authAlgo.cpp

   1 /*
   2  *  anytun
   3  *
   4  *  The secure anycast tunneling protocol (satp) defines a protocol used
   5  *  for communication between any combination of unicast and anycast
   6  *  tunnel endpoints.  It has less protocol overhead than IPSec in Tunnel
   7  *  mode and allows tunneling of every ETHER TYPE protocol (e.g.
   8  *  ethernet, ip, arp ...). satp directly includes cryptography and
   9  *  message authentication based on the methodes used by SRTP.  It is
  10  *  intended to deliver a generic, scaleable and secure solution for
  11  *  tunneling and relaying of packets of any protocol.
  12  *
  13  *
  14  *  Copyright (C) 2007 anytun.org <satp@wirdorange.org>
  15  *
  16  *  This program is free software; you can redistribute it and/or modify
  17  *  it under the terms of the GNU General Public License version 2
  18  *  as published by the Free Software Foundation.
  19  *
  20  *  This program is distributed in the hope that it will be useful,
  21  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  22  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  23  *  GNU General Public License for more details.
  24  *
  25  *  You should have received a copy of the GNU General Public License
  26  *  along with this program (see the file COPYING included with this
  27  *  distribution); if not, write to the Free Software Foundation, Inc.,
  28  *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  29  */
  30
  31 #include "authAlgo.h"
  32 #include "log.h"
  33 #include "buffer.h"
  34
  35 #include <gcrypt.h>
  36
  37
  38 AuthTag NullAuthAlgo::calc(const Buffer& buf)
  39 {
  40   return AuthTag(0);
  41 }
  42
  43 const char* Sha1AuthAlgo::MIN_GCRYPT_VERSION = "1.2.3";
  44
  45 // HMAC_SHA1
  46 Sha1AuthAlgo::Sha1AuthAlgo() : ctx_(NULL)
  47 {
  48   gcry_error_t err;
  49   // No other library has already initialized libgcrypt.
  50   if( !gcry_control(GCRYCTL_ANY_INITIALIZATION_P) )
  51   {
  52     if( !gcry_check_version( MIN_GCRYPT_VERSION ) ) {
  53       cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::Sha1AuthAlgo: Invalid Version of libgcrypt, should be >= " << MIN_GCRYPT_VERSION;
  54       return;
  55     }
  56     /* Tell Libgcrypt that initialization has completed. */
  57     err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED);
  58     if( err ) {
  59       cLog.msg(Log::PRIO_CRIT) << "Sha1AuthAlgo::Sha1AuthAlgo: Failed to finish the initialization of libgcrypt: " << gpg_strerror( err );
  60       return;
  61     } else {
  62       cLog.msg(Log::PRIO_DEBUG) << "Sha1AuthAlgo::Sha1AuthAlgo: libgcrypt init finished";
  63     }
  64   }
  65   err = gcry_md_open( &ctx_, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC );
  66   if( err )
  67     cLog.msg(Log::PRIO_CRIT) << "Sha1AuthAlgo::Sha1AuthAlgo: Failed to open message digest algo";
  68 }
  69
  70 Sha1AuthAlgo::~Sha1AuthAlgo()
  71 {
  72   gcry_md_close( ctx_ );
  73   cLog.msg(Log::PRIO_DEBUG) << "Sha1AuthAlgo::~Sha1AuthAlgo: closed hmac handler";
  74 }
  75
  76 void Sha1AuthAlgo::setKey(Buffer key)
  77 {
  78   gcry_error_t err;
  79   err = gcry_md_setkey( ctx_, key.getBuf(), key.getLength() );
  80   if( err )
  81     cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::setKey: Failed to set cipher key: " << gpg_strerror( err );
  82 }
  83
  84
  85 AuthTag Sha1AuthAlgo::calc(const Buffer& buf)
  86 {
  87   // gcry_error_t err;
  88   Buffer hmac;  //80bit
  89
  90   gcry_md_write( ctx_, static_cast<Buffer>(buf).getBuf(), buf.getLength() );
  91   gcry_md_final( ctx_ );
  92   hmac = Buffer(gcry_md_read( ctx_, 0 ), 10);
  93   return hmac;
  94 }
  95
  96