diff options
author | Christian Grothoff <christian@grothoff.org> | 2019-04-16 19:57:15 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2019-04-16 19:57:15 +0200 |
commit | 3266ea560ea1b243810dce4d46ee2889da7b4f6c (patch) | |
tree | 555ce759adf099350f89fd520f11d04161e8df1c | |
parent | cb169441f0ed127dd07e2c6f98436dcd0ece8f61 (diff) | |
download | gnunet-3266ea560ea1b243810dce4d46ee2889da7b4f6c.tar.gz gnunet-3266ea560ea1b243810dce4d46ee2889da7b4f6c.zip |
implement backchannel encryption/decryption
-rw-r--r-- | configure.ac | 4 | ||||
-rw-r--r-- | po/POTFILES.in | 114 | ||||
-rw-r--r-- | src/include/gnunet_crypto_lib.h | 20 | ||||
-rw-r--r-- | src/transport/Makefile.am | 1 | ||||
-rw-r--r-- | src/transport/gnunet-communicator-tcp.c | 10 | ||||
-rw-r--r-- | src/transport/gnunet-service-tng.c | 68 | ||||
-rw-r--r-- | src/util/crypto_random.c | 39 |
7 files changed, 169 insertions, 87 deletions
diff --git a/configure.ac b/configure.ac index b30141564..3439a6d6f 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -212,6 +212,10 @@ AC_UNALIGNED_64_ACCESS | |||
212 | AC_SEARCH_LIBS([gethostbyname], [nsl ws2_32]) | 212 | AC_SEARCH_LIBS([gethostbyname], [nsl ws2_32]) |
213 | AC_SEARCH_LIBS([memrchr], [], | 213 | AC_SEARCH_LIBS([memrchr], [], |
214 | AC_DEFINE(HAVE_MEMRCHR,1,[memrchr supported]), []) | 214 | AC_DEFINE(HAVE_MEMRCHR,1,[memrchr supported]), []) |
215 | AC_SEARCH_LIBS([memset_s], [], | ||
216 | AC_DEFINE(HAVE_MEMSET_S,1,[memset_s supported]), []) | ||
217 | AC_SEARCH_LIBS([memset_s], [], | ||
218 | AC_DEFINE(HAVE_EXPLICIT_BZERO,1,[explicit_bzero supported]), []) | ||
215 | AC_CHECK_LIB(socket, socket) | 219 | AC_CHECK_LIB(socket, socket) |
216 | AC_CHECK_LIB(m, log) | 220 | AC_CHECK_LIB(m, log) |
217 | AC_CHECK_LIB(c, getloadavg, AC_DEFINE(HAVE_GETLOADAVG,1,[getloadavg supported])) | 221 | AC_CHECK_LIB(c, getloadavg, AC_DEFINE(HAVE_GETLOADAVG,1,[getloadavg supported])) |
diff --git a/po/POTFILES.in b/po/POTFILES.in index f9000c654..f37590613 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in | |||
@@ -4,14 +4,6 @@ src/arm/arm_monitor_api.c | |||
4 | src/arm/gnunet-arm.c | 4 | src/arm/gnunet-arm.c |
5 | src/arm/gnunet-service-arm.c | 5 | src/arm/gnunet-service-arm.c |
6 | src/arm/mockup-service.c | 6 | src/arm/mockup-service.c |
7 | src/ats-tests/ats-testing-experiment.c | ||
8 | src/ats-tests/ats-testing-log.c | ||
9 | src/ats-tests/ats-testing-preferences.c | ||
10 | src/ats-tests/ats-testing-traffic.c | ||
11 | src/ats-tests/ats-testing.c | ||
12 | src/ats-tests/gnunet-ats-sim.c | ||
13 | src/ats-tests/gnunet-solver-eval.c | ||
14 | src/ats-tool/gnunet-ats.c | ||
15 | src/ats/ats_api2_application.c | 7 | src/ats/ats_api2_application.c |
16 | src/ats/ats_api2_transport.c | 8 | src/ats/ats_api2_transport.c |
17 | src/ats/ats_api_connectivity.c | 9 | src/ats/ats_api_connectivity.c |
@@ -19,10 +11,10 @@ src/ats/ats_api_performance.c | |||
19 | src/ats/ats_api_scanner.c | 11 | src/ats/ats_api_scanner.c |
20 | src/ats/ats_api_scheduling.c | 12 | src/ats/ats_api_scheduling.c |
21 | src/ats/gnunet-ats-solver-eval.c | 13 | src/ats/gnunet-ats-solver-eval.c |
22 | src/ats/gnunet-service-ats-new.c | ||
23 | src/ats/gnunet-service-ats.c | ||
24 | src/ats/gnunet-service-ats_addresses.c | 14 | src/ats/gnunet-service-ats_addresses.c |
15 | src/ats/gnunet-service-ats.c | ||
25 | src/ats/gnunet-service-ats_connectivity.c | 16 | src/ats/gnunet-service-ats_connectivity.c |
17 | src/ats/gnunet-service-ats-new.c | ||
26 | src/ats/gnunet-service-ats_normalization.c | 18 | src/ats/gnunet-service-ats_normalization.c |
27 | src/ats/gnunet-service-ats_performance.c | 19 | src/ats/gnunet-service-ats_performance.c |
28 | src/ats/gnunet-service-ats_plugins.c | 20 | src/ats/gnunet-service-ats_plugins.c |
@@ -34,6 +26,14 @@ src/ats/plugin_ats2_simple.c | |||
34 | src/ats/plugin_ats_mlp.c | 26 | src/ats/plugin_ats_mlp.c |
35 | src/ats/plugin_ats_proportional.c | 27 | src/ats/plugin_ats_proportional.c |
36 | src/ats/plugin_ats_ril.c | 28 | src/ats/plugin_ats_ril.c |
29 | src/ats-tests/ats-testing.c | ||
30 | src/ats-tests/ats-testing-experiment.c | ||
31 | src/ats-tests/ats-testing-log.c | ||
32 | src/ats-tests/ats-testing-preferences.c | ||
33 | src/ats-tests/ats-testing-traffic.c | ||
34 | src/ats-tests/gnunet-ats-sim.c | ||
35 | src/ats-tests/gnunet-solver-eval.c | ||
36 | src/ats-tool/gnunet-ats.c | ||
37 | src/auction/gnunet-auction-create.c | 37 | src/auction/gnunet-auction-create.c |
38 | src/auction/gnunet-auction-info.c | 38 | src/auction/gnunet-auction-info.c |
