IBR-DTNSuite  0.8
dtn::security::BundleAuthenticationBlock Class Reference

#include <BundleAuthenticationBlock.h>

Inheritance diagram for dtn::security::BundleAuthenticationBlock:
Collaboration diagram for dtn::security::BundleAuthenticationBlock:

List of all members.

Classes

class  Factory

Public Member Functions

virtual ~BundleAuthenticationBlock ()

Static Public Member Functions

static void auth (dtn::data::Bundle &bundle, const dtn::security::SecurityKey &key)
static void verify (const dtn::data::Bundle &bundle, const dtn::security::SecurityKey &key) throw (ibrcommon::Exception)
static void strip (dtn::data::Bundle &bundle, const dtn::security::SecurityKey &key)
static void strip (dtn::data::Bundle &bundle)

Static Public Attributes

static const char BLOCK_TYPE = SecurityBlock::BUNDLE_AUTHENTICATION_BLOCK

Protected Member Functions

 BundleAuthenticationBlock ()
virtual size_t getSecurityResultSize () const

Static Protected Member Functions

static std::string calcMAC (const dtn::data::Bundle &bundle, const dtn::security::SecurityKey &key, const bool with_correlator=false, const u_int64_t correlator=0)
static void verify (const dtn::data::Bundle &bundle, const dtn::security::SecurityKey &key, u_int64_t &correlator) throw (ibrcommon::Exception)

Friends

class dtn::data::Bundle

Detailed Description

Calculates the HMAC (Hashed Message Authentication Code) for P2P connections of security aware nodes. You can instantiate a factory of this class, which will be given keys and EIDs of the corresponding nodes.
You can use addMAC() to add BundleAuthenticationBlock pairs for each given key to the bundle. If you have received a Bundle you can verify it by using the method verify() and then remove all BundleAuthenticationBlocks by using removeAllBundleAuthenticationBlocks() from the bundle.

Definition at line 23 of file BundleAuthenticationBlock.h.


Constructor & Destructor Documentation

Deletes all keys, which were used for calculating the MACs

Definition at line 27 of file BundleAuthenticationBlock.cpp.

Creates an empty BundleAuthenticationBlock. This BAB is meant to be inserted into a bundle, by a factory. Because the instantiation will be done by the bundle instance for memory management, this method will be called be the bundle. The ciphersuite id is set to BAB_HMAC.

Definition at line 22 of file BundleAuthenticationBlock.cpp.

Referenced by dtn::security::BundleAuthenticationBlock::Factory::create().


Member Function Documentation

std::string dtn::security::BundleAuthenticationBlock::calcMAC ( const dtn::data::Bundle bundle,
const dtn::security::SecurityKey key,
const bool  with_correlator = false,
const u_int64_t  correlator = 0 
) [static, protected]

Creates the MAC of a given bundle using the BAB_HMAC algorithm. If a correlator is given the MAC is created for the primary block and the part of the bundle between the two BABs with the correlator.

Parameters:
bundlebundle of which the MAC shall be calculated
keythe key to be used for creating the MAC
key_sizethe size of the key
with_correlatortells if a correlator shall be used
correlatorthe correlator which shall be used
Returns:
a string containing the MAC

Definition at line 143 of file BundleAuthenticationBlock.cpp.

References dtn::security::SecurityBlock::BUNDLE_AUTHENTICATION_BLOCK, ibrcommon::HashStream::extract(), and dtn::security::SecurityKey::getData().

Referenced by auth().

Here is the call graph for this function:

Returns the size of the security result field. This is used for strict canonicalisation, where the block itself is included to the canonical form, but the security result is excluded or unknown.

Reimplemented from dtn::security::SecurityBlock.

Definition at line 154 of file BundleAuthenticationBlock.cpp.

References dtn::security::SecurityBlock::getLength().

Here is the call graph for this function:

strips verified BABs off the bundle

Parameters:
bundlethe bundle, which shall be cleaned from babs
key

Definition at line 62 of file BundleAuthenticationBlock.cpp.

References dtn::security::SecurityBlock::_ciphersuite_flags, dtn::security::SecurityBlock::_correlator, dtn::security::SecurityBlock::CONTAINS_CORRELATOR, dtn::data::Bundle::getBlocks(), dtn::data::Bundle::remove(), and verify().

Referenced by dtn::security::SecurityManager::verifyBAB().

Here is the call graph for this function:

strip all BABs off the bundle

Parameters:
bundlethe bundle, which shall be cleaned from babs

Definition at line 85 of file BundleAuthenticationBlock.cpp.

References dtn::data::Bundle::getBlocks(), and dtn::data::Bundle::remove().

Here is the call graph for this function:

Tests if the bundles MAC is correct. There might be multiple BABs inside the bundle, which may be tested. None of these BABs will be removed.

Parameters:
bundle
key

Definition at line 53 of file BundleAuthenticationBlock.cpp.

Referenced by strip(), and dtn::security::SecurityManager::verifyBAB().

void dtn::security::BundleAuthenticationBlock::verify ( const dtn::data::Bundle bundle,
const dtn::security::SecurityKey key,
u_int64_t &  correlator 
) throw (ibrcommon::Exception) [static, protected]

Tries to verify the bundle using the given key. If a BAB-pair is found, which contains a valid hash corresponding to the key, the first value of the returned pair is true and the second contains the correlator. otherwise the first value is false and the second undefined.

Parameters:
bundlebundle which shall be verified
keythe key for testing
Returns:
first is true if the key matched and second is the correlator of the matching pair. otherwise the first is false, if there was no matching

Definition at line 96 of file BundleAuthenticationBlock.cpp.

References dtn::security::SecurityBlock::_ciphersuite_flags, dtn::security::SecurityBlock::_ciphersuite_id, dtn::security::SecurityBlock::_correlator, dtn::security::SecurityBlock::_security_result, dtn::security::SecurityBlock::BAB_HMAC, dtn::security::SecurityBlock::TLVList::get(), IBRCOMMON_LOGGER_DEBUG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityBlock::integrity_signature, and dtn::security::SecurityBlock::isSecuritySource().

Here is the call graph for this function:


Friends And Related Function Documentation

friend class dtn::data::Bundle [friend]

This class is allowed to call the parameterless contructor.

Definition at line 28 of file BundleAuthenticationBlock.h.


Member Data Documentation

The block type of this class.

Definition at line 39 of file BundleAuthenticationBlock.h.


The documentation for this class was generated from the following files: