4 * The secure anycast tunneling protocol (satp) defines a protocol used
5 * for communication between any combination of unicast and anycast
6 * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
7 * mode and allows tunneling of every ETHER TYPE protocol (e.g.
8 * ethernet, ip, arp ...). satp directly includes cryptography and
9 * message authentication based on the methodes used by SRTP. It is
10 * intended to deliver a generic, scaleable and secure solution for
11 * tunneling and relaying of packets of any protocol.
14 * Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl,
15 * Christian Pointner <satp@wirdorange.org>
17 * This file is part of Anytun.
19 * Anytun is free software: you can redistribute it and/or modify
20 * it under the terms of the GNU General Public License as published by
21 * the Free Software Foundation, either version 3 of the License, or
24 * Anytun is distributed in the hope that it will be useful,
25 * but WITHOUT ANY WARRANTY; without even the implied warranty of
26 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
27 * GNU General Public License for more details.
29 * You should have received a copy of the GNU General Public License
30 * along with anytun. If not, see <http://www.gnu.org/licenses/>.
35 #include <cstdio> // for std::memcpy
37 #include "encryptedPacket.h"
39 #include "datatypes.h"
41 #include "anytunError.h"
43 EncryptedPacket::EncryptedPacket(uint32_t payload_length, uint32_t auth_tag_length, bool allow_realloc)
44 : Buffer(payload_length + sizeof(struct HeaderStruct), allow_realloc), auth_tag_length_(auth_tag_length)
46 header_ = reinterpret_cast<struct HeaderStruct*>(buf_);
47 payload_ = buf_ + sizeof(struct HeaderStruct);
51 header_->sender_id = 0;
56 uint32_t EncryptedPacket::getHeaderLength()
58 return sizeof(struct HeaderStruct);
61 seq_nr_t EncryptedPacket::getSeqNr() const
64 return SEQ_NR_T_NTOH(header_->seq_nr);
70 sender_id_t EncryptedPacket::getSenderId() const
73 return SENDER_ID_T_NTOH(header_->sender_id);
79 mux_t EncryptedPacket::getMux() const
82 return MUX_T_NTOH(header_->mux);
88 void EncryptedPacket::setSeqNr(seq_nr_t seq_nr)
91 header_->seq_nr = SEQ_NR_T_HTON(seq_nr);
95 void EncryptedPacket::setSenderId(sender_id_t sender_id)
98 header_->sender_id = SENDER_ID_T_HTON(sender_id);
102 void EncryptedPacket::setMux(mux_t mux)
105 header_->mux = MUX_T_HTON(mux);
109 void EncryptedPacket::setHeader(seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
115 header_->seq_nr = SEQ_NR_T_HTON(seq_nr);
116 header_->sender_id = SENDER_ID_T_HTON(sender_id);
117 header_->mux = MUX_T_HTON(mux);
120 uint32_t EncryptedPacket::getPayloadLength() const
127 return (length_ > sizeof(struct HeaderStruct)) ? (length_ - sizeof(struct HeaderStruct)) : 0;
130 return (length_ > (sizeof(struct HeaderStruct) + auth_tag_length_)) ? (length_ - sizeof(struct HeaderStruct) - auth_tag_length_) : 0;
133 void EncryptedPacket::setPayloadLength(uint32_t payload_length)
135 Buffer::setLength(payload_length + sizeof(struct HeaderStruct));
136 // depending on allow_realloc buf_ may point to another address
137 // therefore in this case reinit() gets called by Buffer::setLength()
140 void EncryptedPacket::reinit()
142 header_ = reinterpret_cast<struct HeaderStruct*>(buf_);
143 payload_ = buf_ + sizeof(struct HeaderStruct);
145 if(length_ <= (sizeof(struct HeaderStruct))) {
149 if(length_ < (sizeof(struct HeaderStruct))) {
151 AnytunError::throwErr() << "encrypted packet can't be initialized, buffer is too small";
155 if(length_ < (sizeof(struct HeaderStruct) + auth_tag_length_)) {
157 AnytunError::throwErr() << "auth-tag can't be enabled, buffer is too small";
159 auth_tag_ = buf_ + length_ - auth_tag_length_;
163 uint8_t* EncryptedPacket::getPayload()
168 uint8_t* EncryptedPacket::getAuthenticatedPortion()
173 uint32_t EncryptedPacket::getAuthenticatedPortionLength()
183 return (length_ > auth_tag_length_) ? (length_ - auth_tag_length_) : 0;
186 void EncryptedPacket::withAuthTag(bool b)
188 if((b && auth_tag_) || (!b && !auth_tag_)) {
193 if(length_ < (sizeof(struct HeaderStruct) + auth_tag_length_)) {
194 AnytunError::throwErr() << "auth-tag can't be enabled, buffer is too small";
197 auth_tag_ = buf_ + length_ - auth_tag_length_;
203 void EncryptedPacket::addAuthTag()
209 auth_tag_ = buf_; // will be set to the correct value @ reinit
210 setLength(length_ + auth_tag_length_);
211 if(auth_tag_ == buf_) { // reinit was not called by setLength
216 void EncryptedPacket::removeAuthTag()
223 setLength(length_ - auth_tag_length_);
226 uint8_t* EncryptedPacket::getAuthTag()
231 uint32_t EncryptedPacket::getAuthTagLength()
234 return auth_tag_length_;