IBR-DTNSuite
0.8
|
#include <PayloadConfidentialBlock.h>
Classes | |
class | Factory |
Public Member Functions | |
virtual | ~PayloadConfidentialBlock () |
Static Public Member Functions | |
static void | encrypt (dtn::data::Bundle &bundle, const dtn::security::SecurityKey &long_key, const dtn::data::EID &source) |
static void | decrypt (dtn::data::Bundle &bundle, const dtn::security::SecurityKey &long_key) |
Static Public Attributes | |
static const char | BLOCK_TYPE = SecurityBlock::PAYLOAD_CONFIDENTIAL_BLOCK |
Protected Member Functions | |
PayloadConfidentialBlock () | |
Static Protected Member Functions | |
static bool | decryptPayload (dtn::data::Bundle &bundle, const unsigned char ephemeral_key[ibrcommon::AES128Stream::key_size_in_bytes], const u_int32_t salt) |
Friends | |
class | dtn::data::Bundle |
The PayloadConfidentialBlock encrypts the payload, PayloadConfidentialBlocks, which are already there and PayloadIntegrityBlocks, which are already there. Payload Confidential or Integrity Blocks are encrypted because they can contain e.g. signatures which make guessing the plaintext easier. You can instantiate a factory, which will take care of everything. The factory can be given a rsa key and the corresponding node. You may wish to add more keys using addDestination(), so one or more nodes are able to recover the payload. For each destination a PayloadConfidentialBlock is placed in the bundle, when calling encrypt(). Be sure, that no other PayloadConfidentialBlocks or PayloadIntegrityBlocks are inside this bundle if using encryption with more than one key.
Definition at line 25 of file PayloadConfidentialBlock.h.
does nothing
Definition at line 32 of file PayloadConfidentialBlock.cpp.
Creates an empty PayloadConfidentialBlock. With ciphersuite_id set to PCB_RSA_AES128_PAYLOAD_PIB_PCB
Definition at line 27 of file PayloadConfidentialBlock.cpp.
Referenced by dtn::security::PayloadConfidentialBlock::Factory::create().
void dtn::security::PayloadConfidentialBlock::decrypt | ( | dtn::data::Bundle & | bundle, |
const dtn::security::SecurityKey & | long_key | ||
) | [static] |
Decrypts the Payload inside this Bundle. All correlated Blocks, which are found, will be decrypted, too, placed at the position, where their PayloadConfidentialBlock was, which contained them. After a matching PayloadConfidentialBlock with key information is searched by looking after the security destination. If the payload has been decrypted successfully, the correlated blocks will be decrypted. If one block fails to decrypt, it will be deleted.
bundle | the bundle with the to be decrypted payload |
Definition at line 124 of file PayloadConfidentialBlock.cpp.
References dtn::security::SecurityBlock::_ciphersuite_flags, dtn::security::SecurityBlock::_ciphersuite_id, dtn::security::SecurityBlock::_ciphersuite_params, dtn::security::SecurityBlock::_correlator, dtn::security::SecurityBlock::CONTAINS_CORRELATOR, dtn::security::SecurityBlock::decryptBlock(), decryptPayload(), dtn::security::SecurityKey::free(), dtn::data::Bundle::getBlocks(), dtn::security::SecurityBlock::getKey(), dtn::security::SecurityKey::getRSA(), dtn::security::SecurityBlock::getSalt(), IBRCOMMON_LOGGER, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityBlock::isSecurityDestination(), ibrcommon::AES128Stream::key_size_in_bytes, dtn::security::SecurityBlock::PCB_RSA_AES128_PAYLOAD_PIB_PCB, dtn::security::SecurityKey::reference, dtn::data::Bundle::remove(), and dtn::security::SecurityBlock::salt.
