* tunneling and relaying of packets of any protocol.
*
*
- * Copyright (C) 2007-2008 Othmar Gsenger, Erwin Nindl,
+ * Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl,
* Christian Pointner <satp@wirdorange.org>
*
* This file is part of Anytun.
*
* Anytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* Anytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
#include <iostream>
#include <sstream>
#include <string>
+#include <cstring>
#ifndef NO_CRYPT
#ifndef NO_PASSPHRASE
#ifndef NO_CRYPT
#ifndef NO_PASSPHRASE
-void KeyDerivation::calcMasterKey(std::string passphrase, u_int16_t length)
+void KeyDerivation::calcMasterKey(std::string passphrase, uint16_t length)
{
cLog.msg(Log::PRIO_NOTICE) << "KeyDerivation: calculating master key from passphrase";
if(!length) {
}
#ifndef USE_SSL_CRYPTO
- Buffer digest(gcry_md_get_algo_dlen(GCRY_MD_SHA256));
+ Buffer digest(static_cast<uint32_t>(gcry_md_get_algo_dlen(GCRY_MD_SHA256)));
gcry_md_hash_buffer(GCRY_MD_SHA256, digest.getBuf(), passphrase.c_str(), passphrase.length());
#else
- Buffer digest(u_int32_t(SHA256_DIGEST_LENGTH));
+ Buffer digest(uint32_t(SHA256_DIGEST_LENGTH));
SHA256(reinterpret_cast<const unsigned char*>(passphrase.c_str()), passphrase.length(), digest.getBuf());
#endif
master_key_.setLength(length);
- memcpy(master_key_.getBuf(), &digest.getBuf()[digest.getLength() - master_key_.getLength()], master_key_.getLength());
+ std::memcpy(master_key_.getBuf(), &digest.getBuf()[digest.getLength() - master_key_.getLength()], master_key_.getLength());
}
-void KeyDerivation::calcMasterSalt(std::string passphrase, u_int16_t length)
+void KeyDerivation::calcMasterSalt(std::string passphrase, uint16_t length)
{
cLog.msg(Log::PRIO_NOTICE) << "KeyDerivation: calculating master salt from passphrase";
if(!length) {
}
#ifndef USE_SSL_CRYPTO
- Buffer digest(gcry_md_get_algo_dlen(GCRY_MD_SHA1));
+ Buffer digest(static_cast<uint32_t>(gcry_md_get_algo_dlen(GCRY_MD_SHA1)));
gcry_md_hash_buffer(GCRY_MD_SHA1, digest.getBuf(), passphrase.c_str(), passphrase.length());
#else
- Buffer digest(u_int32_t(SHA_DIGEST_LENGTH));
+ Buffer digest(uint32_t(SHA_DIGEST_LENGTH));
SHA1(reinterpret_cast<const unsigned char*>(passphrase.c_str()), passphrase.length(), digest.getBuf());
#endif
master_salt_.setLength(length);
- memcpy(master_salt_.getBuf(), &digest.getBuf()[digest.getLength() - master_salt_.getLength()], master_salt_.getLength());
+ std::memcpy(master_salt_.getBuf(), &digest.getBuf()[digest.getLength() - master_salt_.getLength()], master_salt_.getLength());
}
#endif
#endif
switch(label) {
case LABEL_ENC: {
if(dir == KD_OUTBOUND) {
- if(role_ == ROLE_LEFT) return LABEL_LEFT_ENC;
- if(role_ == ROLE_RIGHT) return LABEL_RIGHT_ENC;
- }
- else {
- if(role_ == ROLE_LEFT) return LABEL_RIGHT_ENC;
- if(role_ == ROLE_RIGHT) return LABEL_LEFT_ENC;
+ if(role_ == ROLE_LEFT) { return LABEL_LEFT_ENC; }
+ if(role_ == ROLE_RIGHT) { return LABEL_RIGHT_ENC; }
+ } else {
+ if(role_ == ROLE_LEFT) { return LABEL_RIGHT_ENC; }
+ if(role_ == ROLE_RIGHT) { return LABEL_LEFT_ENC; }
}
break;
}
case LABEL_SALT: {
if(dir == KD_OUTBOUND) {
- if(role_ == ROLE_LEFT) return LABEL_LEFT_SALT;
- if(role_ == ROLE_RIGHT) return LABEL_RIGHT_SALT;
- }
- else {
- if(role_ == ROLE_LEFT) return LABEL_RIGHT_SALT;
- if(role_ == ROLE_RIGHT) return LABEL_LEFT_SALT;
+ if(role_ == ROLE_LEFT) { return LABEL_LEFT_SALT; }
+ if(role_ == ROLE_RIGHT) { return LABEL_RIGHT_SALT; }
+ } else {
+ if(role_ == ROLE_LEFT) { return LABEL_RIGHT_SALT; }
+ if(role_ == ROLE_RIGHT) { return LABEL_LEFT_SALT; }
}
break;
}
case LABEL_AUTH: {
if(dir == KD_OUTBOUND) {
- if(role_ == ROLE_LEFT) return LABEL_LEFT_AUTH;
- if(role_ == ROLE_RIGHT) return LABEL_RIGHT_AUTH;
- }
- else {
- if(role_ == ROLE_LEFT) return LABEL_RIGHT_AUTH;
