* tunneling and relaying of packets of any protocol.
*
*
- * Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl,
+ * Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl,
* Christian Pointner <satp@wirdorange.org>
*
* This file is part of Anytun.
#ifndef NO_CRYPT
#ifndef NO_PASSPHRASE
-void KeyDerivation::calcMasterKey(std::string passphrase, u_int16_t length)
+void KeyDerivation::calcMasterKey(std::string passphrase, uint16_t length)
{
cLog.msg(Log::PRIO_NOTICE) << "KeyDerivation: calculating master key from passphrase";
if(!length) {
}
#ifndef USE_SSL_CRYPTO
- Buffer digest(static_cast<u_int32_t>(gcry_md_get_algo_dlen(GCRY_MD_SHA256)));
+ Buffer digest(static_cast<uint32_t>(gcry_md_get_algo_dlen(GCRY_MD_SHA256)));
gcry_md_hash_buffer(GCRY_MD_SHA256, digest.getBuf(), passphrase.c_str(), passphrase.length());
#else
- Buffer digest(u_int32_t(SHA256_DIGEST_LENGTH));
+ Buffer digest(uint32_t(SHA256_DIGEST_LENGTH));
SHA256(reinterpret_cast<const unsigned char*>(passphrase.c_str()), passphrase.length(), digest.getBuf());
#endif
master_key_.setLength(length);
std::memcpy(master_key_.getBuf(), &digest.getBuf()[digest.getLength() - master_key_.getLength()], master_key_.getLength());
}
-void KeyDerivation::calcMasterSalt(std::string passphrase, u_int16_t length)
+void KeyDerivation::calcMasterSalt(std::string passphrase, uint16_t length)
{
cLog.msg(Log::PRIO_NOTICE) << "KeyDerivation: calculating master salt from passphrase";
if(!length) {
}
#ifndef USE_SSL_CRYPTO
- Buffer digest(static_cast<u_int32_t>(gcry_md_get_algo_dlen(GCRY_MD_SHA1)));
+ Buffer digest(static_cast<uint32_t>(gcry_md_get_algo_dlen(GCRY_MD_SHA1)));
gcry_md_hash_buffer(GCRY_MD_SHA1, digest.getBuf(), passphrase.c_str(), passphrase.length());
#else
- Buffer digest(u_int32_t(SHA_DIGEST_LENGTH));
+ Buffer digest(uint32_t(SHA_DIGEST_LENGTH));
SHA1(reinterpret_cast<const unsigned char*>(passphrase.c_str()), passphrase.length(), digest.getBuf());
#endif
master_salt_.setLength(length);
switch(label) {
case LABEL_ENC: {
if(dir == KD_OUTBOUND) {
- if(role_ == ROLE_LEFT) return LABEL_LEFT_ENC;
- if(role_ == ROLE_RIGHT) return LABEL_RIGHT_ENC;
- }
- else {
- if(role_ == ROLE_LEFT) return LABEL_RIGHT_ENC;
- if(role_ == ROLE_RIGHT) return LABEL_LEFT_ENC;
+ if(role_ == ROLE_LEFT) { return LABEL_LEFT_ENC; }
+ if(role_ == ROLE_RIGHT) { return LABEL_RIGHT_ENC; }
+ } else {
+ if(role_ == ROLE_LEFT) { return LABEL_RIGHT_ENC; }
+ if(role_ == ROLE_RIGHT) { return LABEL_LEFT_ENC; }
}
break;
}
case LABEL_SALT: {
if(dir == KD_OUTBOUND) {
- if(role_ == ROLE_LEFT) return LABEL_LEFT_SALT;
- if(role_ == ROLE_RIGHT) return LABEL_RIGHT_SALT;
- }
- else {
- if(role_ == ROLE_LEFT) return LABEL_RIGHT_SALT;
- if(role_ == ROLE_RIGHT) return LABEL_LEFT_SALT;
+ if(role_ == ROLE_LEFT) { return LABEL_LEFT_SALT; }
+ if(role_ == ROLE_RIGHT) { return LABEL_RIGHT_SALT; }
+ } else {
+ if(role_ == ROLE_LEFT) { return LABEL_RIGHT_SALT; }
+ if(role_ == ROLE_RIGHT) { return LABEL_LEFT_SALT; }
}
break;
}
case LABEL_AUTH: {
if(dir == KD_OUTBOUND) {
- if(role_ == ROLE_LEFT) return LABEL_LEFT_AUTH;
- if(role_ == ROLE_RIGHT) return LABEL_RIGHT_AUTH;
- }
- else {
- if(role_ == ROLE_LEFT) return LABEL_RIGHT_AUTH;
- if(role_ == ROLE_RIGHT) return LABEL_LEFT_AUTH;
+ if(role_ == ROLE_LEFT) { return LABEL_LEFT_AUTH; }
+ if(role_ == ROLE_RIGHT) { return LABEL_RIGHT_AUTH; }
+ } else {
+ if(role_ == ROLE_LEFT) { return LABEL_RIGHT_AUTH; }
+ if(role_ == ROLE_RIGHT) { return LABEL_LEFT_AUTH; }
}
break;
}
#ifndef NO_CRYPT
//****** AesIcmKeyDerivation ******
-AesIcmKeyDerivation::AesIcmKeyDerivation() : KeyDerivation(DEFAULT_KEY_LENGTH)
+AesIcmKeyDerivation::AesIcmKeyDerivation() : KeyDerivation(DEFAULT_KEY_LENGTH)
{
#ifndef USE_SSL_CRYPTO
- for(int i=0; i<2; i++)
+ for(int i=0; i<2; i++) {
handle_[i] = NULL;
+ }
#endif
}
-AesIcmKeyDerivation::AesIcmKeyDerivation(u_int16_t key_length) : KeyDerivation(key_length)
+AesIcmKeyDerivation::AesIcmKeyDerivation(uint16_t key_length) : KeyDerivation(key_length)
{
#ifndef USE_SSL_CRYPTO
- for(int i=0; i<2; i++)
+ for(int i=0; i<2; i++) {
handle_[i] = NULL;
+ }
#endif
}
WritersLock lock(mutex_);
#ifndef USE_SSL_CRYPTO
for(int i=0; i<2; i++)
- if(handle_[i])
+ if(handle_[i]) {
gcry_cipher_close(handle_[i]);
+ }
#endif
}
is_initialized_ = false;
#ifndef NO_PASSPHRASE
- if(passphrase != "" && !key.getLength())
+ if(passphrase != "" && !key.getLength()) {
calcMasterKey(passphrase, key_length_/8);
- else
+ } else {
master_key_ = SyncBuffer(key);
-
- if(passphrase != "" && !salt.getLength())
+ }
+
+ if(passphrase != "" && !salt.getLength()) {
calcMasterSalt(passphrase, SALT_LENGTH);
- else
+ } else {
master_salt_ = SyncBuffer(salt);
+ }
#else
master_key_ = SyncBuffer(key);
master_salt_ = SyncBuffer(salt);
#ifndef USE_SSL_CRYPTO
int algo;
switch(key_length_) {
- case 128: algo = GCRY_CIPHER_AES128; break;
- case 192: algo = GCRY_CIPHER_AES192; break;
- case 256: algo = GCRY_CIPHER_AES256; break;
+ case 128:
+ algo = GCRY_CIPHER_AES128;
+ break;
+ case 192:
+ algo = GCRY_CIPHER_AES192;
+ break;
+ case 256:
+ algo = GCRY_CIPHER_AES256;
+ break;
default: {
cLog.msg(Log::PRIO_ERROR) << "KeyDerivation::updateMasterKey: cipher key length of " << key_length_ << " Bits is not supported";
return;
}
for(int i=0; i<2; i++) {
- if(handle_[i])
+ if(handle_[i]) {
gcry_cipher_close(handle_[i]);
-
+ }
+
gcry_error_t err = gcry_cipher_open(&handle_[i], algo, GCRY_CIPHER_MODE_CTR, 0);
if(err) {
cLog.msg(Log::PRIO_ERROR) << "KeyDerivation::updateMasterKey: Failed to open cipher: " << AnytunGpgError(err);
return;
- }
-
+ }
+
err = gcry_cipher_setkey(handle_[i], master_key_.getBuf(), master_key_.getLength());
if(err) {
cLog.msg(Log::PRIO_ERROR) << "KeyDerivation::updateMasterKey: Failed to set cipher key: " << AnytunGpgError(err);
is_initialized_ = true;
}
-std::string AesIcmKeyDerivation::printType()
+std::string AesIcmKeyDerivation::printType()
{
ReadersLock lock(mutex_);
return true;
}
-bool AesIcmKeyDerivation::generate(kd_dir_t dir, satp_prf_label_t label, seq_nr_t seq_nr, Buffer& key)
+bool AesIcmKeyDerivation::generate(kd_dir_t dir, satp_prf_label_t label, seq_nr_t seq_nr, Buffer& key)
{
ReadersLock lock(mutex_);
- if(!is_initialized_)
+ if(!is_initialized_) {
return false;
+ }
if(!calcCtr(dir, label, seq_nr)) {
return false;
}
-
+
#ifndef USE_SSL_CRYPTO
gcry_error_t err = gcry_cipher_reset(handle_[dir]);
if(err) {
std::memset(key.getBuf(), 0, key.getLength());
AES_ctr128_encrypt(key.getBuf(), key.getBuf(), key.getLength(), &aes_key_[dir], ctr_[dir].buf_, ecount_buf_[dir], &num);
#endif
-
+
return true;
}
#endif