {
747 (static_cast<HdcDaemonUART *>(clsUARTServ))->OnNewHandshakeOK(hSession->sessionId);
751 if (clsUSBServ != nullptr && hSession->connType == CONN_USB) {
752 (reinterpret_cast<HdcDaemonUSB *>(clsUSBServ))->OnNewHandshakeOK(hSession->sessionId);
758 GetServerCapability(hSession, handshake);
761 bool HdcDaemon::DaemonSessionHandshake(HSession hSession, const uint32_t channelId, uint8_t *payload, int payloadSize)
770 WRITE_LOG(LOG_DEBUG, "session %s try to handshake", hSession->ToDebugString().c_str());
774 hSession->availTailIndex = 0;
779 DaemonSessionHandshakeInit(hSession, handshake);
781 if (!HandDaemonAuth(hSession, channelId, handshake)) {
793 hSession->availTailIndex = 0;
796 Send(hSession->sessionId, channelId, CMD_KERNEL_HANDSHAKE, (uint8_t *)failedString.c_str(),
807 WRITE_LOG(LOG_INFO, "session %u handshakeOK send back CMD_KERNEL_HANDSHAKE", hSession->sessionId);
809 hSession->handshakeOK = true;
867 bool HdcDaemon::FetchCommand(HSession hSession, const uint32_t channelId, const uint16_t command, uint8_t *payload,
872 if (enableSecure && (GetSessionAuthStatus(hSession->sessionId) != AUTH_OK) &&
874 string authmsg = GetSessionAuthmsg(hSession->sessionId);
876 hSession->sessionId, authmsg.c_str(), command);
878 LogMsg(hSession->sessionId, channelId, MSG_FAIL, authmsg.c_str());
881 Send(hSession->sessionId, channelId, CMD_KERNEL_CHANNEL_CLOSE, &count, 1);
894 ret = DaemonSessionHandshake(hSession, channelId, payload, payloadSize);
898 ClearOwnTasks(hSession, channelId);
901 Send(hSession->sessionId, channelId, CMD_KERNEL_CHANNEL_CLOSE, payload, 1);
909 ret = DispatchTaskData(hSession, channelId, command, payload, payloadSize);
911 LogMsg(hSession->sessionId, channelId, MSG_FAIL, "debugging is not allowed");
913 Send(hSession->sessionId, channelId, CMD_KERNEL_CHANNEL_CLOSE, &count, 1);
985 void HdcDaemon::NotifyInstanceSessionFree(HSession hSession, bool freeOrClear)
993 clsUsbModule->OnSessionFreeFinally(hSession);