search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
working version with crypto
[anytun.git] / encryptedPacket.cpp
blobc0221e9fef134a3a29f0d14b780cba19758176d0
1 /*
2 * anytun
3 *
4 * The secure anycast tunneling protocol (satp) defines a protocol used
5 * for communication between any combination of unicast and anycast
6 * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
7 * mode and allows tunneling of every ETHER TYPE protocol (e.g.
8 * ethernet, ip, arp ...). satp directly includes cryptography and
9 * message authentication based on the methodes used by SRTP. It is
10 * intended to deliver a generic, scaleable and secure solution for
11 * tunneling and relaying of packets of any protocol.
12 *
13 *
14 * Copyright (C) 2007 anytun.org <satp@wirdorange.org>
15 *
16 * This program is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License version 2
18 * as published by the Free Software Foundation.
19 *
20 * This program is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * You should have received a copy of the GNU General Public License
26 * along with this program (see the file COPYING included with this
27 * distribution); if not, write to the Free Software Foundation, Inc.,
28 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
29 */
30
31 #include <stdexcept>
32 #include <iostream>
33 #include <arpa/inet.h>
34 #include <cstdio> // for std::memcpy
35
36 #include "encryptedPacket.h"
37 #include "datatypes.h"
38 #include "log.h"
39
40 EncryptedPacket::EncryptedPacket(u_int32_t payload_length, bool allow_realloc)
41 : Buffer(payload_length + sizeof(struct HeaderStruct), allow_realloc)
42 {
43 header_ = reinterpret_cast<struct HeaderStruct*>(buf_);
44 payload_ = buf_ + sizeof(struct HeaderStruct);
45 auth_tag_ = NULL;
46 if(header_)
47 {
48 header_->seq_nr = 0;
49 header_->sender_id = 0;
50 header_->mux = 0;
51 }
52 }
53
54 seq_nr_t EncryptedPacket::getSeqNr() const
55 {
56 if(header_)
57 return SEQ_NR_T_NTOH(header_->seq_nr);
58
59 return 0;
60 }
61
62 sender_id_t EncryptedPacket::getSenderId() const
63 {
64 if(header_)
65 return SENDER_ID_T_NTOH(header_->sender_id);
66
67 return 0;
68 }
69
70 mux_t EncryptedPacket::getMux() const
71 {
72 if(header_)
73 return MUX_T_NTOH(header_->mux);
74
75 return 0;
76 }
77
78 void EncryptedPacket::setSeqNr(seq_nr_t seq_nr)
79 {
80 if(header_)
81 header_->seq_nr = SEQ_NR_T_HTON(seq_nr);
82 }
83
84 void EncryptedPacket::setSenderId(sender_id_t sender_id)
85 {
86 if(header_)
87 header_->sender_id = SENDER_ID_T_HTON(sender_id);
88 }
89
90 void EncryptedPacket::setMux(mux_t mux)
91 {
92 if(header_)
93 header_->mux = MUX_T_HTON(mux);
94 }
95
96 void EncryptedPacket::setHeader(seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
97 {
98 if(!header_)
99 return;
100
101 header_->seq_nr = SEQ_NR_T_HTON(seq_nr);
102 header_->sender_id = SENDER_ID_T_HTON(sender_id);
103 header_->mux = MUX_T_HTON(mux);
104 }
105
106 u_int32_t EncryptedPacket::getPayloadLength() const
107 {
108 if(!payload_)
109 return 0;
110
111 if(!auth_tag_)
112 return (length_ > sizeof(struct HeaderStruct)) ? (length_ - sizeof(struct HeaderStruct)) : 0;
113
114 return (length_ > (sizeof(struct HeaderStruct) + AUTHTAG_SIZE)) ? (length_ - sizeof(struct HeaderStruct) - AUTHTAG_SIZE) : 0;
115 }
116
117 void EncryptedPacket::setPayloadLength(u_int32_t payload_length)
118 {
119 Buffer::setLength(payload_length + sizeof(struct HeaderStruct));
120 // depending on allow_realloc buf_ may point to another address
121 // therefore in this case reinit() gets called by Buffer::setLength()
122 }
123
124 void EncryptedPacket::reinit()
125 {
126 header_ = reinterpret_cast<struct HeaderStruct*>(buf_);
127 payload_ = buf_ + sizeof(struct HeaderStruct);
128
129 if(length_ <= (sizeof(struct HeaderStruct)))
130 payload_ = NULL;
131
132 if(length_ < (sizeof(struct HeaderStruct))) {
133 header_ = NULL;
134 throw std::runtime_error("packet can't be initialized, buffer is too small");
135 }
136
137 if(auth_tag_)
138 {
139 if(length_ < (sizeof(struct HeaderStruct) + AUTHTAG_SIZE)) {
140 auth_tag_ = NULL;
141 throw std::runtime_error("auth-tag can't be enabled, buffer is too small");
142 }
143 auth_tag_ = buf_ + length_ - AUTHTAG_SIZE;
144 }
145 }
146
147 u_int8_t* EncryptedPacket::getPayload()
148 {
149 return payload_;
150 }
151
152 u_int8_t* EncryptedPacket::getAuthenticatedPortion()
153 {
154 return buf_;
155 }
156
157 u_int32_t EncryptedPacket::getAuthenticatedPortionLength()
158 {
159 if(!buf_)
160 return 0;
161
162 if(!auth_tag_)
163 return length_;
164
165 return (length_ > AUTHTAG_SIZE) ? (length_ - AUTHTAG_SIZE) : 0;
166 }
167
168 void EncryptedPacket::withAuthTag(bool b)
169 {
170 if((b && auth_tag_) || (!b && !auth_tag_))
171 return;
172
173 if(b)
174 {
175 if(length_ < (sizeof(struct HeaderStruct) + AUTHTAG_SIZE))
176 throw std::runtime_error("auth-tag can't be enabled, buffer is too small");
177
178 auth_tag_ = buf_ + length_ - AUTHTAG_SIZE;
179 }
180 else
181 auth_tag_ = NULL;
182 }
183
184 void EncryptedPacket::addAuthTag()
185 {
186 if(auth_tag_)
187 return;
188
189 auth_tag_ = buf_; // will be set to the correct value @ reinit
190 setLength(length_ + AUTHTAG_SIZE);
191 if(auth_tag_ == buf_) // reinit was not called by setLength
192 reinit();
193 }
194
195 void EncryptedPacket::removeAuthTag()
196 {
197 if(!auth_tag_)
198 return;
199
200 auth_tag_ = NULL;
201 setLength(length_ - AUTHTAG_SIZE);
202 }
203
204 u_int8_t* EncryptedPacket::getAuthTag()
205 {
206 return auth_tag_;
207 }
208
209 u_int32_t EncryptedPacket::getAuthTagLength()
210 {
211 if(auth_tag_)
212 return AUTHTAG_SIZE;
213
214 return 0;
215 }
Implementation of SATP