From 3d174037c175e33b0b57c0639ab7440e9f5d6abc Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Tue, 19 Feb 2008 17:31:04 +0000 Subject: replaces cypher with cipher --- Makefile | 8 +-- anytun.cpp | 10 ++-- buffer.h | 2 +- cipher.cpp | 144 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ cipher.h | 84 +++++++++++++++++++++++++++++++ cipherFactory.cpp | 47 ++++++++++++++++++ cipherFactory.h | 51 +++++++++++++++++++ connectionParam.h | 2 +- cypher.cpp | 144 ------------------------------------------------------ cypher.h | 84 ------------------------------- cypherFactory.cpp | 47 ------------------ cypherFactory.h | 51 ------------------- encryptedPacket.h | 4 +- mpi.cpp | 2 +- options.cpp | 16 +++--- options.h | 6 +-- plainPacket.h | 4 +- 17 files changed, 353 insertions(+), 353 deletions(-) create mode 100644 cipher.cpp create mode 100644 cipher.h create mode 100644 cipherFactory.cpp create mode 100644 cipherFactory.h delete mode 100644 cypher.cpp delete mode 100644 cypher.h delete mode 100644 cypherFactory.cpp delete mode 100644 cypherFactory.h diff --git a/Makefile b/Makefile index 38de924..8b61a2e 100644 --- a/Makefile +++ b/Makefile @@ -52,12 +52,12 @@ OBJS = anytun.o \ syncCommand.o \ plainPacket.o \ encryptedPacket.o \ - cypher.o \ + cipher.o \ authAlgo.o \ authTag.o \ keyDerivation.o \ mpi.o \ - cypherFactory.o \ + cipherFactory.o \ authAlgoFactory.o \ connectionList.o \ connectionParam.o \ @@ -100,7 +100,7 @@ plainPacket.o: plainPacket.cpp plainPacket.h buffer.h encryptedPacket.o: encryptedPacket.cpp encryptedPacket.h buffer.h $(C++) $(CCFLAGS) $< -c -cypher.o: cypher.cpp cypher.h buffer.h +cipher.o: cipher.cpp cipher.h buffer.h $(C++) $(CCFLAGS) $< -c authAlgo.o: authAlgo.cpp authAlgo.h buffer.h @@ -115,7 +115,7 @@ keyDerivation.o: keyDerivation.cpp keyDerivation.h mpi.o: mpi.cpp mpi.h $(C++) $(CCFLAGS) $< -c -cypherFactory.o: cypherFactory.cpp cypherFactory.h cypher.h +cipherFactory.o: cipherFactory.cpp cipherFactory.h cipher.h $(C++) $(CCFLAGS) $< -c authAlgoFactory.o: authAlgoFactory.cpp authAlgoFactory.h authAlgo.h diff --git a/anytun.cpp b/anytun.cpp index 2a0ee07..2e03be3 100644 --- a/anytun.cpp +++ b/anytun.cpp @@ -40,11 +40,11 @@ #include "buffer.h" #include "plainPacket.h" #include "encryptedPacket.h" -#include "cypher.h" +#include "cipher.h" #include "keyDerivation.h" #include "authAlgo.h" #include "authTag.h" -#include "cypherFactory.h" +#include "cipherFactory.h" #include "authAlgoFactory.h" #include "signalController.h" #include "packetSource.h" @@ -125,7 +125,7 @@ void* sender(void* p) { ThreadParam* param = reinterpret_cast(p); - std::auto_ptr c(CypherFactory::create(param->opt.getCypher())); + std::auto_ptr c(CipherFactory::create(param->opt.getCipher())); std::auto_ptr a(AuthAlgoFactory::create(param->opt.getAuthAlgo()) ); PlainPacket plain_packet(1600); // TODO: fix me... mtu size @@ -220,7 +220,7 @@ void* receiver(void* p) { ThreadParam* param = reinterpret_cast(p); - std::auto_ptr c( CypherFactory::create(param->opt.getCypher()) ); + std::auto_ptr c( CipherFactory::create(param->opt.getCipher()) ); std::auto_ptr a( AuthAlgoFactory::create(param->opt.getAuthAlgo()) ); EncryptedPacket packet(1600); // TODO: dynamic mtu size @@ -318,7 +318,7 @@ bool initLibGCrypt() } // do NOT allocate a pool uof secure memory! Q@NINE? - // this is NOT thread safe! ?????????????????????????????????? + // this is NOT thread safe! ?????????????????????????????????? why secure memory???????? /* Allocate a pool of 16k secure memory. This also drops priviliges * on some systems. */ diff --git a/buffer.h b/buffer.h index 96201e8..e3d8b58 100644 --- a/buffer.h +++ b/buffer.h @@ -65,7 +65,7 @@ public: protected: friend class TunDevice; friend class UDPPacketSource; - friend class AesIcmCypher; + friend class AesIcmCipher; friend class KeyDerivation; // friend class Mpi; diff --git a/cipher.cpp b/cipher.cpp new file mode 100644 index 0000000..d68204c --- /dev/null +++ b/cipher.cpp @@ -0,0 +1,144 @@ +/* + * anytun + * + * The secure anycast tunneling protocol (satp) defines a protocol used + * for communication between any combination of unicast and anycast + * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel + * mode and allows tunneling of every ETHER TYPE protocol (e.g. + * ethernet, ip, arp ...). satp directly includes cryptography and + * message authentication based on the methodes used by SRTP. It is + * intended to deliver a generic, scaleable and secure solution for + * tunneling and relaying of packets of any protocol. + * + * + * Copyright (C) 2007 anytun.org + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program (see the file COPYING included with this + * distribution); if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#include +#include +#include +#include +#include + +#include "cipher.h" +#include "mpi.h" +#include "log.h" + +void Cipher::encrypt(const PlainPacket & in,EncryptedPacket & out, seq_nr_t seq_nr, sender_id_t sender_id) +{ + cipher(out.payload_, in.complete_payload_ , in.complete_payload_length_, seq_nr, sender_id); + out.setSenderId(sender_id); + out.setSeqNr(seq_nr); + out.setPayloadLength(in.complete_payload_length_); +} + +void Cipher::decrypt(const EncryptedPacket & in,PlainPacket & out) +{ + cipher(out.complete_payload_, in.payload_ , in.payload_length_, in.getSeqNr(), in.getSenderId()); + out.setCompletePayloadLength(in.payload_length_); +} + + + +//****** NullCipher ****** + +void NullCipher::cipher(u_int8_t * out, u_int8_t * in, u_int32_t length, seq_nr_t seq_nr, sender_id_t sender_id) +{ + std::memcpy(out, in, length ); +} + + + +//****** AesIcmCipher ****** + +AesIcmCipher::AesIcmCipher() : salt_(Buffer(14)) // Q@NINE 14?????? +{ + gcry_error_t err; + + // TODO: hardcoded keysize!!!!! + err = gcry_cipher_open( &cipher_, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR, 0 ); + if( err ) + cLog.msg(Log::PRIO_CRIT) << "AesIcmCipher::AesIcmCipher: Failed to open cipher"; +} + + +AesIcmCipher::~AesIcmCipher() +{ + gcry_cipher_close( cipher_ ); + cLog.msg(Log::PRIO_DEBUG) << "AesIcmCipher::~AesIcmCipher: closed cipher"; +} + + +void AesIcmCipher::setKey(Buffer key) +{ + gcry_error_t err; + + err = gcry_cipher_setkey( cipher_, key.getBuf(), key.getLength() ); + if( err ) + cLog.msg(Log::PRIO_ERR) << "AesIcmCipher::setKey: Failed to set cipher key: " << gpg_strerror( err ); +} + +void AesIcmCipher::setSalt(Buffer salt) +{ + salt_ = salt; +} + +void AesIcmCipher::cipher(u_int8_t * out, u_int8_t * in, u_int32_t length, seq_nr_t seq_nr, sender_id_t sender_id) +{ + gcry_error_t err; + + // set the IV + //========================================================================== + // // where the 128-bit integer value IV SHALL be defined by the SSRC, the + // // SRTP packet index i, and the SRTP session salting key k_s, as below. + // // + // // IV = (k_s * 2^16) XOR (SSRC * 2^64) XOR (i * 2^16) + // // sizeof(k_s) = 112 bit, random + + Mpi iv(128); // TODO: hardcoded size + Mpi salt = Mpi(salt_.getBuf(), salt_.getLength()); + Mpi sid = sender_id; + Mpi seq = seq_nr; + + iv = salt.mul2exp(16) ^ sid.mul2exp(64) ^ seq.mul2exp(16); // TODO: hardcoded size + + u_int8_t *iv_buf = iv.getNewBuf(16); // TODO: hardcoded size + + // Q@NINE -> CTR Mode -> gcry_cipher_setctr() ???? + + err = gcry_cipher_setiv( cipher_, iv_buf, 16 ); // TODO: hardcoded size + delete[] iv_buf; + if( err ) { + cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to set cipher IV: " << gpg_strerror( err ); + return; + } + + // Q@NINE -> reset clears IV ???? + + err = gcry_cipher_reset( cipher_ ); + if( err ) { + cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to reset cipher: " << gpg_strerror( err ); + return; + } + + err = gcry_cipher_encrypt( cipher_, out, length, in, length ); + if( err ) { + cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to generate cipher bitstream: " << gpg_strerror( err ); + return; + } +} + diff --git a/cipher.h b/cipher.h new file mode 100644 index 0000000..7ff9e01 --- /dev/null +++ b/cipher.h @@ -0,0 +1,84 @@ +/* + * anytun + * + * The secure anycast tunneling protocol (satp) defines a protocol used + * for communication between any combination of unicast and anycast + * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel + * mode and allows tunneling of every ETHER TYPE protocol (e.g. + * ethernet, ip, arp ...). satp directly includes cryptography and + * message authentication based on the methodes used by SRTP. It is + * intended to deliver a generic, scaleable and secure solution for + * tunneling and relaying of packets of any protocol. + * + * + * Copyright (C) 2007 anytun.org + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program (see the file COPYING included with this + * distribution); if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#ifndef _CIPHER_H_ +#define _CIPHER_H_ + +#include "datatypes.h" +#include "buffer.h" +#include "encryptedPacket.h" +#include "plainPacket.h" + +#include + + +class Cipher +{ +public: + Cipher() {}; + virtual ~Cipher() {}; + + void setKey(Buffer key) {}; + void setSalt(Buffer salt) {}; + void encrypt(const PlainPacket & in,EncryptedPacket & out, seq_nr_t seq_nr, sender_id_t sender_id); + void decrypt(const EncryptedPacket & in,PlainPacket & out); +private: + virtual void cipher(u_int8_t * in, u_int8_t * out, u_int32_t length, seq_nr_t seq_nr, sender_id_t sender_id) {}; +}; + +//****** NullCipher ****** + +class NullCipher : public Cipher +{ +public: + NullCipher() {}; + ~NullCipher() {}; +protected: + void cipher(u_int8_t * in, u_int8_t * out, u_int32_t length, seq_nr_t seq_nr, sender_id_t sender_id); +}; + +//****** AesIcmCipher ****** + +class AesIcmCipher : public Cipher +{ +public: + AesIcmCipher(); + ~AesIcmCipher(); + void setKey(Buffer key); + void setSalt(Buffer salt); + +protected: + void cipher(u_int8_t * in, u_int8_t * out, u_int32_t length, seq_nr_t seq_nr, sender_id_t sender_id); + gcry_cipher_hd_t cipher_; + Buffer salt_; +}; + + +#endif diff --git a/cipherFactory.cpp b/cipherFactory.cpp new file mode 100644 index 0000000..4271600 --- /dev/null +++ b/cipherFactory.cpp @@ -0,0 +1,47 @@ +/* + * anytun + * + * The secure anycast tunneling protocol (satp) defines a protocol used + * for communication between any combination of unicast and anycast + * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel + * mode and allows tunneling of every ETHER TYPE protocol (e.g. + * ethernet, ip, arp ...). satp directly includes cryptography and + * message authentication based on the methodes used by SRTP. It is + * intended to deliver a generic, scaleable and secure solution for + * tunneling and relaying of packets of any protocol. + * + * + * Copyright (C) 2007 anytun.org + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program (see the file COPYING included with this + * distribution); if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#include +#include + +#include "cipherFactory.h" +#include "cipher.h" + + +Cipher* CipherFactory::create(std::string