diff options
-rw-r--r-- | anytun.cpp | 45 | ||||
-rw-r--r-- | keyDerivation.cpp | 6 | ||||
-rw-r--r-- | packetSource.cpp | 8 | ||||
-rw-r--r-- | packetSource.h | 8 | ||||
-rw-r--r-- | tunDevice.cpp | 8 | ||||
-rw-r--r-- | tunDevice.h | 4 | ||||
-rw-r--r-- | wireshark-lua/satp.lua | 10 |
7 files changed, 48 insertions, 41 deletions
@@ -91,6 +91,7 @@ void createConnection(const std::string & remote_host, u_int16_t remote_port, Co seq_nr_t seq_nr_=0; KeyDerivation * kd = new KeyDerivation; kd->init(Buffer(key, sizeof(key)), Buffer(salt, sizeof(salt))); + kd->setLogKDRate(0); cLog.msg(Log::PRIO_NOTICE) << "added connection remote host " << remote_host << ":" << remote_port; ConnectionParam connparam ( (*kd), (*seq), seq_nr_, remote_host, remote_port); cl.addConnection(connparam,0); @@ -144,10 +145,14 @@ void* sender(void* p) u_int16_t mux = 0; while(1) { + plain_packet.setLength(MAX_PACKET_LENGTH); + encrypted_packet.setLength(MAX_PACKET_LENGTH); // read packet from device - u_int32_t len = param->dev.read(plain_packet); + u_int32_t len = param->dev.read(plain_packet.getPayload(), plain_packet.getPayloadLength()); plain_packet.setLength(len); + std::cout << "plain_packet.getPayloadLength() = " << plain_packet.getPayloadLength() << std::endl; + if(param->cl.empty()) continue; @@ -167,6 +172,13 @@ void* sender(void* p) // generate packet-key conn.kd_.generate(LABEL_SATP_ENCRYPTION, conn.seq_nr_, session_key); conn.kd_.generate(LABEL_SATP_SALT, conn.seq_nr_, session_salt); + + std::cout << "session_key: "; + std::cout << session_key.getHexDump(); + std::cout << "session_salt: "; + std::cout << session_salt.getHexDump() << std::endl; + + c->setKey(session_key); c->setSalt(session_salt); @@ -180,7 +192,10 @@ void* sender(void* p) // conn.kd_.generate(LABEL_SATP_MSG_AUTH, encrypted_packet.getSeqNr(), session_auth_key); // a->setKey(session_auth_key); // addPacketAuthTag(encrypted_packet, a.get(), conn); - param->src.send(encrypted_packet, conn.remote_host_, conn.remote_port_); + + std::cout << "encrypted_packet.getLength() = " << encrypted_packet.getLength() << std::endl << std::endl; + + param->src.send(encrypted_packet.getBuf(), encrypted_packet.getLength(), conn.remote_host_, conn.remote_port_); } pthread_exit(NULL); } @@ -226,8 +241,8 @@ void* receiver(void* p) std::auto_ptr<Cipher> c( CipherFactory::create(param->opt.getCipher()) ); // std::auto_ptr<AuthAlgo> a( AuthAlgoFactory::create(param->opt.getAuthAlgo()) ); - EncryptedPacket encrypted_packet(1600); // TODO: dynamic mtu size - PlainPacket plain_packet(1600); + EncryptedPacket encrypted_packet(MAX_PACKET_LENGTH); + PlainPacket plain_packet(MAX_PACKET_LENGTH); Buffer session_key(u_int32_t(SESSION_KEYLEN_ENCR)); // TODO: hardcoded size Buffer session_salt(u_int32_t(SESSION_KEYLEN_SALT)); // TODO: hardcoded size @@ -238,8 +253,11 @@ void* receiver(void* p) string remote_host; u_int16_t remote_port; + plain_packet.setLength(MAX_PACKET_LENGTH); + encrypted_packet.setLength(MAX_PACKET_LENGTH); + // read packet from socket - u_int32_t len = param->src.recv(encrypted_packet, remote_host, remote_port); + u_int32_t len = param->src.recv(encrypted_packet.getBuf(), encrypted_packet.getLength(), remote_host, remote_port); encrypted_packet.setLength(len); // TODO: check auth tag first @@ -289,7 +307,7 @@ void* receiver(void* p) continue; // write it on the device - param->dev.write(plain_packet); + param->dev.write(plain_packet.getPayload(), plain_packet.getLength()); } pthread_exit(NULL); } @@ -313,20 +331,7 @@ bool initLibGCrypt() std::cout << "initLibGCrypt: Invalid Version of libgcrypt, should be >= " << MIN_GCRYPT_VERSION << std::endl; return false; } - - // do NOT allocate a pool uof secure memory! Q@NINE? - // this is NOT thread safe! ?????????????????????????????????? why secure memory???????? - - /* Allocate a pool of 16k secure memory. This also drops priviliges - * on some systems. */ -// err = gcry_control(GCRYCTL_INIT_SECMEM, GCRYPT_SEC_MEM, 0); -// if( err ) -// { -// cLog.msg(Log::PRIO_ERR) << "Failed to allocate " << GCRYPT_SEC_MEM << " bytes of secure memory: " << gpg_strerror( err ); -// std::cout << "Failed to allocate " << GCRYPT_SEC_MEM << " bytes of secure memory: " << gpg_strerror( err ) << std::endl; -// return false; -// } - + // Tell Libgcrypt that initialization has completed. gcry_error_t err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED); if( err ) { diff --git a/keyDerivation.cpp b/keyDerivation.cpp index dbafec6..cfd70d4 100644 --- a/keyDerivation.cpp +++ b/keyDerivation.cpp @@ -102,8 +102,10 @@ void KeyDerivation::generate(satp_prf_label label, seq_nr_t seq_nr, Buffer& key) r = 0; // TODO: no new key should be generated if r == 0, except it is the first time else { - Mpi seq = seq_nr; - Mpi rate = 1; + Mpi seq(32); + seq = seq_nr; + Mpi rate(48); + rate = 1; rate = rate.mul2exp(ld_kdr_); r = seq / rate; } diff --git a/packetSource.cpp b/packetSource.cpp index 063d142..5264302 100644 --- a/packetSource.cpp +++ b/packetSource.cpp @@ -46,12 +46,12 @@ UDPPacketSource::UDPPacketSource(std::string localaddr, u_int16_t port) : UDPSoc { } -u_int32_t UDPPacketSource::recv(Buffer& buf, std::string& addr, u_int16_t &port) +u_int32_t UDPPacketSource::recv(u_int8_t* buf, u_int32_t len, std::string& addr, u_int16_t &port) { - return recvFrom(buf, buf.getLength(), addr, port); + return recvFrom(buf, len, addr, port); } -void UDPPacketSource::send(Buffer& buf, std::string addr, u_int16_t port) +void UDPPacketSource::send(u_int8_t* buf, u_int32_t len, std::string addr, u_int16_t port) { - sendTo(buf, buf.getLength(), addr, port); + sendTo(buf, len, addr, port); } diff --git a/packetSource.h b/packetSource.h index a085b04..81abef8 100644 --- a/packetSource.h +++ b/packetSource.h @@ -37,8 +37,8 @@ class PacketSource public: virtual ~PacketSource() {} - virtual u_int32_t recv(Buffer& buf, std::string& addr, u_int16_t &port) = 0; - virtual void send(Buffer& buf, std::string addr, u_int16_t port) = 0; + virtual u_int32_t recv(u_int8_t* buf, u_int32_t len, std::string& addr, u_int16_t &port) = 0; + virtual void send(u_int8_t* buf, u_int32_t len, std::string addr, u_int16_t port) = 0; }; class UDPPacketSource : public PacketSource, public UDPSocket @@ -48,7 +48,7 @@ public: UDPPacketSource(u_int16_t port); UDPPacketSource(std::string localaddr, u_int16_t port); - u_int32_t recv(Buffer& buf, std::string& addr, u_int16_t &port); - void send(Buffer& buf, std::string addr, u_int16_t port); + u_int32_t recv(u_int8_t* buf, u_int32_t len, std::string& addr, u_int16_t &port); + void send(u_int8_t* buf, u_int32_t len, std::string addr, u_int16_t port); }; diff --git a/tunDevice.cpp b/tunDevice.cpp index 81f4cbb..b1ba686 100644 --- a/tunDevice.cpp +++ b/tunDevice.cpp @@ -110,7 +110,7 @@ TunDevice::~TunDevice() close_tun(dev_); } -short TunDevice::read(Buffer& buf) +short TunDevice::read(u_int8_t* buf, u_int32_t len) { if(!dev_) return -1; @@ -121,15 +121,15 @@ short TunDevice::read(Buffer& buf) pfd[0].revents = 0; poll(pfd, 1, -1); Lock lock(io_mutex_); - return read_tun(dev_, buf, buf.getLength()); + return read_tun(dev_, buf, len); } -int TunDevice::write(Buffer& buf) +int TunDevice::write(u_int8_t* buf, u_int32_t len) { if(!dev_) return -1; Lock lock(io_mutex_); - return write_tun(dev_, buf, buf.getLength()); + return write_tun(dev_, buf, len); } char* TunDevice::getActualName() diff --git a/tunDevice.h b/tunDevice.h index 7e4493c..af08132 100644 --- a/tunDevice.h +++ b/tunDevice.h @@ -48,8 +48,8 @@ public: void close(); bool isOpen(); - short read(Buffer& buf); - int write(Buffer& buf); + short read(u_int8_t* buf, u_int32_t len); + int write(u_int8_t* buf, u_int32_t len); char* getActualName(); u_int32_t getType(); diff --git a/wireshark-lua/satp.lua b/wireshark-lua/satp.lua index d6a8b76..50c7c32 100644 --- a/wireshark-lua/satp.lua +++ b/wireshark-lua/satp.lua @@ -13,16 +13,16 @@ do subtree:add(buffer(0,4),"Sequence Number: " .. buffer(0,4):uint()) subtree:add(buffer(4,2),"Sender ID: " .. buffer(4,2):uint()) subtree:add(buffer(6,2),"Mux: " .. buffer(6,2):uint()) - subtree:add(buffer(8,2),"Payload Type: " .. buffer(8,2):uint()) +-- subtree:add(buffer(8,2),"Payload Type: " .. buffer(8,2):uint()) local data_dis = Dissector.get("data") local payload_dis = Dissector.get("ip") - if payload_dis ~= nil then - payload_dis:call(buffer(10):tvb(),pinfo,tree) - else +-- if payload_dis ~= nil then +-- payload_dis:call(buffer(10):tvb(),pinfo,tree) +-- else data_dis:call(buffer(10):tvb(),pinfo,tree) - end +-- end end -- load the udp.port table |