epic

package
v0.11.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 14, 2024 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package epic contains methods for the creation and verification of the EPIC packet timestamp and validation fields.

Index

Constants

View Source
const (
	// AuthLen denotes the size of the authenticator in bytes
	AuthLen = 16
	// MaxPacketLifetime denotes the maximal lifetime of a packet
	MaxPacketLifetime time.Duration = 2 * time.Second
	// MaxClockSkew denotes the maximal clock skew
	MaxClockSkew time.Duration = time.Second
	// TimestampResolution denotes the resolution of the epic timestamp
	TimestampResolution = 21 * time.Microsecond
	// MACBufferSize denotes the buffer size of the CBC input and output.
	MACBufferSize = 48
)

Variables

This section is empty.

Functions

func CalcMac

func CalcMac(auth []byte, pktID epic.PktID, s *slayers.SCION,
	timestamp uint32, buffer []byte) ([]byte, error)

CalcMac derives the EPIC MAC (PHVF/LHVF) given the full 16 bytes of the SCION path type MAC (auth), the EPIC packet ID (pktID), the timestamp in the Info Field (timestamp), and the SCION common/address header (s). If the same buffer is provided in subsequent calls to this function, the previously returned EPIC MAC may get overwritten. Only the most recently returned EPIC MAC is guaranteed to be valid.

func CoreFromPktCounter

func CoreFromPktCounter(counter uint32) (uint8, uint32)

CoreFromPktCounter reads the core ID and the core counter from a counter belonging to a packet identifier.

func CreateTimestamp

func CreateTimestamp(input time.Time, now time.Time) (uint32, error)

CreateTimestamp returns the epic timestamp, which encodes the current time (now) relative to the input timestamp. The input timestamp must not be in the future (compared to the current time), otherwise an error is returned. An error is also returned if the current time is more than 1 day and 63 minutes after the input timestamp.

func PktCounterFromCore

func PktCounterFromCore(coreID uint8, coreCounter uint32) uint32

PktCounterFromCore creates a counter for the packet identifier based on the core ID and the core counter.

func VerifyHVF

func VerifyHVF(auth []byte, pktID epic.PktID, s *slayers.SCION,
	timestamp uint32, hvf []byte, buffer []byte) error

VerifyHVF verifies the correctness of the HVF (PHVF or the LHVF) field in the EPIC packet by recalculating and comparing it. If the EPIC authenticator (auth), which denotes the full 16 bytes of the SCION path type MAC, has invalid length, or if the MAC calculation gives an error, also VerifyHVF returns an error. The verification was successful if and only if VerifyHVF returns nil.

func VerifyTimestamp

func VerifyTimestamp(timestamp time.Time, epicTS uint32, now time.Time) error

VerifyTimestamp checks whether an EPIC packet is fresh. This means that the time the packet was sent from the source host, which is encoded by the timestamp and the epicTimestamp, does not date back more than the maximal packet lifetime of two seconds. The function also takes a possible clock drift between the packet source and the verifier of up to one second into account.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL