From b5fc5e6e2136280e4d8c0526fe960e07a73f2e32 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@anytun.org>
Date: Wed, 14 Jan 2009 16:49:42 +0000
Subject: ported authAlgo from uanytun to anytun

---
 src/anytun.cpp   |  31 +++---------
 src/authAlgo.cpp | 145 +++++++++++++++++++++++++++++++++++--------------------
 src/authAlgo.h   |  44 ++++++++---------
 3 files changed, 118 insertions(+), 102 deletions(-)

(limited to 'src')

diff --git a/src/anytun.cpp b/src/anytun.cpp
index 1e54378..e46731a 100644
--- a/src/anytun.cpp
+++ b/src/anytun.cpp
@@ -80,8 +80,6 @@
 #include "daemon.hpp"
 #include "sysexec.hpp"
 
-#define SESSION_KEYLEN_AUTH 20   // TODO: hardcoded size
-
 void createConnection(const PacketSourceEndpoint & remote_end, window_size_t seqSize, mux_t mux)
 {
 	SeqWindow * seq= new SeqWindow(seqSize);
@@ -122,9 +120,6 @@ void sender(void* p)
     PlainPacket plain_packet(MAX_PACKET_LENGTH);
     EncryptedPacket encrypted_packet(MAX_PACKET_LENGTH);
     
-    Buffer session_auth_key(u_int32_t(SESSION_KEYLEN_AUTH));        // TODO: hardcoded size
-    
-        //TODO replace mux
     u_int16_t mux = gOpt.getMux();
     PacketSourceEndpoint emptyEndpoint;
     while(1)
@@ -180,12 +175,8 @@ void sender(void* p)
       conn.seq_nr_++;
       
           // add authentication tag
-      if(a->getMaxLength()) {
-        encrypted_packet.addAuthTag();
-        conn.kd_.generate(LABEL_SATP_MSG_AUTH, encrypted_packet.getSeqNr(), session_auth_key);
-        a->setKey(session_auth_key);
-        a->generate(encrypted_packet);
-      }  
+      a->generate(conn.kd_, encrypted_packet);
+
       try
       {
         param->src.send(encrypted_packet.getBuf(), encrypted_packet.getLength(), conn.remote_end_);
@@ -259,8 +250,6 @@ void receiver(void* p)
     EncryptedPacket encrypted_packet(MAX_PACKET_LENGTH);
     PlainPacket plain_packet(MAX_PACKET_LENGTH);
     
-    Buffer session_auth_key(u_int32_t(SESSION_KEYLEN_AUTH));        // TODO: hardcoded size
-    
     while(1)
     {
       PacketSourceEndpoint remote_end;
@@ -287,17 +276,11 @@ void receiver(void* p)
       ConnectionParam & conn = cit->second;
       
           // check whether auth tag is ok or not
-      if(a->getMaxLength()) {
-        encrypted_packet.withAuthTag(true);
-        conn.kd_.generate(LABEL_SATP_MSG_AUTH, encrypted_packet.getSeqNr(), session_auth_key);
-        a->setKey(session_auth_key);
-        if(!a->checkTag(encrypted_packet)) {
-          cLog.msg(Log::PRIO_NOTICE) << "wrong Authentication Tag!" << std::endl;
-          continue;
-        }        
-        encrypted_packet.removeAuthTag();
-      }  
-      
+      if(!a->checkTag(conn.kd_, encrypted_packet)) {
+        cLog.msg(Log::PRIO_NOTICE) << "wrong Authentication Tag!" << std::endl;
+        continue;
+      }        
+
           //Allow dynamic IP changes 
           //TODO: add command line option to turn this off
       if (remote_end != conn.remote_end_)
diff --git a/src/authAlgo.cpp b/src/authAlgo.cpp
index 7689374..669308b 100644
--- a/src/authAlgo.cpp
+++ b/src/authAlgo.cpp
@@ -37,99 +37,138 @@
 #include <iostream>
 #include <cstring>
 
