4 * The secure anycast tunneling protocol (satp) defines a protocol used
5 * for communication between any combination of unicast and anycast
6 * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
7 * mode and allows tunneling of every ETHER TYPE protocol (e.g.
8 * ethernet, ip, arp ...). satp directly includes cryptography and
9 * message authentication based on the methodes used by SRTP. It is
10 * intended to deliver a generic, scaleable and secure solution for
11 * tunneling and relaying of packets of any protocol.
14 * Copyright (C) 2007-2008 Othmar Gsenger, Erwin Nindl,
15 * Christian Pointner <satp@wirdorange.org>
17 * This file is part of Anytun.
19 * Anytun is free software: you can redistribute it and/or modify
20 * it under the terms of the GNU General Public License version 3 as
21 * published by the Free Software Foundation.
23 * Anytun is distributed in the hope that it will be useful,
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26 * GNU General Public License for more details.
28 * You should have received a copy of the GNU General Public License
29 * along with anytun. If not, see <http://www.gnu.org/licenses/>.
42 #include "anytunError.h"
44 void Cipher::encrypt(KeyDerivation& kd, PlainPacket & in, EncryptedPacket & out, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
46 u_int32_t len = cipher(kd, in, in.getLength(), out.getPayload(), out.getPayloadLength(), seq_nr, sender_id, mux);
47 out.setSenderId(sender_id);
50 out.setPayloadLength(len);
53 void Cipher::decrypt(KeyDerivation& kd, EncryptedPacket & in, PlainPacket & out)
55 u_int32_t len = decipher(kd, in.getPayload() , in.getPayloadLength(), out, out.getLength(), in.getSeqNr(), in.getSenderId(), in.getMux());
60 //******* NullCipher *******
62 u_int32_t NullCipher::cipher(KeyDerivation& kd, u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
64 std::memcpy(out, in, (ilen < olen) ? ilen : olen);
65 return (ilen < olen) ? ilen : olen;
68 u_int32_t NullCipher::decipher(KeyDerivation& kd, u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
70 std::memcpy(out, in, (ilen < olen) ? ilen : olen);
71 return (ilen < olen) ? ilen : olen;
75 //****** AesIcmCipher ******
77 AesIcmCipher::AesIcmCipher(kd_dir_t d) : Cipher(d), key_(u_int32_t(DEFAULT_KEY_LENGTH/8)), salt_(u_int32_t(SALT_LENGTH))
82 AesIcmCipher::AesIcmCipher(kd_dir_t d, u_int16_t key_length) : Cipher(d), key_(u_int32_t(key_length/8)), salt_(u_int32_t(SALT_LENGTH))
87 void AesIcmCipher::init(u_int16_t key_length)
89 #ifndef USE_SSL_CRYPTO
93 case 128: algo = GCRY_CIPHER_AES128; break;
94 case 192: algo = GCRY_CIPHER_AES192; break;
95 case 256: algo = GCRY_CIPHER_AES256; break;
97 cLog.msg(Log::PRIO_ERROR) << "AesIcmCipher::AesIcmCipher: cipher key length of " << key_length << " Bits is not supported";
102 gcry_error_t err = gcry_cipher_open(&handle_, algo, GCRY_CIPHER_MODE_CTR, 0);
104 cLog.msg(Log::PRIO_ERROR) << "AesIcmCipher::AesIcmCipher: Failed to open cipher" << AnytunGpgError(err);
110 AesIcmCipher::~AesIcmCipher()
112 #ifndef USE_SSL_CRYPTO
114 gcry_cipher_close(handle_);
118 u_int32_t AesIcmCipher::cipher(KeyDerivation& kd, u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
120 calc(kd, in, ilen, out, olen, seq_nr, sender_id, mux);
121 return (ilen < olen) ? ilen : olen;
124 u_int32_t AesIcmCipher::decipher(KeyDerivation& kd, u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
126 calc(kd, in, ilen, out, olen, seq_nr, sender_id, mux);
127 return (ilen < olen) ? ilen : olen;
130 void AesIcmCipher::calcCtr(KeyDerivation& kd, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
132 kd.generate(dir_, LABEL_SALT, seq_nr, salt_);
134 std::memcpy(ctr_.salt_.buf_, salt_.getBuf(), SALT_LENGTH);
135 ctr_.salt_.zero_ = 0;
136 ctr_.params_.mux_ ^= MUX_T_HTON(mux);
137 ctr_.params_.sender_id_ ^= SENDER_ID_T_HTON(sender_id);
138 ctr_.params_.seq_nr_ ^= SEQ_NR_T_HTON(seq_nr);
143 void AesIcmCipher::calc(KeyDerivation& kd, u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
145 #ifndef USE_SSL_CRYPTO
150 kd.generate(dir_, LABEL_ENC, seq_nr, key_);
151 #ifdef USE_SSL_CRYPTO
152 int ret = AES_set_encrypt_key(key_.getBuf(), key_.getLength()*8, &aes_key_);
154 cLog.msg(Log::PRIO_ERROR) << "AesIcmCipher: Failed to set cipher ssl key (code: " << ret << ")";
158 gcry_error_t err = gcry_cipher_setkey(handle_, key_.getBuf(), key_.getLength());
160 cLog.msg(Log::PRIO_ERROR) << "AesIcmCipher: Failed to set cipher key: " << AnytunGpgError(err);
165 calcCtr(kd, seq_nr, sender_id, mux);
167 #ifndef USE_SSL_CRYPTO
168 err = gcry_cipher_setctr(handle_, ctr_.buf_, CTR_LENGTH);
170 cLog.msg(Log::PRIO_ERROR) << "AesIcmCipher: Failed to set cipher CTR: " << AnytunGpgError(err);
174 err = gcry_cipher_encrypt(handle_, out, olen, in, ilen);
176 cLog.msg(Log::PRIO_ERROR) << "AesIcmCipher: Failed to de/encrypt packet: " << AnytunGpgError(err);
180 if(CTR_LENGTH != AES_BLOCK_SIZE) {
181 cLog.msg(Log::PRIO_ERROR) << "AesIcmCipher: Failed to set cipher CTR: size don't fits";
184 unsigned int num = 0;
185 std::memset(ecount_buf_, 0, AES_BLOCK_SIZE);
186 AES_ctr128_encrypt(in, out, (ilen < olen) ? ilen : olen, &aes_key_, ctr_.buf_, ecount_buf_, &num);