- if(role_ == ROLE_RIGHT) return LABEL_LEFT_AUTH;
+ if(role_ == ROLE_LEFT) { return LABEL_LEFT_AUTH; }
+ if(role_ == ROLE_RIGHT) { return LABEL_RIGHT_AUTH; }
+ } else {
+ if(role_ == ROLE_LEFT) { return LABEL_RIGHT_AUTH; }
+ if(role_ == ROLE_RIGHT) { return LABEL_LEFT_AUTH; }
}
break;
}
#ifndef NO_CRYPT
//****** AesIcmKeyDerivation ******
-AesIcmKeyDerivation::AesIcmKeyDerivation() : KeyDerivation(DEFAULT_KEY_LENGTH)
+AesIcmKeyDerivation::AesIcmKeyDerivation() : KeyDerivation(DEFAULT_KEY_LENGTH)
{
#ifndef USE_SSL_CRYPTO
- for(int i=0; i<2; i++)
+ for(int i=0; i<2; i++) {
handle_[i] = NULL;
+ }
#endif
}
-AesIcmKeyDerivation::AesIcmKeyDerivation(u_int16_t key_length) : KeyDerivation(key_length)
+AesIcmKeyDerivation::AesIcmKeyDerivation(uint16_t key_length) : KeyDerivation(key_length)
{
#ifndef USE_SSL_CRYPTO
- for(int i=0; i<2; i++)
+ for(int i=0; i<2; i++) {
handle_[i] = NULL;
+ }
#endif
}
WritersLock lock(mutex_);
#ifndef USE_SSL_CRYPTO
for(int i=0; i<2; i++)
- if(handle_[i])
+ if(handle_[i]) {
gcry_cipher_close(handle_[i]);
+ }
#endif
}
is_initialized_ = false;
#ifndef NO_PASSPHRASE
- if(passphrase != "" && !key.getLength())
+ if(passphrase != "" && !key.getLength()) {
calcMasterKey(passphrase, key_length_/8);
- else
+ } else {
master_key_ = SyncBuffer(key);
-
- if(passphrase != "" && !salt.getLength())
+ }
+
+ if(passphrase != "" && !salt.getLength()) {
calcMasterSalt(passphrase, SALT_LENGTH);
- else
+ } else {
master_salt_ = SyncBuffer(salt);
+ }
#else
master_key_ = SyncBuffer(key);
master_salt_ = SyncBuffer(salt);
#ifndef USE_SSL_CRYPTO
int algo;
switch(key_length_) {
- case 128: algo = GCRY_CIPHER_AES128; break;
- case 192: algo = GCRY_CIPHER_AES192; break;
- case 256: algo = GCRY_CIPHER_AES256; break;
+ case 128:
+ algo = GCRY_CIPHER_AES128;
+ break;
+ case 192:
+ algo = GCRY_CIPHER_AES192;
+ break;
+ case 256:
+ algo = GCRY_CIPHER_AES256;
+ break;
default: {
cLog.msg(Log::PRIO_ERROR) << "KeyDerivation::updateMasterKey: cipher key length of " << key_length_ << " Bits is not supported";
return;
}
for(int i=0; i<2; i++) {
- if(handle_[i])
+ if(handle_[i]) {
gcry_cipher_close(handle_[i]);
-
+ }
+
gcry_error_t err = gcry_cipher_open(&handle_[i], algo, GCRY_CIPHER_MODE_CTR, 0);
if(err) {
cLog.msg(Log::PRIO_ERROR) << "KeyDerivation::updateMasterKey: Failed to open cipher: " << AnytunGpgError(err);
return;
- }
-
+ }
+
err = gcry_cipher_setkey(handle_[i], master_key_.getBuf(), master_key_.getLength());
if(err) {
cLog.msg(Log::PRIO_ERROR) << "KeyDerivation::updateMasterKey: Failed to set cipher key: " << AnytunGpgError(err);
is_initialized_ = true;
}
-std::string AesIcmKeyDerivation::printType()
+std::string AesIcmKeyDerivation::printType()
{
ReadersLock lock(mutex_);
cLog.msg(Log::PRIO_ERROR) << "KeyDerivation::calcCtr: salt lengths don't match";
return false;
}
- memcpy(ctr_[dir].salt_.buf_, master_salt_.getBuf(), SALT_LENGTH);
+ std::memcpy(ctr_[dir].salt_.buf_, master_salt_.getBuf(), SALT_LENGTH);
ctr_[dir].salt_.zero_ = 0;
ctr_[dir].params_.label_ ^= SATP_PRF_LABEL_T_HTON(convertLabel(dir, label));
ctr_[dir].params_.seq_ ^= SEQ_NR_T_HTON(seq_nr);
return true;
}
-bool AesIcmKeyDerivation::generate(kd_dir_t dir, satp_prf_label_t label, seq_nr_t seq_nr, Buffer& key)
+bool AesIcmKeyDerivation::generate(kd_dir_t dir, satp_prf_label_t label, seq_nr_t seq_nr, Buffer& key)
{
ReadersLock lock(mutex_);
- if(!is_initialized_)
+ if(!is_initialized_) {
return false;
+ }
if(!calcCtr(dir, label, seq_nr)) {
return false;
}
-
+
#ifndef USE_SSL_CRYPTO
gcry_error_t err = gcry_cipher_reset(handle_[dir]);
if(err) {
std::memset(key.getBuf(), 0, key.getLength());
AES_ctr128_encrypt(key.getBuf(), key.getBuf(), key.getLength(), &aes_key_[dir], ctr_[dir].buf_, ecount_buf_[dir], &num);
#endif
-
+
return true;
}
#endif
projects / anytun.git / blobdiff