|
1 /* |
|
2 * Copyright 2006 SPARTA Inc |
|
3 * |
|
4 * Licensed under the Apache License, Version 2.0 (the "License"); |
|
5 * you may not use this file except in compliance with the License. |
|
6 * You may obtain a copy of the License at |
|
7 * |
|
8 * http://www.apache.org/licenses/LICENSE-2.0 |
|
9 * |
|
10 * Unless required by applicable law or agreed to in writing, software |
|
11 * distributed under the License is distributed on an "AS IS" BASIS, |
|
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
13 * See the License for the specific language governing permissions and |
|
14 * limitations under the License. |
|
15 */ |
|
16 |
|
17 #ifndef _CIPHERSUITE_PC3_H_ |
|
18 #define _CIPHERSUITE_PC3_H_ |
|
19 |
|
20 #ifdef BSP_ENABLED |
|
21 |
|
22 #include "gcm/gcm_aes.h" |
|
23 #include "gcm/gcm.h" |
|
24 #include "bundling/BlockProcessor.h" |
|
25 #include "PC_BlockProcessor.h" |
|
26 |
|
27 namespace dtn { |
|
28 |
|
29 /** |
|
30 * Block processor implementation for the bundle authentication block. |
|
31 */ |
|
32 class Ciphersuite_PC3 : public Ciphersuite { |
|
33 public: |
|
34 enum { |
|
35 op_invalid = 0, |
|
36 op_encrypt = 1, |
|
37 op_decrypt = 2 |
|
38 }; |
|
39 |
|
40 typedef struct { |
|
41 u_int8_t operation; |
|
42 gcm_ctx c; |
|
43 } gcm_ctx_ex; |
|
44 |
|
45 /// Constructor |
|
46 Ciphersuite_PC3(); |
|
47 |
|
48 virtual u_int16_t cs_num(); |
|
49 |
|
50 /// @{ Virtual from BlockProcessor |
|
51 /** |
|
52 * First callback for parsing blocks that is expected to append a |
|
53 * chunk of the given data to the given block. When the block is |
|
54 * completely received, this should also parse the block into any |
|
55 * fields in the bundle class. |
|
56 * |
|
57 * The base class implementation parses the block preamble fields |
|
58 * to find the length of the block and copies the preamble and the |
|
59 * data in the block's contents buffer. |
|
60 * |
|
61 * This and all derived implementations must be able to handle a |
|
62 * block that is received in chunks, including cases where the |
|
63 * preamble is split into multiple chunks. |
|
64 * |
|
65 * @return the amount of data consumed or -1 on error |
|
66 */ |
|
67 virtual int consume(Bundle* bundle, BlockInfo* block, |
|
68 u_char* buf, size_t len); |
|
69 |
|
70 /** |
|
71 * Validate the block. This is called after all blocks in the |
|
72 * bundle have been fully received. |
|
73 * |
|
74 * @return true if the block passes validation |
|
75 */ |
|
76 virtual bool validate(const Bundle* bundle, |
|
77 BlockInfoVec* block_list, |
|
78 BlockInfo* block, |
|
79 status_report_reason_t* reception_reason, |
|
80 status_report_reason_t* deletion_reason); |
|
81 |
|
82 /** |
|
83 * First callback to generate blocks for the output pass. The |
|
84 * function is expected to initialize an appropriate BlockInfo |
|
85 * structure in the given BlockInfoVec. |
|
86 * |
|
87 * The base class simply initializes an empty BlockInfo with the |
|
88 * appropriate owner_ pointer. |
|
89 */ |
|
90 virtual int prepare(const Bundle* bundle, |
|
91 BlockInfoVec* xmit_blocks, |
|
92 const BlockInfo* source, |
|
93 const LinkRef& link, |
|
94 list_owner_t list); |
|
95 |
|
96 /** |
|
97 * Second callback for transmitting a bundle. This pass should |
|
98 * generate any data for the block that does not depend on other |
|
99 * blocks' contents. |
|
100 */ |
|
101 virtual int generate(const Bundle* bundle, |
|
102 BlockInfoVec* xmit_blocks, |
|
103 BlockInfo* block, |
|
104 const LinkRef& link, |
|
105 bool last); |
|
106 |
|
107 /** |
|
108 * Third callback for transmitting a bundle. This pass should |
|
109 * generate any data (such as security signatures) for the block |
|
110 * that may depend on other blocks' contents. |
|
111 * |
|
112 * The base class implementation does nothing. |
|
113 */ |
|
114 virtual int finalize(const Bundle* bundle, |
|
115 BlockInfoVec* xmit_blocks, |
|
116 BlockInfo* block, |
|
117 const LinkRef& link); |
|
118 |
|
119 /** |
|
120 * Callback for encrypt/decrypt a block. This is normally |
|
121 * used for handling the payload contents. |
|
122 */ |
|
123 static bool do_crypt(const Bundle* bundle, |
|
124 const BlockInfo* caller_block, |
|
125 BlockInfo* target_block, |
|
126 void* buf, |
|
127 size_t len, |
|
128 OpaqueContext* r); |
|
129 |
|
130 /** |
|
131 * Ciphersuite number |
|
132 * iv_len is only 8 for GCM, which also uses 4-byte nonce |
|
133 */ |
|
134 enum { CSNUM_PC3 = 3, |
|
135 key_len = 128/8, |
|
136 nonce_len = 12, |
|
137 salt_len = 4, |
|
138 iv_len = nonce_len - salt_len, |
|
139 tag_len = 128/8 |
|
140 }; |
|
141 |
|
142 /// @} |
|
143 }; |
|
144 |
|
145 } // namespace dtn |
|
146 |
|
147 #endif /* BSP_ENABLED */ |
|
148 |
|
149 #endif /* _CIPHERSUITE_PC3_H_ */ |