summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--authAlgo.cpp56
-rw-r--r--authAlgo.h13
-rw-r--r--cypher.cpp14
-rw-r--r--keyDerivation.cpp4
-rw-r--r--mpi.cpp2
-rw-r--r--mpi.h20
6 files changed, 88 insertions, 21 deletions
diff --git a/authAlgo.cpp b/authAlgo.cpp
index db4a16c..328a42f 100644
--- a/authAlgo.cpp
+++ b/authAlgo.cpp
@@ -29,10 +29,10 @@
*/
#include "authAlgo.h"
+#include "log.h"
+#include "buffer.h"
-extern "C" {
#include <gcrypt.h>
-}
AuthTag NullAuthAlgo::calc(const Buffer& buf)
@@ -40,20 +40,56 @@ AuthTag NullAuthAlgo::calc(const Buffer& buf)
return AuthTag(0);
}
+const char* Sha1AuthAlgo::MIN_GCRYPT_VERSION = "1.2.3";
// HMAC_SHA1
-AuthTag HmacAuthAlgo::calc(const Buffer& buf)
+Sha1AuthAlgo::Sha1AuthAlgo() : ctx_(NULL)
+{
+ gcry_error_t err;
+ // No other library has already initialized libgcrypt.
+ if( !gcry_control(GCRYCTL_ANY_INITIALIZATION_P) )
+ {
+ if( !gcry_check_version( MIN_GCRYPT_VERSION ) ) {
+ cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::Sha1AuthAlgo: Invalid Version of libgcrypt, should be >= " << MIN_GCRYPT_VERSION;
+ return;
+ }
+ /* Tell Libgcrypt that initialization has completed. */
+ err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED);
+ if( err ) {
+ cLog.msg(Log::PRIO_CRIT) << "Sha1AuthAlgo::Sha1AuthAlgo: Failed to finish the initialization of libgcrypt: " << gpg_strerror( err );
+ return;
+ } else {
+ cLog.msg(Log::PRIO_DEBUG) << "Sha1AuthAlgo::Sha1AuthAlgo: libgcrypt init finished";
+ }
+ }
+ err = gcry_md_open( &ctx_, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC );
+ if( err )
+ cLog.msg(Log::PRIO_CRIT) << "Sha1AuthAlgo::Sha1AuthAlgo: Failed to open message digest algo";
+}
+
+Sha1AuthAlgo::~Sha1AuthAlgo()
+{
+ gcry_md_close( ctx_ );
+ cLog.msg(Log::PRIO_DEBUG) << "Sha1AuthAlgo::~Sha1AuthAlgo: closed hmac handler";
+}
+
+void Sha1AuthAlgo::setKey(Buffer key)
{
gcry_error_t err;
- gcry_md_hd_t ctx;
+ err = gcry_md_setkey( ctx_, key.getBuf(), key.getLength() );
+ if( err )
+ cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::setKey: Failed to set cipher key: " << gpg_strerror( err );
+}
+
+
+AuthTag Sha1AuthAlgo::calc(const Buffer& buf)
+{
+ // gcry_error_t err;
Buffer hmac; //80bit
- err = gcry_md_open( &ctx, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC );
- //gcry_md_setkey( ctx, key, keylen );
- gcry_md_write( ctx, static_cast<Buffer>(buf).getBuf(), buf.getLength() );
- gcry_md_final( ctx );
- hmac = Buffer(gcry_md_read( ctx, 0 ), 10);
- gcry_md_close( ctx );
+ gcry_md_write( ctx_, static_cast<Buffer>(buf).getBuf(), buf.getLength() );
+ gcry_md_final( ctx_ );
+ hmac = Buffer(gcry_md_read( ctx_, 0 ), 10);
return hmac;
}
diff --git a/authAlgo.h b/authAlgo.h
index e3de813..1a6d431 100644
--- a/authAlgo.h
+++ b/authAlgo.h
@@ -31,8 +31,11 @@
#ifndef _AUTHALGO_H_
#define _AUTHALGO_H_
-#include "datatypes.h"
#include "authTag.h"
+#include "datatypes.h"
+#include "buffer.h"
+
+#include <gcrypt.h>
class AuthAlgo
{
@@ -51,10 +54,16 @@ public:
// HMAC_SHA1
-class HmacAuthAlgo : public AuthAlgo
+class Sha1AuthAlgo : public AuthAlgo
{
public:
+ Sha1AuthAlgo();
+ ~Sha1AuthAlgo();
+ void setKey(Buffer key);
AuthTag calc(const Buffer& buf);
+protected:
+ static const char* MIN_GCRYPT_VERSION;
+ gcry_md_hd_t ctx_;
};
#endif
diff --git a/cypher.cpp b/cypher.cpp
index 34a9a10..58b971c 100644
--- a/cypher.cpp
+++ b/cypher.cpp
@@ -65,10 +65,7 @@ Buffer NullCypher::getBitStream(u_int32_t length, seq_nr_t seq_nr, sender_id_t s
return buf;
}
-
const char* AesIcmCypher::MIN_GCRYPT_VERSION = "1.2.3";
-bool AesIcmCypher::gcrypt_initialized_ = false;
-
AesIcmCypher::AesIcmCypher() : salt_(Buffer(14))
{
@@ -78,7 +75,7 @@ AesIcmCypher::AesIcmCypher() : salt_(Buffer(14))
if( !gcry_control(GCRYCTL_ANY_INITIALIZATION_P) )
{
if( !gcry_check_version( MIN_GCRYPT_VERSION ) ) {
- cLog.msg(Log::PRIO_ERR) << "Invalid Version of libgcrypt, should be >= " << MIN_GCRYPT_VERSION;
+ cLog.msg(Log::PRIO_ERR) << "AesIcmCypher::AesIcmCypher: Invalid Version of libgcrypt, should be >= " << MIN_GCRYPT_VERSION;
return;
}
@@ -99,17 +96,20 @@ AesIcmCypher::AesIcmCypher() : salt_(Buffer(14))
cLog.msg(Log::PRIO_CRIT) << "AesIcmCypher::AesIcmCypher: Failed to finish the initialization of libgcrypt: " << gpg_strerror( err );
return;
} else {
- cLog.msg(Log::PRIO_NOTICE) << "AesIcmCypher::AesIcmCypher: libgcrypt init finished";
+ cLog.msg(Log::PRIO_DEBUG) << "AesIcmCypher::AesIcmCypher: libgcrypt init finished";
}
}
gcry_cipher_open( &cipher_, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR, 0 );
+ if( err )
+ cLog.msg(Log::PRIO_CRIT) << "AesIcmCypher::AesIcmCypher: Failed to open cypher";
}
AesIcmCypher::~AesIcmCypher()
{
gcry_cipher_close( cipher_ );
+ cLog.msg(Log::PRIO_DEBUG) << "AesIcmCypher::~AesIcmCypher: closed cipher";
}
@@ -147,7 +147,9 @@ Buffer AesIcmCypher::getBitStream(u_int32_t length, seq_nr_t seq_nr, sender_id_t
iv = salt.mul2exp(16) ^ sid.mul2exp(64) ^ seq.mul2exp(16);
- err = gcry_cipher_setiv( cipher_, iv.getBuf(16), 16 );
+ u_int8_t *iv_buf = iv.getNewBuf(16);
+ err = gcry_cipher_setiv( cipher_, iv_buf, 16 );
+ delete[] iv_buf;
if( err ) {
cLog.msg(Log::PRIO_ERR) << "AesIcmCypher: Failed to set cipher IV: " << gpg_strerror( err );
return Buffer(0);
diff --git a/keyDerivation.cpp b/keyDerivation.cpp
index 4ed87ad..dbef123 100644
--- a/keyDerivation.cpp
+++ b/keyDerivation.cpp
@@ -133,7 +133,9 @@ void KeyDerivation::generate(satp_prf_label label, seq_nr_t seq_nr, Buffer& key,
if( err )
cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to reset cipher: " << gpg_strerror( err );
- err = gcry_cipher_setiv( cipher_ , iv.getBuf(16), 16);
+ u_int8_t *iv_buf = iv.getNewBuf(16);
+ err = gcry_cipher_setiv( cipher_ , iv_buf, 16);
+ delete[] iv_buf;
if( err )
cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to set IV: " << gpg_strerror( err );
diff --git a/mpi.cpp b/mpi.cpp
index afd1785..7c94b7e 100644
--- a/mpi.cpp
+++ b/mpi.cpp
@@ -127,7 +127,7 @@ void Mpi::clearHighBit(u_int32_t n)
gcry_mpi_clear_highbit( val_, n );
}
-u_int8_t* Mpi::getBuf(u_int32_t buf_len) const
+u_int8_t* Mpi::getNewBuf(u_int32_t buf_len) const
{
// u_int32_t len = 0;
u_int32_t written = 0;
diff --git a/mpi.h b/mpi.h
index de7aa98..2638e1d 100644
--- a/mpi.h
+++ b/mpi.h
@@ -37,6 +37,11 @@
#include <gcrypt.h>
+/**
+ * This class is a wrapper for the libgcrypt multi precision integer library.
+ *
+ */
+
class Mpi
{
public:
@@ -52,10 +57,23 @@ public:
Mpi operator^(const Mpi &b) const;
Mpi operator*(const unsigned long int n) const;
+ /**
+ * shift the bits to the right
+ * (LSB on the right side)
+ * @param n number of bits to shift
+ */
void rShift(u_int8_t n); // LSB on the right side!
Mpi mul2exp(u_int32_t e) const; // value * 2^e
void clearHighBit(u_int32_t n);
- u_int8_t *getBuf(u_int32_t buf_len) const;
+
+ /**
+ * returns a new[] u_int8_t* buffer with the MPI value in the
+ * GCRYMPI_FMT_STD (2-complement stored without a length header).
+ * you have to delete it by hand with delete[]!
+ * @param buf_len size of the new buffer that is returned
+ * @return a byte buffer of size buf_len
+ */
+ u_int8_t *getNewBuf(u_int32_t buf_len) const;
u_int32_t getLen() const;
protected: