doxygen/1.0.0/ExtensionSecurityBlock_8cpp_source.html

 /*

  * ExtensionSecurityBlock.cpp

  *

  * Copyright (C) 2011 IBR, TU Braunschweig

  *

  * Written-by: Johannes Morgenroth <morgenroth@ibr.cs.tu-bs.de>

  *

  * Licensed under the Apache License, Version 2.0 (the "License");

  * you may not use this file except in compliance with the License.

  * You may obtain a copy of the License at

  *

  *     http://www.apache.org/licenses/LICENSE-2.0

  *

  * Unless required by applicable law or agreed to in writing, software

  * distributed under the License is distributed on an "AS IS" BASIS,

  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  * See the License for the specific language governing permissions and

  * limitations under the License.

  *

  */


 #include "ibrdtn/security/ExtensionSecurityBlock.h"

 #include <ibrcommon/Logger.h>

 #include "ibrdtn/data/Serializer.h"

 #include "ibrdtn/data/Bundle.h"

 #include <openssl/err.h>

 #include <openssl/rsa.h>

 #include <algorithm>


 #ifdef __DEVELOPMENT_ASSERTIONS__

 #include <cassert>

 #endif


 namespace dtn

 {

         namespace security

         {

                 const dtn::data::block_t ExtensionSecurityBlock::BLOCK_TYPE = SecurityBlock::EXTENSION_SECURITY_BLOCK;


                 dtn::data::Block* ExtensionSecurityBlock::Factory::create()

                 {

                         return new ExtensionSecurityBlock();

                 }


                 ExtensionSecurityBlock::ExtensionSecurityBlock()

                  : SecurityBlock(EXTENSION_SECURITY_BLOCK, ESB_RSA_AES128_EXT)

                 {

                 }


                 ExtensionSecurityBlock::~ExtensionSecurityBlock()

                 {

                 }


                 void ExtensionSecurityBlock::encrypt(dtn::data::Bundle& bundle, const SecurityKey &key, dtn::data::Bundle::iterator it, const dtn::data::EID& source, const dtn::data::EID& destination)

                 {

                         uint32_t salt = 0;


                         // load the rsa key

                         RSA *rsa_key = key.getRSA();


                         // key used for encrypting the block. the key will be encrypted using RSA

                         unsigned char ephemeral_key[ibrcommon::AES128Stream::key_size_in_bytes];

                         createSaltAndKey(salt, ephemeral_key, ibrcommon::AES128Stream::key_size_in_bytes);


                         dtn::security::ExtensionSecurityBlock& esb = SecurityBlock::encryptBlock<ExtensionSecurityBlock>(bundle, it, salt, ephemeral_key);


                         // set the source and destination address of the new block

                         if (source != bundle.source) esb.setSecuritySource( source );

                         if (destination != bundle.destination) esb.setSecurityDestination( destination );


                         // encrypt the ephemeral key and place it in _ciphersuite_params

                         addSalt(esb._ciphersuite_params, salt);

                         addKey(esb._ciphersuite_params, ephemeral_key, ibrcommon::AES128Stream::key_size_in_bytes, rsa_key);

                         esb._ciphersuite_flags |= CONTAINS_CIPHERSUITE_PARAMS;


                         // free the rsa key

                         key.free(rsa_key);

                 }


                 void ExtensionSecurityBlock::decrypt(dtn::data::Bundle& bundle, const SecurityKey &key, dtn::data::Bundle::iterator it)

                 {

                         const dtn::security::ExtensionSecurityBlock& block = dynamic_cast<const dtn::security::ExtensionSecurityBlock&>(**it);


                         // load the rsa key

                         RSA *rsa_key = key.getRSA();


                         // get key, convert with reinterpret_cast

                         unsigned char keydata[ibrcommon::AES128Stream::key_size_in_bytes];


                         if (!getKey(block._ciphersuite_params, keydata, ibrcommon::AES128Stream::key_size_in_bytes, rsa_key))

                         {

                                 IBRCOMMON_LOGGER_ex(critical) << "could not get symmetric key decrypted" << IBRCOMMON_LOGGER_ENDL;

                                 throw ibrcommon::Exception("could not extract the key");

                         }


                         // get salt, convert with stringstream

                         uint32_t salt = getSalt(block._ciphersuite_params);


                         SecurityBlock::decryptBlock(bundle, it, salt, keydata);

                 }


                 void ExtensionSecurityBlock::decrypt(dtn::data::Bundle& bundle, const SecurityKey &key, const dtn::data::Number &correlator)

                 {

                         // iterate through all extension security blocks

                         dtn::data::Bundle::find_iterator find_it(bundle.begin(), ExtensionSecurityBlock::BLOCK_TYPE);

                         while (find_it.next(bundle.end()))

                         {

                                 const dtn::security::ExtensionSecurityBlock &esb = dynamic_cast<const dtn::security::ExtensionSecurityBlock&>(**find_it);


                                 if ((correlator == 0) || (correlator == esb._correlator))

                                 {

                                         decrypt(bundle, key, find_it);

                                 }

                         }

                 }

         }

 }

dtn::security::SecurityBlock::_ciphersuite_flags
dtn::data::Bitset< CIPHERSUITE_FLAGS > _ciphersuite_flags
Definition: SecurityBlock.h:302

Bundle.h

Serializer.h

dtn::security::SecurityKey
Definition: SecurityKey.h:39

dtn::data::SDNV< Size >

dtn::security::SecurityBlock::decryptBlock
static void decryptBlock(dtn::data::Bundle &bundle, dtn::data::Bundle::iterator &it, uint32_t salt, const unsigned char key[ibrcommon::AES128Stream::key_size_in_bytes])
Definition: SecurityBlock.cpp:586

RSA
rsa_st RSA
Definition: SecurityBlock.h:35

dtn::security::SecurityKey::free
static void free(RSA *key)
Definition: SecurityKey.cpp:44

dtn::security::ExtensionSecurityBlock
Definition: ExtensionSecurityBlock.h:45

ExtensionSecurityBlock.h

dtn::security::SecurityBlock::setSecurityDestination
void setSecurityDestination(const dtn::data::EID &destination)
Definition: SecurityBlock.cpp:260

dtn::security::SecurityBlock::_ciphersuite_params
TLVList _ciphersuite_params
Definition: SecurityBlock.h:308

dtn::data::EID
Definition: EID.h:34

dtn::data::Bundle::begin
iterator begin()
Definition: Bundle.cpp:49

dtn::security::SecurityBlock::CONTAINS_CIPHERSUITE_PARAMS
Definition: SecurityBlock.h:145

dtn::data::Bundle
Definition: Bundle.h:52

dtn::security::ExtensionSecurityBlock::BLOCK_TYPE
static const dtn::data::block_t BLOCK_TYPE
Definition: ExtensionSecurityBlock.h:62

dtn::security::SecurityBlock::getKey
static bool getKey(const TLVList &security_parameter, unsigned char *key, dtn::data::Length key_size, RSA *rsa)
Definition: SecurityBlock.cpp:535

dtn::security::SecurityBlock::EXTENSION_SECURITY_BLOCK
Definition: SecurityBlock.h:124

dtn::security::SecurityBlock::salt
Definition: SecurityBlock.h:135

dtn::security::ExtensionSecurityBlock::encrypt
static void encrypt(dtn::data::Bundle &bundle, const SecurityKey &key, dtn::data::Bundle::iterator it, const dtn::data::EID &source, const dtn::data::EID &destination)
Definition: ExtensionSecurityBlock.cpp:54

dtn::security::SecurityKey::getRSA
virtual RSA * getRSA() const
Definition: SecurityKey.cpp:76

dtn::security::SecurityBlock::_correlator
dtn::data::Number _correlator
Definition: SecurityBlock.h:304

dtn::security::SecurityBlock::ESB_RSA_AES128_EXT
Definition: SecurityBlock.h:157

dtn::data::Bundle::iterator
block_list::iterator iterator
Definition: Bundle.h:76

dtn::security::ExtensionSecurityBlock::~ExtensionSecurityBlock
virtual ~ExtensionSecurityBlock()
Definition: ExtensionSecurityBlock.cpp:50

dtn::data::Block
Definition: Block.h:39

dtn::security::SecurityBlock::addKey
static void addKey(TLVList &security_parameter, unsigned char const *const key, dtn::data::Length key_size, RSA *rsa)
Definition: SecurityBlock.cpp:518

dtn::security::SecurityBlock
Definition: SecurityBlock.h:113

dtn::data::block_t
unsigned char block_t
Definition: Number.h:37

dtn::security::SecurityBlock::addSalt
static void addSalt(TLVList &security_parameters, const uint32_t &salt)
Definition: SecurityBlock.cpp:573

dtn::security::ExtensionSecurityBlock::Factory::create
virtual dtn::data::Block * create()
Definition: ExtensionSecurityBlock.cpp:40

dtn::data::Bundle::find_iterator
ibrcommon::find_iterator< iterator, block_t > find_iterator
Definition: Bundle.h:79

dtn::security::ExtensionSecurityBlock::decrypt
static void decrypt(dtn::data::Bundle &bundle, const SecurityKey &key, dtn::data::Bundle::iterator it)
Definition: ExtensionSecurityBlock.cpp:80

dtn::security::ExtensionSecurityBlock::ExtensionSecurityBlock
ExtensionSecurityBlock()
Definition: ExtensionSecurityBlock.cpp:45

dtn::security::SecurityBlock::getSalt
static uint32_t getSalt(const TLVList &security_parameters)
Definition: SecurityBlock.cpp:579

dtn::data::Bundle::end
iterator end()
Definition: Bundle.cpp:54

dtn::security::SecurityBlock::createSaltAndKey
static void createSaltAndKey(uint32_t &salt, unsigned char *key, dtn::data::Length key_size)
Definition: SecurityBlock.cpp:503

dtn::security::SecurityBlock::setSecuritySource
void setSecuritySource(const dtn::data::EID &source)
Definition: SecurityBlock.cpp:254