Documentation
¶
Overview ¶
Package spao implements the logic needed to provide support for the SCION Packet Authenticator Option defined on: https://docs.scion.org/en/latest/protocols/authenticator-option.html
It provides support for the MAC and the timestamp computations used when utilizing the SPAO header.
Index ¶
Constants ¶
const ( // MACBufferSize sets an upperBound to the authenticated data // length (excluding the payload). This is: // 1. Authenticator Option Meta // 2. SCION Common Header // 3. SCION Address Header // 4. Path // (see https://docs.scion.org/en/latest/protocols/authenticator-option.html#authenticated-data) // We round this up to 12B (authenticator option meta) + 1020B (max SCION header length) // To adapt to any possible path types. MACBufferSize = 1032 )
Variables ¶
This section is empty.
Functions ¶
func AbsoluteTimestamp ¶
AbsoluteTimestamp returns the absolute timestamp (AbsTime) based on the relTime (Timestamp / Sequence Number field in SPAO header) and the DRKey information.
func ComputeAuthCMAC ¶
ComputeAuthCMAC computes the authenticator tag for the AES-CMAC algorithm. The key should correspond to the SPI defined in opt.SPI. The SCION layer, payload type and payload define the input to the MAC, as defined in https://docs.scion.org/en/latest/protocols/authenticator-option.html#authenticated-data.
The aux buffer is used as a temporary buffer for the MAC computation. It must be at least MACBufferSize long. The resulting MAC is written to outBuffer (appending, if necessary), and returned as a slice of length 16.
Types ¶
type MACInput ¶
type MACInput struct {
Key []byte
Header slayers.PacketAuthOption
ScionLayer *slayers.SCION
PldType slayers.L4ProtocolType
Pld []byte
}
Source Files