4 * The secure anycast tunneling protocol (satp) defines a protocol used
5 * for communication between any combination of unicast and anycast
6 * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
7 * mode and allows tunneling of every ETHER TYPE protocol (e.g.
8 * ethernet, ip, arp ...). satp directly includes cryptography and
9 * message authentication based on the methodes used by SRTP. It is
10 * intended to deliver a generic, scaleable and secure solution for
11 * tunneling and relaying of packets of any protocol.
14 * Copyright (C) 2007 anytun.org <satp@wirdorange.org>
16 * This program is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License version 2
18 * as published by the Free Software Foundation.
20 * This program is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
25 * You should have received a copy of the GNU General Public License
26 * along with this program (see the file COPYING included with this
27 * distribution); if not, write to the Free Software Foundation, Inc.,
28 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
32 #include "keyDerivation.h"
42 const char* KeyDerivation::MIN_GCRYPT_VERSION
= "1.2.3";
44 void KeyDerivation::init(Buffer key
, Buffer salt
)
48 // No other library has already initialized libgcrypt.
49 if( !gcry_control(GCRYCTL_ANY_INITIALIZATION_P
) )
51 if( !gcry_check_version( MIN_GCRYPT_VERSION
) ) {
52 std::cerr
<< "Invalid Version of libgcrypt, should be >= " << MIN_GCRYPT_VERSION
<< std::endl
;
56 /* Allocate a pool of 16k secure memory. This also drops priviliges
58 err
= gcry_control(GCRYCTL_INIT_SECMEM
, 16384, 0);
61 std::cerr
<< "Failed to allocate 16k secure memory: " << gpg_strerror( err
) << std::endl
;
65 /* Tell Libgcrypt that initialization has completed. */
66 err
= gcry_control(GCRYCTL_INITIALIZATION_FINISHED
);
68 std::cerr
<< "Failed to finish the initialization of libgcrypt" << gpg_strerror( err
) << std::endl
;
71 std::cout
<< "KeyDerivation::init: libgcrypt init finished" << std::endl
;
75 err
= gcry_cipher_open( &cipher_
, GCRY_CIPHER_AES128
, GCRY_CIPHER_MODE_CTR
, 0 );
78 std::cerr
<< "Failed to open cipher: " << gpg_strerror( err
) << std::endl
;
84 void KeyDerivation::setLogKDRate(const uint8_t log_rate
)
91 void KeyDerivation::generate(satp_prf_label label
, seq_nr_t seq_nr
, Buffer
& key
, u_int32_t length
)
97 u_int8_t tmp_key_id
[16];
99 // see at: http://tools.ietf.org/html/rfc3711#section-4.3
100 // * Let r = index DIV key_derivation_rate (with DIV as defined above).
101 // * Let key_id = <label> || r.
102 // * Let x = key_id XOR master_salt, where key_id and master_salt are
103 // aligned so that their least significant bits agree (right-
107 if( ld_kdr_
== -1 ) // means key_derivation_rate = 0
110 // FIXXME: kdr can be greater than 2^32 (= 2^48)
111 r
= seq_nr
/ ( 0x01 << ld_kdr_
);
115 // FIXXME: why i cant access key_id via operator []?
116 for(u_int8_t i
=0; i
<sizeof(tmp_key_id
); i
++)
117 tmp_key_id
[i
] = 0x00;
120 tmp_key_id
[1] = label
;
122 Buffer
key_id(tmp_key_id
, 16);
126 err
= gcry_cipher_reset( cipher_
);
129 std::cerr
<< "Failed to reset cipher: " << gpg_strerror( err
) << std::endl
;
132 err
= gcry_cipher_encrypt( cipher_
, key
, key
.getLength(), 0, 0 );
135 std::cerr
<< "Failed to generate cipher bitstream: " << gpg_strerror( err
) << std::endl
;
140 void KeyDerivation::clear()
142 gcry_cipher_close( cipher_
);