00001
00002
00003
00004
00005
00006
00007
00008 #include "ibrdtn/security/SecurityBlock.h"
00009 #include "ibrdtn/security/MutualSerializer.h"
00010 #include "ibrdtn/data/Bundle.h"
00011 #include "ibrdtn/data/PayloadBlock.h"
00012 #include "ibrdtn/data/ExtensionBlock.h"
00013
00014 #include <ibrcommon/Logger.h>
00015 #include <cstdlib>
00016 #include <openssl/rand.h>
00017 #include <openssl/err.h>
00018 #include <openssl/rsa.h>
00019
00020 #ifdef __DEVELOPMENT_ASSERTIONS__
00021 #include <cassert>
00022 #endif
00023
00024 namespace dtn
00025 {
00026 namespace security
00027 {
00028 const std::string SecurityBlock::TLVList::toString() const
00029 {
00030 std::stringstream ss;
00031
00032 for (std::set<TLV>::const_iterator iter = begin(); iter != end(); iter++)
00033 {
00034 ss << (*iter);
00035 }
00036
00037 return ss.str();
00038 }
00039
00040 size_t SecurityBlock::TLVList::getLength() const
00041 {
00042 size_t len = getPayloadLength();
00043 return len;
00044 }
00045
00046 size_t SecurityBlock::TLVList::getPayloadLength() const
00047 {
00048 size_t len = 0;
00049
00050 for (std::set<SecurityBlock::TLV>::const_iterator iter = begin(); iter != end(); iter++)
00051 {
00052 len += (*iter).getLength();
00053 }
00054
00055 return len;
00056 }
00057
00058 const std::string SecurityBlock::TLVList::get(SecurityBlock::TLV_TYPES type) const
00059 {
00060 for (std::set<SecurityBlock::TLV>::const_iterator iter = begin(); iter != end(); iter++)
00061 {
00062 if ((*iter).getType() == type)
00063 {
00064 return (*iter).getValue();
00065 }
00066 }
00067
00068 throw ibrcommon::Exception("element not found");
00069 }
00070
00071 void SecurityBlock::TLVList::get(TLV_TYPES type, unsigned char *value, size_t length) const
00072 {
00073 const std::string data = get(type);
00074
00075 if (length < data.size())
00076 {
00077 ::memcpy(value, data.c_str(), length);
00078 }
00079 else
00080 {
00081 ::memcpy(value, data.c_str(), data.size());
00082 }
00083 }
00084
00085 void SecurityBlock::TLVList::set(SecurityBlock::TLV_TYPES type, std::string value)
00086 {
00087 SecurityBlock::TLV tlv(type, value);
00088
00089 erase(tlv);
00090 insert(tlv);
00091 }
00092
00093 void SecurityBlock::TLVList::set(TLV_TYPES type, const unsigned char *value, size_t length)
00094 {
00095 const std::string data(reinterpret_cast<const char *>(value), length);
00096 set(type, data);
00097 }
00098
00099 void SecurityBlock::TLVList::remove(SecurityBlock::TLV_TYPES type)
00100 {
00101 erase(SecurityBlock::TLV(type, ""));
00102 }
00103
00104 const std::string SecurityBlock::TLV::getValue() const
00105 {
00106 return _value;
00107 }
00108
00109 SecurityBlock::TLV_TYPES SecurityBlock::TLV::getType() const
00110 {
00111 return _type;
00112 }
00113
00114 size_t SecurityBlock::TLV::getLength() const
00115 {
00116 return _value.getLength() + sizeof(char);
00117 }
00118
00119 std::ostream& operator<<(std::ostream &stream, const SecurityBlock::TLVList &tlvlist)
00120 {
00121 dtn::data::SDNV length(tlvlist.getPayloadLength());
00122 stream << length;
00123
