#include <BundleAuthenticationBlock.h>
Classes | |
| class | Factory |
Public Member Functions | |
| virtual | ~BundleAuthenticationBlock () |
Static Public Member Functions | |
| static void | auth (dtn::data::Bundle &bundle, const dtn::security::SecurityKey &key) |
| static void | verify (const dtn::data::Bundle &bundle, const dtn::security::SecurityKey &key) throw (ibrcommon::Exception) |
| static void | strip (dtn::data::Bundle &bundle, const dtn::security::SecurityKey &key) |
| static void | strip (dtn::data::Bundle &bundle) |
Static Public Attributes | |
| static const char | BLOCK_TYPE = SecurityBlock::BUNDLE_AUTHENTICATION_BLOCK |
Protected Member Functions | |
| BundleAuthenticationBlock () | |
| virtual size_t | getSecurityResultSize () const |
Static Protected Member Functions | |
| static std::string | calcMAC (const dtn::data::Bundle &bundle, const dtn::security::SecurityKey &key, const bool with_correlator=false, const u_int64_t correlator=0) |
| static void | verify (const dtn::data::Bundle &bundle, const dtn::security::SecurityKey &key, u_int64_t &correlator) throw (ibrcommon::Exception) |
Friends | |
| class | dtn::data::Bundle |
Detailed Description
Calculates the HMAC (Hashed Message Authentication Code) for P2P connections of security aware nodes. You can instantiate a factory of this class, which will be given keys and EIDs of the corresponding nodes.
You can use addMAC() to add BundleAuthenticationBlock pairs for each given key to the bundle. If you have received a Bundle you can verify it by using the method verify() and then remove all BundleAuthenticationBlocks by using removeAllBundleAuthenticationBlocks() from the bundle.
Definition at line 23 of file BundleAuthenticationBlock.h.
Constructor & Destructor Documentation
Deletes all keys, which were used for calculating the MACs
Definition at line 27 of file BundleAuthenticationBlock.cpp.
Creates an empty BundleAuthenticationBlock. This BAB is meant to be inserted into a bundle, by a factory. Because the instantiation will be done by the bundle instance for memory management, this method will be called be the bundle. The ciphersuite id is set to BAB_HMAC.
Definition at line 22 of file BundleAuthenticationBlock.cpp.
Referenced by dtn::security::BundleAuthenticationBlock::Factory::create().
Member Function Documentation
| void dtn::security::BundleAuthenticationBlock::auth | ( | dtn::data::Bundle & | bundle, |
| const dtn::security::SecurityKey & | key | ||
| ) | [static] |
authenticate a given bundle
- Parameters:
-
bundle key
Definition at line 31 of file BundleAuthenticationBlock.cpp.
References dtn::security::SecurityBlock::_ciphersuite_flags, dtn::security::SecurityBlock::_security_result, dtn::data::PrimaryBlock::_source, dtn::security::SecurityBlock::BAB_HMAC, calcMAC(), dtn::security::SecurityBlock::CONTAINS_SECURITY_RESULT, dtn::security::SecurityBlock::createCorrelatorValue(), dtn::data::Block::DISCARD_IF_NOT_PROCESSED, dtn::data::EID::getNode(), dtn::security::SecurityBlock::integrity_signature, dtn::data::Bundle::push_back(), dtn::data::Bundle::push_front(), dtn::security::SecurityKey::reference, dtn::data::Block::set(), dtn::security::SecurityBlock::TLVList::set(), dtn::security::SecurityBlock::setCiphersuiteId(), dtn::security::SecurityBlock::setCorrelator(), and dtn::security::SecurityBlock::setSecuritySource().
Referenced by dtn::security::SecurityManager::auth().
| std::string dtn::security::BundleAuthenticationBlock::calcMAC | ( | const dtn::data::Bundle & | bundle, |
| const dtn::security::SecurityKey & | key, | ||
| const bool | with_correlator = false, |
||
| const u_int64_t | correlator = 0 |
||
| ) | [static, protected] |
Creates the MAC of a given bundle using the BAB_HMAC algorithm. If a correlator is given the MAC is created for the primary block and the part of the bundle between the two BABs with the correlator.
- Parameters:
-
bundle bundle of which the MAC shall be calculated key the key to be used for creating the MAC key_size the size of the key with_correlator tells if a correlator shall be used correlator the correlator which shall be used
- Returns:
- a string containing the MAC
Definition at line 143 of file BundleAuthenticationBlock.cpp.
References dtn::security::SecurityBlock::BUNDLE_AUTHENTICATION_BLOCK, ibrcommon::HashStream::extract(), and dtn::security::SecurityKey::getData().
Referenced by auth().
| size_t dtn::security::BundleAuthenticationBlock::getSecurityResultSize | ( | ) | const [protected, virtual] |
Returns the size of the security result field. This is used for strict canonicalisation, where the block itself is included to the canonical form, but the security result is excluded or unknown.
Reimplemented from dtn::security::SecurityBlock.
Definition at line 154 of file BundleAuthenticationBlock.cpp.
References dtn::security::SecurityBlock::getLength().
| void dtn::security::BundleAuthenticationBlock::strip | ( | dtn::data::Bundle & | bundle, |
| const dtn::security::SecurityKey & | key | ||
| ) | [static] |
strips verified BABs off the bundle
- Parameters:
-
bundle the bundle, which shall be cleaned from babs key
Definition at line 62 of file BundleAuthenticationBlock.cpp.
References dtn::security::SecurityBlock::_ciphersuite_flags, dtn::security::SecurityBlock::_correlator, dtn::security::SecurityBlock::CONTAINS_CORRELATOR, dtn::data::Bundle::getBlocks(), dtn::data::Bundle::remove(), and verify().
Referenced by dtn::security::SecurityManager::verifyBAB().
| void dtn::security::BundleAuthenticationBlock::strip | ( | dtn::data::Bundle & | bundle | ) | [static] |
strip all BABs off the bundle
- Parameters:
-
bundle the bundle, which shall be cleaned from babs
Definition at line 85 of file BundleAuthenticationBlock.cpp.
References dtn::data::Bundle::getBlocks(), and dtn::data::Bundle::remove().
| void dtn::security::BundleAuthenticationBlock::verify | ( | const dtn::data::Bundle & | bundle, |
| const dtn::security::SecurityKey & | key | ||
| ) | throw (ibrcommon::Exception) [static] |
Tests if the bundles MAC is correct. There might be multiple BABs inside the bundle, which may be tested. None of these BABs will be removed.
- Parameters:
-
bundle key
Definition at line 53 of file BundleAuthenticationBlock.cpp.
Referenced by strip(), and dtn::security::SecurityManager::verifyBAB().
| void dtn::security::BundleAuthenticationBlock::verify | ( | const dtn::data::Bundle & | bundle, |
| const dtn::security::SecurityKey & | key, | ||
| u_int64_t & | correlator | ||
| ) | throw (ibrcommon::Exception) [static, protected] |
Tries to verify the bundle using the given key. If a BAB-pair is found, which contains a valid hash corresponding to the key, the first value of the returned pair is true and the second contains the correlator. otherwise the first value is false and the second undefined.
- Parameters:
-
bundle bundle which shall be verified key the key for testing
- Returns:
- first is true if the key matched and second is the correlator of the matching pair. otherwise the first is false, if there was no matching
Definition at line 96 of file BundleAuthenticationBlock.cpp.
References dtn::security::SecurityBlock::_ciphersuite_flags, dtn::security::SecurityBlock::_ciphersuite_id, dtn::security::SecurityBlock::_correlator, dtn::security::SecurityBlock::_security_result, dtn::security::SecurityBlock::BAB_HMAC, dtn::security::SecurityBlock::TLVList::get(), IBRCOMMON_LOGGER_DEBUG, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityBlock::integrity_signature, and dtn::security::SecurityBlock::isSecuritySource().
Friends And Related Function Documentation
friend class dtn::data::Bundle [friend] |
This class is allowed to call the parameterless contructor.
Definition at line 28 of file BundleAuthenticationBlock.h.
Member Data Documentation
const char dtn::security::BundleAuthenticationBlock::BLOCK_TYPE = SecurityBlock::BUNDLE_AUTHENTICATION_BLOCK [static] |
The block type of this class.
Definition at line 39 of file BundleAuthenticationBlock.h.
The documentation for this class was generated from the following files:
- ibrdtn/ibrdtn/security/BundleAuthenticationBlock.h
- ibrdtn/ibrdtn/security/BundleAuthenticationBlock.cpp
