IBR-DTNSuite  0.8
Classes | Public Member Functions | Static Public Member Functions | Static Public Attributes | Protected Member Functions | Static Protected Member Functions | Friends
dtn::security::PayloadConfidentialBlock Class Reference

#include <PayloadConfidentialBlock.h>

Inheritance diagram for dtn::security::PayloadConfidentialBlock:
Inheritance graph
[legend]
Collaboration diagram for dtn::security::PayloadConfidentialBlock:
Collaboration graph
[legend]

List of all members.

Classes

class  Factory

Public Member Functions

virtual ~PayloadConfidentialBlock ()

Static Public Member Functions

static void encrypt (dtn::data::Bundle &bundle, const dtn::security::SecurityKey &long_key, const dtn::data::EID &source)
static void decrypt (dtn::data::Bundle &bundle, const dtn::security::SecurityKey &long_key)

Static Public Attributes

static const char BLOCK_TYPE = SecurityBlock::PAYLOAD_CONFIDENTIAL_BLOCK

Protected Member Functions

 PayloadConfidentialBlock ()

Static Protected Member Functions

static bool decryptPayload (dtn::data::Bundle &bundle, const unsigned char ephemeral_key[ibrcommon::AES128Stream::key_size_in_bytes], const u_int32_t salt)

Friends

class dtn::data::Bundle

Detailed Description

The PayloadConfidentialBlock encrypts the payload, PayloadConfidentialBlocks, which are already there and PayloadIntegrityBlocks, which are already there. Payload Confidential or Integrity Blocks are encrypted because they can contain e.g. signatures which make guessing the plaintext easier. You can instantiate a factory, which will take care of everything. The factory can be given a rsa key and the corresponding node. You may wish to add more keys using addDestination(), so one or more nodes are able to recover the payload. For each destination a PayloadConfidentialBlock is placed in the bundle, when calling encrypt(). Be sure, that no other PayloadConfidentialBlocks or PayloadIntegrityBlocks are inside this bundle if using encryption with more than one key.

Definition at line 25 of file PayloadConfidentialBlock.h.

Constructor & Destructor Documentation

dtn::security::PayloadConfidentialBlock::~PayloadConfidentialBlock ( ) [virtual]

does nothing

Definition at line 32 of file PayloadConfidentialBlock.cpp.

dtn::security::PayloadConfidentialBlock::PayloadConfidentialBlock ( ) [protected]

Creates an empty PayloadConfidentialBlock. With ciphersuite_id set to PCB_RSA_AES128_PAYLOAD_PIB_PCB

Definition at line 27 of file PayloadConfidentialBlock.cpp.

Referenced by dtn::security::PayloadConfidentialBlock::Factory::create().

Member Function Documentation

void dtn::security::PayloadConfidentialBlock::decrypt ( dtn::data::Bundle bundle,
const dtn::security::SecurityKey long_key 
) [static]

Decrypts the Payload inside this Bundle. All correlated Blocks, which are found, will be decrypted, too, placed at the position, where their PayloadConfidentialBlock was, which contained them. After a matching PayloadConfidentialBlock with key information is searched by looking after the security destination. If the payload has been decrypted successfully, the correlated blocks will be decrypted. If one block fails to decrypt, it will be deleted.

Parameters:
bundlethe bundle with the to be decrypted payload
Returns:
true if decryption has been successfull, false otherwise

Definition at line 124 of file PayloadConfidentialBlock.cpp.

References dtn::security::SecurityBlock::_ciphersuite_flags, dtn::security::SecurityBlock::_ciphersuite_id, dtn::security::SecurityBlock::_ciphersuite_params, dtn::security::SecurityBlock::_correlator, dtn::security::SecurityBlock::CONTAINS_CORRELATOR, dtn::security::SecurityBlock::decryptBlock(), decryptPayload(), dtn::security::SecurityKey::free(), dtn::data::Bundle::getBlocks(), dtn::security::SecurityBlock::getKey(), dtn::security::SecurityKey::getRSA(), dtn::security::SecurityBlock::getSalt(), IBRCOMMON_LOGGER, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityBlock::isSecurityDestination(), ibrcommon::AES128Stream::key_size_in_bytes, dtn::security::SecurityBlock::PCB_RSA_AES128_PAYLOAD_PIB_PCB, dtn::security::SecurityKey::reference, dtn::data::Bundle::remove(), and dtn::security::SecurityBlock::salt.

