src/cipher.h

   1 /*
   2  *  anytun
   3  *
   4  *  The secure anycast tunneling protocol (satp) defines a protocol used
   5  *  for communication between any combination of unicast and anycast
   6  *  tunnel endpoints.  It has less protocol overhead than IPSec in Tunnel
   7  *  mode and allows tunneling of every ETHER TYPE protocol (e.g.
   8  *  ethernet, ip, arp ...). satp directly includes cryptography and
   9  *  message authentication based on the methodes used by SRTP.  It is
  10  *  intended to deliver a generic, scaleable and secure solution for
  11  *  tunneling and relaying of packets of any protocol.
  12  *
  13  *
  14  *  Copyright (C) 2007 anytun.org <satp@wirdorange.org>
  15  *
  16  *  This program is free software; you can redistribute it and/or modify
  17  *  it under the terms of the GNU General Public License version 2
  18  *  as published by the Free Software Foundation.
  19  *
  20  *  This program is distributed in the hope that it will be useful,
  21  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  22  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  23  *  GNU General Public License for more details.
  24  *
  25  *  You should have received a copy of the GNU General Public License
  26  *  along with this program (see the file COPYING included with this
  27  *  distribution); if not, write to the Free Software Foundation, Inc.,
  28  *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  29  */
  30
  31 #ifndef _CIPHER_H_
  32 #define _CIPHER_H_
  33
  34 #include "datatypes.h"
  35 #include "buffer.h"
  36 #include "encryptedPacket.h"
  37 #include "plainPacket.h"
  38
  39 #include <gcrypt.h>
  40
  41
  42 class Cipher
  43 {
  44 public:
  45   virtual ~Cipher() {};
  46
  47       // TODO: in should be const but does not work with getBuf() :(
  48         void encrypt(PlainPacket & in, EncryptedPacket & out, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux);
  49         void decrypt(EncryptedPacket & in, PlainPacket & out);
  50
  51   virtual void setKey(Buffer& key) = 0;
  52   virtual void setSalt(Buffer& salt) = 0;
  53
  54 protected:
  55   virtual u_int32_t cipher(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux) = 0;
  56   virtual u_int32_t decipher(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux) = 0;
  57 };
  58
  59 //****** NullCipher ******
  60
  61 class NullCipher : public Cipher
  62 {
  63 public:
  64   void setKey(Buffer& key) {};
  65   void setSalt(Buffer& salt) {};
  66
  67 protected:
  68   u_int32_t cipher(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux);
  69   u_int32_t decipher(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux);
  70 };
  71
  72 //****** AesIcmCipher ******
  73
  74 class AesIcmCipher : public Cipher
  75 {
  76 public:
  77   AesIcmCipher();
  78   ~AesIcmCipher();
  79   void setKey(Buffer& key);
  80   void setSalt(Buffer& salt);
  81
  82 protected:
  83   u_int32_t cipher(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux);
  84   u_int32_t decipher(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux);
  85
  86 private:
  87   void calc(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux);
  88
  89   gcry_cipher_hd_t cipher_;
  90   Buffer salt_;
  91 };
  92
  93
  94 #endif