auth algo now stores direction as well

author: Christian Pointner <equinox@anytun.org> 2009-01-15 13:44:22 +0000
committer: Christian Pointner <equinox@anytun.org> 2009-01-15 13:44:22 +0000
commit: 3ae9918192308c7d8ff691ca6a09b54aa14f68ff (patch)
tree: f36f81bf8f3dc6f238b8432aec1a264529ffd92b
parent: cipher now stores kd direction (diff)
5 files changed, 26 insertions, 22 deletions
diff --git a/src/anytun.cpp b/src/anytun.cpp
index c94a260..c4339dc 100644
--- a/src/anytun.cpp
+++ b/src/anytun.cpp
@@ -153,7 +153,7 @@ void sender(void* p)
     ThreadParam* param = reinterpret_cast<ThreadParam*>(p);
 
     std::auto_ptr<Cipher> c(CipherFactory::create(gOpt.getCipher(), KD_OUTBOUND));
-    std::auto_ptr<AuthAlgo> a(AuthAlgoFactory::create(gOpt.getAuthAlgo()) );
+    std::auto_ptr<AuthAlgo> a(AuthAlgoFactory::create(gOpt.getAuthAlgo(), KD_OUTBOUND) );
     
     PlainPacket plain_packet(MAX_PACKET_LENGTH);
     EncryptedPacket encrypted_packet(MAX_PACKET_LENGTH);
@@ -213,7 +213,7 @@ void sender(void* p)
       conn.seq_nr_++;
       
           // add authentication tag
-      a->generate(conn.kd_, KD_OUTBOUND, encrypted_packet);
+      a->generate(conn.kd_, encrypted_packet);
 
       try
       {
@@ -242,7 +242,7 @@ void receiver(void* p)
     ThreadParam* param = reinterpret_cast<ThreadParam*>(p); 
     
     std::auto_ptr<Cipher> c( CipherFactory::create(gOpt.getCipher(), KD_INBOUND) );
-    std::auto_ptr<AuthAlgo> a( AuthAlgoFactory::create(gOpt.getAuthAlgo()) );
+    std::auto_ptr<AuthAlgo> a( AuthAlgoFactory::create(gOpt.getAuthAlgo(), KD_INBOUND) );
     
     EncryptedPacket encrypted_packet(MAX_PACKET_LENGTH);
     PlainPacket plain_packet(MAX_PACKET_LENGTH);
@@ -273,7 +273,7 @@ void receiver(void* p)
       ConnectionParam & conn = cit->second;
       
           // check whether auth tag is ok or not
-      if(!a->checkTag(conn.kd_, KD_INBOUND, encrypted_packet)) {
+      if(!a->checkTag(conn.kd_, encrypted_packet)) {
         cLog.msg(Log::PRIO_NOTICE) << "wrong Authentication Tag!" << std::endl;
         continue;
       }        
diff --git a/src/authAlgo.cpp b/src/authAlgo.cpp
index f18378f..6a4c20b 100644
--- a/src/authAlgo.cpp
+++ b/src/authAlgo.cpp
@@ -38,11 +38,11 @@
 #include <cstring>
 
 //****** NullAuthAlgo ******
-void NullAuthAlgo::generate(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet)
+void NullAuthAlgo::generate(KeyDerivation& kd, EncryptedPacket& packet)
 {
 }
 
-bool NullAuthAlgo::checkTag(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet)
+bool NullAuthAlgo::checkTag(KeyDerivation& kd, EncryptedPacket& packet)
 {
   return true;
 }
@@ -50,7 +50,7 @@ bool NullAuthAlgo::checkTag(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& pa
 #ifndef NOCRYPT
 //****** Sha1AuthAlgo ******
 
-Sha1AuthAlgo::Sha1AuthAlgo() : key_(DIGEST_LENGTH)
+Sha1AuthAlgo::Sha1AuthAlgo(kd_dir_t d) : AuthAlgo(d), key_(DIGEST_LENGTH)
 {
 #ifndef USE_SSL_CRYPTO
   gcry_error_t err = gcry_md_open(&handle_, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC);
@@ -74,7 +74,7 @@ Sha1AuthAlgo::~Sha1AuthAlgo()
 #endif    
 }
 
-void Sha1AuthAlgo::generate(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet)
+void Sha1AuthAlgo::generate(KeyDerivation& kd, EncryptedPacket& packet)
 {
 #ifndef USE_SSL_CRYPTO
   if(!handle_)
@@ -85,7 +85,7 @@ void Sha1AuthAlgo::generate(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& pa
   if(!packet.getAuthTagLength())
     return;
   