00124 for (std::set<SecurityBlock::TLV>::const_iterator iter = tlvlist.begin(); iter != tlvlist.end(); iter++)
00125 {
00126 stream << (*iter);
00127 }
00128 return stream;
00129 }
00130
00131 std::istream& operator>>(std::istream &stream, SecurityBlock::TLVList &tlvlist)
00132 {
00133 dtn::data::SDNV length;
00134 stream >> length;
00135 size_t read_length = 0;
00136
00137 while (read_length < length.getValue())
00138 {
00139 SecurityBlock::TLV tlv;
00140 stream >> tlv;
00141 tlvlist.insert(tlv);
00142 read_length += tlv.getLength();
00143 }
00144
00145 return stream;
00146 }
00147
00148 bool SecurityBlock::TLV::operator<(const SecurityBlock::TLV &tlv) const
00149 {
00150 return (_type < tlv._type);
00151 }
00152
00153 bool SecurityBlock::TLV::operator==(const SecurityBlock::TLV &tlv) const
00154 {
00155 return (_type == tlv._type);
00156 }
00157
00158 std::ostream& operator<<(std::ostream &stream, const SecurityBlock::TLV &tlv)
00159 {
00160 stream.put((char)tlv._type);
00161 stream << tlv._value;
00162 return stream;
00163 }
00164
00165 std::istream& operator>>(std::istream &stream, SecurityBlock::TLV &tlv)
00166 {
00167 char tlv_type;
00168 stream.get(tlv_type); tlv._type = SecurityBlock::TLV_TYPES(tlv_type);
00169 stream >> tlv._value;
00170 return stream;
00171 }
00172
00173 SecurityBlock::SecurityBlock(const dtn::security::SecurityBlock::BLOCK_TYPES type, const dtn::security::SecurityBlock::CIPHERSUITE_IDS id)
00174 : Block(type), _ciphersuite_id(id), _ciphersuite_flags(0), _correlator(0)
00175 {
00176
00177 }
00178
00179 SecurityBlock::SecurityBlock(const dtn::security::SecurityBlock::BLOCK_TYPES type)
00180 : Block(type), _ciphersuite_flags(0), _correlator(0)
00181 {
00182
00183 }
00184
00185 SecurityBlock::~SecurityBlock()
00186 {
00187 }
00188
00189 void SecurityBlock::store_security_references()
00190 {
00191
00192 _eids.clear();
00193
00194
00195 if (_security_source == dtn::data::EID())
00196 {
00197 _ciphersuite_flags &= ~(SecurityBlock::CONTAINS_SECURITY_SOURCE);
00198 }
00199 else
00200 {
00201 _ciphersuite_flags |= SecurityBlock::CONTAINS_SECURITY_SOURCE;
00202 _eids.push_back(_security_source);
00203 }
00204
00205
00206 if (_security_destination == dtn::data::EID())
00207 {
00208 _ciphersuite_flags &= ~(SecurityBlock::CONTAINS_SECURITY_DESTINATION);
00209 }
00210 else
00211 {
00212 _ciphersuite_flags |= SecurityBlock::CONTAINS_SECURITY_DESTINATION;
00213 _eids.push_back(_security_destination);
00214 }
00215
00216 if (_eids.size() > 0)
00217 {
00218 set(Block::BLOCK_CONTAINS_EIDS, true);
00219 }
00220 else
00221 {
00222 set(Block::BLOCK_CONTAINS_EIDS, false);
00223 }
00224 }
00225
00226 const dtn::data::EID SecurityBlock::getSecuritySource() const
00227 {
00228 return _security_source;
00229 }
00230
00231 const dtn::data::EID SecurityBlock::getSecurityDestination() const
00232 {
00233 return _security_destination;
00234 }
00235
00236 void SecurityBlock::setSecuritySource(const dtn::data::EID &source)
00237 {
00238 _security_source = source;
00239 store_security_references();
00240 }
00241
00242 void SecurityBlock::setSecurityDestination(const dtn::data::EID &destination)