-#ifndef NOCRYPT
-#include <gcrypt.h>
-#endif
-
 //****** NullAuthAlgo ******
-void NullAuthAlgo::generate(EncryptedPacket& packet)
+void NullAuthAlgo::generate(KeyDerivation& kd, EncryptedPacket& packet)
 {
 }
 
-bool NullAuthAlgo::checkTag(EncryptedPacket& packet)
+bool NullAuthAlgo::checkTag(KeyDerivation& kd, EncryptedPacket& packet)
 {
   return true;
 }
 
-u_int32_t NullAuthAlgo::getMaxLength()
-{
-  return MAX_LENGTH_;
-}
-
 #ifndef NOCRYPT
 //****** Sha1AuthAlgo ******
 
-Sha1AuthAlgo::Sha1AuthAlgo() : ctx_(NULL)
+Sha1AuthAlgo::Sha1AuthAlgo() : key_(DIGEST_LENGTH)
 {
-  gcry_error_t err = gcry_md_open( &ctx_, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC );
-  if( err )
+#ifndef USE_SSL_CRYPTO
+  gcry_error_t err = gcry_md_open(&handle_, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC);
+  if(err) {
     cLog.msg(Log::PRIO_CRIT) << "Sha1AuthAlgo::Sha1AuthAlgo: Failed to open message digest algo";
+    return;
+  } 
+#else
+  HMAC_CTX_init(&ctx_);
+  HMAC_Init_ex(&ctx_, NULL, 0, EVP_sha1(), NULL);
+#endif
 }
 
 Sha1AuthAlgo::~Sha1AuthAlgo()
 {
-  if(ctx_)
-    gcry_md_close( ctx_ );
+#ifndef USE_SSL_CRYPTO
+  if(handle_)
+    gcry_md_close(handle_);
+#else
+  HMAC_CTX_cleanup(&ctx_);
+#endif    
 }
 
-void Sha1AuthAlgo::setKey(Buffer& key)
+void Sha1AuthAlgo::generate(KeyDerivation& kd, EncryptedPacket& packet)
 {
-  if(!ctx_)
+  packet.addAuthTag();
+  if(!packet.getAuthTagLength())
     return;
-
-  gcry_error_t err = gcry_md_setkey( ctx_, key.getBuf(), key.getLength() );
-  if( err ) {
-    char buf[STERROR_TEXT_MAX];
-    buf[0] = 0;
-    cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::setKey: Failed to set cipher key: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX);
+  
+  bool result = kd.generate(LABEL_SATP_MSG_AUTH, packet.getSeqNr(), key_);
+  if(result) { // a new key got generated
+#ifndef USE_SSL_CRYPTO
+    gcry_error_t err = gcry_md_setkey(handle_, key_.getBuf(), key_.getLength());
+    if(err) {
+      char buf[STERROR_TEXT_MAX];
+      buf[0] = 0;
+      cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::setKey: Failed to set hmac key: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX);
+      return;
+    } 
+#else 
+    HMAC_Init_ex(&ctx_, key_.getBuf(), key_.getLength(), EVP_sha1(), NULL);
+  }
+  else {
+    HMAC_Init_ex(&ctx_, NULL, 0, NULL, NULL);
+#endif
   }
-}
 
-void Sha1AuthAlgo::generate(EncryptedPacket& packet)
-{
-  if(!packet.getAuthTagLength())
-    return;
+#ifndef USE_SSL_CRYPTO
+  gcry_md_reset(handle_);
+  gcry_md_write(handle_, packet.getAuthenticatedPortion(), packet.getAuthenticatedPortionLength());
+  gcry_md_final(handle_);
+  u_int8_t* hmac = gcry_md_read(handle_, 0);
+#else
+  u_int8_t hmac[DIGEST_LENGTH];
+  HMAC_Update(&ctx_, packet.getAuthenticatedPortion(), packet.getAuthenticatedPortionLength());
+  HMAC_Final(&ctx_, hmac, NULL);
+#endif
 
-  gcry_md_reset( ctx_ );
+  u_int8_t* tag = packet.getAuthTag();
+  u_int32_t length = (packet.getAuthTagLength() < DIGEST_LENGTH) ? packet.getAuthTagLength() : DIGEST_LENGTH;
 
-  gcry_md_write( ctx_, packet.getAuthenticatedPortion(), packet.getAuthenticatedPortionLength() );
-  gcry_md_final( ctx_ );
+  if(length > DIGEST_LENGTH)
+    std::memset(tag, 0, packet.getAuthTagLength());
 
-  u_int8_t* tag = packet.getAuthTag();
-  if(packet.getAuthTagLength() > MAX_LENGTH_)
-    std::memset(tag, 0, (packet.getAuthTagLength() - MAX_LENGTH_));
-  
-  u_int8_t* hmac = gcry_md_read(ctx_, 0);
-  u_int32_t length = (packet.getAuthTagLength() < MAX_LENGTH_) ? packet.getAuthTagLength() : MAX_LENGTH_;
-  std::memcpy(&tag[packet.getAuthTagLength() - length], &hmac[MAX_LENGTH_ - length], length);
+  std::memcpy(&tag[packet.getAuthTagLength() - length], &hmac[DIGEST_LENGTH - length], length);
 }
 
-bool Sha1AuthAlgo::checkTag(EncryptedPacket& packet)
+bool Sha1AuthAlgo::checkTag(KeyDerivation& kd, EncryptedPacket& packet)
 {
+  packet.withAuthTag(true);
   if(!packet.getAuthTagLength())
     return true;
 
-  gcry_md_reset( ctx_ );
+  bool result = kd.generate(LABEL_SATP_MSG_AUTH, packet.getSeqNr(), key_);
+  if(result) { // a new key got generated
+#ifndef USE_SSL_CRYPTO
+    gcry_error_t err = gcry_md_setkey(handle_, key_.getBuf(), key_.getLength());
+    if(err) {
+      char buf[STERROR_TEXT_MAX];
+      buf[0] = 0;
+      cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::setKey: Failed to set hmac key: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX);
+      return false;
+    } 
+#else 
+    HMAC_Init_ex(&ctx_, key_.getBuf(), key_.getLength(), EVP_sha1(), NULL);
+  }
+  else {
+    HMAC_Init_ex(&ctx_, NULL, 0, NULL, NULL);
+#endif
+  }
 
-  gcry_md_write( ctx_, packet.getAuthenticatedPortion(), packet.getAuthenticatedPortionLength() );
-  gcry_md_final( ctx_ );
+#ifndef USE_SSL_CRYPTO
+  gcry_md_reset(handle_);
+  gcry_md_write(handle_, packet.getAuthenticatedPortion(), packet.getAuthenticatedPortionLength());
+  gcry_md_final(handle_);
+  u_int8_t* hmac = gcry_md_read(handle_, 0);
+#else
+  u_int8_t hmac[DIGEST_LENGTH];
+  HMAC_Update(&ctx_, packet.getAuthenticatedPortion(), packet.getAuthenticatedPortionLength());
+  HMAC_Final(&ctx_, hmac, NULL);
+#endif
 
   u_int8_t* tag = packet.getAuthTag();
-  if(packet.getAuthTagLength() > MAX_LENGTH_)
-    for(u_int32_t i=0; i < (packet.getAuthTagLength() - MAX_LENGTH_); ++i)
-      if(tag[i]) return false; 
+  u_int32_t length = (packet.getAuthTagLength() < DIGEST_LENGTH) ? packet.getAuthTagLength() : DIGEST_LENGTH;
+
+  if(length > DIGEST_LENGTH)
+    for(u_int32_t i=0; i < (packet.getAuthTagLength() - DIGEST_LENGTH); ++i)
+      if(tag[i]) return false;
+
+  int ret = std::memcmp(&tag[packet.getAuthTagLength() - length], &hmac[DIGEST_LENGTH - length], length);
+  packet.removeAuthTag();
   
