<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"> <title>DTN Reference Implementation: Ciphersuite_C3.cc Source File</title> <link href="tabs.css" rel="stylesheet" type="text/css"> <link href="doxygen.css" rel="stylesheet" type="text/css"> </head><body> <!-- Generated by Doxygen 1.5.8 --> <div class="navigation" id="top"> <div class="tabs"> <ul> <li><a href="main.html"><span>Main Page</span></a></li> <li><a href="namespaces.html"><span>Namespaces</span></a></li> <li><a href="annotated.html"><span>Classes</span></a></li> <li class="current"><a href="files.html"><span>Files</span></a></li> </ul> </div> <div class="tabs"> <ul> <li><a href="files.html"><span>File List</span></a></li> <li><a href="globals.html"><span>File Members</span></a></li> </ul> </div> <h1>Ciphersuite_C3.cc</h1><a href="Ciphersuite__C3_8cc.html">Go to the documentation of this file.</a><div class="fragment"><pre class="fragment"><a name="l00001"></a>00001 <span class="comment">/*</span> <a name="l00002"></a>00002 <span class="comment"> * Copyright 2006-7 SPARTA Inc</span> <a name="l00003"></a>00003 <span class="comment"> * </span> <a name="l00004"></a>00004 <span class="comment"> * Licensed under the Apache License, Version 2.0 (the "License");</span> <a name="l00005"></a>00005 <span class="comment"> * you may not use this file except in compliance with the License.</span> <a name="l00006"></a>00006 <span class="comment"> * You may obtain a copy of the License at</span> <a name="l00007"></a>00007 <span class="comment"> * </span> <a name="l00008"></a>00008 <span class="comment"> * http://www.apache.org/licenses/LICENSE-2.0</span> <a name="l00009"></a>00009 <span class="comment"> * </span> <a name="l00010"></a>00010 <span class="comment"> * Unless required by applicable law or agreed to in writing, software</span> <a name="l00011"></a>00011 <span class="comment"> * distributed under the License is distributed on an "AS IS" BASIS,</span> <a name="l00012"></a>00012 <span class="comment"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span> <a name="l00013"></a>00013 <span class="comment"> * See the License for the specific language governing permissions and</span> <a name="l00014"></a>00014 <span class="comment"> * limitations under the License.</span> <a name="l00015"></a>00015 <span class="comment"> */</span> <a name="l00016"></a>00016 <a name="l00017"></a>00017 <span class="preprocessor">#ifdef HAVE_CONFIG_H</span> <a name="l00018"></a>00018 <span class="preprocessor"></span><span class="preprocessor"># include <<a class="code" href="dtn-config_8h.html">dtn-config.h</a>></span> <a name="l00019"></a>00019 <span class="preprocessor">#endif</span> <a name="l00020"></a>00020 <span class="preprocessor"></span> <a name="l00021"></a>00021 <span class="preprocessor">#ifdef BSP_ENABLED</span> <a name="l00022"></a>00022 <span class="preprocessor"></span> <a name="l00023"></a>00023 <span class="preprocessor">#include "<a class="code" href="Ciphersuite__C3_8h.html">Ciphersuite_C3.h</a>"</span> <a name="l00024"></a>00024 <span class="preprocessor">#include "<a class="code" href="bundling_2Bundle_8h.html">bundling/Bundle.h</a>"</span> <a name="l00025"></a>00025 <span class="preprocessor">#include "<a class="code" href="BundleDaemon_8h.html">bundling/BundleDaemon.h</a>"</span> <a name="l00026"></a>00026 <span class="preprocessor">#include "<a class="code" href="BundleProtocol_8h.html">bundling/BundleProtocol.h</a>"</span> <a name="l00027"></a>00027 <span class="preprocessor">#include "<a class="code" href="SDNV_8h.html">bundling/SDNV.h</a>"</span> <a name="l00028"></a>00028 <span class="preprocessor">#include "<a class="code" href="contacts_2Link_8h.html">contacts/Link.h</a>"</span> <a name="l00029"></a>00029 <span class="preprocessor">#include "openssl/rand.h"</span> <a name="l00030"></a>00030 <span class="preprocessor">#include "<a class="code" href="gcm_8h.html">gcm/gcm.h</a>"</span> <a name="l00031"></a>00031 <span class="preprocessor">#include "<a class="code" href="KeySteward_8h.html">security/KeySteward.h</a>"</span> <a name="l00032"></a>00032 <a name="l00033"></a>00033 <span class="keyword">namespace </span>dtn { <a name="l00034"></a>00034 <a name="l00035"></a>00035 <span class="keyword">static</span> <span class="keyword">const</span> <span class="keywordtype">char</span> * <a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a> = <span class="stringliteral">"/dtn/bundle/ciphersuite"</span>; <a name="l00036"></a>00036 <a name="l00037"></a>00037 <span class="comment">//----------------------------------------------------------------------</span> <a name="l00038"></a>00038 Ciphersuite_C3::Ciphersuite_C3() <a name="l00039"></a>00039 { <a name="l00040"></a>00040 } <a name="l00041"></a>00041 <a name="l00042"></a>00042 <span class="comment">//----------------------------------------------------------------------</span> <a name="l00043"></a>00043 u_int16_t <a name="l00044"></a>00044 Ciphersuite_C3::cs_num(<span class="keywordtype">void</span>) <a name="l00045"></a>00045 { <a name="l00046"></a>00046 <span class="keywordflow">return</span> CSNUM_C3; <a name="l00047"></a>00047 } <a name="l00048"></a>00048 <a name="l00049"></a>00049 <span class="comment">//----------------------------------------------------------------------</span> <a name="l00050"></a>00050 <span class="keywordtype">int</span> <a name="l00051"></a>00051 Ciphersuite_C3::consume(Bundle* bundle, BlockInfo* block, <a name="l00052"></a>00052 u_char* <a class="code" href="num2sdnv_8c.html#a81cdcc7ff6987bc85c073253e32715f">buf</a>, <span class="keywordtype">size_t</span> <a class="code" href="num2sdnv_8c.html#fed088663f8704004425cdae2120b9b3">len</a>) <a name="l00053"></a>00053 { <a name="l00054"></a>00054 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::consume()"</span>); <a name="l00055"></a>00055 <span class="keywordtype">int</span> cc = block->owner()->consume(bundle, block, buf, len); <a name="l00056"></a>00056 <a name="l00057"></a>00057 <span class="keywordflow">if</span> (cc == -1) { <a name="l00058"></a>00058 <span class="keywordflow">return</span> -1; <span class="comment">// protocol error</span> <a name="l00059"></a>00059 } <a name="l00060"></a>00060 <a name="l00061"></a>00061 <a name="l00062"></a>00062 <span class="comment">// in on-the-fly scenario, process this data for those interested</span> <a name="l00063"></a>00063 <a name="l00064"></a>00064 <span class="keywordflow">if</span> (! block->complete()) { <a name="l00065"></a>00065 <a class="code" href="SDNV_8cc.html#ca68c0d4ac8df0838e209fb5300f7be3">ASSERT</a>(cc == (<span class="keywordtype">int</span>)len); <a name="l00066"></a>00066 <span class="keywordflow">return</span> cc; <a name="l00067"></a>00067 } <a name="l00068"></a>00068 <a name="l00069"></a>00069 <span class="keywordflow">if</span> ( block->locals() == NULL ) { <span class="comment">// then we need to parse it</span> <a name="l00070"></a>00070 parse(block); <a name="l00071"></a>00071 } <a name="l00072"></a>00072 <a name="l00073"></a>00073 <span class="keywordflow">return</span> cc; <a name="l00074"></a>00074 } <a name="l00075"></a>00075 <a name="l00076"></a>00076 <span class="comment">//----------------------------------------------------------------------</span> <a name="l00077"></a>00077 <span class="keywordtype">bool</span> <a name="l00078"></a>00078 Ciphersuite_C3::validate(<span class="keyword">const</span> Bundle* bundle, <a name="l00079"></a>00079 BlockInfoVec* block_list, <a name="l00080"></a>00080 BlockInfo* block, <a name="l00081"></a>00081 status_report_reason_t* reception_reason, <a name="l00082"></a>00082 status_report_reason_t* deletion_reason) <a name="l00083"></a>00083 { <a name="l00084"></a>00084 (void)reception_reason; <a name="l00085"></a>00085 <a name="l00086"></a>00086 <a name="l00087"></a>00087 <span class="comment">//1. do we have security-dest? If yes, get it, otherwise get bundle-dest</span> <a name="l00088"></a>00088 <span class="comment">//2. does it match local_eid ??</span> <a name="l00089"></a>00089 <span class="comment">//3. if not, return true</span> <a name="l00090"></a>00090 <span class="comment">//4. if it does match, parse and validate the block</span> <a name="l00091"></a>00091 <span class="comment">//5. the actions must exactly reverse the transforming changes made in finalize()</span> <a name="l00092"></a>00092 <a name="l00093"></a>00093 Bundle* deliberate_const_cast_bundle = <span class="keyword">const_cast<</span>Bundle*<span class="keyword">></span>(bundle); <a name="l00094"></a>00094 u_int16_t cs_flags; <a name="l00095"></a>00095 BP_Local_CS* locals = <span class="keyword">dynamic_cast<</span>BP_Local_CS*<span class="keyword">></span>(block->locals()); <a name="l00096"></a>00096 EndpointID local_eid = BundleDaemon::instance()->local_eid(); <a name="l00097"></a>00097 <span class="keywordtype">size_t</span> offset; <a name="l00098"></a>00098 <span class="keywordtype">size_t</span> len; <a name="l00099"></a>00099 gcm_ctx_ex ctx_ex; <span class="comment">// includes OpenSSL context within it</span> <a name="l00100"></a>00100 OpaqueContext* r = <span class="keyword">reinterpret_cast<</span>OpaqueContext*<span class="keyword">></span>(&ctx_ex); <a name="l00101"></a>00101 <span class="keywordtype">bool</span> changed = <span class="keyword">false</span>; <a name="l00102"></a>00102 u_char key[key_len]; <span class="comment">//use AES128 16-byte key</span> <a name="l00103"></a>00103 u_char salt[salt_len]; <span class="comment">// salt for GCM</span> <a name="l00104"></a>00104 u_char iv[iv_len]; <span class="comment">// GCM "iv" length is 8 bytes</span> <a name="l00105"></a>00105 u_char target_iv[iv_len]; <span class="comment">// GCM "iv" length is 8 bytes</span> <a name="l00106"></a>00106 u_char nonce[nonce_len]; <span class="comment">// 12 bytes recommended</span> <a name="l00107"></a>00107 u_char tag[tag_len]; <span class="comment">// 128 bits recommended</span> <a name="l00108"></a>00108 u_char tag_encap[tag_len]; <span class="comment">// tag for an encapsulated block</span> <a name="l00109"></a>00109 u_char* buf; <a name="l00110"></a>00110 u_char* ptr; <a name="l00111"></a>00111 u_char* data; <a name="l00112"></a>00112 BP_Local_CS* target_locals = NULL; <a name="l00113"></a>00113 <span class="keywordtype">int</span> sdnv_len = 0; <span class="comment">// use an int to handle -1 return values</span> <a name="l00114"></a>00114 u_char item_type; <a name="l00115"></a>00115 int32_t rem; <span class="comment">// use signed value</span> <a name="l00116"></a>00116 u_int64_t field_length = 0LL; <a name="l00117"></a>00117 u_int64_t frag_offset_; <span class="comment">// Offset of fragment in the original bundle</span> <a name="l00118"></a>00118 u_int64_t orig_length_; <span class="comment">// Length of original bundle</span> <a name="l00119"></a>00119 <a class="code" href="gcm_8h.html#a0762d336f64b72721690d6706f5802b">ret_type</a> ret = 0; <a name="l00120"></a>00120 DataBuffer db; <a name="l00121"></a>00121 <a name="l00122"></a>00122 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() %p"</span>, block); <a name="l00123"></a>00123 CS_FAIL_IF_NULL(locals); <a name="l00124"></a>00124 cs_flags = locals->cs_flags(); <a name="l00125"></a>00125 <a name="l00126"></a>00126 <span class="keywordflow">if</span> ( Ciphersuite::destination_is_local_node(bundle, block) ) <a name="l00127"></a>00127 { <span class="comment">//yes - this is ours so go to work</span> <a name="l00128"></a>00128 <a name="l00129"></a>00129 <span class="comment">// we expect this to be the "first" block, and there might or</span> <a name="l00130"></a>00130 <span class="comment">// might not be others. But we should get to this one first and,</span> <a name="l00131"></a>00131 <span class="comment">// during the processing, convert any other C3 blocks to their</span> <a name="l00132"></a>00132 <span class="comment">// unencapsulated form. That is, when this call is over, there</span> <a name="l00133"></a>00133 <span class="comment">// should be no more blocks for us to deal with. Any remaining</span> <a name="l00134"></a>00134 <span class="comment">// C3 block should be for a nested instance</span> <a name="l00135"></a>00135 <a name="l00136"></a>00136 <span class="comment">// get pieces from params -- salt, iv, range, </span> <a name="l00137"></a>00137 <a name="l00138"></a>00138 buf = locals->security_params().buf(); <a name="l00139"></a>00139 len = locals->security_params().len(); <a name="l00140"></a>00140 <a name="l00141"></a>00141 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() locals->correlator() 0x%llx"</span>, U64FMT(locals->correlator())); <a name="l00142"></a>00142 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() security params, len = %zu"</span>, len); <a name="l00143"></a>00143 <span class="keywordflow">while</span> ( len > 0 ) { <a name="l00144"></a>00144 item_type = *buf++; <a name="l00145"></a>00145 --len; <a name="l00146"></a>00146 sdnv_len = <a class="code" href="SDNV_8cc.html#151d178617a7c2f598cfd7630ebeb7b4">SDNV::decode</a>(buf, len, &field_length); <a name="l00147"></a>00147 buf += sdnv_len; <a name="l00148"></a>00148 len -= sdnv_len; <a name="l00149"></a>00149 <a name="l00150"></a>00150 <span class="keywordflow">switch</span> ( item_type ) { <a name="l00151"></a>00151 <span class="keywordflow">case</span> CS_IV_field: <a name="l00152"></a>00152 { <a name="l00153"></a>00153 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() iv item, len = %llu"</span>, U64FMT(field_length)); <a name="l00154"></a>00154 memcpy(iv, buf, iv_len); <a name="l00155"></a>00155 buf += field_length; <a name="l00156"></a>00156 len -= field_length; <a name="l00157"></a>00157 } <a name="l00158"></a>00158 <span class="keywordflow">break</span>; <a name="l00159"></a>00159 <a name="l00160"></a>00160 <span class="keywordflow">case</span> CS_C_block_salt: <a name="l00161"></a>00161 { <a name="l00162"></a>00162 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() salt item, len = %llu"</span>, U64FMT(field_length)); <a name="l00163"></a>00163 memcpy(salt, buf, nonce_len - iv_len); <a name="l00164"></a>00164 buf += field_length; <a name="l00165"></a>00165 len -= field_length; <a name="l00166"></a>00166 } <a name="l00167"></a>00167 <span class="keywordflow">break</span>; <a name="l00168"></a>00168 <a name="l00169"></a>00169 <span class="keywordflow">case</span> CS_fragment_offset_and_length_field: <a name="l00170"></a>00170 { <a name="l00171"></a>00171 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() frag info item, len = %llu"</span>, U64FMT(field_length)); <a name="l00172"></a>00172 sdnv_len = <a class="code" href="SDNV_8cc.html#151d178617a7c2f598cfd7630ebeb7b4">SDNV::decode</a>(buf, len, &frag_offset_); <a name="l00173"></a>00173 buf += sdnv_len; <a name="l00174"></a>00174 len -= sdnv_len; <a name="l00175"></a>00175 sdnv_len = <a class="code" href="SDNV_8cc.html#151d178617a7c2f598cfd7630ebeb7b4">SDNV::decode</a>(buf, len, &orig_length_); <a name="l00176"></a>00176 buf += sdnv_len; <a name="l00177"></a>00177 len -= sdnv_len; <a name="l00178"></a>00178 } <a name="l00179"></a>00179 <span class="keywordflow">break</span>; <a name="l00180"></a>00180 <a name="l00181"></a>00181 <span class="keywordflow">default</span>: <span class="comment">// deal with improper items</span> <a name="l00182"></a>00182 <a class="code" href="SDNV_8cc.html#3f24cadc9f28aba33472df0500092dcb">log_err_p</a>(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate: unexpected item type %d in security_params"</span>, <a name="l00183"></a>00183 item_type); <a name="l00184"></a>00184 <span class="keywordflow">goto</span> fail; <a name="l00185"></a>00185 } <a name="l00186"></a>00186 } <a name="l00187"></a>00187 <a name="l00188"></a>00188 <span class="comment">// get pieces from results -- key, icv</span> <a name="l00189"></a>00189 buf = locals->security_result().buf(); <a name="l00190"></a>00190 len = locals->security_result().len(); <a name="l00191"></a>00191 <a name="l00192"></a>00192 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() security result, len = %zu"</span>, len); <a name="l00193"></a>00193 <span class="keywordflow">while</span> ( len > 0 ) { <a name="l00194"></a>00194 item_type = *buf++; <a name="l00195"></a>00195 --len; <a name="l00196"></a>00196 sdnv_len = <a class="code" href="SDNV_8cc.html#151d178617a7c2f598cfd7630ebeb7b4">SDNV::decode</a>(buf, len, &field_length); <a name="l00197"></a>00197 buf += sdnv_len; <a name="l00198"></a>00198 len -= sdnv_len; <a name="l00199"></a>00199 <a name="l00200"></a>00200 <span class="keywordflow">switch</span> ( item_type ) { <a name="l00201"></a>00201 <span class="keywordflow">case</span> CS_key_ID_field: <a name="l00202"></a>00202 { <a name="l00203"></a>00203 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() key ID item"</span>); <a name="l00204"></a>00204 <span class="comment">// not sure what this looks like</span> <a name="l00205"></a>00205 buf += field_length; <a name="l00206"></a>00206 len -= field_length; <a name="l00207"></a>00207 } <a name="l00208"></a>00208 <span class="keywordflow">break</span>; <a name="l00209"></a>00209 <a name="l00210"></a>00210 <span class="keywordflow">case</span> CS_encoded_key_field: <a name="l00211"></a>00211 { <a name="l00212"></a>00212 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() encoded key item"</span>); <a name="l00213"></a>00213 KeySteward::decrypt(bundle, locals->security_src(), buf, field_length, db); <a name="l00214"></a>00214 memcpy(key, db.buf(), key_len); <a name="l00215"></a>00215 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() key 0x%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx"</span>, <a name="l00216"></a>00216 key[0], key[1], key[2], key[3], key[4], key[5], key[6], key[7], <a name="l00217"></a>00217 key[8], key[9], key[10], key[11], key[12], key[13], key[14], key[15]); <a name="l00218"></a>00218 buf += field_length; <a name="l00219"></a>00219 len -= field_length; <a name="l00220"></a>00220 } <a name="l00221"></a>00221 <span class="keywordflow">break</span>; <a name="l00222"></a>00222 <a name="l00223"></a>00223 <span class="keywordflow">case</span> CS_C_block_ICV_field: <a name="l00224"></a>00224 { <a name="l00225"></a>00225 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() icv item"</span>); <a name="l00226"></a>00226 memcpy(tag, buf, tag_len); <a name="l00227"></a>00227 buf += field_length; <a name="l00228"></a>00228 len -= field_length; <a name="l00229"></a>00229 } <a name="l00230"></a>00230 <span class="keywordflow">break</span>; <a name="l00231"></a>00231 <a name="l00232"></a>00232 <span class="keywordflow">case</span> CS_encap_block_field: <a name="l00233"></a>00233 { <a name="l00234"></a>00234 <span class="comment">// don't think we should have one of these here,</span> <a name="l00235"></a>00235 <span class="comment">// only in the correlated blocks</span> <a name="l00236"></a>00236 <a class="code" href="SDNV_8cc.html#3f24cadc9f28aba33472df0500092dcb">log_err_p</a>(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate: unexpected encap block in security_result"</span>); <a name="l00237"></a>00237 <span class="keywordflow">goto</span> fail; <a name="l00238"></a>00238 } <a name="l00239"></a>00239 <span class="keywordflow">break</span>; <a name="l00240"></a>00240 <a name="l00241"></a>00241 <span class="keywordflow">default</span>: <span class="comment">// deal with improper items</span> <a name="l00242"></a>00242 <a class="code" href="SDNV_8cc.html#3f24cadc9f28aba33472df0500092dcb">log_err_p</a>(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate: unexpected item type %d in security_result"</span>, <a name="l00243"></a>00243 item_type); <a name="l00244"></a>00244 <span class="keywordflow">goto</span> fail; <a name="l00245"></a>00245 } <a name="l00246"></a>00246 } <a name="l00247"></a>00247 <a name="l00248"></a>00248 <span class="comment">// prepare context - one time for all usage here</span> <a name="l00249"></a>00249 <a class="code" href="gcm_8h.html#721f02566e2e0717ba131e470028ac3d">gcm_init_and_key</a>(key, key_len, &(ctx_ex.c)); <a name="l00250"></a>00250 ctx_ex.operation = op_decrypt; <a name="l00251"></a>00251 <a name="l00252"></a>00252 <span class="comment">// we have the necessary pieces from params and result so now</span> <a name="l00253"></a>00253 <span class="comment">// walk all the blocks and do the various processing things needed.</span> <a name="l00254"></a>00254 <span class="comment">// First is to get the iterator to where we are (see note in "generate()"</span> <a name="l00255"></a>00255 <span class="comment">// for why we do this)</span> <a name="l00256"></a>00256 <a name="l00257"></a>00257 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() walk block list"</span>); <a name="l00258"></a>00258 <span class="keywordflow">for</span> (BlockInfoVec::iterator iter = block_list->begin(); <a name="l00259"></a>00259 iter != block_list->end(); <a name="l00260"></a>00260 ++iter) <a name="l00261"></a>00261 { <a name="l00262"></a>00262 <span class="comment">// step over all blocks up to and including the one which</span> <a name="l00263"></a>00263 <span class="comment">// prompted this call, pointed at by "block" argument</span> <a name="l00264"></a>00264 <span class="keywordflow">if</span> ( (&*iter) <= block ) <a name="l00265"></a>00265 <span class="keywordflow">continue</span>; <a name="l00266"></a>00266 <a name="l00267"></a>00267 target_locals = <span class="keyword">dynamic_cast<</span>BP_Local_CS*<span class="keyword">></span>(iter->locals()); <span class="comment">//might or might not be valid </span> <a name="l00268"></a>00268 <a name="l00269"></a>00269 <span class="keywordflow">switch</span> ( iter->type() ) { <a name="l00270"></a>00270 <a name="l00271"></a>00271 <span class="keywordflow">case</span> BundleProtocol::CONFIDENTIALITY_BLOCK: <a name="l00272"></a>00272 { <a name="l00273"></a>00273 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() C block %p"</span>, &*iter); <a name="l00274"></a>00274 BlockInfo::DataBuffer encap_block; <a name="l00275"></a>00275 CS_FAIL_IF_NULL(target_locals); <a name="l00276"></a>00276 <span class="comment">// even though this isn't our block, the value will have</span> <a name="l00277"></a>00277 <span class="comment">// been set when the block was finished being received</span> <a name="l00278"></a>00278 <span class="comment">// (in Ciphersuite::parse)</span> <a name="l00279"></a>00279 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() C block owner_cs_num %d"</span>, target_locals->owner_cs_num()); <a name="l00280"></a>00280 <span class="keywordflow">if</span> ( target_locals->owner_cs_num() != CSNUM_C3 ) <a name="l00281"></a>00281 <span class="keywordflow">continue</span>; <span class="comment">// only decapsulate C3</span> <a name="l00282"></a>00282 <a name="l00283"></a>00283 <span class="comment">// it's a C3 block but make sure we own it -- does the</span> <a name="l00284"></a>00284 <span class="comment">// correlator match ??</span> <a name="l00285"></a>00285 <span class="keywordflow">if</span> ( target_locals->correlator() != locals->correlator() ) <a name="l00286"></a>00286 <span class="keywordflow">continue</span>; <span class="comment">// not ours</span> <a name="l00287"></a>00287 <a name="l00288"></a>00288 <span class="comment">// OK - it's ours and we now decapsulate it.</span> <a name="l00289"></a>00289 <span class="comment">// Get the necessary pieces from it, such as iv</span> <a name="l00290"></a>00290 buf = target_locals->security_params().buf(); <a name="l00291"></a>00291 len = target_locals->security_params().len(); <a name="l00292"></a>00292 <a name="l00293"></a>00293 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() target security params, len = %zu"</span>, len); <a name="l00294"></a>00294 <span class="keywordflow">while</span> ( len > 0 ) { <a name="l00295"></a>00295 item_type = *buf++; <a name="l00296"></a>00296 --len; <a name="l00297"></a>00297 sdnv_len = <a class="code" href="SDNV_8cc.html#151d178617a7c2f598cfd7630ebeb7b4">SDNV::decode</a>(buf, len, &field_length); <a name="l00298"></a>00298 buf += sdnv_len; <a name="l00299"></a>00299 len -= sdnv_len; <a name="l00300"></a>00300 <a name="l00301"></a>00301 <span class="keywordflow">switch</span> ( item_type ) { <a name="l00302"></a>00302 <span class="keywordflow">case</span> CS_IV_field: <a name="l00303"></a>00303 { <a name="l00304"></a>00304 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() target iv item, len = %llu"</span>, U64FMT(field_length)); <a name="l00305"></a>00305 memcpy(target_iv, buf, iv_len); <a name="l00306"></a>00306 buf += field_length; <a name="l00307"></a>00307 len -= field_length; <a name="l00308"></a>00308 } <a name="l00309"></a>00309 <span class="keywordflow">break</span>; <a name="l00310"></a>00310 <a name="l00311"></a>00311 <span class="keywordflow">default</span>: <span class="comment">// deal with improper items</span> <a name="l00312"></a>00312 <a class="code" href="SDNV_8cc.html#3f24cadc9f28aba33472df0500092dcb">log_err_p</a>(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate: unexpected item type %d in target security_params"</span>, <a name="l00313"></a>00313 item_type); <a name="l00314"></a>00314 <span class="keywordflow">goto</span> fail; <a name="l00315"></a>00315 } <a name="l00316"></a>00316 } <a name="l00317"></a>00317 <a name="l00318"></a>00318 buf = target_locals->security_result().buf(); <a name="l00319"></a>00319 len = target_locals->security_result().len(); <a name="l00320"></a>00320 <a name="l00321"></a>00321 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() target security result, len = %zu"</span>, len); <a name="l00322"></a>00322 <span class="keywordflow">while</span> ( len > 0 ) { <a name="l00323"></a>00323 item_type = *buf++; <a name="l00324"></a>00324 --len; <a name="l00325"></a>00325 sdnv_len = <a class="code" href="SDNV_8cc.html#151d178617a7c2f598cfd7630ebeb7b4">SDNV::decode</a>(buf, len, &field_length); <a name="l00326"></a>00326 buf += sdnv_len; <a name="l00327"></a>00327 len -= sdnv_len; <a name="l00328"></a>00328 <a name="l00329"></a>00329 <span class="comment">// we don't necessarily know what order these two fields</span> <a name="l00330"></a>00330 <span class="comment">// will be in, so collect both and decrypt afterwards</span> <a name="l00331"></a>00331 <span class="keywordflow">switch</span> ( item_type ) { <a name="l00332"></a>00332 <span class="keywordflow">case</span> CS_C_block_ICV_field: <a name="l00333"></a>00333 { <a name="l00334"></a>00334 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() target icv item, len = %llu"</span>, U64FMT(field_length)); <a name="l00335"></a>00335 memcpy(tag_encap, buf, tag_len); <a name="l00336"></a>00336 buf += field_length; <a name="l00337"></a>00337 len -= field_length; <a name="l00338"></a>00338 } <a name="l00339"></a>00339 <span class="keywordflow">break</span>; <a name="l00340"></a>00340 <a name="l00341"></a>00341 <span class="keywordflow">case</span> CS_encap_block_field: <a name="l00342"></a>00342 { <a name="l00343"></a>00343 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() encap block item, len = %llu"</span>, U64FMT(field_length)); <a name="l00344"></a>00344 encap_block.reserve(field_length); <a name="l00345"></a>00345 encap_block.set_len(field_length); <a name="l00346"></a>00346 memcpy(encap_block.buf(), buf, field_length); <a name="l00347"></a>00347 buf += field_length; <a name="l00348"></a>00348 len -= field_length; <a name="l00349"></a>00349 } <a name="l00350"></a>00350 <span class="keywordflow">break</span>; <a name="l00351"></a>00351 <a name="l00352"></a>00352 <span class="keywordflow">default</span>: <span class="comment">// deal with improper items</span> <a name="l00353"></a>00353 <a class="code" href="SDNV_8cc.html#3f24cadc9f28aba33472df0500092dcb">log_err_p</a>(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate: unexpected item type %d in target security_result"</span>, <a name="l00354"></a>00354 item_type); <a name="l00355"></a>00355 <span class="keywordflow">goto</span> fail; <a name="l00356"></a>00356 } <a name="l00357"></a>00357 } <a name="l00358"></a>00358 <a name="l00359"></a>00359 <span class="comment">// nonce is 12 bytes, first 4 are salt (same for all blocks)</span> <a name="l00360"></a>00360 <span class="comment">// and last 8 bytes are per-block IV. The final 4 bytes in</span> <a name="l00361"></a>00361 <span class="comment">// the full block-sized field are, of course, the counter</span> <a name="l00362"></a>00362 <span class="comment">// which is not represented here</span> <a name="l00363"></a>00363 ptr = nonce; <a name="l00364"></a>00364 <a name="l00365"></a>00365 memcpy(ptr, salt, nonce_len - iv_len); <a name="l00366"></a>00366 ptr += nonce_len - iv_len; <a name="l00367"></a>00367 memcpy(ptr, target_iv, iv_len); <a name="l00368"></a>00368 <a name="l00369"></a>00369 <span class="comment">// prepare context</span> <a name="l00370"></a>00370 <a class="code" href="gcm_8h.html#48cd234f03c3e3a1c89430a979fa3fca">gcm_init_message</a>(nonce, nonce_len, &(ctx_ex.c)); <a name="l00371"></a>00371 <a name="l00372"></a>00372 <span class="comment">// decrypt message</span> <a name="l00373"></a>00373 ret = <a class="code" href="gcm_8h.html#83f849d6a9182d6a6675b4d423f4d8ee">gcm_decrypt_message</a>(nonce, <a name="l00374"></a>00374 nonce_len, <a name="l00375"></a>00375 NULL, <a name="l00376"></a>00376 0, <a name="l00377"></a>00377 encap_block.buf(), <a name="l00378"></a>00378 encap_block.len(), <a name="l00379"></a>00379 tag_encap, <span class="comment">// tag is input, for validation against calculated tag</span> <a name="l00380"></a>00380 tag_len, <a name="l00381"></a>00381 &(ctx_ex.c)); <a name="l00382"></a>00382 <a name="l00383"></a>00383 <span class="comment">// check return value that the block was OK</span> <a name="l00384"></a>00384 <span class="keywordflow">if</span> ( ret != 0 ) { <a name="l00385"></a>00385 <a class="code" href="SDNV_8cc.html#3f24cadc9f28aba33472df0500092dcb">log_err_p</a>(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate: gcm_decrypt_message failed, ret = %d"</span>, ret); <a name="l00386"></a>00386 <span class="keywordflow">goto</span> fail; <a name="l00387"></a>00387 } <a name="l00388"></a>00388 <a name="l00389"></a>00389 <span class="comment">// encap_block is the raw data of the encapsulated block</span> <a name="l00390"></a>00390 <span class="comment">// and now we have to reconstitute it the way it used to be :)</span> <a name="l00391"></a>00391 <a name="l00392"></a>00392 <span class="comment">// Parse the content as would be done for a newly-received block</span> <a name="l00393"></a>00393 <span class="comment">// using the owner's consume() method </span> <a name="l00394"></a>00394 <a name="l00395"></a>00395 <span class="comment">// We need to stitch up the EID lists as the list in the block is broken. </span> <a name="l00396"></a>00396 <span class="comment">// The way to do this is to create a slightly-synthetic preamble</span> <a name="l00397"></a>00397 <span class="comment">// with the appropriate eid-offsets in it. The pre-existing list has been</span> <a name="l00398"></a>00398 <span class="comment">// preserved and carried along. But the offsets contained in the preamble</span> <a name="l00399"></a>00399 <span class="comment">// refer to an outdated image of the dictionary. So we copy the offsets</span> <a name="l00400"></a>00400 <span class="comment">// from the *current* block into the synthetic preamble.</span> <a name="l00401"></a>00401 <span class="comment">// The list will then have the correct pointers into the dictionary, </span> <a name="l00402"></a>00402 <span class="comment">// as those will have been updated at all the intermediate nodes.</span> <a name="l00403"></a>00403 <span class="comment">// The remainder of the preamble comes from the encapsulated block. </span> <a name="l00404"></a>00404 <a name="l00405"></a>00405 data = encap_block.buf(); <a name="l00406"></a>00406 len = encap_block.len(); <a name="l00407"></a>00407 <a name="l00408"></a>00408 BlockInfo <a class="code" href="dtncat_8c.html#71f51a2e8cbe9a53031fa72596edc09f">info</a>(BundleProtocol::find_processor(*data)); <a name="l00409"></a>00409 u_int64_t eid_ref_count = 0LLU; <a name="l00410"></a>00410 u_int64_t current_eid_count; <a name="l00411"></a>00411 u_int64_t flags; <a name="l00412"></a>00412 u_int64_t content_length = 0LLU; <a name="l00413"></a>00413 <a name="l00414"></a>00414 BlockInfo::DataBuffer preamble; <a name="l00415"></a>00415 preamble.reserve(iter->full_length()); <span class="comment">//can't be bigger</span> <a name="l00416"></a>00416 <span class="comment">// do set_len() later</span> <a name="l00417"></a>00417 <a name="l00418"></a>00418 <span class="comment">// copy bits and pieces from the decrypted block</span> <a name="l00419"></a>00419 ptr = preamble.buf(); <a name="l00420"></a>00420 rem = iter->full_length(); <a name="l00421"></a>00421 <a name="l00422"></a>00422 *ptr++ = *data++; <span class="comment">// block type</span> <a name="l00423"></a>00423 rem--; <a name="l00424"></a>00424 len--; <a name="l00425"></a>00425 sdnv_len = <a class="code" href="SDNV_8cc.html#151d178617a7c2f598cfd7630ebeb7b4">SDNV::decode</a>(data, len, &flags); <span class="comment">// block processing flags (SDNV)</span> <a name="l00426"></a>00426 data += sdnv_len; <a name="l00427"></a>00427 len -= sdnv_len; <a name="l00428"></a>00428 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() target block type %hhu flags 0x%llx"</span>, *(preamble.buf()), U64FMT(flags)); <a name="l00429"></a>00429 <span class="comment">// Also see if there are EID refs, and if there will be any in </span> <a name="l00430"></a>00430 <span class="comment">// the resultant block</span> <a name="l00431"></a>00431 <a name="l00432"></a>00432 <span class="comment">// EID list is next, starting with the count</span> <a name="l00433"></a>00433 <span class="keywordflow">if</span> ( flags & BundleProtocol::BLOCK_FLAG_EID_REFS ) { <a name="l00434"></a>00434 sdnv_len = <a class="code" href="SDNV_8cc.html#151d178617a7c2f598cfd7630ebeb7b4">SDNV::decode</a>(data, len, &eid_ref_count); <a name="l00435"></a>00435 data += sdnv_len; <a name="l00436"></a>00436 len -= sdnv_len; <a name="l00437"></a>00437 <a name="l00438"></a>00438 current_eid_count = iter->eid_list().size(); <a name="l00439"></a>00439 <a name="l00440"></a>00440 <span class="keywordflow">if</span> ( eid_ref_count != current_eid_count ) { <a name="l00441"></a>00441 <a class="code" href="SDNV_8cc.html#3f24cadc9f28aba33472df0500092dcb">log_err_p</a>(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate: eid_ref_count %lld != current_eid_count %lld"</span>, <a name="l00442"></a>00442 U64FMT(eid_ref_count), U64FMT(current_eid_count)); <a name="l00443"></a>00443 <span class="keywordflow">goto</span> fail; <span class="comment">// block is broken somehow</span> <a name="l00444"></a>00444 } <a name="l00445"></a>00445 } <a name="l00446"></a>00446 <a name="l00447"></a>00447 <span class="comment">// each ref is a pair of SDNVs, so step over 2 * eid_ref_count</span> <a name="l00448"></a>00448 <span class="keywordflow">if</span> ( eid_ref_count > 0 ) { <a name="l00449"></a>00449 <span class="keywordflow">for</span> ( u_int32_t i = 0; i < (2 * eid_ref_count); i++ ) { <a name="l00450"></a>00450 sdnv_len = <a class="code" href="num2sdnv_8c.html#fed088663f8704004425cdae2120b9b3">SDNV::len</a>(data); <a name="l00451"></a>00451 data += sdnv_len; <a name="l00452"></a>00452 len -= sdnv_len; <a name="l00453"></a>00453 } <a name="l00454"></a>00454 } <span class="comment">// now we're positioned after the broken refs, if any</span> <a name="l00455"></a>00455 sdnv_len = <a class="code" href="SDNV_8cc.html#151d178617a7c2f598cfd7630ebeb7b4">SDNV::decode</a>(data, len, &content_length); <a name="l00456"></a>00456 data += sdnv_len; <a name="l00457"></a>00457 len -= sdnv_len; <a name="l00458"></a>00458 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() target data content size %llu"</span>, U64FMT(content_length)); <a name="l00459"></a>00459 <a name="l00460"></a>00460 <span class="comment">// fix up last-block flag</span> <a name="l00461"></a>00461 <span class="comment">// this probably isn't the last block, but who knows ? :)</span> <a name="l00462"></a>00462 <span class="keywordflow">if</span> ( iter->flags() & BundleProtocol::BLOCK_FLAG_LAST_BLOCK ) <a name="l00463"></a>00463 flags |= BundleProtocol::BLOCK_FLAG_LAST_BLOCK; <a name="l00464"></a>00464 <span class="keywordflow">else</span> <a name="l00465"></a>00465 flags &= ~BundleProtocol::BLOCK_FLAG_LAST_BLOCK; <a name="l00466"></a>00466 <a name="l00467"></a>00467 <span class="comment">// put flags into the adjusted block</span> <a name="l00468"></a>00468 sdnv_len = <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(flags, ptr, rem); <a name="l00469"></a>00469 ptr += sdnv_len; <a name="l00470"></a>00470 rem -= sdnv_len; <a name="l00471"></a>00471 <a name="l00472"></a>00472 <span class="comment">// copy the offsets from the current block</span> <a name="l00473"></a>00473 <span class="keywordflow">if</span> ( eid_ref_count > 0 ) { <a name="l00474"></a>00474 u_char* cur_ptr = iter->contents().buf(); <a name="l00475"></a>00475 <span class="keywordtype">size_t</span> cur_len = iter->full_length(); <a name="l00476"></a>00476 <a name="l00477"></a>00477 cur_ptr++; <span class="comment">//type field</span> <a name="l00478"></a>00478 cur_len--; <a name="l00479"></a>00479 sdnv_len = <a class="code" href="num2sdnv_8c.html#fed088663f8704004425cdae2120b9b3">SDNV::len</a>(cur_ptr); <span class="comment">//flags</span> <a name="l00480"></a>00480 cur_ptr += sdnv_len; <a name="l00481"></a>00481 cur_len -= sdnv_len; <a name="l00482"></a>00482 <a name="l00483"></a>00483 sdnv_len = <a class="code" href="num2sdnv_8c.html#fed088663f8704004425cdae2120b9b3">SDNV::len</a>(cur_ptr); <span class="comment">//eid ref count</span> <a name="l00484"></a>00484 cur_ptr += sdnv_len; <a name="l00485"></a>00485 cur_len -= sdnv_len; <a name="l00486"></a>00486 <a name="l00487"></a>00487 <span class="comment">// put eid_count into the adjusted block</span> <a name="l00488"></a>00488 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() eid_ref_count %lld"</span>, U64FMT(eid_ref_count)); <a name="l00489"></a>00489 sdnv_len = <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(eid_ref_count, ptr, rem); <a name="l00490"></a>00490 ptr += sdnv_len; <a name="l00491"></a>00491 rem -= sdnv_len; <a name="l00492"></a>00492 <a name="l00493"></a>00493 <span class="comment">// now copy the reference pairs</span> <a name="l00494"></a>00494 <span class="keywordflow">for</span> ( u_int32_t i = 0; i < (2 * eid_ref_count); i++ ) { <a name="l00495"></a>00495 sdnv_len = <a class="code" href="num2sdnv_8c.html#fed088663f8704004425cdae2120b9b3">SDNV::len</a>(cur_ptr); <a name="l00496"></a>00496 memcpy(ptr, cur_ptr, sdnv_len); <a name="l00497"></a>00497 cur_ptr += sdnv_len; <a name="l00498"></a>00498 cur_len -= sdnv_len; <a name="l00499"></a>00499 ptr += sdnv_len; <a name="l00500"></a>00500 rem -= sdnv_len; <a name="l00501"></a>00501 } <a name="l00502"></a>00502 } <a name="l00503"></a>00503 <a name="l00504"></a>00504 <span class="comment">// length of data content in block</span> <a name="l00505"></a>00505 sdnv_len = <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(content_length, ptr, rem); <a name="l00506"></a>00506 ptr += sdnv_len; <a name="l00507"></a>00507 rem -= sdnv_len; <a name="l00508"></a>00508 <a name="l00509"></a>00509 <span class="comment">// we now have a preamble in "preamble" and the rest of the data at *data</span> <a name="l00510"></a>00510 <span class="keywordtype">size_t</span> preamble_size = ptr - preamble.buf(); <a name="l00511"></a>00511 preamble.set_len(preamble_size); <a name="l00512"></a>00512 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() target preamble_size %zu"</span>, preamble_size); <a name="l00513"></a>00513 <a name="l00514"></a>00514 <a name="l00515"></a>00515 { <a name="l00516"></a>00516 <span class="comment">// we're reusing the existing BlockInfo but we need to clean it first</span> <a name="l00517"></a>00517 iter->~BlockInfo(); <a name="l00518"></a>00518 <span class="comment">/* we'd like to reinitilize the block thusly</span> <a name="l00519"></a>00519 <span class="comment"> * iter->BlockInfo(type);</span> <a name="l00520"></a>00520 <span class="comment"> * but C++ gets bent so we have to achieve the desired result</span> <a name="l00521"></a>00521 <span class="comment"> * in a more devious fashion using placement-new. </span> <a name="l00522"></a>00522 <span class="comment"> */</span> <a name="l00523"></a>00523 <a name="l00524"></a>00524 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() re-init target"</span>); <a name="l00525"></a>00525 BlockInfo* bp = &*iter; <a name="l00526"></a>00526 bp = <span class="keyword">new</span> (bp) BlockInfo(BundleProtocol::find_processor(*(preamble.buf()))); <a name="l00527"></a>00527 CS_FAIL_IF_NULL(bp); <a name="l00528"></a>00528 } <a name="l00529"></a>00529 <a name="l00530"></a>00530 <span class="comment">// process preamble</span> <a name="l00531"></a>00531 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() process target preamble"</span>); <a name="l00532"></a>00532 <span class="keywordtype">int</span> cc = iter->owner()->consume(deliberate_const_cast_bundle, &*iter, preamble.buf(), preamble_size); <a name="l00533"></a>00533 <span class="keywordflow">if</span> (cc < 0) { <a name="l00534"></a>00534 <a class="code" href="SDNV_8cc.html#3f24cadc9f28aba33472df0500092dcb">log_err_p</a>(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate: consume failed handling encapsulated preamble 0x%x, cc = %d"</span>, <a name="l00535"></a>00535 <a class="code" href="dtncat_8c.html#71f51a2e8cbe9a53031fa72596edc09f">info</a>.type(), cc); <a name="l00536"></a>00536 <span class="keywordflow">goto</span> fail; <a name="l00537"></a>00537 } <a name="l00538"></a>00538 <a name="l00539"></a>00539 <span class="comment">// process the main part of the encapsulated block</span> <a name="l00540"></a>00540 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() process target content"</span>); <a name="l00541"></a>00541 cc = iter->owner()->consume(deliberate_const_cast_bundle, &*iter, data, len); <a name="l00542"></a>00542 <span class="keywordflow">if</span> (cc < 0) { <a name="l00543"></a>00543 <a class="code" href="SDNV_8cc.html#3f24cadc9f28aba33472df0500092dcb">log_err_p</a>(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate: consume failed handling encapsulated block 0x%x, cc = %d"</span>, <a name="l00544"></a>00544 <a class="code" href="dtncat_8c.html#71f51a2e8cbe9a53031fa72596edc09f">info</a>.type(), cc); <a name="l00545"></a>00545 <span class="keywordflow">goto</span> fail; <a name="l00546"></a>00546 } <a name="l00547"></a>00547 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() decapsulation done"</span>); <a name="l00548"></a>00548 } <a name="l00549"></a>00549 <span class="keywordflow">break</span>; <a name="l00550"></a>00550 <a name="l00551"></a>00551 <span class="keywordflow">case</span> BundleProtocol::PAYLOAD_BLOCK: <a name="l00552"></a>00552 { <a name="l00553"></a>00553 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() PAYLOAD_BLOCK"</span>); <a name="l00554"></a>00554 u_char tag_calc[tag_len]; <a name="l00555"></a>00555 <span class="comment">// nonce is 12 bytes, first 4 are salt (same for all blocks)</span> <a name="l00556"></a>00556 <span class="comment">// and last 8 bytes are per-block IV. The final 4 bytes in</span> <a name="l00557"></a>00557 <span class="comment">// the full block-sized field are, of course, the counter</span> <a name="l00558"></a>00558 <span class="comment">// which is not represented here</span> <a name="l00559"></a>00559 ptr = nonce; <a name="l00560"></a>00560 <a name="l00561"></a>00561 memcpy(ptr, salt, salt_len); <a name="l00562"></a>00562 ptr += salt_len; <a name="l00563"></a>00563 memcpy(ptr, iv, iv_len); <a name="l00564"></a>00564 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() nonce 0x%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx"</span>, <a name="l00565"></a>00565 nonce[0], nonce[1], nonce[2], nonce[3], nonce[4], nonce[5], nonce[6], nonce[7], nonce[8], nonce[9], nonce[10], nonce[11]); <a name="l00566"></a>00566 <a name="l00567"></a>00567 <span class="comment">// prepare context</span> <a name="l00568"></a>00568 <a class="code" href="gcm_8h.html#48cd234f03c3e3a1c89430a979fa3fca">gcm_init_message</a>(nonce, nonce_len, &(ctx_ex.c)); <a name="l00569"></a>00569 <a name="l00570"></a>00570 offset = iter->data_offset(); <a name="l00571"></a>00571 len = iter->data_length(); <a name="l00572"></a>00572 <a name="l00573"></a>00573 changed = <a name="l00574"></a>00574 iter->owner()->mutate( Ciphersuite_C3::do_crypt, <a name="l00575"></a>00575 deliberate_const_cast_bundle, <a name="l00576"></a>00576 block, <a name="l00577"></a>00577 &*iter, <a name="l00578"></a>00578 offset, <a name="l00579"></a>00579 len, <a name="l00580"></a>00580 r ); <a name="l00581"></a>00581 <a name="l00582"></a>00582 <span class="comment">// collect the tag (icv) from the context</span> <a name="l00583"></a>00583 <a class="code" href="gcm_8h.html#84e08678ef30d0737224927a37c85e3b">gcm_compute_tag</a>( tag_calc, tag_len, &(ctx_ex.c) ); <a name="l00584"></a>00584 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() tag 0x%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx"</span>, <a name="l00585"></a>00585 tag[0], tag[1], tag[2], tag[3], tag[4], tag[5], tag[6], tag[7], tag[8], tag[9], tag[10], tag[11], tag[12], tag[13], tag[14], tag[15]); <a name="l00586"></a>00586 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() tag_calc 0x%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx"</span>, <a name="l00587"></a>00587 tag_calc[0], tag_calc[1], tag_calc[2], tag_calc[3], tag_calc[4], tag_calc[5], tag_calc[6], tag_calc[7], <a name="l00588"></a>00588 tag_calc[8], tag_calc[9], tag_calc[10], tag_calc[11], tag_calc[12], tag_calc[13], tag_calc[14], tag_calc[15]); <a name="l00589"></a>00589 <span class="keywordflow">if</span> (memcmp(tag, tag_calc, tag_len) != 0) { <a name="l00590"></a>00590 <a class="code" href="SDNV_8cc.html#3f24cadc9f28aba33472df0500092dcb">log_err_p</a>(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate: tag comparison failed"</span>); <a name="l00591"></a>00591 <span class="keywordflow">goto</span> fail; <a name="l00592"></a>00592 } <a name="l00593"></a>00593 <a name="l00594"></a>00594 } <a name="l00595"></a>00595 <span class="keywordflow">break</span>; <a name="l00596"></a>00596 <a name="l00597"></a>00597 <span class="keywordflow">default</span>: <a name="l00598"></a>00598 <span class="keywordflow">continue</span>; <a name="l00599"></a>00599 <a name="l00600"></a>00600 } <span class="comment">// end switch</span> <a name="l00601"></a>00601 } <span class="comment">// end for</span> <a name="l00602"></a>00602 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() walk block list done"</span>); <a name="l00603"></a>00603 locals->set_proc_flag(CS_BLOCK_PASSED_VALIDATION | <a name="l00604"></a>00604 CS_BLOCK_COMPLETED_DO_NOT_FORWARD); <a name="l00605"></a>00605 } <span class="keywordflow">else</span> <a name="l00606"></a>00606 locals->set_proc_flag(CS_BLOCK_DID_NOT_FAIL); <span class="comment">// not for here so we didn't check this block</span> <a name="l00607"></a>00607 <a name="l00608"></a>00608 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::validate() %p done"</span>, block); <a name="l00609"></a>00609 <span class="keywordflow">return</span> <span class="keyword">true</span>; <a name="l00610"></a>00610 <a name="l00611"></a>00611 fail: <a name="l00612"></a>00612 <span class="keywordflow">if</span> ( locals != NULL ) <a name="l00613"></a>00613 locals->set_proc_flag(CS_BLOCK_FAILED_VALIDATION | <a name="l00614"></a>00614 CS_BLOCK_COMPLETED_DO_NOT_FORWARD); <a name="l00615"></a>00615 *deletion_reason = BundleProtocol::REASON_SECURITY_FAILED; <a name="l00616"></a>00616 <span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l00617"></a>00617 <a name="l00618"></a>00618 } <a name="l00619"></a>00619 <a name="l00620"></a>00620 <span class="comment">//----------------------------------------------------------------------</span> <a name="l00621"></a>00621 <span class="keywordtype">int</span> <a name="l00622"></a>00622 Ciphersuite_C3::prepare(<span class="keyword">const</span> Bundle* bundle, <a name="l00623"></a>00623 BlockInfoVec* xmit_blocks, <a name="l00624"></a>00624 <span class="keyword">const</span> BlockInfo* source, <a name="l00625"></a>00625 <span class="keyword">const</span> <a class="code" href="namespacedtn.html#6efb37e503f8062c537b022eb755b94e" title="Typedef for a reference on a link.">LinkRef</a>& link, <a name="l00626"></a>00626 list_owner_t list) <a name="l00627"></a>00627 { <a name="l00628"></a>00628 (void)bundle; <a name="l00629"></a>00629 (void)link; <a name="l00630"></a>00630 <a name="l00631"></a>00631 <span class="keywordtype">int</span> result = <a class="code" href="BlockProcessor_8h.html#cce9a45a37bad1da41648533b0e15457">BP_FAIL</a>; <a name="l00632"></a>00632 u_int16_t cs_flags = 0; <a name="l00633"></a>00633 BP_Local_CS* locals = NULL; <a name="l00634"></a>00634 BP_Local_CS* source_locals = NULL; <a name="l00635"></a>00635 EndpointID local_eid = BundleDaemon::instance()->local_eid(); <a name="l00636"></a>00636 BundleDaemon* bd = BundleDaemon::instance(); <a name="l00637"></a>00637 <a name="l00638"></a>00638 <span class="comment">//XXXpl - fix this test</span> <a name="l00639"></a>00639 <span class="keywordflow">if</span> ( (source != NULL) && <a name="l00640"></a>00640 (dynamic_cast<BP_Local_CS*>(source->locals())->security_dest() == bd->local_eid().data()) ) { <a name="l00641"></a>00641 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::prepare() - not being forwarded"</span>); <a name="l00642"></a>00642 <span class="keywordflow">return</span> <a class="code" href="BlockProcessor_8h.html#446572d61c813971cb4d5ce4ee1b9c0b">BP_SUCCESS</a>; <span class="comment">//it was for us so don't forward</span> <a name="l00643"></a>00643 } <a name="l00644"></a>00644 <a name="l00645"></a>00645 BlockInfo bi = BlockInfo(BundleProtocol::find_processor(BundleProtocol::CONFIDENTIALITY_BLOCK), source); <span class="comment">// NULL source is OK here</span> <a name="l00646"></a>00646 <a name="l00647"></a>00647 <span class="comment">// If this is a received block then there's not a lot to do yet.</span> <a name="l00648"></a>00648 <span class="comment">// We copy some parameters - the main work is done in generate().</span> <a name="l00649"></a>00649 <span class="comment">// Insertion is at the end of the list, which means that</span> <a name="l00650"></a>00650 <span class="comment">// it will be in the same position as received</span> <a name="l00651"></a>00651 <span class="keywordflow">if</span> ( list == BlockInfo::LIST_RECEIVED ) { <a name="l00652"></a>00652 <a name="l00653"></a>00653 <a class="code" href="SDNV_8cc.html#ca68c0d4ac8df0838e209fb5300f7be3">ASSERT</a>(source != NULL); <a name="l00654"></a>00654 <span class="keywordflow">if</span> ( Ciphersuite::destination_is_local_node(bundle, source) ) <a name="l00655"></a>00655 <span class="keywordflow">return</span> <a class="code" href="BlockProcessor_8h.html#446572d61c813971cb4d5ce4ee1b9c0b">BP_SUCCESS</a>; <span class="comment">//don't forward if it's for here</span> <a name="l00656"></a>00656 <a name="l00657"></a>00657 xmit_blocks->push_back(bi); <a name="l00658"></a>00658 BlockInfo* bp = &(xmit_blocks->back()); <a name="l00659"></a>00659 bp->set_eid_list(source->eid_list()); <a name="l00660"></a>00660 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::prepare() - forward received block len %u eid_list_count %zu new count %zu"</span>, <a name="l00661"></a>00661 source->full_length(), source->eid_list().size(), bp->eid_list().size()); <a name="l00662"></a>00662 <a name="l00663"></a>00663 CS_FAIL_IF_NULL( source->locals() ) <span class="comment">// broken</span> <a name="l00664"></a>00664 <a name="l00665"></a>00665 source_locals = dynamic_cast<BP_Local_CS*>(source->locals()); <a name="l00666"></a>00666 CS_FAIL_IF_NULL(source_locals); <a name="l00667"></a>00667 bp->set_locals(<span class="keyword">new</span> BP_Local_CS); <a name="l00668"></a>00668 locals = <span class="keyword">dynamic_cast<</span>BP_Local_CS*<span class="keyword">></span>(bp->locals()); <a name="l00669"></a>00669 CS_FAIL_IF_NULL(locals); <a name="l00670"></a>00670 locals->set_owner_cs_num(CSNUM_C3); <a name="l00671"></a>00671 cs_flags = source_locals->cs_flags(); <a name="l00672"></a>00672 locals->set_list_owner(BlockInfo::LIST_RECEIVED); <a name="l00673"></a>00673 locals->set_correlator(source_locals->correlator()); <a name="l00674"></a>00674 bp->writable_contents()->reserve(source->full_length()); <a name="l00675"></a>00675 bp->writable_contents()->set_len(0); <a name="l00676"></a>00676 <a name="l00677"></a>00677 <span class="comment">// copy security-src and -dest if they exist</span> <a name="l00678"></a>00678 <span class="keywordflow">if</span> ( source_locals->cs_flags() & CS_BLOCK_HAS_SOURCE ) { <a name="l00679"></a>00679 CS_FAIL_IF(source_locals->security_src().length() == 0 ); <a name="l00680"></a>00680 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::prepare() add security_src EID"</span>); <a name="l00681"></a>00681 cs_flags |= CS_BLOCK_HAS_SOURCE; <a name="l00682"></a>00682 locals->set_security_src(source_locals->security_src()); <a name="l00683"></a>00683 } <a name="l00684"></a>00684 <a name="l00685"></a>00685 <span class="keywordflow">if</span> ( source_locals->cs_flags() & CS_BLOCK_HAS_DEST ) { <a name="l00686"></a>00686 CS_FAIL_IF(source_locals->security_dest().length() == 0 ); <a name="l00687"></a>00687 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::prepare() add security_dest EID"</span>); <a name="l00688"></a>00688 cs_flags |= CS_BLOCK_HAS_DEST; <a name="l00689"></a>00689 locals->set_security_dest(source_locals->security_dest()); <a name="l00690"></a>00690 } <a name="l00691"></a>00691 locals->set_cs_flags(cs_flags); <a name="l00692"></a>00692 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::prepare() - inserted block eid_list_count %zu"</span>, <a name="l00693"></a>00693 bp->eid_list().size()); <a name="l00694"></a>00694 result = <a class="code" href="BlockProcessor_8h.html#446572d61c813971cb4d5ce4ee1b9c0b">BP_SUCCESS</a>; <a name="l00695"></a>00695 <span class="keywordflow">return</span> result; <a name="l00696"></a>00696 } <span class="keywordflow">else</span> { <a name="l00697"></a>00697 <a name="l00698"></a>00698 <span class="comment">// initialize the block</span> <a name="l00699"></a>00699 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::prepare() - add new block (or API block etc)"</span>); <a name="l00700"></a>00700 bi.set_locals(<span class="keyword">new</span> BP_Local_CS); <a name="l00701"></a>00701 CS_FAIL_IF_NULL(bi.locals()); <a name="l00702"></a>00702 locals = <span class="keyword">dynamic_cast<</span>BP_Local_CS*<span class="keyword">></span>(bi.locals()); <a name="l00703"></a>00703 CS_FAIL_IF_NULL(locals); <a name="l00704"></a>00704 locals->set_owner_cs_num(CSNUM_C3); <a name="l00705"></a>00705 locals->set_list_owner(list); <a name="l00706"></a>00706 <a name="l00707"></a>00707 <span class="comment">// if there is a security-src and/or -dest, use it -- might be specified by API</span> <a name="l00708"></a>00708 <span class="keywordflow">if</span> ( source != NULL && source->locals() != NULL) { <a name="l00709"></a>00709 locals->set_security_src(dynamic_cast<BP_Local_CS*>(source->locals())->security_src()); <a name="l00710"></a>00710 locals->set_security_dest(dynamic_cast<BP_Local_CS*>(source->locals())->security_dest()); <a name="l00711"></a>00711 } <a name="l00712"></a>00712 <a name="l00713"></a>00713 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::prepare() local_eid %s bundle->source_ %s"</span>, local_eid.c_str(), bundle->source().c_str()); <a name="l00714"></a>00714 <span class="comment">// if not, and we didn't create the bundle, specify ourselves as sec-src</span> <a name="l00715"></a>00715 <span class="keywordflow">if</span> ( (locals->security_src().length() == 0) && (local_eid != bundle->source())) <a name="l00716"></a>00716 locals->set_security_src(local_eid.str()); <a name="l00717"></a>00717 <a name="l00718"></a>00718 <span class="comment">// if we now have one, add it to list, etc</span> <a name="l00719"></a>00719 <span class="keywordflow">if</span> ( locals->security_src().length() > 0 ) { <a name="l00720"></a>00720 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::prepare() add security_src EID %s"</span>, locals->security_src().c_str()); <a name="l00721"></a>00721 cs_flags |= CS_BLOCK_HAS_SOURCE; <a name="l00722"></a>00722 bi.add_eid(locals->security_src()); <a name="l00723"></a>00723 } <a name="l00724"></a>00724 <a name="l00725"></a>00725 <span class="keywordflow">if</span> ( locals->security_dest().length() > 0 ) { <a name="l00726"></a>00726 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::prepare() add security_dest EID %s"</span>, locals->security_dest().c_str()); <a name="l00727"></a>00727 cs_flags |= CS_BLOCK_HAS_DEST; <a name="l00728"></a>00728 bi.add_eid(locals->security_dest()); <a name="l00729"></a>00729 } <a name="l00730"></a>00730 <a name="l00731"></a>00731 locals->set_cs_flags(cs_flags); <a name="l00732"></a>00732 <a name="l00733"></a>00733 <span class="comment">// We should already have the primary block in the list.</span> <a name="l00734"></a>00734 <span class="comment">// We'll insert this after the primary and any BA blocks</span> <a name="l00735"></a>00735 <span class="comment">// and before everything else</span> <a name="l00736"></a>00736 <span class="keywordflow">if</span> ( xmit_blocks->size() > 0 ) { <a name="l00737"></a>00737 BlockInfoVec::iterator iter = xmit_blocks->begin(); <a name="l00738"></a>00738 <a name="l00739"></a>00739 <span class="keywordflow">while</span> ( iter != xmit_blocks->end()) { <a name="l00740"></a>00740 <span class="keywordflow">switch</span> (iter->type()) { <a name="l00741"></a>00741 <span class="keywordflow">case</span> BundleProtocol::PRIMARY_BLOCK: <a name="l00742"></a>00742 <span class="keywordflow">case</span> BundleProtocol::BUNDLE_AUTHENTICATION_BLOCK: <a name="l00743"></a>00743 ++iter; <a name="l00744"></a>00744 <span class="keywordflow">continue</span>; <a name="l00745"></a>00745 <a name="l00746"></a>00746 <span class="keywordflow">default</span>: <a name="l00747"></a>00747 <span class="keywordflow">break</span>; <a name="l00748"></a>00748 } <a name="l00749"></a>00749 xmit_blocks->insert(iter, bi); <a name="l00750"></a>00750 <span class="keywordflow">break</span>; <a name="l00751"></a>00751 } <a name="l00752"></a>00752 } <span class="keywordflow">else</span> { <a name="l00753"></a>00753 <span class="comment">// it's weird if there are no other blocks but, oh well ...</span> <a name="l00754"></a>00754 xmit_blocks->push_back(bi); <a name="l00755"></a>00755 } <a name="l00756"></a>00756 } <a name="l00757"></a>00757 <a name="l00758"></a>00758 <a name="l00759"></a>00759 result = <a class="code" href="BlockProcessor_8h.html#446572d61c813971cb4d5ce4ee1b9c0b">BP_SUCCESS</a>; <a name="l00760"></a>00760 <span class="keywordflow">return</span> result; <a name="l00761"></a>00761 <a name="l00762"></a>00762 fail: <a name="l00763"></a>00763 <span class="keywordflow">if</span> ( locals != NULL ) <a name="l00764"></a>00764 locals->set_proc_flag(CS_BLOCK_PROCESSING_FAILED_DO_NOT_SEND); <a name="l00765"></a>00765 <span class="keywordflow">return</span> <a class="code" href="BlockProcessor_8h.html#cce9a45a37bad1da41648533b0e15457">BP_FAIL</a>; <a name="l00766"></a>00766 } <a name="l00767"></a>00767 <a name="l00768"></a>00768 <span class="comment">//----------------------------------------------------------------------</span> <a name="l00769"></a>00769 <span class="keywordtype">int</span> <a name="l00770"></a>00770 Ciphersuite_C3::generate(<span class="keyword">const</span> Bundle* bundle, <a name="l00771"></a>00771 BlockInfoVec* xmit_blocks, <a name="l00772"></a>00772 BlockInfo* block, <a name="l00773"></a>00773 <span class="keyword">const</span> <a class="code" href="namespacedtn.html#6efb37e503f8062c537b022eb755b94e" title="Typedef for a reference on a link.">LinkRef</a>& link, <a name="l00774"></a>00774 <span class="keywordtype">bool</span> last) <a name="l00775"></a>00775 { <a name="l00776"></a>00776 (void)bundle; <a name="l00777"></a>00777 (void)link; <a name="l00778"></a>00778 (void)xmit_blocks; <a name="l00779"></a>00779 <a name="l00780"></a>00780 <span class="keywordtype">int</span> result = <a class="code" href="BlockProcessor_8h.html#cce9a45a37bad1da41648533b0e15457">BP_FAIL</a>; <a name="l00781"></a>00781 u_char key[key_len]; <span class="comment">//use AES128 16-byte key</span> <a name="l00782"></a>00782 u_char iv[iv_len]; <span class="comment">// AES iv length</span> <a name="l00783"></a>00783 u_char salt[nonce_len - iv_len]; <span class="comment">// salt for GCM</span> <a name="l00784"></a>00784 u_char fragment_item[24]; <span class="comment">// 24 is enough for 2 max-sized SDNVs and type and length</span> <a name="l00785"></a>00785 u_int16_t cs_flags = 0; <a name="l00786"></a>00786 <span class="keywordtype">bool</span> need_correlator = <span class="keyword">false</span>; <a name="l00787"></a>00787 u_int64_t correlator = 0LLU; <a name="l00788"></a>00788 BP_Local_CS* locals = <span class="keyword">dynamic_cast<</span>BP_Local_CS*<span class="keyword">></span>(block->locals()); <a name="l00789"></a>00789 BP_Local_CS* target_locals = NULL; <a name="l00790"></a>00790 u_char* ptr; <a name="l00791"></a>00791 <span class="keywordtype">size_t</span> temp; <a name="l00792"></a>00792 <span class="keywordtype">size_t</span> rem; <a name="l00793"></a>00793 DataBuffer encrypted_key; <a name="l00794"></a>00794 <span class="keywordtype">size_t</span> param_len = 0; <a name="l00795"></a>00795 <span class="keywordtype">size_t</span> res_len = 0; <a name="l00796"></a>00796 <span class="keywordtype">size_t</span> length = 0; <a name="l00797"></a>00797 u_char* buf = NULL; <a name="l00798"></a>00798 <span class="keywordtype">int</span> len = 0; <a name="l00799"></a>00799 <span class="keywordtype">int</span> sdnv_len = 0; <span class="comment">// use an int to handle -1 return values</span> <a name="l00800"></a>00800 u_int16_t n = 0; <a name="l00801"></a>00801 <span class="keywordtype">int</span> err = 0; <a name="l00802"></a>00802 BlockInfo::DataBuffer* contents = NULL; <a name="l00803"></a>00803 LocalBuffer* digest_result = NULL; <a name="l00804"></a>00804 LocalBuffer* params = NULL; <a name="l00805"></a>00805 <a name="l00806"></a>00806 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::generate() %p"</span>, block); <a name="l00807"></a>00807 <a name="l00808"></a>00808 CS_FAIL_IF_NULL(locals); <a name="l00809"></a>00809 cs_flags = locals->cs_flags(); <span class="comment">// get flags from prepare()</span> <a name="l00810"></a>00810 <span class="comment">// if this is a received block then it's easy</span> <a name="l00811"></a>00811 <span class="keywordflow">if</span> ( locals->list_owner() == BlockInfo::LIST_RECEIVED ) <a name="l00812"></a>00812 { <a name="l00813"></a>00813 <span class="comment">// generate the preamble and copy the data.</span> <a name="l00814"></a>00814 <span class="keywordtype">size_t</span> length = block->source()->data_length(); <a name="l00815"></a>00815 <a name="l00816"></a>00816 generate_preamble(xmit_blocks, <a name="l00817"></a>00817 block, <a name="l00818"></a>00818 BundleProtocol::CONFIDENTIALITY_BLOCK, <a name="l00819"></a>00819 BundleProtocol::BLOCK_FLAG_DISCARD_BUNDLE_ONERROR | <a name="l00820"></a>00820 <a class="code" href="dtn__types_8h.html#64de8fae8623c4133cc1c88eae9c7b96581853bc8e15e777af555dcf10df5083">BundleProtocol::BLOCK_FLAG_REPLICATE</a> | <a name="l00821"></a>00821 (last ? BundleProtocol::BLOCK_FLAG_LAST_BLOCK : 0), <a name="l00822"></a>00822 length); <a name="l00823"></a>00823 <a name="l00824"></a>00824 BlockInfo::DataBuffer* contents = block->writable_contents(); <a name="l00825"></a>00825 contents->reserve(block->data_offset() + length); <a name="l00826"></a>00826 contents->set_len(block->data_offset() + length); <a name="l00827"></a>00827 memcpy(contents->buf() + block->data_offset(), <a name="l00828"></a>00828 block->source()->data(), length); <a name="l00829"></a>00829 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::generate() %p done"</span>, block); <a name="l00830"></a>00830 <span class="keywordflow">return</span> <a class="code" href="BlockProcessor_8h.html#446572d61c813971cb4d5ce4ee1b9c0b">BP_SUCCESS</a>; <a name="l00831"></a>00831 } <a name="l00832"></a>00832 <a name="l00833"></a>00833 <span class="comment">// This block will have a correlator iff there are PSBs or CBs,</span> <a name="l00834"></a>00834 <span class="comment">// no correlator if only a payload and no PSBs or CBs</span> <a name="l00835"></a>00835 <span class="keywordflow">for</span> (BlockInfoVec::iterator iter = xmit_blocks->begin(); <a name="l00836"></a>00836 iter != xmit_blocks->end(); <a name="l00837"></a>00837 ++iter) <a name="l00838"></a>00838 { <a name="l00839"></a>00839 n++; <a name="l00840"></a>00840 <span class="comment">// Advance the iterator to our current position.</span> <a name="l00841"></a>00841 <span class="comment">// Long-winded implementation note:-</span> <a name="l00842"></a>00842 <span class="comment">// we would use "distance" but block isn't</span> <a name="l00843"></a>00843 <span class="comment">// an iterator, just a pointer. Pointer arithmetic</span> <a name="l00844"></a>00844 <span class="comment">// works in some systems but is not always portable</span> <a name="l00845"></a>00845 <span class="comment">// so we don't do that here.</span> <a name="l00846"></a>00846 <span class="keywordflow">if</span> ( (&*iter) <= block ) <a name="l00847"></a>00847 <span class="keywordflow">continue</span>; <a name="l00848"></a>00848 <a name="l00849"></a>00849 <span class="keywordflow">if</span> ( iter->type() == BundleProtocol::PAYLOAD_SECURITY_BLOCK ) { <a name="l00850"></a>00850 need_correlator = <span class="keyword">true</span>; <span class="comment">// yes - we need a correlator</span> <a name="l00851"></a>00851 <span class="keywordflow">break</span>; <a name="l00852"></a>00852 } <a name="l00853"></a>00853 <a name="l00854"></a>00854 <span class="keywordflow">if</span> ( iter->type() == BundleProtocol::CONFIDENTIALITY_BLOCK ) { <a name="l00855"></a>00855 target_locals = <span class="keyword">dynamic_cast<</span>BP_Local_CS*<span class="keyword">></span>(iter->locals()); <a name="l00856"></a>00856 CS_FAIL_IF_NULL(target_locals); <a name="l00857"></a>00857 <span class="keywordflow">if</span> ( target_locals->owner_cs_num() == CSNUM_C3 ) { <a name="l00858"></a>00858 need_correlator = <span class="keyword">true</span>; <span class="comment">// yes - we need a correlator</span> <a name="l00859"></a>00859 <span class="keywordflow">break</span>; <a name="l00860"></a>00860 } <a name="l00861"></a>00861 } <a name="l00862"></a>00862 <a name="l00863"></a>00863 } <a name="l00864"></a>00864 <a name="l00865"></a>00865 <span class="keywordflow">if</span> ( need_correlator ) { <a name="l00866"></a>00866 correlator = create_correlator(bundle, xmit_blocks); <a name="l00867"></a>00867 correlator |= (int)CSNUM_C3 << 16; <span class="comment">// add our ciphersuite number</span> <a name="l00868"></a>00868 locals->set_correlator( correlator ); <a name="l00869"></a>00869 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::generate() correlator %llu"</span>, U64FMT(correlator)); <a name="l00870"></a>00870 } <a name="l00871"></a>00871 <a name="l00872"></a>00872 <span class="comment">/* params field will contain</span> <a name="l00873"></a>00873 <span class="comment"> - salt (4 bytes), plus type and length</span> <a name="l00874"></a>00874 <span class="comment"> - IV (block-length, 8 bytes), plus type and length</span> <a name="l00875"></a>00875 <span class="comment"> - fragment offset and length, if a fragment-bundle, plus type and length</span> <a name="l00876"></a>00876 <span class="comment"> - key-identifier (optional, not implemented yet), plus type and length</span> <a name="l00877"></a>00877 <span class="comment"> */</span> <a name="l00878"></a>00878 <a name="l00879"></a>00879 params = locals->writable_security_params(); <a name="l00880"></a>00880 <a name="l00881"></a>00881 <span class="comment">// populate salt and IV</span> <a name="l00882"></a>00882 RAND_bytes(salt, <span class="keyword">sizeof</span>(salt)); <a name="l00883"></a>00883 RAND_bytes(iv, <span class="keyword">sizeof</span>(iv)); <a name="l00884"></a>00884 <a name="l00885"></a>00885 <span class="comment">// save for finalize()</span> <a name="l00886"></a>00886 locals->set_salt(salt, <span class="keyword">sizeof</span>(salt)); <a name="l00887"></a>00887 locals->set_iv(iv, <span class="keyword">sizeof</span>(iv)); <a name="l00888"></a>00888 <a name="l00889"></a>00889 param_len = 1 + 1 + <span class="keyword">sizeof</span>(salt); <span class="comment">// salt</span> <a name="l00890"></a>00890 param_len += 1 + 1 + <span class="keyword">sizeof</span>(iv); <span class="comment">// IV</span> <a name="l00891"></a>00891 <a name="l00892"></a>00892 <span class="keywordflow">if</span> ( bundle->is_fragment() ) { <a name="l00893"></a>00893 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::generate() bundle is fragment"</span>); <a name="l00894"></a>00894 ptr = &fragment_item[2]; <a name="l00895"></a>00895 rem = <span class="keyword">sizeof</span>(fragment_item) - 2; <a name="l00896"></a>00896 temp = <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(bundle->frag_offset(), ptr, rem); <a name="l00897"></a>00897 ptr += temp; <a name="l00898"></a>00898 rem -= temp; <a name="l00899"></a>00899 temp += <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(bundle->payload().length(), ptr, rem); <a name="l00900"></a>00900 fragment_item[0] = CS_fragment_offset_and_length_field; <a name="l00901"></a>00901 fragment_item[1] = temp; <span class="comment">//guaranteed to fit as a "one-byte SDNV"</span> <a name="l00902"></a>00902 param_len += 2 + temp; <a name="l00903"></a>00903 <a name="l00904"></a>00904 } <a name="l00905"></a>00905 <a name="l00906"></a>00906 params->reserve(param_len); <span class="comment">//will need more if there is a key identifier - TBD</span> <a name="l00907"></a>00907 params->set_len(param_len); <a name="l00908"></a>00908 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::generate() security params, len = %zu"</span>, param_len); <a