Dakshina`s Blog

Sunday Dec 10, 2006

Aaj ki seekh: MD5 api

The MD5 algo takes as input a messge of arbitrary length and
produces a 128-bit message digest or fingerprint of the input.

For more info on MD5 refer to the RFC page

http://www.ietf.org/rfc/rfc1321.txt

Just a simple program to show usage of MD5 API to calculate a message digest.

#include <stdio.h>
#include <md5.h>

/* Link with the -lmd5 library */
/* gcc -lmd5 <program_name> */

/* this program generates a 128 bit MD5 digest of a given string */

main(){

int i=0;
unsigned char *buffer="We shall generate a message digest of this string";
unsigned char *output=(unsigned char *)malloc(16*sizeof(char)) ; /* store the 128 bit digest in this string */

printf("\n-Using the md5_calc functions ----\n");
md5_calc(output, buffer,strlen(buffer));
for(i=0;i<16;i++)
printf("%d:",(int)(output[i]));

printf("\n-Using the MD5 functions ----\n");
MD5_CTX context;
MD5Init(&context);
MD5Update(&context,buffer,strlen(buffer));
MD5Final(output,&context);
for(i=0;i<16;i++){
printf("%d:",(int)(output[i]));
}
free(output);
}

The output: (the digest is displayed as colon seperated )

--Using the md5_calc functions ----
208:123:118:146:90:32:215:98:10:11:23:26:78:229:127:76:
-Using the MD5 functions ----
208:123:118:146:90:32:215:98:10:11:23:26:78:229:127:76:

Posted at 04:37PM Dec 10, 2006 by dakshina in Sun | Comments[0]

Tuesday Dec 05, 2006

what i learnt today :encrypt

Today :

I came across a utilty ,encrypt for encrypting files.

encrypt: usage: encrypt -l | -a <algorithm> [-k <keyfile>] [-i <infile>]
[-o <outfile>]
This comes with the Solaris package SUNWcsu .

These are the algorithms it supports :

#encrypt -l
Algorithm       Keysize: Min   Max (bits)
------------------------------------------
aes                       128   128
arcfour                   8    128
des                        64     64
3des                     192 192

Posted at 06:11PM Dec 05, 2006 by dakshina in Sun | Comments[0]

Friday Dec 01, 2006

Getting the output of a shell command from a C program using popen

Sometimes its necessary to access the output of a shell command(more than just the return value) in a C program. One way could be to redirect it to a file and then access it .The other would be by using the popen function.

#include<stdio.h>

main(){
char cmd[80];
FILE *fptr;
char out[256];
int ret;
strcpy(cmd,"ls -l");
fptr = popen(cmd, "r");
while(1){
        fgets(out, 256, fptr);
        if(feof(fptr)) break;
        puts(out);
}
ret = pclose(fptr);
}

/* Noted tested with S10 gcc only ..*/

Posted at 10:52AM Dec 01, 2006 by dakshina in Sun | Comments[0]

Thursday Nov 30, 2006

Configuring apache +SSL service for S10

Just another blog for setting up apache shipped with S10 ...

Note:For creating server side certificates a very detailed help can be found @

http://meljr.com/~meljr/ssl_cert_Sol10.html .

And hence I am not rewriting them here.

cp /etc/apache2/httpd-conf-example to /etc/apache2/httpd.conf

Set the properties :

Server name

Listen Port number
Document root

export JAVA_HOME=< >
/usr/apache2/bin/apachectl start
OR

#svcadm disable apache2 ;#svcenable apache2

===============================================================

Enabling SSL service on Apache2

# svccfg

svc:> select apache2

svc:/network/http:apache2> listprop httpd/ssl

httpd/ssl boolean false

svc:/network/http:apache2> setprop httpd/ssl=true

svc:/network/http:apache2> exit

# svcadm disable apache2

# svcadm enable apache2

# svcprop -p httpd/ssl svc:/network/http:apache2

false

# svcadm refresh apache2

# svcprop -p httpd/ssl svc:/network/http:apache2

true

Posted at 10:58AM Nov 30, 2006 by dakshina in Sun | Comments[2]

CGI/Perl script for uploading files

Here's a small perl script that I have used for uplaoding files to a webserver.

