-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathFacilityMasterControlUnit.lua
297 lines (239 loc) · 11 KB
/
FacilityMasterControlUnit.lua
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
--[=====[
PURPOSE
* To provide monitoring capabilities for the ME subnetworks at a fuel-production facility. Specifically,
* provide energy and item/fluid monitoring for the ME subnetworks.
* Securely transfer that monitoring data to a secure facility over an encrypted connection.
--]=====]
-- REQUIRED LIBRARIES
local serialization = require("serialization")
local component = require("component")
local computer = require("computer")
local event = require("event")
local fs = require("filesystem")
-- Start function for use by the RC Controller
function start()
print("Starting facility monitoring script")
end
-- Stop function for use by the RC Controller.
function stop(...)
os.exit(0)
end
-- Used for debugging, comment when using rc.
--args = {
--["scriptName"] = "test",
--["publicKey"] = "/home/ec-key.pub",
--["keySize"] = 384,
--["iterationFrequency"] = 5
--}
-- CHECKS
-- Make sure the value provided by the 'args' global variable is valid. Below is what should be configured in /etc/rc.cfg
--[=====[
99_FacilityMasterControlUnit =
{
scriptName = "name of this file without .lua. Used for error messages.":string,
publicKey = "/path/to/public/key":string,
keySize = "size of the keypair that the public key is from (either 256 or 384)":number
iterationFrequency = "The frequency in seconds between the calling of the __MAIN__() function":number
}
--]=====]
-- Define the keys that should be present within the 'args' global table. The 'args' table is provided by the RC controller.
local requiredMethods = table.pack(
"scriptName",
"publicKey",
"keySize",
"iterationFrequency"
)
if args and type(args) == "table" then
for i = 1, requiredMethods.n do
-- Error when a required key/value pair is not present.
if requiredMethods[i] and not args[requiredMethods[i]] then
io.stderr:write("args['"..requiredMethods[i].."']: key/value pair does not exist within table")
os.exit()
-- If key/value pair present then make sure those values are of the correct data type. And
-- perform a file lookup for args["publicKey"] to make sure it exists.
else
-- Check if the values in keys: scriptName and publicKey are strings.
if requiredMethods[i] == "scriptName" or requiredMethods[i] == "publicKey" then
if type(args[requiredMethods[i]]) ~= "string" then
io.stderr:write("args['"..requiredMethods[i].."']: Is a '"..type(args[requiredMethods[i]]).."', invalid data type for key/value pair")
os.exit()
-- Make sure the path provided by the publicKey key exists.
elseif requiredMethods[i] == "publicKey" and not fs.exists(args[requiredMethods[i]]) then
io.stderr:write(args.scriptName..": "..args.publicKey..": No such file or directory")
os.exit()
end
elseif requiredMethods[i] == "keySize" or requiredMethods[i] == "iterationFrequency" then
if type(args[requiredMethods[i]]) ~= "number" then
io.stderr:write(args.scriptName..": args['"..requiredMethods[i].."']: Is a '"..type(args[requiredMethods[i]]).."', invalid data type for key/value pair")
os.exit()
elseif requiredMethods[i] == "keySize" then
if args[requiredMethods[i]] ~= 256 and args[requiredMethods[i]] ~= 384 then
io.stderr:write(args.scriptName..": "..args[requiredMethods[i]]..": Keysize must be either 256 or 384")
os.exit()
end
elseif requiredMethods[i] == "iterationFrequency" then
if args[requiredMethods[i]] <= 0 then
io.stderr:write(args.scriptName..": "..args[requiredMethods[i]]..": args['"..requiredMethods[i].."'] must not be less than or equal to zero (0)")
os.exit()
end
end
end
end
end
else
io.stderr:write("'args': Table does not exist. Configure this in /etc/rc.cfg.")
os.exit()
end
-- Check if a datacard is installed.
if not component.isAvailable("data") then
io.stderr:write(args.scriptName..": No datacard installed. Cryptographic functions not available.")
os.exit()
-- Make sure a Tier 3 datacard is installed.
else
local requiredMethods = table.pack("generateKeyPair")
for i = 1, requiredMethods.n do
if requiredMethods[i] and not component.data[requiredMethods[i]] then
io.stderr:write(args.scriptName..": Datacard does not support the required cryptographic functions. A Tier 3 Data Card is required.")
os.exit()
end
end
end
-- Make sure at least one ME Controller is connected.
if not component.isAvailable("me_controller") then
io.stderr:write(args.scriptName..": No ME Controller found. At least one ME Controller must be connected.")
os.exit()
end
-- A link card must be installed to create a point-to-point connection with the off-site server.
if not component.isAvailable("tunnel") then
io.stderr:write(args.scriptName..": No Link Card installed.")
os.exit()
end
-- TABLES
-- Convert AE to FE energy.
local calculateSubnetEnergy =
{
["energy"] = function(cUUID)
local energy = tonumber(string.format("%.2f",component.invoke(cUUID,"getAvgPowerUsage") - component.invoke(cUUID,"getIdlePowerUsage")))
local energy = (energy / 0.05) * 2
return energy
end
}
-- This table contains the data that will be sent to the receiving computer.