const& type) +{ + if( type == "null" ) + return new NullCipher(); + else if( type == "aes" ) + return new AesIcmCipher(); + else + throw std::invalid_argument("cipher not available"); +} + diff --git a/cipherFactory.h b/cipherFactory.h new file mode 100644 index 0000000..b48d7d0 --- /dev/null +++ b/cipherFactory.h @@ -0,0 +1,51 @@ +/* + * anytun + * + * The secure anycast tunneling protocol (satp) defines a protocol used + * for communication between any combination of unicast and anycast + * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel + * mode and allows tunneling of every ETHER TYPE protocol (e.g. + * ethernet, ip, arp ...). satp directly includes cryptography and + * message authentication based on the methodes used by SRTP. It is + * intended to deliver a generic, scaleable and secure solution for + * tunneling and relaying of packets of any protocol. + * + * + * Copyright (C) 2007 anytun.org + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program (see the file COPYING included with this + * distribution); if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#ifndef _CIPHER_FACTORY_H_ +#define _CIPHER_FACTORY_H_ + +#include + +#include "datatypes.h" +#include "cipher.h" + +class CipherFactory +{ +public: + static Cipher* create(std::string const& type); + +private: + CipherFactory(); + CipherFactory(const CipherFactory& src); + void operator=(const CipherFactory& src); + ~CipherFactory(); +}; + +#endif diff --git a/connectionParam.h b/connectionParam.h index 5e00e25..0861a6c 100644 --- a/connectionParam.h +++ b/connectionParam.h @@ -33,7 +33,7 @@ #include "options.h" #include "keyDerivation.h" -#include "cypher.h" +#include "cipher.h" #include "authAlgo.h" #include "seqWindow.h" #include "threadUtils.hpp" diff --git a/cypher.cpp b/cypher.cpp deleted file mode 100644 index 7652bff..0000000 --- a/cypher.cpp +++ /dev/null @@ -1,144 +0,0 @@ -/* - * anytun - * - * The secure anycast tunneling protocol (satp) defines a protocol used - * for communication between any combination of unicast and anycast - * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel - * mode and allows tunneling of every ETHER TYPE protocol (e.g. - * ethernet, ip, arp ...). satp directly includes cryptography and - * message authentication based on the methodes used by SRTP. It is - * intended to deliver a generic, scaleable and secure solution for - * tunneling and relaying of packets of any protocol. - * - * - * Copyright (C) 2007 anytun.org - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program (see the file COPYING included with this - * distribution); if not, write to the Free Software Foundation, Inc., - * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -#include -#include -#include -#include -#include - -#include "cypher.h" -#include "mpi.h" -#include "log.h" - -void Cypher::encrypt(const PlainPacket & in,EncryptedPacket & out, seq_nr_t seq_nr, sender_id_t sender_id) -{ - cypher(out.payload_, in.complete_payload_ , in.complete_payload_length_, seq_nr, sender_id); - out.setSenderId(sender_id); - out.setSeqNr(seq_nr); - out.setPayloadLength(in.complete_payload_length_); -} - -void Cypher::decrypt(const EncryptedPacket & in,PlainPacket & out) -{ - cypher(out.complete_payload_, in.payload_ , in.payload_length_, in.getSeqNr(), in.getSenderId()); - out.setCompletePayloadLength(in.payload_length_); -} - - - -//****** NullCypher ****** - -void NullCypher::cypher(u_int8_t * out, u_int8_t * in, u_int32_t length, seq_nr_t seq_nr, sender_id_t sender_id) -{ - std::memcpy(out, in, length ); -} - - - -//****** AesIcmCypher ****** - -AesIcmCypher::AesIcmCypher() : salt_(Buffer(14)) // Q@NINE 14?????? -{ - gcry_error_t err; - - // TODO: hardcoded keysize!!!!! - err = gcry_cipher_open( &cipher_, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR, 0 ); - if( err ) - cLog.msg(Log::PRIO_CRIT) << "AesIcmCypher::AesIcmCypher: Failed to open cipher"; -} - - -AesIcmCypher::~AesIcmCypher() -{ - gcry_cipher_close( cipher_ ); - cLog.msg(Log::PRIO_DEBUG) << "AesIcmCypher::~AesIcmCypher: closed cipher"; -} - - -void AesIcmCypher::setKey(Buffer key) -{ - gcry_error_t err; - - err = gcry_cipher_setkey( cipher_, key.getBuf(), key.getLength() ); - if( err ) - cLog.msg(Log::PRIO_ERR) << "AesIcmCypher::setKey: Failed to set cipher key: " << gpg_strerror( err ); -} - -void AesIcmCypher::setSalt(Buffer salt) -{ - salt_ = salt; -} - -void AesIcmCypher::cypher(u_int8_t * out, u_int8_t * in, u_int32_t length, seq_nr_t seq_nr, sender_id_t sender_id) -{ - gcry_error_t err; - - // set the IV - //========================================================================== - // // where the 128-bit integer value IV SHALL be defined by the SSRC, the - // // SRTP packet index i, and the SRTP session salting key k_s, as below. - // // - // // IV = (k_s * 2^16) XOR (SSRC * 2^64) XOR (i * 2^16) - // // sizeof(k_s) = 112 bit, random - - Mpi iv(128); // TODO: hardcoded size - Mpi salt = Mpi(salt_.getBuf(), salt_.getLength()); - Mpi sid = sender_id; - Mpi seq = seq_nr; - - iv = salt.mul2exp(16) ^ sid.mul2exp(64) ^ seq.mul2exp(16); // TODO: hardcoded size - - u_int8_t *iv_buf = iv.getNewBuf(16); // TODO: hardcoded size - - // Q@NINE -> CTR Mode -> gcry_cipher_setctr() ???? - - err = gcry_cipher_setiv( cipher_, iv_buf, 16 ); // TODO: hardcoded size - delete[] iv_buf; - if( err ) { - cLog.msg(Log::PRIO_ERR) << "AesIcmCypher: Failed to set cipher IV: " << gpg_strerror( err ); - return; - } - - // Q@NINE -> reset clears IV ???? - - err = gcry_cipher_reset( cipher_ ); - if( err ) { - cLog.msg(Log::PRIO_ERR) << "AesIcmCypher: Failed to reset cipher: " << gpg_strerror( err ); - return; - } - - err = gcry_cipher_encrypt( cipher_, out, length, in, length ); - if( err ) { - cLog.msg(Log::PRIO_ERR) << "AesIcmCypher: Failed to generate cipher bitstream: " << gpg_strerror( err ); - return; - } -} - diff --git a/cypher.h b/cypher.h deleted file mode 100644 index 52a1895..0000000 --- a/cypher.h +++ /dev/null @@ -1,84 +0,0 @@ -/* - * anytun - * - * The secure anycast tunneling protocol (satp) defines a protocol used - * for communication between any combination of unicast and anycast - * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel - * mode and allows tunneling of every ETHER TYPE protocol (e.g. - * ethernet, ip, arp ...). satp directly includes cryptography and - * message authentication based on the methodes used by SRTP. It is - * intended to deliver a generic, scaleable and secure solution for - * tunneling and relaying of packets of any protocol. - * - * - * Copyright (C) 2007 anytun.org - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program (see the file COPYING included with this - * distribution); if not, write to the Free Software Foundation, Inc., - * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -#ifndef _CYPHER_H_ -#define _CYPHER_H_ - -#include "datatypes.h" -#include "buffer.h" -#include "encryptedPacket.h" -#include "plainPacket.h" - -#include - - -class Cypher -{ -public: - Cypher() {}; - virtual ~Cypher() {}; - - void setKey(Buffer key) {}; - void setSalt(Buffer salt) {}; - void encrypt(const PlainPacket & in,EncryptedPacket & out, seq_nr_t seq_nr, sender_id_t sender_id); - void decrypt(const EncryptedPacket & in,PlainPacket & out); -private: - virtual void