X-Git-Url: https://git.syn-net.org/debian/?a=blobdiff_plain;f=src%2FkeyDerivation.h;h=3290b3e763c78a8556ec00fca168387720aa9c43;hb=refs%2Ftags%2Fupstream%2F0.3.6;hp=eea426622b6d6ad249aae457f76a0ad18b498842;hpb=bb834fe0ed7a38b724f49b944adb801634eb6194;p=anytun.git

diff --git a/src/keyDerivation.h b/src/keyDerivation.h
index eea4266..3290b3e 100644
--- a/src/keyDerivation.h
+++ b/src/keyDerivation.h
@@ -6,12 +6,12 @@
  *  tunnel endpoints.  It has less protocol overhead than IPSec in Tunnel
  *  mode and allows tunneling of every ETHER TYPE protocol (e.g.
  *  ethernet, ip, arp ...). satp directly includes cryptography and
- *  message authentication based on the methodes used by SRTP.  It is
+ *  message authentication based on the methods used by SRTP.  It is
  *  intended to deliver a generic, scaleable and secure solution for
  *  tunneling and relaying of packets of any protocol.
  *
  *
- *  Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl, 
+ *  Copyright (C) 2007-2014 Markus Grüneis, Othmar Gsenger, Erwin Nindl,
  *                          Christian Pointner <satp@wirdorange.org>
  *
  *  This file is part of Anytun.
@@ -27,7 +27,20 @@
  *  GNU General Public License for more details.
  *
  *  You should have received a copy of the GNU General Public License
- *  along with anytun.  If not, see <http://www.gnu.org/licenses/>.
+ *  along with Anytun.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ *  In addition, as a special exception, the copyright holders give
+ *  permission to link the code of portions of this program with the
+ *  OpenSSL library under certain conditions as described in each
+ *  individual source file, and distribute linked combinations
+ *  including the two.
+ *  You must obey the GNU General Public License in all respects
+ *  for all of the code used other than OpenSSL.  If you modify
+ *  file(s) with this exception, you may extend this exception to your
+ *  version of the file(s), but you are not obligated to do so.  If you
+ *  do not wish to do so, delete this exception statement from your
+ *  version.  If you delete this exception statement from all source
+ *  files in the program, then also delete it here.
  */
 
 #ifndef ANYTUN_keyDerivation_h_INCLUDED
@@ -40,11 +53,15 @@
 #include "options.h"
 
 #ifndef NO_CRYPT
-#ifndef USE_SSL_CRYPTO
-#include <gcrypt.h>
-#else
+
+#if defined(USE_SSL_CRYPTO)
 #include <openssl/aes.h>
+#elif defined(USE_NETTLE)
+#include <nettle/aes.h>
+#else  // USE_GCRYPT is the default
+#include <gcrypt.h>
 #endif
+
 #endif
 #include <boost/archive/text_oarchive.hpp>
 #include <boost/archive/text_iarchive.hpp>
@@ -67,7 +84,7 @@ class KeyDerivation
 {
 public:
   KeyDerivation() : is_initialized_(false), role_(ROLE_LEFT), key_length_(0), master_salt_(0), master_key_(0) {};
-  KeyDerivation(u_int16_t key_length) : is_initialized_(false), role_(ROLE_LEFT), key_length_(key_length), master_salt_(0), master_key_(0) {};
+  KeyDerivation(uint16_t key_length) : is_initialized_(false), role_(ROLE_LEFT), key_length_(key_length), master_salt_(0), master_key_(0) {};
   virtual ~KeyDerivation() {};
 
   void setRole(const role_t role);
@@ -77,39 +94,38 @@ public:
 
   virtual std::string printType() { return "GenericKeyDerivation"; };
 
-  satp_prf_label_t convertLabel(kd_dir_t dir, satp_prf_label_t label);  
+  satp_prf_label_t convertLabel(kd_dir_t dir, satp_prf_label_t label);
 
 protected:
   virtual void updateMasterKey() = 0;
-  
+
 #ifndef NO_PASSPHRASE
-  void calcMasterKey(std::string passphrase, u_int16_t length);
-  void calcMasterSalt(std::string passphrase, u_int16_t length);
+  void calcMasterKey(std::string passphrase, uint16_t length);
+  void calcMasterSalt(std::string passphrase, uint16_t length);
 #endif
 
