search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fixed typo
[anytun.git] / cipher.cpp
blobe98bc3b8e00a0b27e5e5d4365a1ae3275d7f6f16
1 /*
2 * anytun
3 *
4 * The secure anycast tunneling protocol (satp) defines a protocol used
5 * for communication between any combination of unicast and anycast
6 * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
7 * mode and allows tunneling of every ETHER TYPE protocol (e.g.
8 * ethernet, ip, arp ...). satp directly includes cryptography and
9 * message authentication based on the methodes used by SRTP. It is
10 * intended to deliver a generic, scaleable and secure solution for
11 * tunneling and relaying of packets of any protocol.
12 *
13 *
14 * Copyright (C) 2007 anytun.org <satp@wirdorange.org>
15 *
16 * This program is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License version 2
18 * as published by the Free Software Foundation.
19 *
20 * This program is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * You should have received a copy of the GNU General Public License
26 * along with this program (see the file COPYING included with this
27 * distribution); if not, write to the Free Software Foundation, Inc.,
28 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
29 */
30
31 #include <stdexcept>
32 #include <iostream>
33 #include <string>
34 #include <cstdio>
35 #include <gcrypt.h>
36
37 #include "cipher.h"
38 #include "mpi.h"
39 #include "log.h"
40
41
42 // TODO: in should be const but does not work with getBuf() :(
43 void Cipher::encrypt(PlainPacket & in, EncryptedPacket & out, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
44 {
45 u_int32_t len = cipher(in, in.getLength(), out.getPayload(), out.getPayloadLength(), seq_nr, sender_id, mux);
46 out.setSenderId(sender_id);
47 out.setSeqNr(seq_nr);
48 out.setMux(mux);
49 out.setPayloadLength(len);
50 }
51
52 // TODO: in should be const but does not work with getBuf() :(
53 void Cipher::decrypt(EncryptedPacket & in, PlainPacket & out)
54 {
55 u_int32_t len = decipher(in.getPayload() , in.getPayloadLength(), out, out.getLength(), in.getSeqNr(), in.getSenderId(), in.getMux());
56 out.setLength(len);
57 }
58
59
60 //******* NullCipher *******
61
62 u_int32_t NullCipher::cipher(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
63 {
64 std::memcpy(out, in, (ilen < olen) ? ilen : olen);
65 return (ilen < olen) ? ilen : olen;
66 }
67
68 u_int32_t NullCipher::decipher(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
69 {
70 std::memcpy(out, in, (ilen < olen) ? ilen : olen);
71 return (ilen < olen) ? ilen : olen;
72 }
73
74
75 //****** AesIcmCipher ******
76
77 AesIcmCipher::AesIcmCipher() : cipher_(NULL)
78 {
79 // TODO: hardcoded keysize
80 gcry_error_t err = gcry_cipher_open( &cipher_, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR, 0 );
81 if( err )
82 cLog.msg(Log::PRIO_CRIT) << "AesIcmCipher::AesIcmCipher: Failed to open cipher";
83 }
84
85
86 AesIcmCipher::~AesIcmCipher()
87 {
88 if(cipher_)
89 gcry_cipher_close( cipher_ );
90 }
91
92 void AesIcmCipher::setKey(Buffer& key)
93 {
94 if(!cipher_)
95 return;
96
97 gcry_error_t err = gcry_cipher_setkey( cipher_, key.getBuf(), key.getLength() );
98 if( err )
99 cLog.msg(Log::PRIO_ERR) << "AesIcmCipher::setKey: Failed to set cipher key: " << gpg_strerror( err );
100 }
101
102 void AesIcmCipher::setSalt(Buffer& salt)
103 {
104 salt_ = salt;
105 if(!salt_[u_int32_t(0)])
106 salt_[u_int32_t(0)] = 1; // TODO: this is a outstandingly ugly workaround
107 }
108
109 u_int32_t AesIcmCipher::cipher(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
110 {
111 calc(in, ilen, out, olen, seq_nr, sender_id, mux);
112 return (ilen < olen) ? ilen : olen;
113 }
114
115 u_int32_t AesIcmCipher::decipher(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
116 {
117 calc(in, ilen, out, olen, seq_nr, sender_id, mux);
118 return (ilen < olen) ? ilen : olen;
119 }
120
121 void AesIcmCipher::calc(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
122 {
123 if(!cipher_)
124 return;
125
126 gcry_error_t err = gcry_cipher_reset( cipher_ );
127 if( err ) {
128 cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to reset cipher: " << gpg_strerror( err );
129 return;
130 }
131
132 // set the IV ( = CTR)
133 //==========================================================================
134 // // where the 128-bit integer value IV SHALL be defined by the SSRC, the
135 // // SRTP packet index i, and the SRTP session salting key k_s, as below.
136 // //
137 // // IV = (k_s * 2^16) XOR (SSRC * 2^64) XOR (i * 2^16)
138 // // sizeof(k_s) = 112 bit, random
139
140 Mpi ctr(128); // TODO: hardcoded size
141 Mpi salt(salt_.getBuf(), salt_.getLength());
142 Mpi sid_mux(32);
143 sid_mux = sender_id;
144 Mpi mux_mpi(32);
145 mux_mpi = mux;
146 sid_mux = sid_mux ^ mux_mpi.mul2exp(16);
147 Mpi seq(32);
148 seq = seq_nr;
149
150 ctr = salt.mul2exp(16) ^ sid_mux.mul2exp(64) ^ seq.mul2exp(16); // TODO: hardcoded size
151
152 size_t written;
153 u_int8_t *ctr_buf = ctr.getNewBuf(&written); // TODO: hardcoded size
154 err = gcry_cipher_setctr( cipher_, ctr_buf, written ); // TODO: hardcoded size
155 delete[] ctr_buf;
156 if( err ) {
157 cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to set cipher CTR: " << gpg_strerror( err );
158 return;
159 }
160
161 err = gcry_cipher_encrypt( cipher_, out, olen, in, ilen );
162 if( err ) {
163 cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to generate cipher bitstream: " << gpg_strerror( err );
164 return;
165 }
166 }
167
Implementation of SATP