Referenced by dtn::security::SecurityManager::decrypt(), and decryptPayload().

Here is the call graph for this function:

bool dtn::security::PayloadConfidentialBlock::decryptPayload ( dtn::data::Bundle bundle,
const unsigned char  ephemeral_key[ibrcommon::AES128Stream::key_size_in_bytes],
const u_int32_t  salt 
) [static, protected]

Decrypts the payload using the ephemeral_key and salt.

Parameters:
bundlethe payload containing bundle
ephemeral_keythe AES key
saltthe salt
Returns:
true if tag verification succeeded, false otherwise

Definition at line 236 of file PayloadConfidentialBlock.cpp.

References dtn::security::SecurityBlock::_ciphersuite_params, dtn::security::SecurityBlock::_security_result, ibrcommon::CipherStream::CIPHER_DECRYPT, decrypt(), dtn::security::SecurityBlock::TLVList::get(), dtn::data::Bundle::getBlock(), IBRCOMMON_LOGGER, IBRCOMMON_LOGGER_ENDL, dtn::security::SecurityBlock::initialization_vector, ibrcommon::BLOB::Reference::iostream(), ibrcommon::AES128Stream::iv_len, dtn::security::SecurityBlock::PCB_integrity_check_value, ibrcommon::AES128Stream::tag_len, and ibrcommon::AES128Stream::verify().

Referenced by decrypt().

Here is the call graph for this function:

void dtn::security::PayloadConfidentialBlock::encrypt ( dtn::data::Bundle bundle,
const dtn::security::SecurityKey long_key,
const dtn::data::EID source 
) [static]

Encrypts the Payload inside this Bundle. If PIBs or PCBs are found, they will be encrypted, too, with a correlator set. The encrypted blocks will be each placed inside a PayloadConfidentialBlock, which will be inserted at the same place, except for the payload, which be encrypted in place.

Parameters:
bundlethe bundle with the to be encrypted payload

Definition at line 36 of file PayloadConfidentialBlock.cpp.

References dtn::data::PrimaryBlock::_destination, dtn::data::PrimaryBlock::_fragmentoffset, dtn::data::PrimaryBlock::_source, dtn::security::SecurityBlock::addFragmentRange(), dtn::security::SecurityBlock::addKey(), dtn::security::SecurityBlock::addSalt(), ibrcommon::CipherStream::CIPHER_ENCRYPT, dtn::security::SecurityBlock::CONTAINS_CIPHERSUITE_PARAMS, dtn::security::SecurityBlock::CONTAINS_SECURITY_RESULT, dtn::security::SecurityBlock::createCorrelatorValue(), dtn::security::SecurityBlock::createSaltAndKey(), dtn::data::PrimaryBlock::FRAGMENT, dtn::security::SecurityKey::free(), dtn::data::PrimaryBlock::get(), dtn::data::PayloadBlock::getBLOB(), dtn::data::Bundle::getBlock(), dtn::data::Bundle::getBlocks(), ibrcommon::AES128Stream::getIV(), dtn::data::EID::getNode(), dtn::security::SecurityKey::getRSA(), ibrcommon::AES128Stream::getTag(), dtn::security::SecurityBlock::initialization_vector, ibrcommon::BLOB::iostream::iostream(), ibrcommon::AES128Stream::iv_len, ibrcommon::AES128Stream::key_size_in_bytes, dtn::security::SecurityBlock::PCB_integrity_check_value, dtn::data::Bundle::push_front(), dtn::security::SecurityKey::reference, dtn::data::Block::REPLICATE_IN_EVERY_FRAGMENT, dtn::security::SecurityBlock::salt, dtn::security::SecurityBlock::setCorrelator(), ibrcommon::BLOB::iostream::size(), and ibrcommon::AES128Stream::tag_len.

Referenced by dtn::security::SecurityManager::encrypt().

Here is the call graph for this function:

Friends And Related Function Documentation

friend class dtn::data::Bundle [friend]

This class is allowed to call the parameterless contructor and the constructor with a bundle as argument.

Definition at line 31 of file PayloadConfidentialBlock.h.

Member Data Documentation

const char dtn::security::PayloadConfidentialBlock::BLOCK_TYPE = SecurityBlock::PAYLOAD_CONFIDENTIAL_BLOCK [static]

The block type of this class.

Definition at line 42 of file PayloadConfidentialBlock.h.

Referenced by dtn::core::BundleCore::processBlocks().

The documentation for this class was generated from the following files: