IBR-DTNSuite
0.8
|
#include <BundleAuthenticationBlock.h>
Classes | |
class | Factory |
Public Member Functions | |
virtual | ~BundleAuthenticationBlock () |
Static Public Member Functions | |
static void | auth (dtn::data::Bundle &bundle, const dtn::security::SecurityKey &key) |
static void | verify (const dtn::data::Bundle &bundle, const dtn::security::SecurityKey &key) throw (ibrcommon::Exception) |
static void | strip (dtn::data::Bundle &bundle, const dtn::security::SecurityKey &key) |
static void | strip (dtn::data::Bundle &bundle) |
Static Public Attributes | |
static const char | BLOCK_TYPE = SecurityBlock::BUNDLE_AUTHENTICATION_BLOCK |
Protected Member Functions | |
BundleAuthenticationBlock () | |
virtual size_t | getSecurityResultSize () const |
Static Protected Member Functions | |
static std::string | calcMAC (const dtn::data::Bundle &bundle, const dtn::security::SecurityKey &key, const bool with_correlator=false, const u_int64_t correlator=0) |
static void | verify (const dtn::data::Bundle &bundle, const dtn::security::SecurityKey &key, u_int64_t &correlator) throw (ibrcommon::Exception) |
Friends | |
class | dtn::data::Bundle |
Calculates the HMAC (Hashed Message Authentication Code) for P2P connections of security aware nodes. You can instantiate a factory of this class, which will be given keys and EIDs of the corresponding nodes.
You can use addMAC() to add BundleAuthenticationBlock pairs for each given key to the bundle. If you have received a Bundle you can verify it by using the method verify() and then remove all BundleAuthenticationBlocks by using removeAllBundleAuthenticationBlocks() from the bundle.
Definition at line 23 of file BundleAuthenticationBlock.h.
Deletes all keys, which were used for calculating the MACs
Definition at line 27 of file BundleAuthenticationBlock.cpp.
Creates an empty BundleAuthenticationBlock. This BAB is meant to be inserted into a bundle, by a factory. Because the instantiation will be done by the bundle instance for memory management, this method will be called be the bundle. The ciphersuite id is set to BAB_HMAC.
Definition at line 22 of file BundleAuthenticationBlock.cpp.
Referenced by dtn::security::BundleAuthenticationBlock::Factory::create().
void dtn::security::BundleAuthenticationBlock::auth | ( | dtn::data::Bundle & | bundle, |
const dtn::security::SecurityKey & | key | ||
) | [static] |
authenticate a given bundle
bundle | |
key |
Definition at line 31 of file BundleAuthenticationBlock.cpp.
References dtn::security::SecurityBlock::_ciphersuite_flags, dtn::security::SecurityBlock::_security_result, dtn::data::PrimaryBlock::_source, dtn::security::SecurityBlock::BAB_HMAC, calcMAC(), dtn::security::SecurityBlock::CONTAINS_SECURITY_RESULT, dtn::security::SecurityBlock::createCorrelatorValue(), dtn::data::Block::DISCARD_IF_NOT_PROCESSED, dtn::data::EID::getNode(), dtn::security::SecurityBlock::integrity_signature, dtn::data::Bundle::push_back(), dtn::data::Bundle::push_front(), dtn::security::SecurityKey::reference, dtn::data::Block::set(), dtn::security::SecurityBlock::TLVList::set(), dtn::security::SecurityBlock::setCiphersuiteId(), dtn::security::SecurityBlock::setCorrelator(), and dtn::security::SecurityBlock::setSecuritySource().
Referenced by dtn::security::SecurityManager::auth().
std::string dtn::security::BundleAuthenticationBlock::calcMAC | ( | const dtn::data::Bundle & | bundle, |
const dtn::security::SecurityKey & | key, | ||
const bool | with_correlator = false , |
||
const u_int64_t | correlator = 0 |
||
) | [static, protected] |
Creates the MAC of a given bundle using the BAB_HMAC algorithm. If a correlator is given the MAC is created for the primary block and the part of the bundle between the two BABs with the correlator.
bundle | bundle of which the MAC shall be calculated |
key | the key to be used for creating the MAC |
key_size | the size of the key |
with_correlator | tells if a correlator shall be used |
correlator | the correlator which shall be used |
Definition at line 143 of file BundleAuthenticationBlock.cpp.
References dtn::security::SecurityBlock::BUNDLE_AUTHENTICATION_BLOCK, ibrcommon::HashStream::extract(), and dtn::security::SecurityKey::getData().
Referenced by auth().
size_t dtn::security::BundleAuthenticationBlock::getSecurityResultSize | ( | ) | const [protected, virtual] |
Returns the size of the security result field. This is used for strict canonicalisation, where the block itself is included to the canonical form, but the security result is excluded or unknown.
Reimplemented from dtn::security::SecurityBlock.
Definition at line 154 of file BundleAuthenticationBlock.cpp.
References dtn::security::SecurityBlock::getLength().
void dtn::security::BundleAuthenticationBlock::strip | ( | dtn::data::Bundle & | bundle, |
const dtn::security::SecurityKey & | key | ||
) | [static] |
strips verified BABs off the bundle
bundle | the bundle, which shall be cleaned from babs |
key |
Definition at line 62 of file BundleAuthenticationBlock.cpp.
References dtn::security::SecurityBlock::_ciphersuite_flags, dtn::security::SecurityBlock::_correlator, dtn::security::SecurityBlock::CONTAINS_CORRELATOR, dtn::data::Bundle::getBlocks(), dtn::data::Bundle::remove(), and verify().
Referenced by dtn::security::SecurityManager::verifyBAB().
void dtn::security::BundleAuthenticationBlock::strip | ( | dtn::data::Bundle & | bundle | ) | [static] |
strip all BABs off the bundle
bundle | the bundle, which shall be cleaned from babs |
Definition at line 85 of file BundleAuthenticationBlock.cpp.
References dtn::data::Bundle::getBlocks(), and dtn::data::Bundle::remove().
void dtn::security::BundleAuthenticationBlock::verify | ( | const dtn::data::Bundle & | bundle, |
const dtn::security::SecurityKey & | key | ||
) | throw (ibrcommon::Exception) [static] |
Tests if the bundles MAC is correct. There might be multiple BABs inside the bundle, which may be tested. None of these BABs will be removed.
bundle | |
key |
Definition at line 53 of file BundleAuthenticationBlock.cpp.
Referenced by strip(), and dtn::security::SecurityManager::verifyBAB().
void dtn::security::BundleAuthenticationBlock::verify | ( | const dtn::data::Bundle & | bundle, |
const dtn::security::SecurityKey & | key, | ||
u_int64_t & | correlator | ||
) | throw (ibrcommon::Exception) [static, protected] |
Tries to verify the bundle using the given key. If a BAB-pair is found, which contains a valid hash corresponding to the key, the first value of the returned pair is true and the second contains the correlator. otherwise the first value is false and the second undefined.
bundle | bundle which shall be verified |
key | the key for testing |
Definition at line 96 of file BundleAuthenticationBlock.cpp.
References dtn::security::SecurityBlock::_ciphersuite_flags, dtn::security::SecurityBlock::_ciphersuite_id, dtn::security::SecurityBlock::_correlator, dtn::security::SecurityBlock::_security_result, dtn::security::SecurityBlock::BAB_HMAC, dtn::security::SecurityBlock::TLVList::get(), IBRCOMMON_LOGGER_DEBUG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityBlock::integrity_signature, and dtn::security::SecurityBlock::isSecuritySource().
friend class dtn::data::Bundle [friend] |
This class is allowed to call the parameterless contructor.
Definition at line 28 of file BundleAuthenticationBlock.h.
const char dtn::security::BundleAuthenticationBlock::BLOCK_TYPE = SecurityBlock::BUNDLE_AUTHENTICATION_BLOCK [static] |
The block type of this class.
Definition at line 39 of file BundleAuthenticationBlock.h.