00243 {
00244 _security_destination = destination;
00245 store_security_references();
00246 }
00247
00248 void SecurityBlock::setCiphersuiteId(const CIPHERSUITE_IDS id)
00249 {
00250 _ciphersuite_id = static_cast<u_int64_t>(id);
00251 }
00252
00253 void SecurityBlock::setCorrelator(const u_int64_t corr)
00254 {
00255 _correlator = corr;
00256 _ciphersuite_flags |= SecurityBlock::CONTAINS_CORRELATOR;
00257 }
00258
00259 bool SecurityBlock::isCorrelatorPresent(const dtn::data::Bundle& bundle, const u_int64_t correlator)
00260 {
00261 std::list<const dtn::data::Block *> blocks = bundle.getBlocks();
00262 bool return_val = false;
00263 for (std::list<const dtn::data::Block *>::const_iterator it = blocks.begin(); it != blocks.end() && !return_val; it++)
00264 {
00265 char type = (*it)->getType();
00266 if (type == BUNDLE_AUTHENTICATION_BLOCK
00267 || type == PAYLOAD_INTEGRITY_BLOCK
00268 || type == PAYLOAD_CONFIDENTIAL_BLOCK
00269 || type == EXTENSION_SECURITY_BLOCK)
00270 return_val = static_cast<const SecurityBlock*>(*it)->_correlator == correlator;
00271 }
00272 return return_val;
00273 }
00274
00275 u_int64_t SecurityBlock::createCorrelatorValue(const dtn::data::Bundle& bundle)
00276 {
00277 u_int64_t corr = random();
00278 while (isCorrelatorPresent(bundle, corr))
00279 corr = random();
00280 return corr;
00281 }
00282
00283 size_t SecurityBlock::getLength() const
00284 {
00285 size_t length = dtn::data::SDNV::getLength(_ciphersuite_id)
00286 + dtn::data::SDNV::getLength(_ciphersuite_flags);
00287
00288 if (_ciphersuite_flags & CONTAINS_CORRELATOR)
00289 {
00290 length += dtn::data::SDNV::getLength(_correlator);
00291 }
00292
00293 if (_ciphersuite_flags & CONTAINS_CIPHERSUITE_PARAMS)
00294 {
00295 const dtn::data::SDNV size(_ciphersuite_params.getLength());
00296 length += size.getLength() + size.getValue();
00297 }
00298
00299 if (_ciphersuite_flags & CONTAINS_SECURITY_RESULT)
00300 {
00301 const dtn::data::SDNV size(getSecurityResultSize());
00302 length += size.getLength() + size.getValue();
00303 }
00304
00305 return length;
00306 }
00307
00308 size_t SecurityBlock::getLength_mutable() const
00309 {
00310
00311 size_t length = MutualSerializer::sdnv_size;
00312
00313
00314 length += MutualSerializer::sdnv_size;
00315
00316
00317 if (_ciphersuite_flags & CONTAINS_CORRELATOR)
00318 {
00319 length += MutualSerializer::sdnv_size;
00320 }
00321
00322
00323 if (_ciphersuite_flags & CONTAINS_CIPHERSUITE_PARAMS)
00324 {
00325 length += MutualSerializer::sdnv_size;
00326 length += _ciphersuite_params.getLength();
00327 }
00328
00329 if (_ciphersuite_flags & CONTAINS_SECURITY_RESULT)
00330 {
00331 length += MutualSerializer::sdnv_size + getSecurityResultSize();
00332 }
00333
00334 return length;
00335 }
00336
00337 std::ostream& SecurityBlock::serialize(std::ostream &stream) const
00338 {
00339 stream << dtn::data::SDNV(_ciphersuite_id) << dtn::data::SDNV(_ciphersuite_flags);
00340
00341 if (_ciphersuite_flags & CONTAINS_CORRELATOR)
00342 {
00343 stream << dtn::data::SDNV(_correlator);
00344 }
00345
00346 if (_ciphersuite_flags & CONTAINS_CIPHERSUITE_PARAMS)
00347 {
00348 stream << _ciphersuite_params;
00349 }
00350
00351 if (_ciphersuite_flags & CONTAINS_SECURITY_RESULT)
00352 {
00353 stream << _security_result;
00354 }
00355
00356 return stream;
00357 }
00358
00359 std::ostream& SecurityBlock::serialize_strict(std::ostream &stream) const
00360 {
00361 stream << dtn::data::SDNV(_ciphersuite_id) << dtn::data::SDNV(_ciphersuite_flags);
00362
00363 if (_ciphersuite_flags & CONTAINS_CORRELATOR)
00364 {
00365 stream << dtn::data::SDNV(_correlator);
00366 }
00367
00368 if (_ciphersuite_flags & CONTAINS_CIPHERSUITE_PARAMS)
00369 {
00370 stream << _ciphersuite_params;
00371 }
00372
00373 if (_ciphersuite_flags & CONTAINS_SECURITY_RESULT)
00374 {
00375 stream << dtn::data::SDNV(getSecurityResultSize());
00376 }
00377
00378 return stream;
00379 }
00380
00381 std::istream& SecurityBlock::deserialize(std::istream &stream)
00382 {
00383 #ifdef __DEVELOPMENT_ASSERTIONS__
00384
00385 assert(_blocktype == BUNDLE_AUTHENTICATION_BLOCK || _blocktype == PAYLOAD_INTEGRITY_BLOCK || _blocktype == PAYLOAD_CONFIDENTIAL_BLOCK || _blocktype == EXTENSION_SECURITY_BLOCK);
00386 #endif
00387
00388 dtn::data::SDNV ciphersuite_id, ciphersuite_flags;
00389 stream >> ciphersuite_id >> ciphersuite_flags;
00390 _ciphersuite_id = ciphersuite_id.getValue();
00391 _ciphersuite_flags = ciphersuite_flags.getValue();
00392
00393 #ifdef __DEVELOPMENT_ASSERTIONS__
00394
00395 assert(_ciphersuite_id == BAB_HMAC || _ciphersuite_id == PIB_RSA_SHA256 || _ciphersuite_id == PCB_RSA_AES128_PAYLOAD_PIB_PCB || _ciphersuite_id == ESB_RSA_AES128_EXT);
00396
00397 assert(_ciphersuite_flags < 32);
00398 #endif
00399
00400
00401 if (_ciphersuite_flags & SecurityBlock::CONTAINS_SECURITY_SOURCE)
00402 {
00403 if (_eids.size() == 0)
00404 throw dtn::SerializationFailedException("ciphersuite flags indicate a security source, but it is not present");
00405
00406 _security_source = _eids.front();
00407 }
00408
00409 if (_ciphersuite_flags & SecurityBlock::CONTAINS_SECURITY_DESTINATION)
00410 {
00411 if (_ciphersuite_flags & SecurityBlock::CONTAINS_SECURITY_SOURCE)
00412 {
00413 if (_eids.size() < 2)
00414 throw dtn::SerializationFailedException("ciphersuite flags indicate a security destination, but it is not present");
00415
00416 _security_destination = (*(_eids.begin())++);
00417 }
00418 else
00419 {
00420 if (_eids.size() == 0)
00421 throw dtn::SerializationFailedException("ciphersuite flags indicate a security destination, but it is not present");
00422
00423 _security_destination = _eids.front();
00424 }
00425 }
00426
00427 if (_ciphersuite_flags & CONTAINS_CORRELATOR)
00428 {
00429 dtn::data::SDNV correlator;
00430 stream >> correlator;
00431 _correlator = correlator.getValue();
00432 }
00433 if (_ciphersuite_flags & CONTAINS_CIPHERSUITE_PARAMS)
00434 {
00435 stream >> _ciphersuite_params;
00436 #ifdef __DEVELOPMENT_ASSERTIONS__
00437 assert(_ciphersuite_params.getLength() > 0);
00438 #endif
00439 }
00440
00441 if (_ciphersuite_flags & CONTAINS_SECURITY_RESULT)
00442 {
00443 stream >> _security_result;
00444 #ifdef __DEVELOPMENT_ASSERTIONS__