name="l00909"></a>00909 <a name="l00910"></a>00910 ptr = params->buf(); <a name="l00911"></a>00911 *ptr++ = CS_C_block_salt; <a name="l00912"></a>00912 *ptr++ = <span class="keyword">sizeof</span>(salt); <span class="comment">// less than 127</span> <a name="l00913"></a>00913 memcpy(ptr, salt, <span class="keyword">sizeof</span>(salt)); <a name="l00914"></a>00914 ptr += <span class="keyword">sizeof</span>(salt); <a name="l00915"></a>00915 *ptr++ = CS_IV_field; <a name="l00916"></a>00916 *ptr++ = <span class="keyword">sizeof</span>(iv); <span class="comment">// less than 127</span> <a name="l00917"></a>00917 memcpy(ptr, iv, <span class="keyword">sizeof</span>(iv)); <a name="l00918"></a>00918 ptr += <span class="keyword">sizeof</span>(iv); <a name="l00919"></a>00919 <a name="l00920"></a>00920 <span class="keywordflow">if</span> ( bundle->is_fragment() ) <a name="l00921"></a>00921 memcpy(ptr, fragment_item, 2 + temp); <a name="l00922"></a>00922 <a name="l00923"></a>00923 <a name="l00924"></a>00924 <span class="comment">// need to calculate the size of the security-result items,</span> <a name="l00925"></a>00925 <span class="comment">// and the total length of the combined field</span> <a name="l00926"></a>00926 <a name="l00927"></a>00927 <span class="comment">/* result field will contain</span> <a name="l00928"></a>00928 <span class="comment"> - encrypted key, plus type and length</span> <a name="l00929"></a>00929 <span class="comment"> - ICV (Integrity Check Value), plus type and length</span> <a name="l00930"></a>00930 <span class="comment"> */</span> <a name="l00931"></a>00931 <a name="l00932"></a>00932 <span class="comment">/* encrypt the key, keeping a local copy --</span> <a name="l00933"></a>00933 <span class="comment"> put it directly into the result field</span> <a name="l00934"></a>00934 <span class="comment"> */</span> <a name="l00935"></a>00935 <a name="l00936"></a>00936 <span class="comment">// generate actual key</span> <a name="l00937"></a>00937 RAND_bytes(key, <span class="keyword">sizeof</span>(key)); <a name="l00938"></a>00938 <a name="l00939"></a>00939 <span class="comment">// save for finalize()</span> <a name="l00940"></a>00940 locals->set_key(key, <span class="keyword">sizeof</span>(key)); <a name="l00941"></a>00941 <a name="l00942"></a>00942 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::generate() key 0x%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx"</span>, <a name="l00943"></a>00943 key[0], key[1], key[2], key[3], key[4], key[5], key[6], key[7], <a name="l00944"></a>00944 key[8], key[9], key[10], key[11], key[12], key[13], key[14], key[15]); <a name="l00945"></a>00945 err = KeySteward::encrypt(bundle, NULL, link, locals->security_dest(), key, <span class="keyword">sizeof</span>(key), encrypted_key); <a name="l00946"></a>00946 CS_FAIL_IF(err != 0); <a name="l00947"></a>00947 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::generate() encrypted_key len = %zu"</span>, encrypted_key.len()); <a name="l00948"></a>00948 <a name="l00949"></a>00949 res_len = 1 + <a class="code" href="SDNV_8cc.html#46f4c114c92230c80f6714318251b542">SDNV::encoding_len</a>(encrypted_key.len()) + encrypted_key.len(); <a name="l00950"></a>00950 res_len += 1 + 1 + tag_len; <a name="l00951"></a>00951 <a name="l00952"></a>00952 digest_result = locals->writable_security_result(); <a name="l00953"></a>00953 digest_result->reserve(res_len); <a name="l00954"></a>00954 digest_result->set_len(res_len); <a name="l00955"></a>00955 rem = res_len; <a name="l00956"></a>00956 <a name="l00957"></a>00957 ptr = digest_result->buf(); <a name="l00958"></a>00958 *ptr++ = Ciphersuite::CS_encoded_key_field; <a name="l00959"></a>00959 rem--; <a name="l00960"></a>00960 temp = <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(encrypted_key.len(), ptr, rem); <a name="l00961"></a>00961 ptr += temp; <a name="l00962"></a>00962 rem -= temp; <a name="l00963"></a>00963 memcpy(ptr, encrypted_key.buf(), encrypted_key.len()); <a name="l00964"></a>00964 ptr += encrypted_key.len(); <a name="l00965"></a>00965 rem -= encrypted_key.len(); <a name="l00966"></a>00966 <a name="l00967"></a>00967 <span class="comment">// First we need to work out the lengths and create the preamble</span> <a name="l00968"></a>00968 length = 0; <a name="l00969"></a>00969 <span class="keywordflow">if</span> ( need_correlator ) { <a name="l00970"></a>00970 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::generate() correlator %llu"</span>, U64FMT(correlator)); <a name="l00971"></a>00971 locals->set_correlator(correlator); <a name="l00972"></a>00972 length += <a class="code" href="SDNV_8cc.html#46f4c114c92230c80f6714318251b542">SDNV::encoding_len</a>(locals->correlator()); <a name="l00973"></a>00973 cs_flags |= CS_BLOCK_HAS_CORRELATOR; <a name="l00974"></a>00974 } <a name="l00975"></a>00975 <a name="l00976"></a>00976 <span class="comment">// ciphersuite number and flags</span> <a name="l00977"></a>00977 cs_flags |= CS_BLOCK_HAS_PARAMS; <a name="l00978"></a>00978 cs_flags |= CS_BLOCK_HAS_RESULT; <a name="l00979"></a>00979 locals->set_cs_flags(cs_flags); <a name="l00980"></a>00980 length += <a class="code" href="SDNV_8cc.html#46f4c114c92230c80f6714318251b542">SDNV::encoding_len</a>(CSNUM_C3); <a name="l00981"></a>00981 length += <a class="code" href="SDNV_8cc.html#46f4c114c92230c80f6714318251b542">SDNV::encoding_len</a>(locals->cs_flags()); <a name="l00982"></a>00982 <a name="l00983"></a>00983 param_len = locals->security_params().len(); <a name="l00984"></a>00984 length += <a class="code" href="SDNV_8cc.html#46f4c114c92230c80f6714318251b542">SDNV::encoding_len</a>(param_len) + param_len; <a name="l00985"></a>00985 locals->set_security_result_offset(length); <span class="comment">//remember this for finalize()</span> <a name="l00986"></a>00986 length += <a class="code" href="SDNV_8cc.html#46f4c114c92230c80f6714318251b542">SDNV::encoding_len</a>(res_len) + res_len; <a name="l00987"></a>00987 <a name="l00988"></a>00988 contents = block->writable_contents(); <a name="l00989"></a>00989 <a name="l00990"></a>00990 generate_preamble(xmit_blocks, <a name="l00991"></a>00991 block, <a name="l00992"></a>00992 BundleProtocol::CONFIDENTIALITY_BLOCK, <a name="l00993"></a>00993 BundleProtocol::BLOCK_FLAG_DISCARD_BUNDLE_ONERROR | <a name="l00994"></a>00994 (last ? BundleProtocol::BLOCK_FLAG_LAST_BLOCK : 0), <a name="l00995"></a>00995 length); <a name="l00996"></a>00996 <a name="l00997"></a>00997 <a name="l00998"></a>00998 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::generate() preamble len %u block len %zu"</span>, block->data_offset(), length); <a name="l00999"></a>00999 contents->reserve(block->data_offset() + length); <a name="l01000"></a>01000 contents->set_len(block->data_offset() + length); <a name="l01001"></a>01001 buf = block->writable_contents()->buf() + block->data_offset(); <a name="l01002"></a>01002 len = length; <a name="l01003"></a>01003 <a name="l01004"></a>01004 <span class="comment">// Assemble data into block contents.</span> <a name="l01005"></a>01005 <a name="l01006"></a>01006 <span class="comment">// ciphersuite number and flags</span> <a name="l01007"></a>01007 <a name="l01008"></a>01008 sdnv_len = <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(locals->owner_cs_num(), buf, len); <a name="l01009"></a>01009 CS_FAIL_IF(sdnv_len <= 0); <a name="l01010"></a>01010 buf += sdnv_len; <a name="l01011"></a>01011 len -= sdnv_len; <a name="l01012"></a>01012 <a name="l01013"></a>01013 sdnv_len = <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(locals->cs_flags(), buf, len); <a name="l01014"></a>01014 CS_FAIL_IF(sdnv_len <= 0); <a name="l01015"></a>01015 buf += sdnv_len; <a name="l01016"></a>01016 len -= sdnv_len; <a name="l01017"></a>01017 <a name="l01018"></a>01018 <span class="keywordflow">if</span> ( need_correlator ) { <a name="l01019"></a>01019 <span class="comment">// correlator</span> <a name="l01020"></a>01020 sdnv_len = <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(locals->correlator(), buf, len); <a name="l01021"></a>01021 CS_FAIL_IF(sdnv_len <= 0); <a name="l01022"></a>01022 buf += sdnv_len; <a name="l01023"></a>01023 len -= sdnv_len; <a name="l01024"></a>01024 } <a name="l01025"></a>01025 <a name="l01026"></a>01026 <a name="l01027"></a>01027 <span class="comment">// length of params</span> <a name="l01028"></a>01028 sdnv_len = <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(param_len, buf, len); <a name="l01029"></a>01029 CS_FAIL_IF(sdnv_len <= 0); <a name="l01030"></a>01030 buf += sdnv_len; <a name="l01031"></a>01031 len -= sdnv_len; <a name="l01032"></a>01032 <a name="l01033"></a>01033 <span class="comment">// params data</span> <a name="l01034"></a>01034 memcpy(buf, locals->security_params().buf(), param_len ); <a name="l01035"></a>01035 buf += param_len; <a name="l01036"></a>01036 len -= param_len; <a name="l01037"></a>01037 <a name="l01038"></a>01038 <span class="comment">// length of result -- we have to put this in now</span> <a name="l01039"></a>01039 sdnv_len = <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(res_len, buf, len); <a name="l01040"></a>01040 <a name="l01041"></a>01041 <a name="l01042"></a>01042 <span class="comment">// no, no ! Not yet !! </span> <a name="l01043"></a>01043 <span class="comment">// ASSERT( len == 0 );</span> <a name="l01044"></a>01044 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::generate() done"</span>); <a name="l01045"></a>01045 <a name="l01046"></a>01046 <a name="l01047"></a>01047 result = <a class="code" href="BlockProcessor_8h.html#446572d61c813971cb4d5ce4ee1b9c0b">BP_SUCCESS</a>; <a name="l01048"></a>01048 <span class="keywordflow">return</span> result; <a name="l01049"></a>01049 <a name="l01050"></a>01050 fail: <a name="l01051"></a>01051 <span class="keywordflow">if</span> ( locals != NULL ) <a name="l01052"></a>01052 locals->set_proc_flag(CS_BLOCK_PROCESSING_FAILED_DO_NOT_SEND); <a name="l01053"></a>01053 <span class="keywordflow">return</span> <a class="code" href="BlockProcessor_8h.html#cce9a45a37bad1da41648533b0e15457">BP_FAIL</a>; <a name="l01054"></a>01054 } <a name="l01055"></a>01055 <a name="l01056"></a>01056 <span class="comment">//----------------------------------------------------------------------</span> <a name="l01057"></a>01057 <span class="keywordtype">int</span> <a name="l01058"></a>01058 Ciphersuite_C3::finalize(<span class="keyword">const</span> Bundle* bundle, <a name="l01059"></a>01059 BlockInfoVec* xmit_blocks, <a name="l01060"></a>01060 BlockInfo* block, <a name="l01061"></a>01061 <span class="keyword">const</span> <a class="code" href="namespacedtn.html#6efb37e503f8062c537b022eb755b94e" title="Typedef for a reference on a link.">LinkRef</a>& link) <a name="l01062"></a>01062 { <a name="l01063"></a>01063 (void)link; <a name="l01064"></a>01064 <span class="keywordtype">int</span> result = <a class="code" href="BlockProcessor_8h.html#cce9a45a37bad1da41648533b0e15457">BP_FAIL</a>; <a name="l01065"></a>01065 Bundle* deliberate_const_cast_bundle = <span class="keyword">const_cast<</span>Bundle*<span class="keyword">></span>(bundle); <a name="l01066"></a>01066 <span class="keywordtype">size_t</span> offset; <a name="l01067"></a>01067 <span class="keywordtype">size_t</span> len; <a name="l01068"></a>01068 <span class="keywordtype">size_t</span> length; <a name="l01069"></a>01069 <span class="keywordtype">size_t</span> param_len; <a name="l01070"></a>01070 <span class="keywordtype">size_t</span> res_len; <a name="l01071"></a>01071 gcm_ctx_ex ctx_ex; <span class="comment">// includes OpenSSL context within it</span> <a name="l01072"></a>01072 OpaqueContext* r = <span class="keyword">reinterpret_cast<</span>OpaqueContext*<span class="keyword">></span>(&ctx_ex); <a name="l01073"></a>01073 <span class="keywordtype">bool</span> changed = <span class="keyword">false</span>; <a name="l01074"></a>01074 u_char key[key_len]; <span class="comment">//use AES128 16-byte key</span> <a name="l01075"></a>01075 u_char iv[iv_len]; <span class="comment">// GCM "iv" length is 8 bytes</span> <a name="l01076"></a>01076 u_char nonce[nonce_len]; <span class="comment">// 12 bytes recommended</span> <a name="l01077"></a>01077 u_char tag[tag_len]; <span class="comment">// 128 bits recommended</span> <a name="l01078"></a>01078 u_char* buf; <a name="l01079"></a>01079 u_char* ptr; <a name="l01080"></a>01080 BP_Local_CS* locals = NULL; <a name="l01081"></a>01081 BP_Local_CS* target_locals = NULL; <a name="l01082"></a>01082 u_int64_t correlator; <a name="l01083"></a>01083 std::vector<u_int64_t> correlator_list; <a name="l01084"></a>01084 std::vector<u_int64_t>::iterator cl_iter; <a name="l01085"></a>01085 <span class="keywordtype">size_t</span> correlator_size = 0; <a name="l01086"></a>01086 <span class="keywordtype">int</span> sdnv_len = 0; <span class="comment">// use an int to handle -1 return values</span> <a name="l01087"></a>01087 EndpointID local_eid = BundleDaemon::instance()->local_eid(); <a name="l01088"></a>01088 <a name="l01089"></a>01089 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::finalize()"</span>); <a name="l01090"></a>01090 locals = <span class="keyword">dynamic_cast<</span>BP_Local_CS*<span class="keyword">></span>(block->locals()); <a name="l01091"></a>01091 CS_FAIL_IF_NULL(locals); <a name="l01092"></a>01092 <a name="l01093"></a>01093 <span class="comment">// if this is a received block then we're done</span> <a name="l01094"></a>01094 <span class="keywordflow">if</span> ( locals->list_owner() == BlockInfo::LIST_RECEIVED ) <a name="l01095"></a>01095 <span class="keywordflow">return</span> <a class="code" href="BlockProcessor_8h.html#446572d61c813971cb4d5ce4ee1b9c0b">BP_SUCCESS</a>; <a name="l01096"></a>01096 <a name="l01097"></a>01097 <span class="comment">// prepare context - one time for all usage here</span> <a name="l01098"></a>01098 memcpy(key, locals->key().buf(), key_len); <a name="l01099"></a>01099 <a class="code" href="gcm_8h.html#721f02566e2e0717ba131e470028ac3d">gcm_init_and_key</a>(key, key_len, &(ctx_ex.c)); <a name="l01100"></a>01100 ctx_ex.operation = op_encrypt; <a name="l01101"></a>01101 <a name="l01102"></a>01102 <span class="comment">// Walk the list and process each of the blocks.