-  u_int8_t* hmac = gcry_md_read(ctx_, 0);
-  u_int32_t length = (packet.getAuthTagLength() < MAX_LENGTH_) ? packet.getAuthTagLength() : MAX_LENGTH_;
-  if(std::memcmp(&tag[packet.getAuthTagLength() - length], &hmac[MAX_LENGTH_ - length], length))
+  if(ret)
     return false;
 
   return true;
-}
 
-u_int32_t Sha1AuthAlgo::getMaxLength()
-{
-  return MAX_LENGTH_;
 }
+
 #endif
 
diff --git a/src/authAlgo.h b/src/authAlgo.h
index 3085673..be8d158 100644
--- a/src/authAlgo.h
+++ b/src/authAlgo.h
@@ -37,8 +37,13 @@
 #include "encryptedPacket.h"
 
 #ifndef NOCRYPT
+#ifndef USE_SSL_CRYPTO
 #include <gcrypt.h>
+#else
+#include <openssl/hmac.h>
 #endif
+#endif
+#include "keyDerivation.h"
 
 class AuthAlgo
 {
@@ -46,28 +51,17 @@ public:
   AuthAlgo() {};
   virtual ~AuthAlgo() {};
 
-  /**
-   * set the key for the auth algo
-   * @param key key for hmac calculation
-   */
-  virtual void setKey(Buffer& key) = 0;
-
   /**
    * generate the mac
    * @param packet the packet to be authenticated
    */
-  virtual void generate(EncryptedPacket& packet) = 0;
+  virtual void generate(KeyDerivation& kd, EncryptedPacket& packet) = 0;
 
   /**
    * check the mac
    * @param packet the packet to be authenticated
    */
-  virtual bool checkTag(EncryptedPacket& packet) = 0;
-
-  /**
-   * get the maximum size of the auth algo
-   */
-  virtual u_int32_t getMaxLength() = 0;
+  virtual bool checkTag(KeyDerivation& kd, EncryptedPacket& packet) = 0;
 };
 
 //****** NullAuthAlgo ******
@@ -75,12 +69,8 @@ public:
 class NullAuthAlgo : public AuthAlgo
 {
 public:
-  void setKey(Buffer& key) {};
-  void generate(EncryptedPacket& packet);
-  bool checkTag(EncryptedPacket& packet);
-  u_int32_t getMaxLength();
-
-  static const u_int32_t MAX_LENGTH_ = 0;
+  void generate(KeyDerivation& kd, EncryptedPacket& packet);
+  bool checkTag(KeyDerivation& kd, EncryptedPacket& packet);
 };
 
 #ifndef NOCRYPT
@@ -93,15 +83,19 @@ public:
   Sha1AuthAlgo();
   ~Sha1AuthAlgo();
 
-  void setKey(Buffer& key);
-  void generate(EncryptedPacket& packet);
-  bool checkTag(EncryptedPacket& packet);
-  u_int32_t getMaxLength();
+  void generate(KeyDerivation& kd, EncryptedPacket& packet);
+  bool checkTag(KeyDerivation& kd, EncryptedPacket& packet);
 
-  static const u_int32_t MAX_LENGTH_ = 20;
+  static const u_int32_t DIGEST_LENGTH = 20;
 
 private:
-  gcry_md_hd_t ctx_;
+#ifndef USE_SSL_CRYPTO
+  gcry_md_hd_t handle_;
+#else
+  HMAC_CTX ctx_;
+#endif
+  
+  Buffer key_;
 };
 #endif
 
-- 
cgit v1.2.3