00445 assert(_security_result.getLength() > 0);
00446 #endif
00447 }
00448
00449 return stream;
00450 }
00451
00452 dtn::security::MutualSerializer& SecurityBlock::serialize_mutable(dtn::security::MutualSerializer &serializer) const
00453 {
00454 serializer << dtn::data::SDNV(_ciphersuite_id);
00455 serializer << dtn::data::SDNV(_ciphersuite_flags);
00456
00457 if (_ciphersuite_flags & CONTAINS_CORRELATOR)
00458 serializer << dtn::data::SDNV(_ciphersuite_flags);
00459
00460 if (_ciphersuite_flags & CONTAINS_CIPHERSUITE_PARAMS)
00461 {
00462 serializer << _ciphersuite_params;
00463 }
00464
00465 if (_ciphersuite_flags & CONTAINS_SECURITY_RESULT)
00466 {
00467 serializer << _security_result;
00468 }
00469
00470 return serializer;
00471 }
00472
00473 dtn::security::MutualSerializer& SecurityBlock::serialize_mutable_without_security_result(dtn::security::MutualSerializer &serializer) const
00474 {
00475 serializer << dtn::data::SDNV(_ciphersuite_id);
00476 serializer << dtn::data::SDNV(_ciphersuite_flags);
00477
00478 if (_ciphersuite_flags & CONTAINS_CORRELATOR)
00479 serializer << dtn::data::SDNV(_ciphersuite_flags);
00480
00481 if (_ciphersuite_flags & CONTAINS_CIPHERSUITE_PARAMS)
00482 {
00483 serializer << _ciphersuite_params;
00484 }
00485
00486 if (_ciphersuite_flags & CONTAINS_SECURITY_RESULT)
00487 {
00488 serializer << dtn::data::SDNV(getSecurityResultSize());
00489 }
00490
00491 return serializer;
00492 }
00493
00494 size_t SecurityBlock::getSecurityResultSize() const
00495 {
00496 #ifdef __DEVELOPMENT_ASSERTIONS__
00497 assert(_security_result.getLength() != 0);
00498 #endif
00499 return _security_result.getLength();
00500 }
00501
00502 void SecurityBlock::createSaltAndKey(u_int32_t& salt, unsigned char* key, size_t key_size)
00503 {
00504
00505 if (!RAND_bytes(reinterpret_cast<unsigned char *>(&salt), sizeof(u_int32_t)))
00506 {
00507 IBRCOMMON_LOGGER_ex(critical) << "failed to generate salt. maybe /dev/urandom is missing for seeding the PRNG" << IBRCOMMON_LOGGER_ENDL;
00508 ERR_print_errors_fp(stderr);
00509 }
00510 if (!RAND_bytes(key, key_size))
00511 {
00512 IBRCOMMON_LOGGER_ex(critical) << "failed to generate key. maybe /dev/urandom is missing for seeding the PRNG" << IBRCOMMON_LOGGER_ENDL;
00513 ERR_print_errors_fp(stderr);
00514 }
00515 }
00516
00517 void SecurityBlock::addKey(TLVList& security_parameter, unsigned char const * const key, size_t key_size, RSA * rsa)
00518 {
00519
00520 #ifdef __DEVELOPMENT_ASSERTIONS__
00521 assert(key_size < RSA_size(rsa)-41);
00522 #endif
00523 unsigned char encrypted_key[RSA_size(rsa)];
00524 int encrypted_key_len = RSA_public_encrypt(key_size, key, encrypted_key, rsa, RSA_PKCS1_OAEP_PADDING);
00525 if (encrypted_key_len == -1)
00526 {
00527 IBRCOMMON_LOGGER_ex(critical) << "failed to encrypt the symmetric AES key" << IBRCOMMON_LOGGER_ENDL;
00528 ERR_print_errors_fp(stderr);
00529 }
00530 security_parameter.set(SecurityBlock::key_information, std::string(reinterpret_cast<char *>(encrypted_key), encrypted_key_len));
00531 }
00532
00533 bool SecurityBlock::getKey(const TLVList& security_parameter, unsigned char * key, size_t key_size, RSA * rsa)
