5 files changed, 111 insertions, 61 deletions
diff --git a/anytun.cpp b/anytun.cpp
index c1b124a..e2afc7a 100644
--- a/anytun.cpp
+++ b/anytun.cpp
@@ -341,6 +341,37 @@ bool initLibGCrypt()
 
 int main(int argc, char* argv[])
 {
+//   // this must be called before any other libgcrypt call
+//   if(!initLibGCrypt())
+//     return -1;
+
+//   u_int8_t KEY[] = {0xE1,0xF9,0x7A,0x0D,0x3E,0x01,0x8B,0xE0,0xD6,0x4F,0xA3,0x2C,0x06,0xDE,0x41,0x39};
+//   u_int8_t SALT[] = {0x0E,0xC6,0x75,0xAD,0x49,0x8A,0xFE,0xEB,0xB6,0x96,0x0B,0x3A,0xAB,0xE6};
+//   Buffer master_key(KEY, 16);
+//   Buffer master_salt(SALT, 14);
+//   std::cout << "master key: " << std::endl << master_key.getHexDump() << std::endl;
+//   std::cout << "master salt: " << std::endl << master_salt.getHexDump() << std::endl;
+//   std::cout << std::endl;
+//   KeyDerivation kd;
+//   kd.init(master_key, master_salt);
+
+//   Buffer key(16);
+//   kd.generate(LABEL_SATP_ENCRYPTION, 0, key);
+//   std::cout << "key: " << std::endl << key.getHexDump() << std::endl;
+
+//   Buffer salt(14);
+//   kd.generate(LABEL_SATP_SALT, 0, salt);
+//   std::cout << "salt: " << std::endl << salt.getHexDump() << std::endl;
+
+//   Buffer auth(14);
+//   kd.generate(LABEL_SATP_MSG_AUTH, 0, auth);
+//   std::cout << "auth: " << std::endl << auth.getHexDump() << std::endl;
+
+
+//   exit(0);
+
+// // *++++++++++++++++++ end of kd test
+
   std::cout << "anytun - secure anycast tunneling protocol" << std::endl;
   Options opt;
   if(!opt.parse(argc, argv))
diff --git a/keyDerivation.cpp b/keyDerivation.cpp
index ad2265d..f3d1fe6 100644
--- a/keyDerivation.cpp
+++ b/keyDerivation.cpp
@@ -56,16 +56,16 @@ void KeyDerivation::init(Buffer key, Buffer salt)
   master_salt_ = SyncBuffer(salt);
   master_key_ = SyncBuffer(key);
 
-  updateKey();
+  updateMasterKey();
 }
 
-void KeyDerivation::updateKey()
+void KeyDerivation::updateMasterKey()
 {
   gcry_error_t err;
 
   err = gcry_cipher_setkey( cipher_, master_key_.getBuf(), master_key_.getLength() );
   if( err )
-    cLog.msg(Log::PRIO_ERR) << "KeyDerivation::updateKey: Failed to set cipher key: " << gpg_strerror( err );
+    cLog.msg(Log::PRIO_ERR) << "KeyDerivation::updateMasterKey: Failed to set cipher key: " << gpg_strerror( err );
 }
 
 KeyDerivation::~KeyDerivation()
@@ -83,12 +83,11 @@ void KeyDerivation::setLogKDRate(const uint8_t log_rate)
 
 void KeyDerivation::generate(satp_prf_label label, seq_nr_t seq_nr, Buffer& key) 
 {
-  ////Lock lock(mutex_);
-  gcry_error_t err;
+  Lock lock(mutex_);
 
-  Mpi r;
-  Mpi key_id(128); // TODO: hardcoded keySize!!!!!!!  Q@NINE?
-  Mpi iv(128); // TODO: hardcoded keySize!!!!!!!       Q@NINE?
+  gcry_error_t err = gcry_cipher_reset( cipher_ );
+  if( err )
+    cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to reset cipher: " << gpg_strerror( err );
 
   // see at: http://tools.ietf.org/html/rfc3711#section-4.3
   // *  Let r = index DIV key_derivation_rate (with DIV as defined above).
@@ -98,31 +97,50 @@ void KeyDerivation::generate(satp_prf_label label, seq_nr_t seq_nr, Buffer& key)
   //    alignment).
   //
 
