summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Pointner <equinox@anytun.org>2009-01-15 13:44:22 +0000
committerChristian Pointner <equinox@anytun.org>2009-01-15 13:44:22 +0000
commit3ae9918192308c7d8ff691ca6a09b54aa14f68ff (patch)
treef36f81bf8f3dc6f238b8432aec1a264529ffd92b /src
parentcipher now stores kd direction (diff)
auth algo now stores direction as well
Diffstat (limited to 'src')
-rw-r--r--src/anytun.cpp8
-rw-r--r--src/authAlgo.cpp14
-rw-r--r--src/authAlgo.h20
-rw-r--r--src/authAlgoFactory.cpp4
-rw-r--r--src/authAlgoFactory.h2
5 files changed, 26 insertions, 22 deletions
diff --git a/src/anytun.cpp b/src/anytun.cpp
index c94a260..c4339dc 100644
--- a/src/anytun.cpp
+++ b/src/anytun.cpp
@@ -153,7 +153,7 @@ void sender(void* p)
ThreadParam* param = reinterpret_cast<ThreadParam*>(p);
std::auto_ptr<Cipher> c(CipherFactory::create(gOpt.getCipher(), KD_OUTBOUND));
- std::auto_ptr<AuthAlgo> a(AuthAlgoFactory::create(gOpt.getAuthAlgo()) );
+ std::auto_ptr<AuthAlgo> a(AuthAlgoFactory::create(gOpt.getAuthAlgo(), KD_OUTBOUND) );
PlainPacket plain_packet(MAX_PACKET_LENGTH);
EncryptedPacket encrypted_packet(MAX_PACKET_LENGTH);
@@ -213,7 +213,7 @@ void sender(void* p)
conn.seq_nr_++;
// add authentication tag
- a->generate(conn.kd_, KD_OUTBOUND, encrypted_packet);
+ a->generate(conn.kd_, encrypted_packet);
try
{
@@ -242,7 +242,7 @@ void receiver(void* p)
ThreadParam* param = reinterpret_cast<ThreadParam*>(p);
std::auto_ptr<Cipher> c( CipherFactory::create(gOpt.getCipher(), KD_INBOUND) );
- std::auto_ptr<AuthAlgo> a( AuthAlgoFactory::create(gOpt.getAuthAlgo()) );
+ std::auto_ptr<AuthAlgo> a( AuthAlgoFactory::create(gOpt.getAuthAlgo(), KD_INBOUND) );
EncryptedPacket encrypted_packet(MAX_PACKET_LENGTH);
PlainPacket plain_packet(MAX_PACKET_LENGTH);
@@ -273,7 +273,7 @@ void receiver(void* p)
ConnectionParam & conn = cit->second;
// check whether auth tag is ok or not
- if(!a->checkTag(conn.kd_, KD_INBOUND, encrypted_packet)) {
+ if(!a->checkTag(conn.kd_, encrypted_packet)) {
cLog.msg(Log::PRIO_NOTICE) << "wrong Authentication Tag!" << std::endl;
continue;
}
diff --git a/src/authAlgo.cpp b/src/authAlgo.cpp
index f18378f..6a4c20b 100644
--- a/src/authAlgo.cpp
+++ b/src/authAlgo.cpp
@@ -38,11 +38,11 @@
#include <cstring>
//****** NullAuthAlgo ******
-void NullAuthAlgo::generate(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet)
+void NullAuthAlgo::generate(KeyDerivation& kd, EncryptedPacket& packet)
{
}
-bool NullAuthAlgo::checkTag(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet)
+bool NullAuthAlgo::checkTag(KeyDerivation& kd, EncryptedPacket& packet)
{
return true;
}
@@ -50,7 +50,7 @@ bool NullAuthAlgo::checkTag(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& pa
#ifndef NOCRYPT
//****** Sha1AuthAlgo ******
-Sha1AuthAlgo::Sha1AuthAlgo() : key_(DIGEST_LENGTH)
+Sha1AuthAlgo::Sha1AuthAlgo(kd_dir_t d) : AuthAlgo(d), key_(DIGEST_LENGTH)
{
#ifndef USE_SSL_CRYPTO
gcry_error_t err = gcry_md_open(&handle_, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC);
@@ -74,7 +74,7 @@ Sha1AuthAlgo::~Sha1AuthAlgo()
#endif
}
-void Sha1AuthAlgo::generate(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet)
+void Sha1AuthAlgo::generate(KeyDerivation& kd, EncryptedPacket& packet)
{
#ifndef USE_SSL_CRYPTO
if(!handle_)
@@ -85,7 +85,7 @@ void Sha1AuthAlgo::generate(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& pa
if(!packet.getAuthTagLength())
return;
- kd.generate(dir, LABEL_SATP_MSG_AUTH, packet.getSeqNr(), key_);