39 | src/auction/gnunet-auction-join.c | 39 | src/auction/gnunet-auction-join.c |
@@ -50,8 +50,8 @@ src/cadet/cadet_api_list_peers.c | |||
50 | src/cadet/cadet_api_list_tunnels.c | 50 | src/cadet/cadet_api_list_tunnels.c |
51 | src/cadet/cadet_test_lib.c | 51 | src/cadet/cadet_test_lib.c |
52 | src/cadet/desirability_table.c | 52 | src/cadet/desirability_table.c |
53 | src/cadet/gnunet-cadet-profiler.c | ||
54 | src/cadet/gnunet-cadet.c | 53 | src/cadet/gnunet-cadet.c |
54 | src/cadet/gnunet-cadet-profiler.c | ||
55 | src/cadet/gnunet-service-cadet.c | 55 | src/cadet/gnunet-service-cadet.c |
56 | src/cadet/gnunet-service-cadet_channel.c | 56 | src/cadet/gnunet-service-cadet_channel.c |
57 | src/cadet/gnunet-service-cadet_connection.c | 57 | src/cadet/gnunet-service-cadet_connection.c |
@@ -67,15 +67,15 @@ src/consensus/gnunet-service-consensus.c | |||
67 | src/consensus/plugin_block_consensus.c | 67 | src/consensus/plugin_block_consensus.c |
68 | src/conversation/conversation_api.c | 68 | src/conversation/conversation_api.c |
69 | src/conversation/conversation_api_call.c | 69 | src/conversation/conversation_api_call.c |
70 | src/conversation/gnunet-conversation-test.c | ||
71 | src/conversation/gnunet-conversation.c | 70 | src/conversation/gnunet-conversation.c |
72 | src/conversation/gnunet-helper-audio-playback-gst.c | 71 | src/conversation/gnunet-conversation-test.c |
72 | src/conversation/gnunet_gst.c | ||
73 | src/conversation/gnunet_gst_test.c | ||
73 | src/conversation/gnunet-helper-audio-playback.c | 74 | src/conversation/gnunet-helper-audio-playback.c |
74 | src/conversation/gnunet-helper-audio-record-gst.c | 75 | src/conversation/gnunet-helper-audio-playback-gst.c |
75 | src/conversation/gnunet-helper-audio-record.c | 76 | src/conversation/gnunet-helper-audio-record.c |
77 | src/conversation/gnunet-helper-audio-record-gst.c | ||
76 | src/conversation/gnunet-service-conversation.c | 78 | src/conversation/gnunet-service-conversation.c |
77 | src/conversation/gnunet_gst.c | ||
78 | src/conversation/gnunet_gst_test.c | ||
79 | src/conversation/microphone.c | 79 | src/conversation/microphone.c |
80 | src/conversation/plugin_gnsrecord_conversation.c | 80 | src/conversation/plugin_gnsrecord_conversation.c |
81 | src/conversation/speaker.c | 81 | src/conversation/speaker.c |
@@ -112,6 +112,7 @@ src/dht/dht_api.c | |||
112 | src/dht/dht_test_lib.c | 112 | src/dht/dht_test_lib.c |
113 | src/dht/gnunet-dht-get.c | 113 | src/dht/gnunet-dht-get.c |
114 | src/dht/gnunet-dht-monitor.c | 114 | src/dht/gnunet-dht-monitor.c |
115 | src/dht/gnunet_dht_profiler.c | ||
115 | src/dht/gnunet-dht-put.c | 116 | src/dht/gnunet-dht-put.c |
116 | src/dht/gnunet-service-dht.c | 117 | src/dht/gnunet-service-dht.c |
117 | src/dht/gnunet-service-dht_clients.c | 118 | src/dht/gnunet-service-dht_clients.c |
@@ -120,7 +121,6 @@ src/dht/gnunet-service-dht_hello.c | |||
120 | src/dht/gnunet-service-dht_neighbours.c | 121 | src/dht/gnunet-service-dht_neighbours.c |
121 | src/dht/gnunet-service-dht_nse.c | 122 | src/dht/gnunet-service-dht_nse.c |
122 | src/dht/gnunet-service-dht_routing.c | 123 | src/dht/gnunet-service-dht_routing.c |
123 | src/dht/gnunet_dht_profiler.c | ||
124 | src/dht/plugin_block_dht.c | 124 | src/dht/plugin_block_dht.c |
125 | src/dns/dns_api.c | 125 | src/dns/dns_api.c |
126 | src/dns/gnunet-dns-monitor.c | 126 | src/dns/gnunet-dns-monitor.c |
@@ -130,8 +130,8 @@ src/dns/gnunet-service-dns.c | |||
130 | src/dns/gnunet-zonewalk.c | 130 | src/dns/gnunet-zonewalk.c |
131 | src/dns/plugin_block_dns.c | 131 | src/dns/plugin_block_dns.c |
132 | src/exit/gnunet-daemon-exit.c | 132 | src/exit/gnunet-daemon-exit.c |
133 | src/exit/gnunet-helper-exit-windows.c | ||
134 | src/exit/gnunet-helper-exit.c | 133 | src/exit/gnunet-helper-exit.c |
134 | src/exit/gnunet-helper-exit-windows.c | ||
135 | src/fragmentation/defragmentation.c | 135 | src/fragmentation/defragmentation.c |
136 | src/fragmentation/fragmentation.c | 136 | src/fragmentation/fragmentation.c |
137 | src/fs/fs_api.c | 137 | src/fs/fs_api.c |
@@ -156,8 +156,8 @@ src/fs/gnunet-auto-share.c | |||
156 | src/fs/gnunet-daemon-fsprofiler.c | 156 | src/fs/gnunet-daemon-fsprofiler.c |
157 | src/fs/gnunet-directory.c | 157 | src/fs/gnunet-directory.c |
158 | src/fs/gnunet-download.c | 158 | src/fs/gnunet-download.c |
159 | src/fs/gnunet-fs-profiler.c | ||
160 | src/fs/gnunet-fs.c | 159 | src/fs/gnunet-fs.c |
160 | src/fs/gnunet-fs-profiler.c | ||