00534 {
00535 std::string key_string = security_parameter.get(SecurityBlock::key_information);
00536
00537 unsigned char const * encrypted_key = reinterpret_cast<const unsigned char*>(key_string.c_str());
00538 unsigned char the_key[RSA_size(rsa)];
00539 RSA_blinding_on(rsa, NULL);
00540 int plaintext_key_len = RSA_private_decrypt(key_string.size(), encrypted_key, the_key, rsa, RSA_PKCS1_OAEP_PADDING);
00541 RSA_blinding_off(rsa);
00542 if (plaintext_key_len == -1)
00543 {
00544 IBRCOMMON_LOGGER_ex(critical) << "failed to decrypt the symmetric AES key" << IBRCOMMON_LOGGER_ENDL;
00545 ERR_print_errors_fp(stderr);
00546 return false;
00547 }
00548 #ifdef __DEVELOPMENT_ASSERTIONS__
00549 assert(plaintext_key_len == key_size);
00550 #endif
00551 std::copy(the_key, the_key+key_size, key);
00552 return true;
00553 }
00554
00555 void SecurityBlock::copyEID(const Block& from, Block& to, size_t skip)
00556 {
00557
00558 std::list<dtn::data::EID> their_eids = from.getEIDList();
00559 std::list<dtn::data::EID>::iterator it = their_eids.begin();
00560
00561 while (it != their_eids.end() && skip > 0)
00562 {
00563 skip--;
00564 it++;
00565 }
00566
00567 for (; it != their_eids.end(); it++)
00568 to.addEID(*it);
00569 }
00570
00571 void SecurityBlock::addSalt(TLVList& security_parameters, u_int32_t salt)
00572 {
00573 std::stringstream salt_stream;
00574 salt_stream << salt;
00575 security_parameters.set(SecurityBlock::salt, salt_stream.str());
00576 }
00577
00578 u_int32_t SecurityBlock::getSalt(const TLVList& security_parameters)
00579 {
00580
00581 std::string salt_string = security_parameters.get(SecurityBlock::salt);
00582 std::stringstream salt_stream;
00583 salt_stream << salt_string;
00584 u_int32_t salt;
00585 salt_stream >> salt;
00586 return salt;
00587 }
00588
00589 void SecurityBlock::decryptBlock(dtn::data::Bundle& bundle, const dtn::security::SecurityBlock &block, u_int32_t salt, const unsigned char key[ibrcommon::AES128Stream::key_size_in_bytes])
00590 {
00591
00592 unsigned char tag[ibrcommon::AES128Stream::tag_len];
00593
00594
00595 unsigned char iv[ibrcommon::AES128Stream::iv_len];
00596
00597
00598 block._ciphersuite_params.get(SecurityBlock::initialization_vector, iv, ibrcommon::AES128Stream::iv_len);
00599
00600
00601 std::string block_data = block._security_result.get(SecurityBlock::encapsulated_block);
00602
00603
00604 const char *tag_p = block_data.c_str() + (block_data.size() - ibrcommon::AES128Stream::tag_len);
00605
00606
00607 ::memcpy(tag, tag_p, ibrcommon::AES128Stream::tag_len);
00608
00609
00610 block_data.resize(block_data.size() - ibrcommon::AES128Stream::tag_len);
00611
00612
00613 std::stringstream plaintext;
00614 ibrcommon::AES128Stream decrypt(ibrcommon::CipherStream::CIPHER_DECRYPT, plaintext, key, salt, iv);
00615 decrypt << block_data << std::flush;
00616
00617
00618 if (!decrypt.verify(tag))
00619 {
00620 throw ibrcommon::Exception("decryption of block failed - tag is bad");
00621 }
00622
00623
00624 dtn::data::DefaultDeserializer ddser(plaintext);
00625
00626
