src/cipher.cpp

   1 /*
   2  *  anytun
   3  *
   4  *  The secure anycast tunneling protocol (satp) defines a protocol used
   5  *  for communication between any combination of unicast and anycast
   6  *  tunnel endpoints.  It has less protocol overhead than IPSec in Tunnel
   7  *  mode and allows tunneling of every ETHER TYPE protocol (e.g.
   8  *  ethernet, ip, arp ...). satp directly includes cryptography and
   9  *  message authentication based on the methodes used by SRTP.  It is
  10  *  intended to deliver a generic, scaleable and secure solution for
  11  *  tunneling and relaying of packets of any protocol.
  12  *
  13  *
  14  *  Copyright (C) 2007-2008 Othmar Gsenger, Erwin Nindl,
  15  *                          Christian Pointner <satp@wirdorange.org>
  16  *
  17  *  This file is part of Anytun.
  18  *
  19  *  Anytun is free software: you can redistribute it and/or modify
  20  *  it under the terms of the GNU General Public License version 3 as
  21  *  published by the Free Software Foundation.
  22  *
  23  *  Anytun is distributed in the hope that it will be useful,
  24  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  25  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  26  *  GNU General Public License for more details.
  27  *
  28  *  You should have received a copy of the GNU General Public License
  29  *  along with anytun.  If not, see <http://www.gnu.org/licenses/>.
  30  */
  31
  32 #include <stdexcept>
  33 #include <iostream>
  34 #include <string>
  35 #include <cstdio>
  36 #include <cstring>
  37
  38 #include "endian.h"
  39
  40 #include "cipher.h"
  41 #include "log.h"
  42
  43 void Cipher::encrypt(KeyDerivation& kd, PlainPacket & in, EncryptedPacket & out, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
  44 {
  45         u_int32_t len = cipher(kd, in, in.getLength(), out.getPayload(), out.getPayloadLength(), seq_nr, sender_id, mux);
  46         out.setSenderId(sender_id);
  47         out.setSeqNr(seq_nr);
  48   out.setMux(mux);
  49         out.setPayloadLength(len);
  50 }
  51
  52 void Cipher::decrypt(KeyDerivation& kd, EncryptedPacket & in, PlainPacket & out)
  53 {
  54         u_int32_t len = decipher(kd, in.getPayload() , in.getPayloadLength(), out, out.getLength(), in.getSeqNr(), in.getSenderId(), in.getMux());
  55         out.setLength(len);
  56 }
  57
  58
  59 //******* NullCipher *******
  60
  61 u_int32_t NullCipher::cipher(KeyDerivation& kd, u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
  62 {
  63         std::memcpy(out, in, (ilen < olen) ? ilen : olen);
  64   return (ilen < olen) ? ilen : olen;
  65 }
  66
  67 u_int32_t NullCipher::decipher(KeyDerivation& kd, u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
  68 {
  69         std::memcpy(out, in, (ilen < olen) ? ilen : olen);
  70   return (ilen < olen) ? ilen : olen;
  71 }
  72
  73 #ifndef NOCRYPT
  74 //****** AesIcmCipher ******
  75
  76 AesIcmCipher::AesIcmCipher(kd_dir_t d) : Cipher(d), key_(u_int32_t(DEFAULT_KEY_LENGTH/8)), salt_(u_int32_t(SALT_LENGTH))
  77 {
  78   init();
  79 }
  80
  81 AesIcmCipher::AesIcmCipher(kd_dir_t d, u_int16_t key_length) : Cipher(d), key_(u_int32_t(key_length/8)), salt_(u_int32_t(SALT_LENGTH))
  82 {
  83   init(key_length);
  84 }
  85
  86 void AesIcmCipher::init(u_int16_t key_length)
  87 {
  88 #ifndef USE_SSL_CRYPTO
  89   handle_ = NULL;
  90   int algo;
  91   switch(key_length) {
  92   case 128: algo = GCRY_CIPHER_AES128; break;
  93   case 192: algo = GCRY_CIPHER_AES192; break;
  94   case 256: algo = GCRY_CIPHER_AES256; break;
  95   default: {
  96     cLog.msg(Log::PRIO_CRIT) << "AesIcmCipher::AesIcmCipher: cipher key length of " << key_length << " Bits is not supported";
  97     return;
  98   }
  99   }
 100
 101   gcry_error_t err = gcry_cipher_open(&handle_, algo, GCRY_CIPHER_MODE_CTR, 0);
 102   if( err ) {
 103     cLog.msg(Log::PRIO_CRIT) << "AesIcmCipher::AesIcmCipher: Failed to open cipher" << LogGpgError(err);
 104   }
 105 #endif
 106 }
 107
 108
 109 AesIcmCipher::~AesIcmCipher()
 110 {
 111 #ifndef USE_SSL_CRYPTO
 112   if(handle_)
 113     gcry_cipher_close(handle_);
 114 #endif
 115 }
 116
 117 u_int32_t AesIcmCipher::cipher(KeyDerivation& kd, u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
 118 {
 119   calc(kd, in, ilen, out, olen, seq_nr, sender_id, mux);
 120   return (ilen < olen) ? ilen : olen;
 121 }
 122
 123 u_int32_t AesIcmCipher::decipher(KeyDerivation& kd, u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
 124 {
 125   calc(kd, in, ilen, out, olen, seq_nr, sender_id, mux);
 126   return (ilen < olen) ? ilen : olen;
 127 }
 128
 129 void AesIcmCipher::calcCtr(KeyDerivation& kd, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
 130 {
 131   kd.generate(dir_, LABEL_SATP_SALT, seq_nr, salt_);
 132
 133 #ifdef ANYTUN_02_COMPAT
 134   if(!salt_[u_int32_t(0)])
 135     salt_[u_int32_t(0)] = 1;
 136 #endif
 137
 138   std::memcpy(ctr_.salt_.buf_, salt_.getBuf(), SALT_LENGTH);
 139   ctr_.salt_.zero_ = 0;
 140   ctr_.params_.mux_ ^= MUX_T_HTON(mux);
 141   ctr_.params_.sender_id_ ^= SENDER_ID_T_HTON(sender_id);
 142   ctr_.params_.seq_nr_ ^= SEQ_NR_T_HTON(seq_nr);
 143
 144   return;
 145 }
 146
 147 void AesIcmCipher::calc(KeyDerivation& kd, u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
 148 {
 149 #ifndef USE_SSL_CRYPTO
 150   if(!handle_)
 151     return;
 152 #endif
 153
 154   kd.generate(dir_, LABEL_SATP_ENCRYPTION, seq_nr, key_);
 155 #ifdef USE_SSL_CRYPTO
 156   int ret = AES_set_encrypt_key(key_.getBuf(), key_.getLength()*8, &aes_key_);
 157   if(ret) {
 158     cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to set cipher ssl key (code: " << ret << ")";
 159     return;
 160   }
 161 #else
 162   gcry_error_t err = gcry_cipher_setkey(handle_, key_.getBuf(), key_.getLength());
 163   if(err) {
 164     cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to set cipher key: " << LogGpgError(err);
 165     return;
 166   }
 167 #endif
 168
 169   calcCtr(kd, seq_nr, sender_id, mux);
 170
 171 #ifndef USE_SSL_CRYPTO
 172   err = gcry_cipher_setctr(handle_, ctr_.buf_, CTR_LENGTH);
 173   if(err) {
 174     cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to set cipher CTR: " << LogGpgError(err);
 175     return;
 176   }
 177
 178   err = gcry_cipher_encrypt(handle_, out, olen, in, ilen);
 179   if(err) {
 180     cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to de/encrypt packet: " << LogGpgError(err);
 181     return;
 182   }
 183 #else
 184   if(CTR_LENGTH != AES_BLOCK_SIZE) {
 185     cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to set cipher CTR: size don't fits";
 186     return;
 187   }
 188   unsigned int num = 0;
 189   std::memset(ecount_buf_, 0, AES_BLOCK_SIZE);
 190   AES_ctr128_encrypt(in, out, (ilen < olen) ? ilen : olen, &aes_key_, ctr_.buf_, ecount_buf_, &num);
 191 #endif
 192 }
 193 #endif
 194