search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
switched to endpoint @ anytun-config as well
[anytun.git] / src / encryptedPacket.cpp
blob1562f71e35f8edb271139883b13130a91d97f1d8
1 /*
2 * anytun
3 *
4 * The secure anycast tunneling protocol (satp) defines a protocol used
5 * for communication between any combination of unicast and anycast
6 * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
7 * mode and allows tunneling of every ETHER TYPE protocol (e.g.
8 * ethernet, ip, arp ...). satp directly includes cryptography and
9 * message authentication based on the methodes used by SRTP. It is
10 * intended to deliver a generic, scaleable and secure solution for
11 * tunneling and relaying of packets of any protocol.
12 *
13 *
14 * Copyright (C) 2007-2008 Othmar Gsenger, Erwin Nindl,
15 * Christian Pointner <satp@wirdorange.org>
16 *
17 * This file is part of Anytun.
18 *
19 * Anytun is free software: you can redistribute it and/or modify
20 * it under the terms of the GNU General Public License version 3 as
21 * published by the Free Software Foundation.
22 *
23 * Anytun is distributed in the hope that it will be useful,
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26 * GNU General Public License for more details.
27 *
28 * You should have received a copy of the GNU General Public License
29 * along with anytun. If not, see <http://www.gnu.org/licenses/>.
30 */
31
32 #include <stdexcept>
33 #include <iostream>
34 #include <arpa/inet.h>
35 #include <cstdio> // for std::memcpy
36
37 #include "encryptedPacket.h"
38 #include "datatypes.h"
39 #include "log.h"
40
41 EncryptedPacket::EncryptedPacket(u_int32_t payload_length, bool allow_realloc)
42 : Buffer(payload_length + sizeof(struct HeaderStruct), allow_realloc)
43 {
44 header_ = reinterpret_cast<struct HeaderStruct*>(buf_);
45 payload_ = buf_ + sizeof(struct HeaderStruct);
46 auth_tag_ = NULL;
47 if(header_)
48 {
49 header_->seq_nr = 0;
50 header_->sender_id = 0;
51 header_->mux = 0;
52 }
53 }
54
55 seq_nr_t EncryptedPacket::getSeqNr() const
56 {
57 if(header_)
58 return SEQ_NR_T_NTOH(header_->seq_nr);
59
60 return 0;
61 }
62
63 sender_id_t EncryptedPacket::getSenderId() const
64 {
65 if(header_)
66 return SENDER_ID_T_NTOH(header_->sender_id);
67
68 return 0;
69 }
70
71 mux_t EncryptedPacket::getMux() const
72 {
73 if(header_)
74 return MUX_T_NTOH(header_->mux);
75
76 return 0;
77 }
78
79 void EncryptedPacket::setSeqNr(seq_nr_t seq_nr)
80 {
81 if(header_)
82 header_->seq_nr = SEQ_NR_T_HTON(seq_nr);
83 }
84
85 void EncryptedPacket::setSenderId(sender_id_t sender_id)
86 {
87 if(header_)
88 header_->sender_id = SENDER_ID_T_HTON(sender_id);
89 }
90
91 void EncryptedPacket::setMux(mux_t mux)
92 {
93 if(header_)
94 header_->mux = MUX_T_HTON(mux);
95 }
96
97 void EncryptedPacket::setHeader(seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
98 {
99 if(!header_)
100 return;
101
102 header_->seq_nr = SEQ_NR_T_HTON(seq_nr);
103 header_->sender_id = SENDER_ID_T_HTON(sender_id);
104 header_->mux = MUX_T_HTON(mux);
105 }
106
107 u_int32_t EncryptedPacket::getPayloadLength() const
108 {
109 if(!payload_)
110 return 0;
111
112 if(!auth_tag_)
113 return (length_ > sizeof(struct HeaderStruct)) ? (length_ - sizeof(struct HeaderStruct)) : 0;
114
115 return (length_ > (sizeof(struct HeaderStruct) + AUTHTAG_SIZE)) ? (length_ - sizeof(struct HeaderStruct) - AUTHTAG_SIZE) : 0;
116 }
117
118 void EncryptedPacket::setPayloadLength(u_int32_t payload_length)
119 {
120 Buffer::setLength(payload_length + sizeof(struct HeaderStruct));
121 // depending on allow_realloc buf_ may point to another address
122 // therefore in this case reinit() gets called by Buffer::setLength()
123 }
124
125 void EncryptedPacket::reinit()
126 {
127 header_ = reinterpret_cast<struct HeaderStruct*>(buf_);
128 payload_ = buf_ + sizeof(struct HeaderStruct);
129
130 if(length_ <= (sizeof(struct HeaderStruct)))
131 payload_ = NULL;
132
133 if(length_ < (sizeof(struct HeaderStruct))) {
134 header_ = NULL;
135 throw std::runtime_error("packet can't be initialized, buffer is too small");
136 }
137
138 if(auth_tag_)
139 {
140 if(length_ < (sizeof(struct HeaderStruct) + AUTHTAG_SIZE)) {
141 auth_tag_ = NULL;
142 throw std::runtime_error("auth-tag can't be enabled, buffer is too small");
143 }
144 auth_tag_ = buf_ + length_ - AUTHTAG_SIZE;
145 }
146 }
147
148 u_int8_t* EncryptedPacket::getPayload()
149 {
150 return payload_;
151 }
152
153 u_int8_t* EncryptedPacket::getAuthenticatedPortion()
154 {
155 return buf_;
156 }
157
158 u_int32_t EncryptedPacket::getAuthenticatedPortionLength()
159 {
160 if(!buf_)
161 return 0;
162
163 if(!auth_tag_)
164 return length_;
165
166 return (length_ > AUTHTAG_SIZE) ? (length_ - AUTHTAG_SIZE) : 0;
167 }
168
169 void EncryptedPacket::withAuthTag(bool b)
170 {
171 if((b && auth_tag_) || (!b && !auth_tag_))
172 return;
173
174 if(b)
175 {
176 if(length_ < (sizeof(struct HeaderStruct) + AUTHTAG_SIZE))
177 throw std::runtime_error("auth-tag can't be enabled, buffer is too small");
178
179 auth_tag_ = buf_ + length_ - AUTHTAG_SIZE;
180 }
181 else
182 auth_tag_ = NULL;
183 }
184
185 void EncryptedPacket::addAuthTag()
186 {
187 if(auth_tag_)
188 return;
189
190 auth_tag_ = buf_; // will be set to the correct value @ reinit
191 setLength(length_ + AUTHTAG_SIZE);
192 if(auth_tag_ == buf_) // reinit was not called by setLength
193 reinit();
194 }
195
196 void EncryptedPacket::removeAuthTag()
197 {
198 if(!auth_tag_)
199 return;
200
201 auth_tag_ = NULL;
202 setLength(length_ - AUTHTAG_SIZE);
203 }
204
205 u_int8_t* EncryptedPacket::getAuthTag()
206 {
207 return auth_tag_;
208 }
209
210 u_int32_t EncryptedPacket::getAuthTagLength()
211 {
212 if(auth_tag_)
213 return AUTHTAG_SIZE;
214
215 return 0;
216 }
Implementation of SATP