From fce85ba28ee1167d4b72d3af9a3f3ff601c964d1 Mon Sep 17 00:00:00 2001 From: Jim Date: Mon, 2 Jul 2012 17:45:45 -0400 Subject: [PATCH] secure: update dongle handling: - decrement hoursleft on each boot to prevent running very short Prime sessions that don't update the dongle; this allows removing of dongle_dtime (the last time the dongle was updated) - only uses 1 dongle location (for hoursleft) - maintain a checksum on dongle values to detect tampering - encrypt hoursleft and the dongle checksum - write random values in all other dongle locations - validate dongle by asking it to encrypt random values; this requires that a copy of the dongle key is stored in the executable - don't fail immediately: just set a status and keep going - caller sets bad Prime keys and hands us the correct keys; we reset Prime keys before returning. This makes it harder to bypass security by not calling it at all. --- emdev.h | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/emdev.h b/emdev.h index c816615..2bdde04 100644 --- a/emdev.h +++ b/emdev.h @@ -1426,6 +1426,7 @@ int devcp (int class, int func, int device) { struct timeval tv; unsigned int elapsedms,targetticks; + unsigned short realkeys; int i; #define SETCLKPOLL devpoll[device] = gvp->instpermsec*(-clkpic*clkrate)/1000; @@ -1625,8 +1626,12 @@ int devcp (int class, int func, int device) { #define IPMTIME 5000 + realkeys = getcrs16(KEYS); if ((gvp->instcount < previnstcount) || (gvp->instcount-previnstcount > gvp->instpermsec*IPMTIME)) { if (gvp->instcount-previnstcount > gvp->instpermsec*IPMTIME) { +#ifndef DEMO + putcrs16(KEYS, 0xFFFF); /* install bad keys */ +#endif i = (gvp->instcount-previnstcount) / ((tv.tv_sec-prev_tv.tv_sec)*1000.0 + (tv.tv_usec-prev_tv.tv_usec)/1000.0); if (i > 0) { @@ -1639,7 +1644,7 @@ int devcp (int class, int func, int device) { /* call the security check code */ - secure(tv); + secure(tv, realkeys); } previnstcount = gvp->instcount; prev_tv = tv;