00001 /* 00002 * anytun 00003 * 00004 * The secure anycast tunneling protocol (satp) defines a protocol used 00005 * for communication between any combination of unicast and anycast 00006 * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel 00007 * mode and allows tunneling of every ETHER TYPE protocol (e.g. 00008 * ethernet, ip, arp ...). satp directly includes cryptography and 00009 * message authentication based on the methodes used by SRTP. It is 00010 * intended to deliver a generic, scaleable and secure solution for 00011 * tunneling and relaying of packets of any protocol. 00012 * 00013 * 00014 * Copyright (C) 2007 anytun.org <satp@wirdorange.org> 00015 * 00016 * This program is free software; you can redistribute it and/or modify 00017 * it under the terms of the GNU General Public License version 2 00018 * as published by the Free Software Foundation. 00019 * 00020 * This program is distributed in the hope that it will be useful, 00021 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00022 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00023 * GNU General Public License for more details. 00024 * 00025 * You should have received a copy of the GNU General Public License 00026 * along with this program (see the file COPYING included with this 00027 * distribution); if not, write to the Free Software Foundation, Inc., 00028 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 00029 */ 00030 00031 #ifndef _CYPHER_H_ 00032 #define _CYPHER_H_ 00033 00034 00035 00036 #include "datatypes.h" 00037 #include "buffer.h" 00038 00039 extern "C" { 00040 #include <gcrypt.h> 00041 } 00042 00043 00044 class Cypher 00045 { 00046 public: 00047 Cypher() {}; 00048 virtual ~Cypher() {}; 00049 00050 void setKey(Buffer key) {}; 00051 void setSalt(Buffer salt) {}; 00052 void cypher(Buffer& buf, seq_nr_t seq_nr, sender_id_t sender_id); 00053 00054 protected: 00055 void exor(Buffer& buf, const Buffer& bit_stream); 00056 virtual Buffer getBitStream(u_int32_t length, seq_nr_t seq_nr, sender_id_t sender_id) = 0; 00057 }; 00058 00059 class NullCypher : public Cypher 00060 { 00061 protected: 00062 Buffer getBitStream(u_int32_t length, seq_nr_t seq_nr, sender_id_t sender_id); 00063 }; 00064 00065 class AesIcmCypher : public Cypher 00066 { 00067 public: 00068 AesIcmCypher(); 00069 ~AesIcmCypher(); 00070 void setKey(Buffer key); 00071 void setSalt(Buffer salt); 00072 00073 static const char* MIN_GCRYPT_VERSION; 00074 static const u_int32_t GCRYPT_SEC_MEM = 16384; // 16k secure memory 00075 00076 protected: 00077 Buffer getBitStream(u_int32_t length, seq_nr_t seq_nr, sender_id_t sender_id); 00078 gcry_cipher_hd_t cipher_; 00079 Buffer salt_; 00080 00081 private: 00082 static bool gcrypt_initialized_; 00083 }; 00084 00085 00086 #endif