-	KeyDerivation(const KeyDerivation & src);
-	friend class boost::serialization::access;
-	template<class Archive>
-	void serialize(Archive & ar, const unsigned int version)
-	{
- 		WritersLock lock(mutex_);
-    ar & role_;
-    ar & key_length_;
-    ar & master_salt_;
-    ar & master_key_;
+  KeyDerivation(const KeyDerivation& src);
+  friend class boost::serialization::access;
+  template<class Archive>
+  void serialize(Archive& ar, const unsigned int version) {
+    WritersLock lock(mutex_);
+    ar& role_;
+    ar& key_length_;
+    ar& master_salt_;
+    ar& master_key_;
     updateMasterKey();
-	}
+  }
 
   bool is_initialized_;
   role_t role_;
-  u_int16_t key_length_;
+  uint16_t key_length_;
   SyncBuffer master_salt_;
   SyncBuffer master_key_;
 
   SharedMutex mutex_;
 };
 
-#if BOOST_VERSION <= 103500 
+#if BOOST_VERSION <= 103500
 BOOST_IS_ABSTRACT(KeyDerivation);
 #else
 BOOST_SERIALIZATION_ASSUME_ABSTRACT(KeyDerivation);
@@ -131,12 +147,11 @@ public:
 private:
   void updateMasterKey() {};
 
-	friend class boost::serialization::access;
-	template<class Archive>
-	void serialize(Archive & ar, const unsigned int version)
-	{
-    ar & boost::serialization::base_object<KeyDerivation>(*this);
-	}
+  friend class boost::serialization::access;
+  template<class Archive>
+  void serialize(Archive& ar, const unsigned int version) {
+    ar& boost::serialization::base_object<KeyDerivation>(*this);
+  }
 
 };
 
@@ -147,13 +162,13 @@ class AesIcmKeyDerivation : public KeyDerivation
 {
 public:
   AesIcmKeyDerivation();
-  AesIcmKeyDerivation(u_int16_t key_length);
+  AesIcmKeyDerivation(uint16_t key_length);
   ~AesIcmKeyDerivation();
 
-  static const u_int16_t DEFAULT_KEY_LENGTH = 128;
-  static const u_int16_t CTR_LENGTH = 16;
-  static const u_int16_t SALT_LENGTH = 14;
-   
+  static const uint16_t DEFAULT_KEY_LENGTH = 128;
+  static const uint16_t CTR_LENGTH = 16;
+  static const uint16_t SALT_LENGTH = 14;
+
   void init(Buffer key, Buffer salt, std::string passphrase = "");
   bool generate(kd_dir_t dir, satp_prf_label_t label, seq_nr_t seq_nr, Buffer& key);
 
@@ -164,38 +179,39 @@ private:
 
   bool calcCtr(kd_dir_t dir, satp_prf_label_t label, seq_nr_t seq_nr);
 
-	friend class boost::serialization::access;
-	template<class Archive>
-	void serialize(Archive & ar, const unsigned int version)
-	{
-    ar & boost::serialization::base_object<KeyDerivation>(*this);
-	}
+  friend class boost::serialization::access;
+  template<class Archive>
+  void serialize(Archive& ar, const unsigned int version) {
+    ar& boost::serialization::base_object<KeyDerivation>(*this);
+  }
 
-#ifndef USE_SSL_CRYPTO
-  gcry_cipher_hd_t handle_[2];
-#else
+#if defined(USE_SSL_CRYPTO)
   AES_KEY aes_key_[2];
-  u_int8_t ecount_buf_[2][AES_BLOCK_SIZE];
+  uint8_t ecount_buf_[2][AES_BLOCK_SIZE];
+#elif defined(USE_NETTLE)
+  struct aes_ctx ctx_[2];
+#else  // USE_GCRYPT is the default
+  gcry_cipher_hd_t handle_[2];
 #endif
 
 #ifdef _MSC_VER
-  #pragma pack(push, 1)
-#endif  
+#pragma pack(push, 1)
+#endif
   union ATTR_PACKED key_derivation_aesctr_ctr_union {
-    u_int8_t buf_[CTR_LENGTH];
+    uint8_t buf_[CTR_LENGTH];
     struct ATTR_PACKED {
-      u_int8_t buf_[SALT_LENGTH];
-      u_int16_t zero_;
+      uint8_t buf_[SALT_LENGTH];
+      uint16_t zero_;
     } salt_;
     struct ATTR_PACKED {
-      u_int8_t fill_[SALT_LENGTH - sizeof(satp_prf_label_t) - sizeof(seq_nr_t)];
+      uint8_t fill_[SALT_LENGTH - sizeof(satp_prf_label_t) - sizeof(seq_nr_t)];
       satp_prf_label_t label_;
       seq_nr_t seq_;
-      u_int16_t zero_;
+      uint16_t zero_;
     } params_;
   } ctr_[2];
-#ifdef _MSC_VER  
-  #pragma pack(pop)
+#ifdef _MSC_VER
+#pragma pack(pop)
 #endif
 };