The location can be changed .Rt now it saves the files to /tmp/upload1

#!/usr/bin/perl
use CGI ;
my $query = new CGI;
print $query->header ( );
# Expects the client to sends the name of the file to be uploaded in an input field "file"

my $filename=$query->param("file");
my $fpath1="/tmp/upload1/$filename";

open (UPLOADFILE,">$fpath1") || die "Cannot open file";

$filename =~ s/.*[\/\\](.*)/$1/;
my $upload_filehandle = $query->upload("file");

my $buf;
while (read($upload_filehandle,$buf,1024)) {
print UPLOADFILE $buf;
}

close UPLOADFILE;

#This has been tested on Solaris only

# Can be used to transfer binary files also

#For WINDOWS the BINMODE option may be needed

Posted at 10:31AM Nov 30, 2006 by dakshina in Sun | Comments[0]

SSL Certificate Generation ..

Something I learnt during writing a SSL Client <which I got stuck up after some time :( >
I am using OpenSSL shipped with S10.
This can be of help for those who wish to create a CA (self signed for test purpose and sign their own certificates using this CA.)

A. Create new CA (Certification Authority)
    The CA.pl is located at in Solaris 10 /usr/sfw/bin
     Change the perl path to /usr/bin/perl in line 1

     > CA.pl -newca
     > cp ./demoCA/cacert.pem .
     > cp ./demoCA/private/cakey.pem .
     > openssl x509 -text -in cacert.pem

B. Generate RSA key and second level CA
     > openssl genrsa -out ca2key.pem
     > openssl req -new -key ca2key.pem -out ca2req.pem
     > openssl ca -cert cacert.pem -keyfile cakey.pem \
             -out ca2cert.pem -infiles ca2req.pem
     > openssl verify -CAfile cacert.pem ca2cert.pem

C. Sign RSA key with second level CA
     > openssl req -new -key rsakey.pem -out rsareq.pem
     > openssl ca -cert ca2cert.pem -keyfile ca2key.pem \
             -out rsacert.pem -infiles rsareq.pem
     > openssl verify -CAfile cacert.pem -untrusted ca2cert.pem rsacert.pem

Posted at 10:14AM Nov 30, 2006 by dakshina in Sun | Comments[0]

Tuesday Aug 29, 2006

Random notes on virtualization ...

Just am jotting down what i understand ... Have had some exposure to virtualization technologies in the past few months.

Virtualization allows a user to run multiple OS'es simultaeously on a single system,in a secure way. On x86 processors, when running in protected mode, there are four privilege levels.

The operating system kernel executes in privilege level 0 (also called "supervisor mode") while applications execute in privilege level 3. Privilege levels 1 and 2 are not used.

When using virtual machine extensions, there are two classes of software: VMM (Virtual Machine Monitor), also known as "hypervisor", and Guests, which are virtual machines. If we consider Xen ,we call it Domain0 and Guest domains(DomU's or unpriveleged domains).

With Sun's LDOMs they are known as Control domain and guest domain respectively.

The VMM acts as a host and has a full access to the hardware. It also hosts the management software (like xend incase of Xen and LDOM manager in case of LDOMS),which is responsible for lifecycle management of the guest domains.

In the Xen project, running on x86 processors, the guest operating systems run in privilege level 1.

Xen 2.0 had initial support for paravirtualization,meaning that guest OS'es would have to be tweaked to run on top of the hypervisor. Xen 3.0 and above support both paravirtualization and full virtualization to leverage the inbuilt hardware support built into the Intel-VT-x and AMD pacifica processors.In either cases,application binaries would run unmodified and they would run in ring 3 .

With built-in virtualization extensionsin processors ,the guest operating system code stays unmodified. With Xen running on non-virtualized processors, there is a device model which is based on backend/frontend virtual drivers (also called "split drivers"). The backend is in domain 0, while the frontend is in the unprivileged domains. Only domain 0 has access to the hardware through the unmodified Linux drivers. When running on Intel VT-x or AMD SVM(Secure Virtual machines), we cannot use this IO model, because the guests run unmodified Linux kernels.

Posted at 03:20PM Aug 29, 2006 by dakshina in Sun | Comments[0]

i'm here !!!

My first blog :) @ blogs.sun.com Abt me : I've been @Sun for nearly 2 years now. And i like it here. So hello everybody !!

Posted at 11:12AM Aug 29, 2006 by dakshina in Sun | Comments[1]