-- Along with header information the receiver will use to decrypt the message.
local __packet =
{
header =
{
computerID = computer.address(), -- A constant, so it's generated once per execution.
sessionPublicKey = nil,
iv = nil
},
data = nil
}
-- HELPER FUNCTIONS
-- Function returns all the items in a ME Subnetwork.
local function getItems(cUUID)
local __TMPTABLE = {}
for key, value in pairs(component.invoke(cUUID,"getItemsInNetwork")) do
if key ~= 'n' then
table.insert(__TMPTABLE,key,value)
end
end
return __TMPTABLE
end
-- Function returns all the fluids in a ME Subnetwork.
local function getFluids(cUUID)
local __TMPTABLE = {}
for key, value in pairs(component.invoke(cUUID,"getFluidsInNetwork")) do
if key ~= 'n' then
table.insert(__TMPTABLE,key,value)
end
end
return __TMPTABLE
end
-- Function that will read a provided public key, generate an AES key, checksum of said key, and an initialization vector for encryption.
local function generateAESKey(public, bits)
-- Read the public key file.
local file = io.open(public,"rb")
local publicKey = file:read("*a")
file:close()
-- Unserialize the public key into binary form.
local publicKey = serialization.unserialize(publicKey)
-- Rebuild public key object.
local status, publicKey = xpcall(function(p)
return component.data.deserializeKey(p,"ec-public") or error(args.scriptName..": Unable to generate key object. Are you certain '"..public.."' is a public key?")
end,
function(err)
local expression = "("..args.scriptName..": .*)"
return string.match(err,expression)
end, publicKey)
-- Print error, if any.
if not status then
io.stderr:write(publicKey)
os.exit()
end
-- Generate a public key that will be transmitted to the receiving computer, and a private key which is used below.
local sessionPublicKey, tmpPrivate = component.data.generateKeyPair(bits)
-- Generate and AES key, which is an MD5 hash of a Diffie-Hellman shared key.
local status, aesKey = xpcall(function(private, public)
return component.data.md5(component.data.ecdh(private, public))
end,
function(err)
return err.."\n"..args.scriptName..": Failed to generate AES key. This could be due to specifying an invalid key length."
end, tmpPrivate, publicKey)
if not status then
io.stderr:write(aesKey)
os.exit()
end
return aesKey, sessionPublicKey.serialize()
end
-- Return two (2) binary strings, one is used for the AES key to encrypt the message.
-- The other is a public key that will be serialized and then sent in plain-text to the
-- receiving computer.
local aesKey, sessionPublicKey = generateAESKey(args.publicKey, args.keySize)
-- Since sessionPublicKey remains a constant, set __packet.header.sessionPublicKey equal to
-- the former.
__packet.header.sessionPublicKey = sessionPublicKey
local function __MAIN__()
--[=====[
The format of the message is as follows:
HEADER
ComputerID:string - The UUID of *this* computer.
sessionPublicKey:string - Serialized public key generated by *this* computer.
The receiver will use it to decrypt the message.
iv:string - Initialization Vector is generated everytime a
message is sent. This is used for encryption.
DATA
timestamp:string - day/month/year hour:minute:second (24-hour)
cUUID:string - Full UUID of ME Controller
energy:number - The REAL amount of FE the subnet is using.
itemsInNetwork:table - Amount of items stored within the subnet.
fluidsInNetwork:table - Amount of liquid stored within the subnet.
--]=====]
for cUUID, _ in component.list("me_controller", true) do
-- Generate a new Initialization Vector every iteration.
__packet.header.iv = component.data.random(16)
-- To make sure the __packet.data variable does not grow,
-- set equal to nil at the start of each iteration.
__packet.data = nil
-- Data is gathered from the ME controller and added to the below table.
__packet.data =
{
['timestamp'] = os.date(),
['cUUID'] = cUUID,
['energy'] = calculateSubnetEnergy.energy(cUUID),
['itemsInNetwork'] = getItems(cUUID),
['fluidsInNetwork'] = getFluids(cUUID)
}
-- Data is serialized and encrypted.
__packet.data = component.data.encrypt(serialization.serialize(__packet.data), aesKey, __packet.header.iv)
-- Used for debugging; view the contents of the __packet table.
-- Uncomment __MAIN__(), and comment the line starting with
-- 'local timerEvent' which is the last line.
-- require"cbrowse".view(__packet)
-- Send data to the receiving computer.
component.tunnel.send(serialization.serialize(__packet))
end
end
-- __MAIN__()
local timerEvent = event.timer(args.iterationFrequency, function() __MAIN__() end, math.huge)