-  kd.generate(dir, LABEL_SATP_MSG_AUTH, packet.getSeqNr(), key_);
+  kd.generate(dir_, LABEL_SATP_MSG_AUTH, packet.getSeqNr(), key_);
 #ifndef USE_SSL_CRYPTO
   gcry_error_t err = gcry_md_setkey(handle_, key_.getBuf(), key_.getLength());
   if(err) {
@@ -116,7 +116,7 @@ void Sha1AuthAlgo::generate(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& pa
   std::memcpy(&tag[packet.getAuthTagLength() - length], &hmac[DIGEST_LENGTH - length], length);
 }
 
-bool Sha1AuthAlgo::checkTag(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet)
+bool Sha1AuthAlgo::checkTag(KeyDerivation& kd, EncryptedPacket& packet)
 {
 #ifndef USE_SSL_CRYPTO
   if(!handle_)
@@ -127,7 +127,7 @@ bool Sha1AuthAlgo::checkTag(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& pa
   if(!packet.getAuthTagLength())
     return true;
 
-  kd.generate(dir, LABEL_SATP_MSG_AUTH, packet.getSeqNr(), key_);
+  kd.generate(dir_, LABEL_SATP_MSG_AUTH, packet.getSeqNr(), key_);
 #ifndef USE_SSL_CRYPTO
   gcry_error_t err = gcry_md_setkey(handle_, key_.getBuf(), key_.getLength());
   if(err) {
diff --git a/src/authAlgo.h b/src/authAlgo.h
index 3361ccf..809880d 100644
--- a/src/authAlgo.h
+++ b/src/authAlgo.h
@@ -48,20 +48,24 @@
 class AuthAlgo
 {
 public:
-  AuthAlgo() {};
+  AuthAlgo() : dir_(KD_INBOUND) {};
+  AuthAlgo(kd_dir_t d) : dir_(d) {};
   virtual ~AuthAlgo() {};
 
   /**
    * generate the mac
    * @param packet the packet to be authenticated
    */
-  virtual void generate(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet) = 0;
+  virtual void generate(KeyDerivation& kd, EncryptedPacket& packet) = 0;
 
   /**
    * check the mac
    * @param packet the packet to be authenticated
    */
-  virtual bool checkTag(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet) = 0;
+  virtual bool checkTag(KeyDerivation& kd, EncryptedPacket& packet) = 0;
+
+protected:
+  kd_dir_t dir_;
 };
 
 //****** NullAuthAlgo ******
@@ -69,8 +73,8 @@ public:
 class NullAuthAlgo : public AuthAlgo
 {
 public:
-  void generate(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet);
-  bool checkTag(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet);
+  void generate(KeyDerivation& kd, EncryptedPacket& packet);
+  bool checkTag(KeyDerivation& kd, EncryptedPacket& packet);
 };
 
 #ifndef NOCRYPT
@@ -80,11 +84,11 @@ public:
 class Sha1AuthAlgo : public AuthAlgo
 {
 public:
-  Sha1AuthAlgo();
+  Sha1AuthAlgo(kd_dir_t d);
   ~Sha1AuthAlgo();
 
-  void generate(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet);
-  bool checkTag(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet);
+  void generate(KeyDerivation& kd, EncryptedPacket& packet);
+  bool checkTag(KeyDerivation& kd, EncryptedPacket& packet);
 
   static const u_int32_t DIGEST_LENGTH = 20;
 
diff --git a/src/authAlgoFactory.cpp b/src/authAlgoFactory.cpp
index 333c47c..648d6f8 100644
--- a/src/authAlgoFactory.cpp
+++ b/src/authAlgoFactory.cpp
@@ -36,13 +36,13 @@
 #include "authAlgo.h"
 
 
-AuthAlgo* AuthAlgoFactory::create(std::string const& type)
+AuthAlgo* AuthAlgoFactory::create(std::string const& type, kd_dir_t dir)
 {
   if( type == "null" )
     return new NullAuthAlgo();
 #ifndef NOCRYPT
   else if( type == "sha1" )
-    return new Sha1AuthAlgo();
+    return new Sha1AuthAlgo(dir);
 #endif
   else
     throw std::invalid_argument("auth algo not available");
diff --git a/src/authAlgoFactory.h b/src/authAlgoFactory.h
index 2d445d0..ee38248 100644
--- a/src/authAlgoFactory.h
+++ b/src/authAlgoFactory.h
@@ -40,7 +40,7 @@
 class AuthAlgoFactory
 {
 public:
-  static AuthAlgo* create(std::string const& type);
+  static AuthAlgo* create(std::string const& type, kd_dir_t dir);
 
 private:
   AuthAlgoFactory();
author	Christian Pointner <equinox@anytun.org>	2009-01-15 13:44:22 +0000
committer	Christian Pointner <equinox@anytun.org>	2009-01-15 13:44:22 +0000
commit	3ae9918192308c7d8ff691ca6a09b54aa14f68ff (patch)
tree	f36f81bf8f3dc6f238b8432aec1a264529ffd92b
parent	cipher now stores kd direction (diff)