summaryrefslogtreecommitdiffabout
path: root/src/eyefiservice.cc
Side-by-side diff
Diffstat (limited to 'src/eyefiservice.cc') (more/less context) (ignore whitespace changes)
-rw-r--r--src/eyefiservice.cc21
1 files changed, 16 insertions, 5 deletions
diff --git a/src/eyefiservice.cc b/src/eyefiservice.cc
index d233a07..1a21c02 100644
--- a/src/eyefiservice.cc
+++ b/src/eyefiservice.cc
@@ -8,2 +8,3 @@
#include <autosprintf.h>
+#include <openssl/rand.h>
#include "eyekinfig.h"
@@ -12,2 +13,4 @@
+static binary_t session_nonce;
+
static bool detached_child() {
@@ -48,5 +51,4 @@ int eyefiService::StartSession(
r.credential = binary_t(macaddress+cnonce+eyekinfig_t(macaddress).get_upload_key()).md5().hex();
- /* TODO: better nonce generator */
- time_t t = time(0);
- r.snonce = binary_t(&t,sizeof(t)).md5().hex();
+
+ r.snonce = session_nonce.make_nonce().hex();
r.transfermode=transfermode;
@@ -76,5 +78,14 @@ int eyefiService::GetPhotoStatus(
syslog(LOG_DEBUG,
- "GetPhotoStatus request from %s with credential=%s, filename=%s, filesize=%ld, filesignature=%s",
- macaddress.c_str(), credential.c_str(), filename.c_str(), filesize, filesignature.c_str() );
+ "GetPhotoStatus request from %s with credential=%s, filename=%s, filesize=%ld, filesignature=%s; session nonce=%s",
+ macaddress.c_str(), credential.c_str(), filename.c_str(), filesize, filesignature.c_str(), session_nonce.hex().c_str() );
+#endif
+
+ std::string computed_credential = binary_t(macaddress+eyekinfig_t(macaddress).get_upload_key()+session_nonce.hex()).md5().hex();
+
+#ifndef NDEBUG
+ syslog(LOG_DEBUG, " computed credential=%s", computed_credential.c_str());
#endif
+
+ if (credential != computed_credential) throw std::runtime_error("card authentication failed");
+
r.fileid = 1; r.offset = 0;