+  Mpi r(48);
   if( ld_kdr_ == -1 )    // means key_derivation_rate = 0
     r = 0;
   else
-    // TODO: kdr can be greater than 2^32 (= 2^48) ????  Q@NINE?
-// Q@NINE? was: r = static_cast<long unsigned int>(seq_nr / ( 0x01 << ld_kdr_ ));
-    r = static_cast<u_int64_t>(seq_nr / ( 0x01 << ld_kdr_ ));
+  {
+    Mpi seq = seq_nr;
+    Mpi rate = 1;
+    rate = rate.mul2exp(ld_kdr_);
+    r = seq / rate;
+  }    
 
-  r = r.mul2exp(8);  // Q@NINE? === r << 8
-  key_id = r + static_cast<long unsigned int>(label);
-  
+  std::cout << "r:  " << std::endl;
+  std::cout << r.getHexDump();
+
+  Mpi key_id(128), l(128);                                                       // TODO: hardcoded keySize
+  l = label;
+  key_id = l.mul2exp(48) + r;                                            // TODO: hardcoded keySize
+
+  std::cout << "label:  " << std::endl;
+  std::cout << l.getHexDump();
+
+  std::cout << "keyid:  " << std::endl;
+  std::cout << key_id.getHexDump();
+
+  Mpi x(128);                                                            // TODO: hardcoded keySize
   Mpi salt = Mpi(master_salt_.getBuf(), master_salt_.getLength());
-  iv = key_id ^ salt;
+  x = key_id ^ salt;
+  
+  std::cout << "x:  " << std::endl;
+  std::cout << x.getHexDump();
 
-  err = gcry_cipher_reset( cipher_ );
-  if( err ) 
-    cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to reset cipher: " << gpg_strerror( err );
+  std::cout << "x*2^16(ctr):  " << std::endl;
+  std::cout << x.mul2exp(16).getHexDump();
+
+  u_int8_t *ctr_buf = x.mul2exp(16).getNewBuf(16);                       // TODO: hardcoded size
+  err = gcry_cipher_setctr( cipher_ , ctr_buf, 16);                      // TODO: hardcoded size
   
-  u_int8_t *iv_buf = iv.getNewBuf(16);
-  err = gcry_cipher_setiv( cipher_ , iv_buf, 16);
-  delete[] iv_buf;
+  delete[] ctr_buf;
   if( err )
     cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to set IV: " << gpg_strerror( err );
 
-  err = gcry_cipher_encrypt( cipher_, key, key.getLength(), 0, 0 );
-  
+  u_int8_t *x_buf = x.getNewBuf(16);                                     // TODO: hardcoded size
+  err = gcry_cipher_encrypt( cipher_, key, key.getLength(), x_buf, 16 ); // TODO: hardcoded size
+  delete[] x_buf;
   if( err ) 
     cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to generate cipher bitstream: " << gpg_strerror( err );
 }
diff --git a/keyDerivation.h b/keyDerivation.h
index 88027ed..8776dd7 100644
--- a/keyDerivation.h
+++ b/keyDerivation.h
@@ -59,7 +59,7 @@ public:
   void generate(satp_prf_label label, seq_nr_t seq_nr, Buffer& key);
 
 private:
-  void updateKey();
+  void updateMasterKey();
   
 	KeyDerivation(const KeyDerivation & src);
 	friend class boost::serialization::access;
@@ -70,7 +70,7 @@ private:
 	  ar & ld_kdr_;
 	  ar & master_salt_;
     ar & master_key_;
-    updateKey();
+    updateMasterKey();
 	}
 
 protected:
diff --git a/mpi.cpp b/mpi.cpp
index 39e3408..18a3349 100644
--- a/mpi.cpp
+++ b/mpi.cpp
@@ -68,7 +68,7 @@ void Mpi::operator=(const Mpi &src)
   val_ = gcry_mpi_copy(src.val_);
 }
 
-void Mpi::operator=(const long unsigned int src)
+void Mpi::operator=(const u_int32_t src)
 {
   gcry_mpi_set_ui(val_, src);
 }
@@ -80,48 +80,44 @@ Mpi Mpi::operator+(const Mpi &b) const
   return res;
 }
 
-Mpi Mpi::operator+(const long unsigned int &b) const
+Mpi Mpi::operator+(const u_int32_t &b) const
 {
   Mpi res;
   gcry_mpi_add_ui(res.val_, val_, b);
   return res;
 }
 