</span> <a name="l01103"></a>01103 <span class="comment">// We only change PS, C3 and the payload data,</span> <a name="l01104"></a>01104 <span class="comment">// all others are unmodified</span> <a name="l01105"></a>01105 <a name="l01106"></a>01106 <span class="comment">// Note that we can only process PSBs and C3s that follow this block</span> <a name="l01107"></a>01107 <span class="comment">// as doing otherwise would mean that there would be a</span> <a name="l01108"></a>01108 <span class="comment">// correlator block preceding its parent</span> <a name="l01109"></a>01109 <a name="l01110"></a>01110 <span class="comment">// However this causes a problem if the PS is a two-block scheme,</span> <a name="l01111"></a>01111 <span class="comment">// as we'll convert the second, correlated block to C and then</span> <a name="l01112"></a>01112 <span class="comment">// the PS processor won't have its second block.</span> <a name="l01113"></a>01113 <a name="l01114"></a>01114 <span class="comment">// There can also be tunnelling issues, depending upon the</span> <a name="l01115"></a>01115 <span class="comment">// exact sequencing of blocks. It seems best to add C blocks</span> <a name="l01116"></a>01116 <span class="comment">// as early as possible in order to mitigate this problem.</span> <a name="l01117"></a>01117 <span class="comment">// That has its own drawbacks unfortunately</span> <a name="l01118"></a>01118 <a name="l01119"></a>01119 <a name="l01120"></a>01120 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::finalize() walk block list"</span>); <a name="l01121"></a>01121 <span class="keywordflow">for</span> (BlockInfoVec::iterator iter = xmit_blocks->begin(); <a name="l01122"></a>01122 iter != xmit_blocks->end(); <a name="l01123"></a>01123 ++iter) <a name="l01124"></a>01124 { <a name="l01125"></a>01125 <span class="comment">// Advance the iterator to our current position.</span> <a name="l01126"></a>01126 <span class="comment">// While we do it, we also remember the correlator values</span> <a name="l01127"></a>01127 <span class="comment">// of any PSBs or C3 blocks we encounter.</span> <a name="l01128"></a>01128 <span class="comment">// We do this to avoid processing any related correlated blocks</span> <a name="l01129"></a>01129 <span class="comment">// Note that we include the current block in the test below</span> <a name="l01130"></a>01130 <span class="comment">// in order to prevent encapsulating it !!</span> <a name="l01131"></a>01131 <span class="keywordflow">if</span> ( (&*iter) <= block ) { <a name="l01132"></a>01132 <span class="keywordflow">if</span> ( iter->type() == BundleProtocol::PAYLOAD_SECURITY_BLOCK ) { <a name="l01133"></a>01133 <span class="comment">//add correlator to exclude-list</span> <a name="l01134"></a>01134 target_locals = <span class="keyword">dynamic_cast<</span>BP_Local_CS*<span class="keyword">></span>(iter->locals()); <a name="l01135"></a>01135 CS_FAIL_IF_NULL(target_locals); <a name="l01136"></a>01136 correlator_list.push_back(target_locals->correlator()); <a name="l01137"></a>01137 } <span class="keywordflow">else</span> <span class="keywordflow">if</span> (iter->type() == BundleProtocol::CONFIDENTIALITY_BLOCK ) { <a name="l01138"></a>01138 target_locals = <span class="keyword">dynamic_cast<</span>BP_Local_CS*<span class="keyword">></span>(iter->locals()); <a name="l01139"></a>01139 CS_FAIL_IF_NULL(target_locals); <a name="l01140"></a>01140 <span class="keywordflow">if</span> ( target_locals->owner_cs_num() == CSNUM_C3 ) { <a name="l01141"></a>01141 correlator_list.push_back(target_locals->correlator()); <a name="l01142"></a>01142 } <a name="l01143"></a>01143 } <a name="l01144"></a>01144 <span class="keywordflow">continue</span>; <a name="l01145"></a>01145 } <a name="l01146"></a>01146 <a name="l01147"></a>01147 <a name="l01148"></a>01148 <span class="keywordflow">switch</span> ( iter->type() ) { <a name="l01149"></a>01149 <a name="l01150"></a>01150 <span class="keywordflow">case</span> BundleProtocol::PAYLOAD_SECURITY_BLOCK: <a name="l01151"></a>01151 <span class="keywordflow">case</span> BundleProtocol::CONFIDENTIALITY_BLOCK: <a name="l01152"></a>01152 { <a name="l01153"></a>01153 <a name="l01154"></a>01154 target_locals = <span class="keyword">dynamic_cast<</span>BP_Local_CS*<span class="keyword">></span>(iter->locals()); <a name="l01155"></a>01155 CS_FAIL_IF_NULL(target_locals); <a name="l01156"></a>01156 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::finalize() PS or C block type %d cs_num %d"</span>, <a name="l01157"></a>01157 iter->type(), target_locals->owner_cs_num()); <a name="l01158"></a>01158 <span class="keywordflow">if</span> ( iter->type() == BundleProtocol::CONFIDENTIALITY_BLOCK && <a name="l01159"></a>01159 target_locals->owner_cs_num() != CSNUM_C3 ) <a name="l01160"></a>01160 <span class="keywordflow">continue</span>; <span class="comment">// only encapsulate C3</span> <a name="l01161"></a>01161 <a name="l01162"></a>01162 <a name="l01163"></a>01163 <span class="comment">// see if there's a correlator and, if there is,</span> <a name="l01164"></a>01164 <span class="comment">// if this is a secondary block. Only process a secondary</span> <a name="l01165"></a>01165 <span class="comment">// if we also did the primary</span> <a name="l01166"></a>01166 <span class="keywordtype">bool</span> skip_psb = <span class="keyword">false</span>; <a name="l01167"></a>01167 target_locals = <span class="keyword">dynamic_cast<</span>BP_Local_CS*<span class="keyword">></span>(iter->locals()); <a name="l01168"></a>01168 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::finalize() target_locals->cs_flags 0x%hx"</span>, target_locals->cs_flags()); <a name="l01169"></a>01169 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::finalize() target_locals->correlator() 0x%llx"</span>, U64FMT(target_locals->correlator())); <a name="l01170"></a>01170 <span class="keywordflow">if</span> ( target_locals->cs_flags() & CS_BLOCK_HAS_CORRELATOR) { <a name="l01171"></a>01171 correlator = target_locals->correlator(); <a name="l01172"></a>01172 <span class="keywordflow">for</span> ( cl_iter = correlator_list.begin(); <a name="l01173"></a>01173 cl_iter < correlator_list.end(); <a name="l01174"></a>01174 ++cl_iter) { <a name="l01175"></a>01175 <span class="keywordflow">if</span> ( correlator == *cl_iter) { <a name="l01176"></a>01176 skip_psb = <span class="keyword">true</span>; <a name="l01177"></a>01177 <span class="keywordflow">break</span>; <span class="comment">//break from for-loop</span> <a name="l01178"></a>01178 } <a name="l01179"></a>01179 } <a name="l01180"></a>01180 <span class="keywordflow">if</span> ( skip_psb ) <a name="l01181"></a>01181 <span class="keywordflow">break</span>; <span class="comment">//break from switch, continue for "for" loop</span> <a name="l01182"></a>01182 <a name="l01183"></a>01183 } <a name="l01184"></a>01184 <a name="l01185"></a>01185 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::finalize() encapsulate this block, len %u eid_ref_count %zu"</span>, <a name="l01186"></a>01186 iter->full_length(), iter->eid_list().size()); <a name="l01187"></a>01187 <span class="comment">// Either it has no correlator, or it wasn't in the list.</span> <a name="l01188"></a>01188 <span class="comment">// So we will encapsulate it into a C block. </span> <a name="l01189"></a>01189 <span class="comment">// We need to get the entire content and encrypt it, </span> <a name="l01190"></a>01190 <span class="comment">// then release the locals since we are changing ownership/type.</span> <a name="l01191"></a>01191 <span class="comment">// First thing to do is encrypt the entire target block</span> <a name="l01192"></a>01192 <a name="l01193"></a>01193 <span class="comment">// extract the last-block flag since we'll need it shortly</span> <a name="l01194"></a>01194 <span class="keywordtype">bool</span> last = iter->flags() & BundleProtocol::BLOCK_FLAG_LAST_BLOCK; <a name="l01195"></a>01195 <a name="l01196"></a>01196 <span class="comment">// nonce is 12 bytes, first 4 are salt (same for all blocks)</span> <a name="l01197"></a>01197 <span class="comment">// and last 8 bytes are per-block IV. The final 4 bytes in</span> <a name="l01198"></a>01198 <span class="comment">// the full block-sized field are, of course, the counter</span> <a name="l01199"></a>01199 <span class="comment">// which is not represented here</span> <a name="l01200"></a>01200 ptr = nonce; <a name="l01201"></a>01201 <a name="l01202"></a>01202 memcpy(ptr, locals->salt().buf(), nonce_len - iv_len); <a name="l01203"></a>01203 ptr += nonce_len - iv_len; <a name="l01204"></a>01204 RAND_bytes(iv, <span class="keyword">sizeof</span>(iv)); <span class="comment">// populate IV</span> <a name="l01205"></a>01205 memcpy(ptr, iv, iv_len); <a name="l01206"></a>01206 <a name="l01207"></a>01207 <span class="comment">// prepare context</span> <a name="l01208"></a>01208 <a class="code" href="gcm_8h.html#48cd234f03c3e3a1c89430a979fa3fca">gcm_init_message</a>(nonce, nonce_len, &(ctx_ex.c)); <a name="l01209"></a>01209 <a name="l01210"></a>01210 <span class="comment">// encrypt message in-place</span> <a name="l01211"></a>01211 <a class="code" href="gcm_8h.html#1d46a1f6a2fc83e504eb48a55814b289">gcm_encrypt_message</a>(nonce, <a name="l01212"></a>01212 nonce_len, <a name="l01213"></a>01213 NULL, <a name="l01214"></a>01214 0, <a name="l01215"></a>01215 iter->writable_contents()->buf(), <a name="l01216"></a>01216 iter->full_length(), <a name="l01217"></a>01217 tag, <a name="l01218"></a>01218 tag_len, <a name="l01219"></a>01219 &(ctx_ex.c)); <a name="l01220"></a>01220 <a name="l01221"></a>01221 <span class="comment">// copy encrypted block before it gets overwritten</span> <a name="l01222"></a>01222 BlockInfo::DataBuffer encap_block; <a name="l01223"></a>01223 <span class="keywordtype">size_t</span> encap_len = 1 + <a class="code" href="SDNV_8cc.html#46f4c114c92230c80f6714318251b542">SDNV::encoding_len</a>(iter->full_length()) + iter->full_length(); <a name="l01224"></a>01224 encap_block.reserve(encap_len); <a name="l01225"></a>01225 encap_block.set_len(encap_len); <a name="l01226"></a>01226 ptr = encap_block.buf(); <a name="l01227"></a>01227 *ptr++ = CS_encap_block_field; <a name="l01228"></a>01228 sdnv_len = <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(iter->full_length(), ptr, encap_len - 1); <a name="l01229"></a>01229 CS_FAIL_IF(sdnv_len <= 0); <a name="l01230"></a>01230 ptr += sdnv_len; <a name="l01231"></a>01231 memcpy(ptr, iter->contents().buf(), iter->full_length()); <a name="l01232"></a>01232 <a name="l01233"></a>01233 <span class="comment">// copy C3 locals to new locals block, but don't</span> <a name="l01234"></a>01234 <span class="comment">// replace old locals block yet</span> <a name="l01235"></a>01235 BP_Local_CS* new_target_locals = <span class="keyword">new</span> BP_Local_CS(*locals); <a name="l01236"></a>01236 u_int16_t cs_flags = CS_BLOCK_HAS_PARAMS | CS_BLOCK_HAS_RESULT | CS_BLOCK_HAS_CORRELATOR; <a name="l01237"></a>01237 <a name="l01238"></a>01238 <span class="comment">// we must make sure we retain EID references to the existing</span> <a name="l01239"></a>01239 <span class="comment">// security-source and security-dest. Since this is a follower</span> <a name="l01240"></a>01240 <span class="comment">// correlated block, we don't have actual security-src and -dest</span> <a name="l01241"></a>01241 <span class="comment">// as those are set in the parent. </span> <a name="l01242"></a>01242 <a name="l01243"></a>01243 <span class="comment">// So now we have the encrypted block in the work buffer and what</span> <a name="l01244"></a>01244 <span class="comment">// remains to do is construct the actual block contents in place</span> <a name="l01245"></a>01245 <span class="comment">// of the plaintext.</span> <a name="l01246"></a>01246 <a name="l01247"></a>01247 <span class="comment">// Note that we using OUR correlator here, not the one in the</span> <a name="l01248"></a>01248 <span class="comment">// original block</span> <a name="l01249"></a>01249 correlator_size = <a class="code" href="SDNV_8cc.html#46f4c114c92230c80f6714318251b542">SDNV::encoding_len</a>(locals->correlator()); <a name="l01250"></a>01250 <a name="l01251"></a>01251 <span class="comment">// First we need to work out the lengths and create the preamble</span> <a name="l01252"></a>01252 <span class="comment">//length = sizeof(num); // ciphersuite number and flags</span> <a name="l01253"></a>01253 length = 0; <span class="comment">// ciphersuite number and flags</span> <a name="l01254"></a>01254 length += <a class="code" href="SDNV_8cc.html#46f4c114c92230c80f6714318251b542">SDNV::encoding_len</a>(CSNUM_C3); <a name="l01255"></a>01255 length += <a class="code" href="SDNV_8cc.html#46f4c114c92230c80f6714318251b542">SDNV::encoding_len</a>(locals->cs_flags()); <a name="l01256"></a>01256 length += correlator_size; <a name="l01257"></a>01257 param_len = 1 + 1 + iv_len; <span class="comment">// 8-byte iv, sdnv fits in 1 byte</span> <a name="l01258"></a>01258 length += <a class="code" href="SDNV_8cc.html#46f4c114c92230c80f6714318251b542">SDNV::encoding_len</a>(param_len) + param_len; <a name="l01259"></a>01259 res_len = 1 + 1 + tag_len + encap_len; <span class="comment">//16-byte tag, sdnv is 1 byte</span> <a name="l01260"></a>01260 length += <a class="code" href="SDNV_8cc.html#46f4c114c92230c80f6714318251b542">SDNV::encoding_len</a>(res_len) + res_len; <a name="l01261"></a>01261 <a name="l01262"></a>01262 iter->writable_contents()->set_len(0); <span class="comment">// empty it to start with</span> <a name="l01263"></a>01263 iter->set_owner(BundleProtocol::find_processor(BundleProtocol::CONFIDENTIALITY_BLOCK)); <span class="comment">// "steal this block"</span> <a name="l01264"></a>01264 generate_preamble(xmit_blocks, <a name="l01265"></a>01265 &*iter, <a name="l01266"></a>01266 BundleProtocol::CONFIDENTIALITY_BLOCK, <a name="l01267"></a>01267 BundleProtocol::BLOCK_FLAG_DISCARD_BUNDLE_ONERROR | <a name="l01268"></a>01268 (last ? BundleProtocol::BLOCK_FLAG_LAST_BLOCK : 0), <a name="l01269"></a>01269 length); <a name="l01270"></a>01270 <a name="l01271"></a>01271 <a name="l01272"></a>01272 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::finalize() preamble len %u block len %zu"</span>, iter->data_offset(), length); <a name="l01273"></a>01273 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::finalize() owner()->block_type() %u buf()[0] %hhu"</span>, <a name="l01274"></a>01274 iter->owner()->block_type(), iter->contents().buf()[0]); <a name="l01275"></a>01275 iter->writable_contents()->reserve(iter->data_offset() + length); <a name="l01276"></a>01276 iter->writable_contents()->set_len(iter->data_offset() + length); <a name="l01277"></a>01277 buf = iter->writable_contents()->buf() + iter->data_offset(); <a name="l01278"></a>01278 len = length; <a name="l01279"></a>01279 <a name="l01280"></a>01280 <span class="comment">// Assemble data into block contents.</span> <a name="l01281"></a>01281 <a name="l01282"></a>01282 <span class="comment">// ciphersuite number and flags</span> <a name="l01283"></a>01283 new_target_locals->set_cs_flags(cs_flags); <a name="l01284"></a>01284 sdnv_len = <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(CSNUM_C3, buf, len); <a name="l01285"></a>01285 CS_FAIL_IF(sdnv_len <= 0); <a name="l01286"></a>01286 buf += sdnv_len; <a name="l01287"></a>01287 len -= sdnv_len; <a name="l01288"></a>01288 <a name="l01289"></a>01289 sdnv_len = <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(new_target_locals->cs_flags(), buf, len); <a name="l01290"></a>01290 CS_FAIL_IF(sdnv_len <= 0); <a name="l01291"></a>01291 buf += sdnv_len; <a name="l01292"></a>01292 len -= sdnv_len; <a name="l01293"></a>01293 <a name="l01294"></a>01294 <span class="comment">// correlator</span> <a name="l01295"></a>01295 sdnv_len = <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(locals->correlator(), buf, len); <a name="l01296"></a>01296 CS_FAIL_IF(sdnv_len <= 0); <a name="l01297"></a>01297 buf += sdnv_len; <a name="l01298"></a>01298 len -= sdnv_len; <a name="l01299"></a>01299 <a name="l01300"></a>01300 <span class="comment">// length of security params</span> <a name="l01301"></a>01301 sdnv_len = <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(param_len, buf, len); <a name="l01302"></a>01302 CS_FAIL_IF(sdnv_len <= 0); <a name="l01303"></a>01303 buf += sdnv_len; <a name="l01304"></a>01304 len -= sdnv_len; <a name="l01305"></a>01305 <a name="l01306"></a>01306 <span class="comment">// security params data - it's just the iv item</span> <a name="l01307"></a>01307 *buf++ = CS_IV_field; <a name="l01308"></a>01308 --len; <a name="l01309"></a>01309 *buf++ = iv_len; <a name="l01310"></a>01310 --len; <a name="l01311"></a>01311 memcpy(buf, iv, iv_len); <a name="l01312"></a>01312 buf += iv_len; <a name="l01313"></a>01313 len -= iv_len; <a name="l01314"></a>01314 <a name="l01315"></a>01315 <span class="comment">// length of security result</span> <a name="l01316"></a>01316 sdnv_len = <a class="code" href="SDNV_8cc.html#21c54ef3a5345647ad1cada265a03eb4">SDNV::encode</a>(res_len, buf, len); <a name="l01317"></a>01317 CS_FAIL_IF(sdnv_len <= 0); <a name="l01318"></a>01318 buf += sdnv_len; <a name="l01319"></a>01319 len -= sdnv_len; <a name="l01320"></a>01320 <a name="l01321"></a>01321 <span class="comment">// security result data - tag and the encapsulated block</span> <a name="l01322"></a>01322 *buf++ = CS_C_block_ICV_field; <a name="l01323"></a>01323 --len; <a name="l01324"></a>01324 *buf++ = tag_len; <a name="l01325"></a>01325 --len; <a name="l01326"></a>01326 memcpy(buf, tag, tag_len); <a name="l01327"></a>01327 buf += tag_len; <a name="l01328"></a>01328 len -= tag_len; <a name="l01329"></a>01329 <a name="l01330"></a>01330 <a name="l01331"></a>01331 memcpy(buf, encap_block.buf(), encap_block.len()); <a name="l01332"></a>01332 buf += encap_block.len(); <a name="l01333"></a>01333 len -= encap_block.len(); <a name="l01334"></a>01334 CS_FAIL_IF(len != 0); <a name="l01335"></a>01335 <a name="l01336"></a>01336 <span class="comment">// fix up the BlockInfo and related things, </span> <a name="l01337"></a>01337 <span class="comment">// remembering that "locals" was copied</span> <a name="l01338"></a>01338 <span class="comment">// from the original C3 block</span> <a name="l01339"></a>01339 <a name="l01340"></a>01340 iter->set_locals(new_target_locals); <span class="comment">//will also decrement ref for old one</span> <a name="l01341"></a>01341 target_locals = <span class="keyword">dynamic_cast<</span>BP_Local_CS*<span class="keyword">></span>(iter->locals()); <a name="l01342"></a>01342 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::finalize() encapsulation done"</span>); <a name="l01343"></a>01343 <a name="l01344"></a>01344 } <a name="l01345"></a>01345 <span class="keywordflow">break</span>; <a name="l01346"></a>01346 <a name="l01347"></a>01347 <span class="keywordflow">case</span> BundleProtocol::PAYLOAD_BLOCK: <a name="l01348"></a>01348 { <a name="l01349"></a>01349 <span class="comment">// prepare context -- key supplied already</span> <a name="l01350"></a>01350 <span class="comment">// nonce is 12 bytes, first 4 are salt (same for all blocks)</span> <a name="l01351"></a>01351 <span class="comment">// and last 8 bytes are per-block IV. The final 4 bytes in</span> <a name="l01352"></a>01352 <span class="comment">// the full block-sized field are, of course, the counter</span> <a name="l01353"></a>01353 <span class="comment">// which is not represented here</span> <a name="l01354"></a>01354 u_char* ptr; <a name="l01355"></a>01355 <span class="keywordtype">size_t</span> rem; <a name="l01356"></a>01356 u_char <a class="code" href="classprophet_1_1BundleEntryList.html#caf703e147911a7b98754bd961bbeeb4" title="Return type of entries hosted by this list.">type</a>; <a name="l01357"></a>01357 u_int64_t field_len; <a name="l01358"></a>01358 ptr = nonce; <a name="l01359"></a>01359 <a name="l01360"></a>01360 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::finalize() PAYLOAD_BLOCK"</span>); <a name="l01361"></a>01361 memcpy(ptr, locals->salt().buf(), salt_len); <a name="l01362"></a>01362 ptr += salt_len; <a name="l01363"></a>01363 memcpy(ptr, locals->iv().buf(), iv_len); <a name="l01364"></a>01364 <a name="l01365"></a>01365 <span class="comment">// prepare context</span> <a name="l01366"></a>01366 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::finalize() nonce 0x%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx"</span>, <a name="l01367"></a>01367 nonce[0], nonce[1], nonce[2], nonce[3], nonce[4], nonce[5], nonce[6], nonce[7], nonce[8], nonce[9], nonce[10], nonce[11]); <a name="l01368"></a>01368 <a class="code" href="gcm_8h.html#48cd234f03c3e3a1c89430a979fa3fca">gcm_init_message</a>(nonce, nonce_len, &(ctx_ex.c)); <a name="l01369"></a>01369 <a name="l01370"></a>01370 offset = iter->data_offset(); <a name="l01371"></a>01371 len = iter->data_length(); <a name="l01372"></a>01372 changed = <a name="l01373"></a>01373 iter->owner()->mutate( Ciphersuite_C3::do_crypt, <a name="l01374"></a>01374 deliberate_const_cast_bundle, <a name="l01375"></a>01375 block, <a name="l01376"></a>01376 &*iter, <a name="l01377"></a>01377 offset, <a name="l01378"></a>01378 len, <a name="l01379"></a>01379 r); <a name="l01380"></a>01380 <a name="l01381"></a>01381 <span class="comment">// collect the tag (icv) from the context</span> <a name="l01382"></a>01382 <a class="code" href="gcm_8h.html#84e08678ef30d0737224927a37c85e3b">gcm_compute_tag</a>( tag, tag_len, &(ctx_ex.c) ); <a name="l01383"></a>01383 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::finalize() tag 0x%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx%2.2hhx"</span>, <a name="l01384"></a>01384 tag[0], tag[1], tag[2], tag[3], tag[4], tag[5], tag[6], tag[7], tag[8], tag[9], tag[10], tag[11], tag[12], tag[13], tag[14], tag[15]); <a name="l01385"></a>01385 <a name="l01386"></a>01386 <span class="comment">// get the result item, and step over the encrypted key item</span> <a name="l01387"></a>01387 LocalBuffer* result = locals->writable_security_result(); <a name="l01388"></a>01388 ptr = result->buf(); <a name="l01389"></a>01389 rem = result->len(); <a name="l01390"></a>01390 type = *ptr++; <a name="l01391"></a>01391 CS_FAIL_IF(type != Ciphersuite::CS_encoded_key_field); <a name="l01392"></a>01392 rem--; <a name="l01393"></a>01393 sdnv_len = <a class="code" href="SDNV_8cc.html#151d178617a7c2f598cfd7630ebeb7b4">SDNV::decode</a>( ptr, rem, &field_len); <a name="l01394"></a>01394 ptr += sdnv_len; <a name="l01395"></a>01395 rem -= sdnv_len; <a name="l01396"></a>01396 ptr += field_len; <a name="l01397"></a>01397 rem -= field_len; <a name="l01398"></a>01398 CS_FAIL_IF( rem != 1 + 1 + tag_len); <a name="l01399"></a>01399 *ptr++ = CS_C_block_ICV_field; <a name="l01400"></a>01400 rem--; <a name="l01401"></a>01401 *ptr++ = tag_len; <a name="l01402"></a>01402 rem--; <a name="l01403"></a>01403 memcpy(ptr, tag, tag_len); <a name="l01404"></a>01404 <a name="l01405"></a>01405 <span class="comment">// now put the result item into the block contents</span> <a name="l01406"></a>01406 BlockInfo::DataBuffer* contents = block->writable_contents(); <a name="l01407"></a>01407 u_char* buf = contents->buf(); <a name="l01408"></a>01408 rem = contents->len(); <a name="l01409"></a>01409 buf += block->data_offset(); <span class="comment">// we need to add data_offset as well,</span> <a name="l01410"></a>01410 rem -= block->data_offset(); <span class="comment">// since we're pointing at the whole buffer</span> <a name="l01411"></a>01411 <a name="l01412"></a>01412 buf += locals->security_result_offset(); <span class="comment">//and this offset is just within</span> <a name="l01413"></a>01413 rem -= locals->security_result_offset(); <span class="comment">//the data portion of the buffer</span> <a name="l01414"></a>01414 sdnv_len = <a class="code" href="num2sdnv_8c.html#fed088663f8704004425cdae2120b9b3">SDNV::len</a>(buf); <span class="comment">// size of result-length field</span> <a name="l01415"></a>01415 buf += sdnv_len; <span class="comment">// step over that length field</span> <a name="l01416"></a>01416 rem -= sdnv_len; <a name="l01417"></a>01417 memcpy(buf, result->buf(), result->len()); <a name="l01418"></a>01418 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::finalize() PAYLOAD_BLOCK done"</span>); <a name="l01419"></a>01419 <a name="l01420"></a>01420 <a name="l01421"></a>01421 <a name="l01422"></a>01422 } <a name="l01423"></a>01423 <span class="keywordflow">break</span>; <span class="comment">//break from switch, continue for "for" loop</span> <a name="l01424"></a>01424 <a name="l01425"></a>01425 <span class="keywordflow">default</span>: <a name="l01426"></a>01426 <span class="keywordflow">continue</span>; <a name="l01427"></a>01427 <a name="l01428"></a>01428 } <span class="comment">// end of switch </span> <a name="l01429"></a>01429 <a name="l01430"></a>01430 <a name="l01431"></a>01431 } <a name="l01432"></a>01432 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::finalize() done"</span>); <a name="l01433"></a>01433 <a name="l01434"></a>01434 result = <a class="code" href="BlockProcessor_8h.html#446572d61c813971cb4d5ce4ee1b9c0b">BP_SUCCESS</a>; <a name="l01435"></a>01435 <span class="keywordflow">return</span> result; <a name="l01436"></a>01436 <a name="l01437"></a>01437 fail: <a name="l01438"></a>01438 <span class="keywordflow">if</span> ( locals != NULL ) <a name="l01439"></a>01439 locals->set_proc_flag(CS_BLOCK_PROCESSING_FAILED_DO_NOT_SEND); <a name="l01440"></a>01440 <span class="keywordflow">return</span> <a class="code" href="BlockProcessor_8h.html#cce9a45a37bad1da41648533b0e15457">BP_FAIL</a>; <a name="l01441"></a>01441 } <a name="l01442"></a>01442 <a name="l01443"></a>01443 <span class="comment">//----------------------------------------------------------------------</span> <a name="l01444"></a>01444 <span class="keywordtype">bool</span> <a name="l01445"></a>01445 Ciphersuite_C3::do_crypt(<span class="keyword">const</span> Bundle* bundle, <a name="l01446"></a>01446 <span class="keyword">const</span> BlockInfo* caller_block, <a name="l01447"></a>01447 BlockInfo* target_block, <a name="l01448"></a>01448 <span class="keywordtype">void</span>* buf, <a name="l01449"></a>01449 <span class="keywordtype">size_t</span> len, <a name="l01450"></a>01450 OpaqueContext* r) <a name="l01451"></a>01451 { <a name="l01452"></a>01452 (void) bundle; <a name="l01453"></a>01453 (void) caller_block; <a name="l01454"></a>01454 (void) target_block; <a name="l01455"></a>01455 gcm_ctx_ex* pctx = <span class="keyword">reinterpret_cast<</span>gcm_ctx_ex*<span class="keyword">></span>(r); <a name="l01456"></a>01456 <a name="l01457"></a>01457 log_debug_p(<a class="code" href="namespacedtn.html#68bf4270dd0a7e5e8390869b83889922">log</a>, <span class="stringliteral">"Ciphersuite_C3::do_crypt() operation %hhu len %zu"</span>, pctx->operation, len); <a name="l01458"></a>01458 <span class="keywordflow">if</span> (pctx->operation == op_encrypt) <a name="l01459"></a>01459 <a class="code" href="gcm_8h.html#14c0cae74fab923c0290ccbc0baa4a44">gcm_encrypt</a>( reinterpret_cast<u_char*>(buf), len, &(pctx->c) ); <a name="l01460"></a>01460 <span class="keywordflow">else</span> <a name="l01461"></a>01461 <a class="code" href="gcm_8h.html#eda1ee70a25e5b06af8341018a95b11d">gcm_decrypt</a>( reinterpret_cast<u_char*>(buf), len, &(pctx->c) ); <a name="l01462"></a>01462 <a name="l01463"></a>01463 <span class="keywordflow">return</span> (len > 0) ? <span class="keyword">true</span> : <span class="keyword">false</span>; <a name="l01464"></a>01464 } <a name="l01465"></a>01465 <a name="l01466"></a>01466 } <span class="comment">// namespace dtn</span> <a name="l01467"></a>01467 <a name="l01468"></a>01468 <span class="preprocessor">#endif </span><span class="comment">/* BSP_ENABLED */</span> </pre></div></div> <hr size="1"><address style="text-align: right;"><small>Generated on Fri Jan 30 09:26:53 2009 for DTN Reference Implementation by <a href="http://www.doxygen.org/index.html"> <img src="doxygen.png" alt="doxygen" align="middle" border="0"></a> 1.5.8 </small></address> </body> </html>