src/cipher.h

   1 /*
   2  *  anytun
   3  *
   4  *  The secure anycast tunneling protocol (satp) defines a protocol used
   5  *  for communication between any combination of unicast and anycast
   6  *  tunnel endpoints.  It has less protocol overhead than IPSec in Tunnel
   7  *  mode and allows tunneling of every ETHER TYPE protocol (e.g.
   8  *  ethernet, ip, arp ...). satp directly includes cryptography and
   9  *  message authentication based on the methodes used by SRTP.  It is
  10  *  intended to deliver a generic, scaleable and secure solution for
  11  *  tunneling and relaying of packets of any protocol.
  12  *
  13  *
  14  *  Copyright (C) 2007-2008 Othmar Gsenger, Erwin Nindl,
  15  *                          Christian Pointner <satp@wirdorange.org>
  16  *
  17  *  This file is part of Anytun.
  18  *
  19  *  Anytun is free software: you can redistribute it and/or modify
  20  *  it under the terms of the GNU General Public License version 3 as
  21  *  published by the Free Software Foundation.
  22  *
  23  *  Anytun is distributed in the hope that it will be useful,
  24  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  25  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  26  *  GNU General Public License for more details.
  27  *
  28  *  You should have received a copy of the GNU General Public License
  29  *  along with anytun.  If not, see <http://www.gnu.org/licenses/>.
  30  */
  31
  32 #ifndef _CIPHER_H_
  33 #define _CIPHER_H_
  34
  35 #include "datatypes.h"
  36 #include "buffer.h"
  37 #include "encryptedPacket.h"
  38 #include "plainPacket.h"
  39
  40 #ifndef NOCRYPT
  41 #include <gcrypt.h>
  42 #endif
  43
  44 class Cipher
  45 {
  46 public:
  47   virtual ~Cipher() {};
  48
  49       // TODO: in should be const but does not work with getBuf() :(
  50         void encrypt(PlainPacket & in, EncryptedPacket & out, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux);
  51         void decrypt(EncryptedPacket & in, PlainPacket & out);
  52
  53   virtual void setKey(Buffer& key) = 0;
  54   virtual void setSalt(Buffer& salt) = 0;
  55
  56 protected:
  57   virtual u_int32_t cipher(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux) = 0;
  58   virtual u_int32_t decipher(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux) = 0;
  59 };
  60
  61 //****** NullCipher ******
  62
  63 class NullCipher : public Cipher
  64 {
  65 public:
  66   void setKey(Buffer& key) {};
  67   void setSalt(Buffer& salt) {};
  68
  69 protected:
  70   u_int32_t cipher(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux);
  71   u_int32_t decipher(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux);
  72 };
  73
  74 #ifndef NOCRYPT
  75 //****** AesIcmCipher ******
  76
  77 class AesIcmCipher : public Cipher
  78 {
  79 public:
  80   AesIcmCipher();
  81   ~AesIcmCipher();
  82   void setKey(Buffer& key);
  83   void setSalt(Buffer& salt);
  84
  85 protected:
  86   u_int32_t cipher(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux);
  87   u_int32_t decipher(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux);
  88
  89 private:
  90   void calc(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux);
  91
  92   gcry_cipher_hd_t cipher_;
  93   Buffer salt_;
  94 };
  95 #endif
  96
  97 #endif