-Mpi Mpi::operator*(const unsigned long int n) const
+Mpi Mpi::operator*(const u_int32_t n) const
 {
   Mpi res;
   gcry_mpi_mul_ui(res.val_, val_, n);
   return res;
 }
 
-//TODO: this is outstandingly ugly!!!!!!!!
-Mpi Mpi::operator^(const Mpi &b) const
+Mpi Mpi::operator/(const Mpi &b) const
 {
-  u_int32_t a_len=0, b_len=0;
   Mpi res;
+  gcry_mpi_div(res.val_, NULL, val_, b.val_, 0);
+  return res;
+}
 
-  a_len = gcry_mpi_get_nbits(val_);
-  b_len = gcry_mpi_get_nbits(b.val_);
+//TODO: this is outstandingly ugly!!!!!!!!
+Mpi Mpi::operator^(const Mpi &b) const
+{
+  u_int32_t a_len = gcry_mpi_get_nbits(val_);
+  u_int32_t b_len = gcry_mpi_get_nbits(b.val_);
 
-  if(a_len>=b_len)
-    res = Mpi(*this);
-  else
-    res = Mpi(b);
+  Mpi res = (a_len >= b_len) ? Mpi(*this) : Mpi(b);
 
   for(u_int32_t i=0; i<a_len && i<b_len; i++) {
     if(gcry_mpi_test_bit(val_, i) ^ gcry_mpi_test_bit(b.val_, i))
       gcry_mpi_set_bit(res.val_, i);
+    else
+      gcry_mpi_clear_bit(res.val_, i);
   }
   return res;
 }
 
-// bit manipulation
-
-void Mpi::rShift(u_int8_t n)
-{
-  gcry_mpi_rshift(val_, val_, n);
-}
-
 Mpi Mpi::mul2exp(u_int32_t e) const
 {
   Mpi res;
@@ -129,11 +125,6 @@ Mpi Mpi::mul2exp(u_int32_t e) const
   return res;
 }
 
-void Mpi::clearHighBit(u_int32_t n)
-{
-  gcry_mpi_clear_highbit( val_, n );
-}
-
 u_int8_t* Mpi::getNewBuf(u_int32_t buf_len) const
 {
   // u_int32_t len = 0;
@@ -153,7 +144,20 @@ u_int8_t* Mpi::getNewBuf(u_int32_t buf_len) const
   return res;
 }
 
-u_int32_t Mpi::getLen() const
+//TODO: why does this not work ?????
+std::string Mpi::getHexDump() const
+{
+//   u_int8_t *buf;
+//   u_int32_t len;
+//   gcry_mpi_aprint( GCRYMPI_FMT_HEX, &buf, &len, val_ );
+//   std::string res(buf, len);
+  
+  gcry_mpi_dump( val_ );
+  std::string res("\n");
+  return res;
+}
+
+u_int32_t Mpi::getLength() const
 {
   return gcry_mpi_get_nbits( val_ );
 }
diff --git a/mpi.h b/mpi.h
index 27c02da..70f6681 100644
--- a/mpi.h
+++ b/mpi.h
@@ -51,21 +51,17 @@ public:
   Mpi(u_int8_t length);
   Mpi(const Mpi &src);
   Mpi(const u_int8_t * src, u_int32_t len);
+
   void operator=(const Mpi &src);
-  void operator=(long unsigned int);
+  void operator=(u_int32_t src);
   Mpi operator+(const Mpi &b) const;
-  Mpi operator+(const long unsigned int &b) const;
+  Mpi operator+(const u_int32_t &b) const;
+  Mpi operator*(const u_int32_t n) const;
+  Mpi operator/(const Mpi &b) const;
+
   Mpi operator^(const Mpi &b) const;
-  Mpi operator*(const unsigned long int n) const;
 
-  /**
-   * shift the bits to the right 
-   * (LSB on the right side)
-   * @param n number of bits to shift
-   */
-  void rShift(u_int8_t n);            // LSB on the right side!
   Mpi mul2exp(u_int32_t e) const;     // value * 2^e
-  void clearHighBit(u_int32_t n);
 
   /**
    * returns a new[] u_int8_t* buffer with the MPI value in the 
@@ -75,7 +71,8 @@ public:
    * @return a byte buffer of size buf_len
    */
   u_int8_t *getNewBuf(u_int32_t buf_len) const;
-  u_int32_t getLen() const;
+  std::string getHexDump() const;
+  u_int32_t getLength() const;
  
 protected:
   gcry_mpi_t val_;