#include <PayloadIntegrityBlock.h>

Inheritance diagram for dtn::security::PayloadIntegrityBlock:

Collaboration diagram for dtn::security::PayloadIntegrityBlock:

Classes
class	Factory
Public Member Functions
virtual	~PayloadIntegrityBlock ()
virtual std::istream &	deserialize (std::istream &stream, const size_t length)
Static Public Member Functions
static void	sign (dtn::data::Bundle &bundle, const SecurityKey &key, const dtn::data::EID &destination)
static void	verify (const dtn::data::Bundle &bundle, const SecurityKey &key)
static void	strip (dtn::data::Bundle &bundle, const SecurityKey &key, const bool all=false)
static void	strip (dtn::data::Bundle &bundle)
Static Public Attributes
static const char	BLOCK_TYPE = SecurityBlock::PAYLOAD_INTEGRITY_BLOCK
Protected Member Functions
	PayloadIntegrityBlock ()
virtual size_t	getSecurityResultSize () const
Friends
class	dtn::data::Bundle

Detailed Description

Signs bundles for connections of security aware nodes. A factory with a rsa key can be created for signing or verifieing the bundle. From the bundle the primary block, the payload block, PayloadIntegrityBlock and the PayloadConfidentialBlock will be covered by the signature.
A sign can be added using the addHash()-Method. Verification can be done via one of the verify()-Methods.

Definition at line 22 of file PayloadIntegrityBlock.h.

Constructor & Destructor Documentation

dtn::security::PayloadIntegrityBlock::~PayloadIntegrityBlock ( ) [virtual]

frees the internal PKEY object, without deleting the rsa object given in the constructor

Definition at line 28 of file PayloadIntegrityBlock.cpp.

dtn::security::PayloadIntegrityBlock::PayloadIntegrityBlock ( ) [protected]

Constructs an empty PayloadIntegrityBlock in order for adding it to a bundle and sets its ciphersuite id to PIB_RSA_SHA256.

Definition at line 23 of file PayloadIntegrityBlock.cpp.

Referenced by dtn::security::PayloadIntegrityBlock::Factory::create().

Member Function Documentation

std::istream & dtn::security::PayloadIntegrityBlock::deserialize	(	std::istream &	stream,
		const size_t	length
	)		`[virtual]`

Parses the PayloadIntegrityBlock from a Stream

Parameters:

stream the stream to read from

Reimplemented from dtn::security::SecurityBlock.

Definition at line 205 of file PayloadIntegrityBlock.cpp.

References dtn::security::SecurityBlock::_security_result, and dtn::security::SecurityBlock::TLVList::getLength().

Here is the call graph for this function:

size_t dtn::security::PayloadIntegrityBlock::getSecurityResultSize ( ) const [protected, virtual]

Returns the size of the security result field. This is used for strict canonicalisation, where the block itself is included to the canonical form, but the security result is excluded or unknown.

Reimplemented from dtn::security::SecurityBlock.

Definition at line 32 of file PayloadIntegrityBlock.cpp.

void dtn::security::PayloadIntegrityBlock::sign	(	dtn::data::Bundle &	bundle,
		const SecurityKey &	key,
		const dtn::data::EID &	destination
	)		`[static]`

Takes a bundle and adds a PayloadIntegrityBlock to it using the key given in the constructor after the primary block.

Parameters:

bundle the bundle to be hashed and signed

Definition at line 42 of file PayloadIntegrityBlock.cpp.

References dtn::security::SecurityBlock::_ciphersuite_flags, dtn::security::SecurityBlock::_ciphersuite_params, dtn::data::PrimaryBlock::_destination, dtn::data::PrimaryBlock::_fragmentoffset, dtn::security::SecurityBlock::_security_result, dtn::data::PrimaryBlock::_source, dtn::security::SecurityBlock::addFragmentRange(), dtn::security::SecurityBlock::CONTAINS_SECURITY_RESULT, dtn::data::PrimaryBlock::FRAGMENT, dtn::data::PrimaryBlock::get(), dtn::data::PayloadBlock::getBLOB(), dtn::data::Bundle::getBlock(), dtn::data::EID::getNode(), dtn::security::SecurityBlock::integrity_signature, ibrcommon::BLOB::iostream::iostream(), dtn::security::SecurityBlock::PIB_RSA_SHA256, dtn::data::Bundle::push_front(), dtn::security::SecurityKey::reference, dtn::data::Block::REPLICATE_IN_EVERY_FRAGMENT, dtn::data::Block::set(), dtn::security::SecurityBlock::TLVList::set(), dtn::security::SecurityBlock::setCiphersuiteId(), dtn::security::SecurityBlock::setSecurityDestination(), dtn::security::SecurityBlock::setSecuritySource(), and ibrcommon::BLOB::iostream::size().

Referenced by dtn::security::SecurityManager::sign().

Here is the call graph for this function:

void dtn::security::PayloadIntegrityBlock::strip	(	dtn::data::Bundle &	bundle,
		const SecurityKey &	key,
		const bool	all = `false`
	)		`[static]`

Seeks for a valid PIB in the stack and removes all blocks above and the PIB block itself.

Parameters:

bundle the bundle to be tested

Returns:: the number of removed blocks

Definition at line 161 of file PayloadIntegrityBlock.cpp.

References dtn::data::Bundle::getBlocks(), dtn::data::Bundle::remove(), and verify().

Referenced by dtn::security::SecurityManager::verifyPIB().

Here is the call graph for this function:

void dtn::security::PayloadIntegrityBlock::strip ( dtn::data::Bundle & bundle ) [static]

Removes all PayloadIntegrityBlocks from a bundle

Parameters:

bundle the bundle, which shall be cleaned from pibs

Definition at line 196 of file PayloadIntegrityBlock.cpp.

References dtn::data::Bundle::getBlocks(), and dtn::data::Bundle::remove().

Here is the call graph for this function:

void dtn::security::PayloadIntegrityBlock::verify	(	const dtn::data::Bundle &	bundle,
		const SecurityKey &	key
	)		`[static]`

Tests if the bundles signatures is correct. There might be multiple PIBs inside the bundle, which may be tested and the result will be 1 if one matches.

Parameters:

bundle the bundle to be checked