+ kd.generate(dir_, LABEL_SATP_MSG_AUTH, packet.getSeqNr(), key_);
#ifndef USE_SSL_CRYPTO
gcry_error_t err = gcry_md_setkey(handle_, key_.getBuf(), key_.getLength());
if(err) {
@@ -116,7 +116,7 @@ void Sha1AuthAlgo::generate(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& pa
std::memcpy(&tag[packet.getAuthTagLength() - length], &hmac[DIGEST_LENGTH - length], length);
}
-bool Sha1AuthAlgo::checkTag(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet)
+bool Sha1AuthAlgo::checkTag(KeyDerivation& kd, EncryptedPacket& packet)
{
#ifndef USE_SSL_CRYPTO
if(!handle_)
@@ -127,7 +127,7 @@ bool Sha1AuthAlgo::checkTag(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& pa
if(!packet.getAuthTagLength())
return true;
- kd.generate(dir, LABEL_SATP_MSG_AUTH, packet.getSeqNr(), key_);
+ kd.generate(dir_, LABEL_SATP_MSG_AUTH, packet.getSeqNr(), key_);
#ifndef USE_SSL_CRYPTO
gcry_error_t err = gcry_md_setkey(handle_, key_.getBuf(), key_.getLength());
if(err) {
diff --git a/src/authAlgo.h b/src/authAlgo.h
index 3361ccf..809880d 100644
--- a/src/authAlgo.h
+++ b/src/authAlgo.h
@@ -48,20 +48,24 @@
class AuthAlgo
{
public:
- AuthAlgo() {};
+ AuthAlgo() : dir_(KD_INBOUND) {};
+ AuthAlgo(kd_dir_t d) : dir_(d) {};
virtual ~AuthAlgo() {};
/**
* generate the mac
* @param packet the packet to be authenticated
*/
- virtual void generate(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet) = 0;
+ virtual void generate(KeyDerivation& kd, EncryptedPacket& packet) = 0;
/**
* check the mac
* @param packet the packet to be authenticated
*/
- virtual bool checkTag(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet) = 0;
+ virtual bool checkTag(KeyDerivation& kd, EncryptedPacket& packet) = 0;
+
+protected:
+ kd_dir_t dir_;
};
//****** NullAuthAlgo ******
@@ -69,8 +73,8 @@ public:
class NullAuthAlgo : public AuthAlgo
{
public:
- void generate(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet);
- bool checkTag(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet);
+ void generate(KeyDerivation& kd, EncryptedPacket& packet);
+ bool checkTag(KeyDerivation& kd, EncryptedPacket& packet);
};
#ifndef NOCRYPT
@@ -80,11 +84,11 @@ public:
class Sha1AuthAlgo : public AuthAlgo
{
public:
- Sha1AuthAlgo();
+ Sha1AuthAlgo(kd_dir_t d);
~Sha1AuthAlgo();
- void generate(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet);
- bool checkTag(KeyDerivation& kd, kd_dir_t dir, EncryptedPacket& packet);
+ void generate(KeyDerivation& kd, EncryptedPacket& packet);
+ bool checkTag(KeyDerivation& kd, EncryptedPacket& packet);
static const u_int32_t DIGEST_LENGTH = 20;
diff --git a/src/authAlgoFactory.cpp b/src/authAlgoFactory.cpp
index 333c47c..648d6f8 100644
--- a/src/authAlgoFactory.cpp
+++ b/src/authAlgoFactory.cpp
@@ -36,13 +36,13 @@
#include "authAlgo.h"
-AuthAlgo* AuthAlgoFactory::create(std::string const& type)
+AuthAlgo* AuthAlgoFactory::create(std::string const& type, kd_dir_t dir)
{
if( type == "null" )
return new NullAuthAlgo();
#ifndef NOCRYPT
else if( type == "sha1" )
- return new Sha1AuthAlgo();
+ return new Sha1AuthAlgo(dir);
#endif
else
throw std::invalid_argument("auth algo not available");
diff --git a/src/authAlgoFactory.h b/src/authAlgoFactory.h
index 2d445d0..ee38248 100644
--- a/src/authAlgoFactory.h
+++ b/src/authAlgoFactory.h
@@ -40,7 +40,7 @@
class AuthAlgoFactory
{
public:
- static AuthAlgo* create(std::string const& type);
+ static AuthAlgo* create(std::string const& type, kd_dir_t dir);
private:
AuthAlgoFactory();