00627 char block_type = plaintext.peek();
00628
00629 if (block_type == dtn::data::PayloadBlock::BLOCK_TYPE)
00630 {
00631 dtn::data::PayloadBlock &plaintext_block = bundle.insert<dtn::data::PayloadBlock>(block);
00632 ddser >> plaintext_block;
00633 }
00634 else
00635 {
00636 try {
00637 dtn::data::ExtensionBlock::Factory &f = dtn::data::ExtensionBlock::Factory::get(block_type);
00638 dtn::data::Block &plaintext_block = bundle.insert(f, block);
00639 ddser >> plaintext_block;
00640
00641 plaintext_block.getEIDList().clear();
00642
00643
00644
00645 size_t skip = 0;
00646 if (block._ciphersuite_flags & SecurityBlock::CONTAINS_SECURITY_DESTINATION)
00647 skip++;
00648 if (block._ciphersuite_flags & SecurityBlock::CONTAINS_SECURITY_SOURCE)
00649 skip++;
00650 copyEID(plaintext_block, plaintext_block, skip);
00651
00652 } catch (const ibrcommon::Exception &ex) {
00653 dtn::data::ExtensionBlock &plaintext_block = bundle.insert<dtn::data::ExtensionBlock>(block);
00654 ddser >> plaintext_block;
00655
00656 plaintext_block.getEIDList().clear();
00657
00658
00659
00660 size_t skip = 0;
00661 if (block._ciphersuite_flags & SecurityBlock::CONTAINS_SECURITY_DESTINATION)
00662 skip++;
00663 if (block._ciphersuite_flags & SecurityBlock::CONTAINS_SECURITY_SOURCE)
00664 skip++;
00665 copyEID(plaintext_block, plaintext_block, skip);
00666 }
00667 }
00668
00669 bundle.remove(block);
00670 }
00671
00672 void SecurityBlock::addFragmentRange(TLVList& ciphersuite_params, size_t fragmentoffset, size_t payload_length)
00673 {
00674 dtn::data::SDNV offset(fragmentoffset);
00675 dtn::data::SDNV range_sdnv(payload_length);
00676
00677 std::stringstream ss;
00678 ss << offset << range_sdnv;
00679
00680 ciphersuite_params.set(SecurityBlock::fragment_range, ss.str());
00681 }
00682
00683 bool SecurityBlock::isSecuritySource(const dtn::data::Bundle& bundle, const dtn::data::EID& eid) const
00684 {
00685 IBRCOMMON_LOGGER_DEBUG(30) << "check security source: " << getSecuritySource(bundle).getString() << " == " << eid.getNodeEID() << IBRCOMMON_LOGGER_ENDL;
00686 return getSecuritySource(bundle) == eid.getNodeEID();
00687 }
00688
00689 bool SecurityBlock::isSecurityDestination(const dtn::data::Bundle& bundle, const dtn::data::EID& eid) const
00690 {
00691 IBRCOMMON_LOGGER_DEBUG(30) << "check security destination: " << getSecurityDestination(bundle).getString() << " == " << eid.getNodeEID() << IBRCOMMON_LOGGER_ENDL;
00692 return getSecurityDestination(bundle) == eid.getNodeEID();
00693 }
00694
00695 const dtn::data::EID SecurityBlock::getSecuritySource(const dtn::data::Bundle& bundle) const
00696 {
00697 dtn::data::EID source = getSecuritySource();
00698 if (source == dtn::data::EID())
00699 source = bundle._source.getNodeEID();
00700 return source;
00701 }
00702
00703 const dtn::data::EID SecurityBlock::getSecurityDestination(const dtn::data::Bundle& bundle) const
00704 {
00705 dtn::data::EID destination = getSecurityDestination();
00706 if (destination == dtn::data::EID())
00707 destination = bundle._destination.getNodeEID();
00708 return destination;
00709 }
00710 }
00711 }