Referenced by dtn::security::SecurityManager::decrypt(), and decryptPayload().
bool dtn::security::PayloadConfidentialBlock::decryptPayload | ( | dtn::data::Bundle & | bundle, |
const unsigned char | ephemeral_key[ibrcommon::AES128Stream::key_size_in_bytes], | ||
const u_int32_t | salt | ||
) | [static, protected] |
Decrypts the payload using the ephemeral_key and salt.
bundle | the payload containing bundle |
ephemeral_key | the AES key |
salt | the salt |
Definition at line 236 of file PayloadConfidentialBlock.cpp.
References dtn::security::SecurityBlock::_ciphersuite_params, dtn::security::SecurityBlock::_security_result, ibrcommon::CipherStream::CIPHER_DECRYPT, decrypt(), dtn::security::SecurityBlock::TLVList::get(), dtn::data::Bundle::getBlock(), IBRCOMMON_LOGGER, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityBlock::initialization_vector, ibrcommon::BLOB::Reference::iostream(), ibrcommon::AES128Stream::iv_len, dtn::security::SecurityBlock::PCB_integrity_check_value, ibrcommon::AES128Stream::tag_len, and ibrcommon::AES128Stream::verify().
Referenced by decrypt().
void dtn::security::PayloadConfidentialBlock::encrypt | ( | dtn::data::Bundle & | bundle, |
const dtn::security::SecurityKey & | long_key, | ||
const dtn::data::EID & | source | ||
) | [static] |
Encrypts the Payload inside this Bundle. If PIBs or PCBs are found, they will be encrypted, too, with a correlator set. The encrypted blocks will be each placed inside a PayloadConfidentialBlock, which will be inserted at the same place, except for the payload, which be encrypted in place.
bundle | the bundle with the to be encrypted payload |
Definition at line 36 of file PayloadConfidentialBlock.cpp.
References dtn::data::PrimaryBlock::_destination, dtn::data::PrimaryBlock::_fragmentoffset, dtn::data::PrimaryBlock::_source, dtn::security::SecurityBlock::addFragmentRange(), dtn::security::SecurityBlock::addKey(), dtn::security::SecurityBlock::addSalt(), ibrcommon::CipherStream::CIPHER_ENCRYPT, dtn::security::SecurityBlock::CONTAINS_CIPHERSUITE_PARAMS, dtn::security::SecurityBlock::CONTAINS_SECURITY_RESULT, dtn::security::SecurityBlock::createCorrelatorValue(), dtn::security::SecurityBlock::createSaltAndKey(), dtn::data::PrimaryBlock::FRAGMENT, dtn::security::SecurityKey::free(), dtn::data::PrimaryBlock::get(), dtn::data::PayloadBlock::getBLOB(), dtn::data::Bundle::getBlock(), dtn::data::Bundle::getBlocks(), ibrcommon::AES128Stream::getIV(), dtn::data::EID::getNode(), dtn::security::SecurityKey::getRSA(), ibrcommon::AES128Stream::getTag(), dtn::security::SecurityBlock::initialization_vector, ibrcommon::BLOB::iostream::iostream(), ibrcommon::AES128Stream::iv_len, ibrcommon::AES128Stream::key_size_in_bytes, dtn::security::SecurityBlock::PCB_integrity_check_value, dtn::data::Bundle::push_front(), dtn::security::SecurityKey::reference, dtn::data::Block::REPLICATE_IN_EVERY_FRAGMENT, dtn::security::SecurityBlock::salt, dtn::security::SecurityBlock::setCorrelator(), ibrcommon::BLOB::iostream::size(), and ibrcommon::AES128Stream::tag_len.
Referenced by dtn::security::SecurityManager::encrypt().
friend class dtn::data::Bundle [friend] |
This class is allowed to call the parameterless contructor and the constructor with a bundle as argument.
Definition at line 31 of file PayloadConfidentialBlock.h.
const char dtn::security::PayloadConfidentialBlock::BLOCK_TYPE = SecurityBlock::PAYLOAD_CONFIDENTIAL_BLOCK [static] |
The block type of this class.
Definition at line 42 of file PayloadConfidentialBlock.h.
Referenced by dtn::core::BundleCore::processBlocks().