cypher(u_int8_t * in, u_int8_t * out, u_int32_t length, seq_nr_t seq_nr, sender_id_t sender_id) {}; -}; - -//****** NullCypher ****** - -class NullCypher : public Cypher -{ -public: - NullCypher() {}; - ~NullCypher() {}; -protected: - void cypher(u_int8_t * in, u_int8_t * out, u_int32_t length, seq_nr_t seq_nr, sender_id_t sender_id); -}; - -//****** AesIcmCypher ****** - -class AesIcmCypher : public Cypher -{ -public: - AesIcmCypher(); - ~AesIcmCypher(); - void setKey(Buffer key); - void setSalt(Buffer salt); - -protected: - void cypher(u_int8_t * in, u_int8_t * out, u_int32_t length, seq_nr_t seq_nr, sender_id_t sender_id); - gcry_cipher_hd_t cipher_; - Buffer salt_; -}; - - -#endif diff --git a/cypherFactory.cpp b/cypherFactory.cpp deleted file mode 100644 index e554fd2..0000000 --- a/cypherFactory.cpp +++ /dev/null @@ -1,47 +0,0 @@ -/* - * anytun - * - * The secure anycast tunneling protocol (satp) defines a protocol used - * for communication between any combination of unicast and anycast - * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel - * mode and allows tunneling of every ETHER TYPE protocol (e.g. - * ethernet, ip, arp ...). satp directly includes cryptography and - * message authentication based on the methodes used by SRTP. It is - * intended to deliver a generic, scaleable and secure solution for - * tunneling and relaying of packets of any protocol. - * - * - * Copyright (C) 2007 anytun.org - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program (see the file COPYING included with this - * distribution); if not, write to the Free Software Foundation, Inc., - * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -#include -#include - -#include "cypherFactory.h" -#include "cypher.h" - - -Cypher* CypherFactory::create(std::string const& type) -{ - if( type == "null" ) - return new NullCypher(); - else if( type == "aes" ) - return new AesIcmCypher(); - else - throw std::invalid_argument("cypher not available"); -} - diff --git a/cypherFactory.h b/cypherFactory.h deleted file mode 100644 index 002d741..0000000 --- a/cypherFactory.h +++ /dev/null @@ -1,51 +0,0 @@ -/* - * anytun - * - * The secure anycast tunneling protocol (satp) defines a protocol used - * for communication between any combination of unicast and anycast - * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel - * mode and allows tunneling of every ETHER TYPE protocol (e.g. - * ethernet, ip, arp ...). satp directly includes cryptography and - * message authentication based on the methodes used by SRTP. It is - * intended to deliver a generic, scaleable and secure solution for - * tunneling and relaying of packets of any protocol. - * - * - * Copyright (C) 2007 anytun.org - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program (see the file COPYING included with this - * distribution); if not, write to the Free Software Foundation, Inc., - * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -#ifndef _CYPHER_FACTORY_H_ -#define _CYPHER_FACTORY_H_ - -#include - -#include "datatypes.h" -#include "cypher.h" - -class CypherFactory -{ -public: - static Cypher* create(std::string const& type); - -private: - CypherFactory(); - CypherFactory(const CypherFactory& src); - void operator=(const CypherFactory& src); - ~CypherFactory(); -}; - -#endif diff --git a/encryptedPacket.h b/encryptedPacket.h index 0535454..afc7d0e 100644 --- a/encryptedPacket.h +++ b/encryptedPacket.h @@ -34,7 +34,7 @@ #include "datatypes.h" #include "buffer.h" #include "authTag.h" -class Cypher; +class Cipher; class EncryptedPacket : public Buffer { public: @@ -137,7 +137,7 @@ private: static const u_int32_t AUTHTAG_SIZE = 10; // 10byte protected: - friend class Cypher; + friend class Cipher; u_int8_t * payload_; u_int32_t payload_length_; }; diff --git a/mpi.cpp b/mpi.cpp index 7c94b7e..28684f7 100644 --- a/mpi.cpp +++ b/mpi.cpp @@ -31,7 +31,7 @@ #include "mpi.h" #include "datatypes.h" -#include "cypher.h" +#include "cipher.h" #include #include diff --git a/options.cpp b/options.cpp index 1158c98..4803cd2 100644 --- a/options.cpp +++ b/options.cpp @@ -103,7 +103,7 @@ Options::Options() ifconfig_param_local_ = "192.168.200.1"; ifconfig_param_remote_netmask_ = "255.255.255.0"; seq_window_size_ = 100; - cypher_ = "aes"; + cipher_ = "aes"; auth_algo_ = "sha1"; } @@ -133,7 +133,7 @@ bool Options::parse(int argc, char* argv[]) PARSE_SCALAR_PARAM("-t","--type", dev_type_) PARSE_SCALAR_PARAM2("-n","--ifconfig", ifconfig_param_local_, ifconfig_param_remote_netmask_) PARSE_SCALAR_PARAM("-w","--window-size", seq_window_size_) - PARSE_SCALAR_PARAM("-c","--cypher", cypher_) + PARSE_SCALAR_PARAM("-c","--cipher", cipher_) PARSE_SCALAR_PARAM("-a","--auth-algo", auth_algo_) PARSE_SCALAR_CSLIST("-M","--sync-hosts", host_port_queue) else @@ -171,7 +171,7 @@ void Options::printUsage() std::cout << " [-n|--ifconfig] the local address for the tun/tap device" << std::endl << " the remote address(tun) or netmask(tap)" << std::endl; std::cout << " [-w|--window-size] seqence number window size" << std::endl; - std::cout << " [-c|--cypher] payload encryption algorithm" << std::endl; + std::cout << " [-c|--cipher] payload encryption algorithm" << std::endl; std::cout << " [-a|--auth-algo] message authentication algorithm" << std::endl; } @@ -190,7 +190,7 @@ void Options::printOptions() std::cout << "ifconfig_param_local='" << ifconfig_param_local_ << "'" << std::endl; std::cout << "ifconfig_param_remote_netmask='" << ifconfig_param_remote_netmask_ << "'" << std::endl; std::cout << "seq_window_size='" << seq_window_size_ << "'" << std::endl; - std::cout << "cypher='" << cypher_ << "'" << std::endl; + std::cout << "cipher='" << cipher_ << "'" << std::endl; std::cout << "auth_algo='" << auth_algo_ << "'" << std::endl; } @@ -392,16 +392,16 @@ Options& Options::setSeqWindowSize(window_size_t s) return *this; } -std::string Options::getCypher() +std::string Options::getCipher() { Lock lock(mutex); - return cypher_; + return cipher_; } -Options& Options::setCypher(std::string c) +Options& Options::setCipher(std::string c) { Lock lock(mutex); - cypher_ = c; + cipher_ = c; return *this; } diff --git a/options.h b/options.h index 9a4a4ed..1c302c8 100644 --- a/options.h +++ b/options.h @@ -82,8 +82,8 @@ public: Options& setIfconfigParamRemoteNetmask(std::string i); window_size_t getSeqWindowSize(); Options& setSeqWindowSize(window_size_t s); - std::string getCypher(); - Options& setCypher(std::string c); + std::string getCipher(); + Options& setCipher(std::string c); std::string getAuthAlgo(); Options& setAuthAlgo(std::string a); ConnectToList getConnectTo(); @@ -107,7 +107,7 @@ private: std::string ifconfig_param_local_; std::string ifconfig_param_remote_netmask_; window_size_t seq_window_size_; - std::string cypher_; + std::string cipher_; std::string auth_algo_; }; diff --git a/plainPacket.h b/plainPacket.h index 39029c2..176d841 100644 --- a/plainPacket.h +++ b/plainPacket.h @@ -34,7 +34,7 @@ #include "datatypes.h" #include "buffer.h" -class Cypher; +class Cipher; /** * plain SATP packet class
* includes payload_type and payload @@ -97,7 +97,7 @@ private: u_int32_t max_length_; payload_type_t* payload_type_; protected: - friend class Cypher; + friend class Cipher; u_int8_t * complete_payload_; u_int32_t complete_payload_length_; }; -- cgit v1.2.3