* tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
* mode and allows tunneling of every ETHER TYPE protocol (e.g.
* ethernet, ip, arp ...). satp directly includes cryptography and
- * message authentication based on the methodes used by SRTP. It is
+ * message authentication based on the methods used by SRTP. It is
* intended to deliver a generic, scaleable and secure solution for
* tunneling and relaying of packets of any protocol.
*
*
- * Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl,
+ * Copyright (C) 2007-2014 Markus Grüneis, Othmar Gsenger, Erwin Nindl,
* Christian Pointner <satp@wirdorange.org>
*
* This file is part of Anytun.
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
- * along with anytun. If not, see <http://www.gnu.org/licenses/>.
+ * along with Anytun. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * In addition, as a special exception, the copyright holders give
+ * permission to link the code of portions of this program with the
+ * OpenSSL library under certain conditions as described in each
+ * individual source file, and distribute linked combinations
+ * including the two.
+ * You must obey the GNU General Public License in all respects
+ * for all of the code used other than OpenSSL. If you modify
+ * file(s) with this exception, you may extend this exception to your
+ * version of the file(s), but you are not obligated to do so. If you
+ * do not wish to do so, delete this exception statement from your
+ * version. If you delete this exception statement from all source
+ * files in the program, then also delete it here.
*/
+
#ifndef ANYTUN_authAlgo_h_INCLUDED
#define ANYTUN_authAlgo_h_INCLUDED
#include "encryptedPacket.h"
#ifndef NO_CRYPT
-#ifndef USE_SSL_CRYPTO
-#include <gcrypt.h>
-#else
+
+#if defined(USE_SSL_CRYPTO)
#include <openssl/hmac.h>
+#elif defined(USE_NETTLE)
+#include <nettle/hmac.h>
+#else // USE_GCRYPT is the default
+#include <gcrypt.h>
#endif
+
#endif
#include "keyDerivation.h"
//****** Sha1AuthAlgo ******
//* HMAC SHA1 Auth Tag Generator Class
+class AuthAlgoFactory;
+
class Sha1AuthAlgo : public AuthAlgo
{
+ friend class AuthAlgoFactory;
+
public:
- Sha1AuthAlgo(kd_dir_t d);
~Sha1AuthAlgo();
void generate(KeyDerivation& kd, EncryptedPacket& packet);
static const uint32_t DIGEST_LENGTH = 20;
private:
-#ifndef USE_SSL_CRYPTO
+ Sha1AuthAlgo(kd_dir_t d);
+ bool Init();
+
+#if defined(USE_SSL_CRYPTO)
+ HMAC_CTX *ctx_;
+#elif defined(USE_NETTLE)
+ struct hmac_sha1_ctx ctx_;
+#else // USE_GCRYPT is the default
gcry_md_hd_t handle_;
-#else
- HMAC_CTX ctx_;
#endif
Buffer key_;