161 | src/fs/gnunet-helper-fs-publish.c | 161 | src/fs/gnunet-helper-fs-publish.c |
162 | src/fs/gnunet-publish.c | 162 | src/fs/gnunet-publish.c |
163 | src/fs/gnunet-search.c | 163 | src/fs/gnunet-search.c |
@@ -177,10 +177,10 @@ src/gns/gns_tld_api.c | |||
177 | src/gns/gnunet-bcd.c | 177 | src/gns/gnunet-bcd.c |
178 | src/gns/gnunet-dns2gns.c | 178 | src/gns/gnunet-dns2gns.c |
179 | src/gns/gnunet-gns-benchmark.c | 179 | src/gns/gnunet-gns-benchmark.c |
180 | src/gns/gnunet-gns.c | ||
180 | src/gns/gnunet-gns-helper-service-w32.c | 181 | src/gns/gnunet-gns-helper-service-w32.c |
181 | src/gns/gnunet-gns-import.c | 182 | src/gns/gnunet-gns-import.c |
182 | src/gns/gnunet-gns-proxy.c | 183 | src/gns/gnunet-gns-proxy.c |
183 | src/gns/gnunet-gns.c | ||
184 | src/gns/gnunet-service-gns.c | 184 | src/gns/gnunet-service-gns.c |
185 | src/gns/gnunet-service-gns_interceptor.c | 185 | src/gns/gnunet-service-gns_interceptor.c |
186 | src/gns/gnunet-service-gns_resolver.c | 186 | src/gns/gnunet-service-gns_resolver.c |
@@ -189,19 +189,19 @@ src/gns/nss/nss_gns_query.c | |||
189 | src/gns/plugin_block_gns.c | 189 | src/gns/plugin_block_gns.c |
190 | src/gns/plugin_gnsrecord_gns.c | 190 | src/gns/plugin_gnsrecord_gns.c |
191 | src/gns/plugin_rest_gns.c | 191 | src/gns/plugin_rest_gns.c |
192 | src/gns/w32nsp-install.c | ||
193 | src/gns/w32nsp-resolve.c | ||
194 | src/gns/w32nsp-uninstall.c | ||
195 | src/gns/w32nsp.c | ||
196 | src/gnsrecord/gnsrecord.c | 192 | src/gnsrecord/gnsrecord.c |
197 | src/gnsrecord/gnsrecord_crypto.c | 193 | src/gnsrecord/gnsrecord_crypto.c |
198 | src/gnsrecord/gnsrecord_misc.c | 194 | src/gnsrecord/gnsrecord_misc.c |
199 | src/gnsrecord/gnsrecord_serialization.c | 195 | src/gnsrecord/gnsrecord_serialization.c |
200 | src/gnsrecord/plugin_gnsrecord_dns.c | 196 | src/gnsrecord/plugin_gnsrecord_dns.c |
197 | src/gns/w32nsp.c | ||
198 | src/gns/w32nsp-install.c | ||
199 | src/gns/w32nsp-resolve.c | ||
200 | src/gns/w32nsp-uninstall.c | ||
201 | src/hello/address.c | 201 | src/hello/address.c |
202 | src/hello/gnunet-hello.c | 202 | src/hello/gnunet-hello.c |
203 | src/hello/hello-ng.c | ||
204 | src/hello/hello.c | 203 | src/hello/hello.c |
204 | src/hello/hello-ng.c | ||
205 | src/hostlist/gnunet-daemon-hostlist.c | 205 | src/hostlist/gnunet-daemon-hostlist.c |
206 | src/hostlist/gnunet-daemon-hostlist_client.c | 206 | src/hostlist/gnunet-daemon-hostlist_client.c |
207 | src/hostlist/gnunet-daemon-hostlist_server.c | 207 | src/hostlist/gnunet-daemon-hostlist_server.c |
@@ -225,8 +225,8 @@ src/namecache/namecache_api.c | |||
225 | src/namecache/plugin_namecache_flat.c | 225 | src/namecache/plugin_namecache_flat.c |
226 | src/namecache/plugin_namecache_postgres.c | 226 | src/namecache/plugin_namecache_postgres.c |
227 | src/namecache/plugin_namecache_sqlite.c | 227 | src/namecache/plugin_namecache_sqlite.c |
228 | src/namestore/gnunet-namestore-fcfsd.c | ||
229 | src/namestore/gnunet-namestore.c | 228 | src/namestore/gnunet-namestore.c |
229 | src/namestore/gnunet-namestore-fcfsd.c | ||
230 | src/namestore/gnunet-service-namestore.c | 230 | src/namestore/gnunet-service-namestore.c |
231 | src/namestore/gnunet-zoneimport.c | 231 | src/namestore/gnunet-zoneimport.c |
232 | src/namestore/namestore_api.c | 232 | src/namestore/namestore_api.c |
@@ -242,10 +242,10 @@ src/nat-auto/gnunet-service-nat-auto.c | |||
242 | src/nat-auto/gnunet-service-nat-auto_legacy.c | 242 | src/nat-auto/gnunet-service-nat-auto_legacy.c |
243 | src/nat-auto/nat_auto_api.c | 243 | src/nat-auto/nat_auto_api.c |
244 | src/nat-auto/nat_auto_api_test.c | 244 | src/nat-auto/nat_auto_api_test.c |
245 | src/nat/gnunet-helper-nat-client-windows.c | ||
246 | src/nat/gnunet-helper-nat-client.c | 245 | src/nat/gnunet-helper-nat-client.c |
247 | src/nat/gnunet-helper-nat-server-windows.c | 246 | src/nat/gnunet-helper-nat-client-windows.c |
248 | src/nat/gnunet-helper-nat-server.c | 247 | src/nat/gnunet-helper-nat-server.c |
248 | src/nat/gnunet-helper-nat-server-windows.c | ||
249 | src/nat/gnunet-nat.c | 249 | src/nat/gnunet-nat.c |
250 | src/nat/gnunet-service-nat.c | 250 | src/nat/gnunet-service-nat.c |
251 | src/nat/gnunet-service-nat_externalip.c | 251 | src/nat/gnunet-service-nat_externalip.c |
@@ -254,17 +254,17 @@ src/nat/gnunet-service-nat_mini.c | |||
254 | src/nat/gnunet-service-nat_stun.c | 254 | src/nat/gnunet-service-nat_stun.c |
255 | src/nat/nat_api.c | 255 | src/nat/nat_api.c |
256 | src/nat/nat_api_stun.c | 256 | src/nat/nat_api_stun.c |
257 | src/nse/gnunet-nse-profiler.c | ||
258 | src/nse/gnunet-nse.c | 257 | src/nse/gnunet-nse.c |
258 | src/nse/gnunet-nse-profiler.c | ||
259 | src/nse/gnunet-service-nse.c | 259 | src/nse/gnunet-service-nse.c |
260 | src/nse/nse_api.c | 260 | src/nse/nse_api.c |
261 | src/nt/nt.c | 261 | src/nt/nt.c |
262 | src/peerinfo-tool/gnunet-peerinfo.c | ||
263 | src/peerinfo-tool/gnunet-peerinfo_plugins.c | ||
264 | src/peerinfo-tool/plugin_rest_peerinfo.c | ||
265 | src/peerinfo/gnunet-service-peerinfo.c | 262 | src/peerinfo/gnunet-service-peerinfo.c |
266 | src/peerinfo/peerinfo_api.c | 263 | src/peerinfo/peerinfo_api.c |
267 | src/peerinfo/peerinfo_api_notify.c | 264 | src/peerinfo/peerinfo_api_notify.c |
265 | src/peerinfo-tool/gnunet-peerinfo.c | ||
266 | src/peerinfo-tool/gnunet-peerinfo_plugins.c | ||
267 | src/peerinfo-tool/plugin_rest_peerinfo.c | ||
268 | src/peerstore/gnunet-peerstore.c | 268 | src/peerstore/gnunet-peerstore.c |
269 | src/peerstore/gnunet-service-peerstore.c | 269 | src/peerstore/gnunet-service-peerstore.c |
270 | src/peerstore/peerstore_api.c | 270 | src/peerstore/peerstore_api.c |
@@ -311,22 +311,22 @@ src/revocation/gnunet-revocation.c | |||
311 | src/revocation/gnunet-service-revocation.c | 311 | src/revocation/gnunet-service-revocation.c |
312 | src/revocation/plugin_block_revocation.c | 312 | src/revocation/plugin_block_revocation.c |
313 | src/revocation/revocation_api.c | 313 | src/revocation/revocation_api.c |
314 | src/rps/gnunet-rps-profiler.c | ||
315 | src/rps/gnunet-rps.c | 314 | src/rps/gnunet-rps.c |
315 | src/rps/gnunet-rps-profiler.c | ||
316 | src/rps/gnunet-service-rps.c | 316 | src/rps/gnunet-service-rps.c |
317 | src/rps/gnunet-service-rps_custommap.c | 317 | src/rps/gnunet-service-rps_custommap.c |
318 | src/rps/gnunet-service-rps_sampler.c | 318 | src/rps/gnunet-service-rps_sampler.c |
319 | src/rps/gnunet-service-rps_sampler_elem.c | 319 | src/rps/gnunet-service-rps_sampler_elem.c |
320 | src/rps/gnunet-service-rps_view.c | 320 | src/rps/gnunet-service-rps_view.c |
321 | src/rps/rps_api.c | ||
321 | src/rps/rps-sampler_client.c | 322 | src/rps/rps-sampler_client.c |
322 | src/rps/rps-sampler_common.c | 323 | src/rps/rps-sampler_common.c |
323 | src/rps/rps-test_util.c | 324 | src/rps/rps-test_util.c |
324 | src/rps/rps_api.c | ||
325 | src/scalarproduct/gnunet-scalarproduct.c | 325 | src/scalarproduct/gnunet-scalarproduct.c |
326 | src/scalarproduct/gnunet-service-scalarproduct-ecc_alice.c | ||
327 | src/scalarproduct/gnunet-service-scalarproduct-ecc_bob.c | ||
328 | src/scalarproduct/gnunet-service-scalarproduct_alice.c | 326 | src/scalarproduct/gnunet-service-scalarproduct_alice.c |
329 | src/scalarproduct/gnunet-service-scalarproduct_bob.c | 327 | src/scalarproduct/gnunet-service-scalarproduct_bob.c |
328 | src/scalarproduct/gnunet-service-scalarproduct-ecc_alice.c | ||
329 | src/scalarproduct/gnunet-service-scalarproduct-ecc_bob.c | ||
330 | src/scalarproduct/scalarproduct_api.c | 330 | src/scalarproduct/scalarproduct_api.c |
331 | src/secretsharing/gnunet-secretsharing-profiler.c | 331 | src/secretsharing/gnunet-secretsharing-profiler.c |
332 | src/secretsharing/gnunet-service-secretsharing.c | 332 | src/secretsharing/gnunet-service-secretsharing.c |
@@ -352,16 +352,15 @@ src/statistics/gnunet-statistics.c | |||
352 | src/statistics/statistics_api.c | 352 | src/statistics/statistics_api.c |
353 | src/template/gnunet-service-template.c | 353 | src/template/gnunet-service-template.c |
354 | src/template/gnunet-template.c | 354 | src/template/gnunet-template.c |
355 | src/testbed-logger/gnunet-service-testbed-logger.c | ||
356 | src/testbed-logger/testbed_logger_api.c | ||
357 | src/testbed/generate-underlay-topology.c | 355 | src/testbed/generate-underlay-topology.c |
358 | src/testbed/gnunet-daemon-latency-logger.c | 356 | src/testbed/gnunet-daemon-latency-logger.c |
359 | src/testbed/gnunet-daemon-testbed-blacklist.c | 357 | src/testbed/gnunet-daemon-testbed-blacklist.c |
360 | src/testbed/gnunet-daemon-testbed-underlay.c | 358 | src/testbed/gnunet-daemon-testbed-underlay.c |
361 | src/testbed/gnunet-helper-testbed.c | 359 | src/testbed/gnunet-helper-testbed.c |
360 | src/testbed/gnunet_mpi_test.c | ||
362 | src/testbed/gnunet-service-test-barriers.c | 361 | src/testbed/gnunet-service-test-barriers.c |
363 | src/testbed/gnunet-service-testbed.c | ||
364 | src/testbed/gnunet-service-testbed_barriers.c | 362 | src/testbed/gnunet-service-testbed_barriers.c |
363 | src/testbed/gnunet-service-testbed.c | ||
365 | src/testbed/gnunet-service-testbed_cache.c | 364 | src/testbed/gnunet-service-testbed_cache.c |
366 | src/testbed/gnunet-service-testbed_connectionpool.c | 365 | src/testbed/gnunet-service-testbed_connectionpool.c |
367 | src/testbed/gnunet-service-testbed_cpustatus.c | 366 | src/testbed/gnunet-service-testbed_cpustatus.c |
@@ -369,19 +368,20 @@ src/testbed/gnunet-service-testbed_links.c | |||
369 | src/testbed/gnunet-service-testbed_meminfo.c | 368 | src/testbed/gnunet-service-testbed_meminfo.c |
370 | src/testbed/gnunet-service-testbed_oc.c | 369 | src/testbed/gnunet-service-testbed_oc.c |
371 | src/testbed/gnunet-service-testbed_peers.c | 370 | src/testbed/gnunet-service-testbed_peers.c |
372 | src/testbed/gnunet-testbed-profiler.c | ||
373 | src/testbed/gnunet_mpi_test.c | ||
374 | src/testbed/gnunet_testbed_mpi_spawn.c | 371 | src/testbed/gnunet_testbed_mpi_spawn.c |
375 | src/testbed/testbed_api.c | 372 | src/testbed/gnunet-testbed-profiler.c |
373 | src/testbed-logger/gnunet-service-testbed-logger.c | ||
374 | src/testbed-logger/testbed_logger_api.c | ||
376 | src/testbed/testbed_api_barriers.c | 375 | src/testbed/testbed_api_barriers.c |
376 | src/testbed/testbed_api.c | ||
377 | src/testbed/testbed_api_hosts.c | 377 | src/testbed/testbed_api_hosts.c |
378 | src/testbed/testbed_api_operations.c | 378 | src/testbed/testbed_api_operations.c |
379 | src/testbed/testbed_api_peers.c | 379 | src/testbed/testbed_api_peers.c |
380 | src/testbed/testbed_api_sd.c | 380 | src/testbed/testbed_api_sd.c |
381 | src/testbed/testbed_api_services.c | 381 | src/testbed/testbed_api_services.c |
382 | src/testbed/testbed_api_statistics.c | 382 | src/testbed/testbed_api_statistics.c |
383 | src/testbed/testbed_api_test.c | ||
384 | src/testbed/testbed_api_testbed.c | 383 | src/testbed/testbed_api_testbed.c |
384 | src/testbed/testbed_api_test.c | ||
385 | src/testbed/testbed_api_topology.c | 385 | src/testbed/testbed_api_topology.c |
386 | src/testbed/testbed_api_underlay.c | 386 | src/testbed/testbed_api_underlay.c |
387 | src/testing/gnunet-testing.c | 387 | src/testing/gnunet-testing.c |
@@ -393,40 +393,35 @@ src/transport/gnunet-communicator-tcp.c | |||
393 | src/transport/gnunet-communicator-udp.c | 393 | src/transport/gnunet-communicator-udp.c |
394 | src/transport/gnunet-communicator-unix.c | 394 | src/transport/gnunet-communicator-unix.c |
395 | src/transport/gnunet-helper-transport-bluetooth.c | 395 | src/transport/gnunet-helper-transport-bluetooth.c |
396 | src/transport/gnunet-helper-transport-wlan-dummy.c | ||
397 | src/transport/gnunet-helper-transport-wlan.c | 396 | src/transport/gnunet-helper-transport-wlan.c |
397 | src/transport/gnunet-helper-transport-wlan-dummy.c | ||
398 | src/transport/gnunet-service-tng.c | 398 | src/transport/gnunet-service-tng.c |
399 | src/transport/gnunet-service-transport.c | ||
400 | src/transport/gnunet-service-transport_ats.c | 399 | src/transport/gnunet-service-transport_ats.c |
400 | src/transport/gnunet-service-transport.c | ||
401 | src/transport/gnunet-service-transport_hello.c | 401 | src/transport/gnunet-service-transport_hello.c |
402 | src/transport/gnunet-service-transport_manipulation.c | 402 | src/transport/gnunet-service-transport_manipulation.c |
403 | src/transport/gnunet-service-transport_neighbours.c | 403 | src/transport/gnunet-service-transport_neighbours.c |
404 | src/transport/gnunet-service-transport_plugins.c | 404 | src/transport/gnunet-service-transport_plugins.c |
405 | src/transport/gnunet-service-transport_validation.c | 405 | src/transport/gnunet-service-transport_validation.c |
406 | src/transport/gnunet-transport.c | ||
406 | src/transport/gnunet-transport-certificate-creation.c | 407 | src/transport/gnunet-transport-certificate-creation.c |
407 | src/transport/gnunet-transport-profiler.c | 408 | src/transport/gnunet-transport-profiler.c |
408 | src/transport/gnunet-transport-wlan-receiver.c | 409 | src/transport/gnunet-transport-wlan-receiver.c |
409 | src/transport/gnunet-transport-wlan-sender.c | 410 | src/transport/gnunet-transport-wlan-sender.c |
410 | src/transport/gnunet-transport.c | ||
411 | src/transport/plugin_transport_http_client.c | 411 | src/transport/plugin_transport_http_client.c |
412 | src/transport/plugin_transport_http_common.c | 412 | src/transport/plugin_transport_http_common.c |
413 | src/transport/plugin_transport_http_server.c | 413 | src/transport/plugin_transport_http_server.c |
414 | src/transport/plugin_transport_smtp.c | 414 | src/transport/plugin_transport_smtp.c |
415 | src/transport/plugin_transport_tcp.c | 415 | src/transport/plugin_transport_tcp.c |
416 | src/transport/plugin_transport_template.c | 416 | src/transport/plugin_transport_template.c |
417 | src/transport/plugin_transport_udp.c | ||
418 | src/transport/plugin_transport_udp_broadcasting.c | 417 | src/transport/plugin_transport_udp_broadcasting.c |
418 | src/transport/plugin_transport_udp.c | ||
419 | src/transport/plugin_transport_unix.c | 419 | src/transport/plugin_transport_unix.c |
420 | src/transport/plugin_transport_wlan.c | 420 | src/transport/plugin_transport_wlan.c |
421 | src/transport/tcp_connection_legacy.c | 421 | src/transport/tcp_connection_legacy.c |
422 | src/transport/tcp_server_legacy.c | 422 | src/transport/tcp_server_legacy.c |
423 | src/transport/tcp_server_mst_legacy.c | 423 | src/transport/tcp_server_mst_legacy.c |
424 | src/transport/tcp_service_legacy.c | 424 | src/transport/tcp_service_legacy.c |
425 | src/transport/transport-testing-filenames.c | ||
426 | src/transport/transport-testing-loggers.c | ||
427 | src/transport/transport-testing-main.c | ||
428 | src/transport/transport-testing-send.c | ||
429 | src/transport/transport-testing.c | ||
430 | src/transport/transport_api2_address.c | 425 | src/transport/transport_api2_address.c |
431 | src/transport/transport_api2_application.c | 426 | src/transport/transport_api2_application.c |
432 | src/transport/transport_api2_communication.c | 427 | src/transport/transport_api2_communication.c |
@@ -440,6 +435,11 @@ src/transport/transport_api_manipulation.c | |||
440 | src/transport/transport_api_monitor_peers.c | 435 | src/transport/transport_api_monitor_peers.c |
441 | src/transport/transport_api_monitor_plugins.c | 436 | src/transport/transport_api_monitor_plugins.c |
442 | src/transport/transport_api_offer_hello.c | 437 | src/transport/transport_api_offer_hello.c |
438 | src/transport/transport-testing.c | ||
439 | src/transport/transport-testing-filenames.c | ||
440 | src/transport/transport-testing-loggers.c | ||
441 | src/transport/transport-testing-main.c | ||
442 | src/transport/transport-testing-send.c | ||
443 | src/util/bandwidth.c | 443 | src/util/bandwidth.c |
444 | src/util/benchmark.c | 444 | src/util/benchmark.c |
445 | src/util/bio.c | 445 | src/util/bio.c |
@@ -452,8 +452,8 @@ src/util/configuration_loader.c | |||
452 | src/util/container_bloomfilter.c | 452 | src/util/container_bloomfilter.c |
453 | src/util/container_heap.c | 453 | src/util/container_heap.c |
454 | src/util/container_meta_data.c | 454 | src/util/container_meta_data.c |
455 | src/util/container_multihashmap.c | ||
456 | src/util/container_multihashmap32.c | 455 | src/util/container_multihashmap32.c |
456 | src/util/container_multihashmap.c | ||
457 | src/util/container_multipeermap.c | 457 | src/util/container_multipeermap.c |
458 | src/util/container_multishortmap.c | 458 | src/util/container_multishortmap.c |
459 | src/util/crypto_abe.c | 459 | src/util/crypto_abe.c |
@@ -475,16 +475,16 @@ src/util/dnsparser.c | |||
475 | src/util/dnsstub.c | 475 | src/util/dnsstub.c |
476 | src/util/getopt.c | 476 | src/util/getopt.c |
477 | src/util/getopt_helpers.c | 477 | src/util/getopt_helpers.c |
478 | src/util/gnunet-config-diff.c | ||
479 | src/util/gnunet-config.c | 478 | src/util/gnunet-config.c |
479 | src/util/gnunet-config-diff.c | ||
480 | src/util/gnunet-ecc.c | 480 | src/util/gnunet-ecc.c |
481 | src/util/gnunet-helper-w32-console.c | 481 | src/util/gnunet-helper-w32-console.c |
482 | src/util/gnunet-qr.c | 482 | src/util/gnunet-qr.c |
483 | src/util/gnunet-resolver.c | 483 | src/util/gnunet-resolver.c |
484 | src/util/gnunet-scrypt.c | 484 | src/util/gnunet-scrypt.c |
485 | src/util/gnunet-service-resolver.c | 485 | src/util/gnunet-service-resolver.c |
486 | src/util/gnunet-timeout-w32.c | ||
487 | src/util/gnunet-timeout.c | 486 | src/util/gnunet-timeout.c |
487 | src/util/gnunet-timeout-w32.c | ||
488 | src/util/gnunet-uri.c | 488 | src/util/gnunet-uri.c |
489 | src/util/helper.c | 489 | src/util/helper.c |
490 | src/util/load.c | 490 | src/util/load.c |
@@ -513,13 +513,13 @@ src/util/tun.c | |||
513 | src/util/w32cat.c | 513 | src/util/w32cat.c |
514 | src/util/win.c | 514 | src/util/win.c |
515 | src/util/winproc.c | 515 | src/util/winproc.c |
516 | src/vpn/gnunet-helper-vpn-windows.c | ||
517 | src/vpn/gnunet-helper-vpn.c | 516 | src/vpn/gnunet-helper-vpn.c |
517 | src/vpn/gnunet-helper-vpn-windows.c | ||
518 | src/vpn/gnunet-service-vpn.c | 518 | src/vpn/gnunet-service-vpn.c |
519 | src/vpn/gnunet-vpn.c | 519 | src/vpn/gnunet-vpn.c |
520 | src/vpn/vpn_api.c | 520 | src/vpn/vpn_api.c |
521 | src/zonemaster/gnunet-service-zonemaster-monitor.c | ||
522 | src/zonemaster/gnunet-service-zonemaster.c | 521 | src/zonemaster/gnunet-service-zonemaster.c |
522 | src/zonemaster/gnunet-service-zonemaster-monitor.c | ||
523 | src/fs/fs_api.h | 523 | src/fs/fs_api.h |
524 | src/include/compat.h | 524 | src/include/compat.h |
525 | src/include/gnunet_common.h | 525 | src/include/gnunet_common.h |
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index 6822de2f1..45da5f6ba 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
@@ -456,6 +456,18 @@ int32_t | |||
456 | GNUNET_CRYPTO_crc32_n (const void *buf, | 456 | GNUNET_CRYPTO_crc32_n (const void *buf, |
457 | size_t len); | 457 | size_t len); |
458 | 458 | ||
459 | /** | ||
460 | * @ingroup crypto | ||
461 | * Zero out @a buffer, securely against compiler optimizations. | ||
462 | * Used to delete key material. | ||
463 | * | ||
464 | * @param buffer the buffer to zap | ||
465 | * @param length buffer length | ||
466 | */ | ||
467 | void | ||
468 | GNUNET_CRYPTO_zero_keys (void *buffer, | ||
469 | size_t length); | ||
470 | |||
459 | 471 | ||
460 | /** | 472 | /** |
461 | * @ingroup crypto | 473 | * @ingroup crypto |
@@ -721,8 +733,8 @@ GNUNET_CRYPTO_hash_context_abort (struct GNUNET_HashContext *hc); | |||
721 | */ | 733 | */ |
722 | void | 734 | void |
723 | GNUNET_CRYPTO_hmac_raw (const void *key, size_t key_len, | 735 | GNUNET_CRYPTO_hmac_raw (const void *key, size_t key_len, |
724 | const void *plaintext, size_t plaintext_len, | 736 | const void *plaintext, size_t plaintext_len, |
725 | struct GNUNET_HashCode *hmac); | 737 | struct GNUNET_HashCode *hmac); |
726 | 738 | ||
727 | 739 | ||
728 | /** | 740 | /** |
@@ -1866,7 +1878,7 @@ GNUNET_CRYPTO_rsa_private_key_free (struct GNUNET_CRYPTO_RsaPrivateKey *key); | |||
1866 | */ | 1878 | */ |
1867 | size_t | 1879 | size_t |
1868 | GNUNET_CRYPTO_rsa_private_key_encode (const struct GNUNET_CRYPTO_RsaPrivateKey *key, | 1880 | GNUNET_CRYPTO_rsa_private_key_encode (const struct GNUNET_CRYPTO_RsaPrivateKey *key, |
1869 | char **buffer); | 1881 | char **buffer); |
1870 | 1882 | ||
1871 | 1883 | ||
1872 | /** | 1884 | /** |
@@ -1879,7 +1891,7 @@ GNUNET_CRYPTO_rsa_private_key_encode (const struct GNUNET_CRYPTO_RsaPrivateKey * | |||
1879 | */ | 1891 | */ |
1880 | struct GNUNET_CRYPTO_RsaPrivateKey * | 1892 | struct GNUNET_CRYPTO_RsaPrivateKey * |
1881 | GNUNET_CRYPTO_rsa_private_key_decode (const char *buf, | 1893 | GNUNET_CRYPTO_rsa_private_key_decode (const char *buf, |
1882 | size_t len); | 1894 | size_t len); |
1883 | 1895 | ||
1884 | 1896 | ||
1885 | /** | 1897 | /** |
diff --git a/src/transport/Makefile.am b/src/transport/Makefile.am index f83fa669c..53fd9c973 100644 --- a/src/transport/Makefile.am +++ b/src/transport/Makefile.am | |||
@@ -374,6 +374,7 @@ gnunet_service_tng_LDADD = \ | |||
374 | $(top_builddir)/src/hello/libgnunethello.la \ | 374 | $(top_builddir)/src/hello/libgnunethello.la \ |
375 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ | 375 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ |
376 | $(top_builddir)/src/util/libgnunetutil.la \ | 376 | $(top_builddir)/src/util/libgnunetutil.la \ |
377 | $(LIBGCRYPT_LIBS) \ | ||
377 | $(GN_LIBINTL) | 378 | $(GN_LIBINTL) |
378 | 379 | ||
379 | plugin_LTLIBRARIES = \ | 380 | plugin_LTLIBRARIES = \ |
diff --git a/src/transport/gnunet-communicator-tcp.c b/src/transport/gnunet-communicator-tcp.c index a8f88c5e4..e9223401f 100644 --- a/src/transport/gnunet-communicator-tcp.c +++ b/src/transport/gnunet-communicator-tcp.c | |||
@@ -814,9 +814,9 @@ pass_plaintext_to_core (struct Queue *queue, | |||
814 | */ | 814 | */ |
815 | static void | 815 | static void |
816 | setup_cipher (const struct GNUNET_HashCode *dh, | 816 | setup_cipher (const struct GNUNET_HashCode *dh, |
817 | const struct GNUNET_PeerIdentity *pid, | 817 | const struct GNUNET_PeerIdentity *pid, |
818 | gcry_cipher_hd_t *cipher, | 818 | gcry_cipher_hd_t *cipher, |
819 | struct GNUNET_HashCode *hmac_key) | 819 | struct GNUNET_HashCode *hmac_key) |
820 | { | 820 | { |
821 | char key[256/8]; | 821 | char key[256/8]; |
822 | char ctr[128/8]; | 822 | char ctr[128/8]; |
@@ -872,7 +872,7 @@ setup_cipher (const struct GNUNET_HashCode *dh, | |||
872 | */ | 872 | */ |
873 | static void | 873 | static void |
874 | setup_in_cipher (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral, | 874 | setup_in_cipher (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral, |
875 | struct Queue *queue) | 875 | struct Queue *queue) |
876 | { | 876 | { |
877 | struct GNUNET_HashCode dh; | 877 | struct GNUNET_HashCode dh; |
878 | 878 | ||
@@ -896,7 +896,7 @@ setup_in_cipher (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral, | |||
896 | */ | 896 | */ |
897 | static void | 897 | static void |
898 | do_rekey (struct Queue *queue, | 898 | do_rekey (struct Queue *queue, |
899 | const struct TCPRekey *rekey) | 899 | const struct TCPRekey *rekey) |
900 | { | 900 | { |
901 | struct TcpHandshakeSignature thp; | 901 | struct TcpHandshakeSignature thp; |
902 | 902 | ||
diff --git a/src/transport/gnunet-service-tng.c b/src/transport/gnunet-service-tng.c index bb1656876..53b9ba0c8 100644 --- a/src/transport/gnunet-service-tng.c +++ b/src/transport/gnunet-service-tng.c | |||
@@ -33,7 +33,6 @@ | |||
33 | * transport-to-transport traffic) | 33 | * transport-to-transport traffic) |
34 | * | 34 | * |
35 | * Implement next: | 35 | * Implement next: |
36 | * - backchannel message encryption & decryption | ||
37 | * - DV data structures: | 36 | * - DV data structures: |
38 | * + using DV routes! | 37 | * + using DV routes! |
39 | * - handling of DV-boxed messages that need to be forwarded | 38 | * - handling of DV-boxed messages that need to be forwarded |
@@ -59,7 +58,6 @@ | |||
59 | * FIXME (without marks in the code!): | 58 | * FIXME (without marks in the code!): |
60 | * - proper use/initialization of timestamps in messages exchanged | 59 | * - proper use/initialization of timestamps in messages exchanged |
61 | * during DV learning | 60 | * during DV learning |
62 | * - | ||
63 | * | 61 | * |
64 | * Optimizations: | 62 | * Optimizations: |
65 | * - use shorthashmap on msg_uuid's when matching reliability/fragment ACKs | 63 | * - use shorthashmap on msg_uuid's when matching reliability/fragment ACKs |
@@ -3238,21 +3236,32 @@ route_message (const struct GNUNET_PeerIdentity *target, | |||
3238 | */ | 3236 | */ |
3239 | struct BackchannelKeyState | 3237 | struct BackchannelKeyState |
3240 | { | 3238 | { |
3241 | // FIXME: actual data types in this struct are likely still totally wrong | ||
3242 | /** | 3239 | /** |
3243 | * | 3240 | * State of our block cipher. |
3244 | */ | 3241 | */ |
3245 | char hdr_key[128]; | 3242 | gcry_cipher_hd_t cipher; |
3246 | 3243 | ||
3247 | /** | 3244 | /** |
3248 | * | 3245 | * Actual key material. |
3249 | */ | 3246 | */ |
3250 | char body_key[128]; | 3247 | struct { |
3251 | 3248 | ||
3252 | /** | 3249 | /** |
3253 | * | 3250 | * Key used for HMAC calculations (via #GNUNET_CRYPTO_hmac()). |
3254 | */ | 3251 | */ |
3255 | char hmac_key[128]; | 3252 | struct GNUNET_CRYPTO_AuthKey hmac_key; |
3253 | |||
3254 | /** | ||
3255 | * Symmetric key to use for encryption. | ||
3256 | */ | ||
3257 | char aes_key[256/8]; | ||
3258 | |||
3259 | /** | ||
3260 | * Counter value to use during setup. | ||
3261 | */ | ||
3262 | char aes_ctr[128/8]; | ||
3263 | |||
3264 | } material; | ||
3256 | }; | 3265 | }; |
3257 | 3266 | ||
3258 | 3267 | ||
@@ -3263,14 +3272,24 @@ bc_setup_key_state_from_km (const struct GNUNET_HashCode *km, | |||
3263 | { | 3272 | { |
3264 | /* must match #dh_key_derive_eph_pub */ | 3273 | /* must match #dh_key_derive_eph_pub */ |
3265 | GNUNET_assert (GNUNET_YES == | 3274 | GNUNET_assert (GNUNET_YES == |
3266 | GNUNET_CRYPTO_kdf (key, | 3275 | GNUNET_CRYPTO_kdf (&key->material, |
3267 | sizeof (*key), | 3276 | sizeof (key->material), |
3268 | "transport-backchannel-key", | 3277 | "transport-backchannel-key", |
3269 | strlen ("transport-backchannel-key"), | 3278 | strlen ("transport-backchannel-key"), |
3270 | &km, | 3279 | &km, |
3271 | sizeof (km), | 3280 | sizeof (km), |
3272 | iv, | 3281 | iv, |
3273 | sizeof (*iv))); | 3282 | sizeof (*iv))); |
3283 | gcry_cipher_open (&key->cipher, | ||
3284 | GCRY_CIPHER_AES256 /* low level: go for speed */, | ||
3285 | GCRY_CIPHER_MODE_CTR, | ||
3286 | 0 /* flags */); | ||
3287 | gcry_cipher_setkey (key->cipher, | ||
3288 | &key->material.aes_key, | ||
3289 | sizeof (key->material.aes_key)); | ||
3290 | gcry_cipher_setctr (key->cipher, | ||
3291 | &key->material.aes_ctr, | ||
3292 | sizeof (key->material.aes_ctr)); | ||
3274 | } | 3293 | } |
3275 | 3294 | ||
3276 | 3295 | ||
@@ -3342,7 +3361,10 @@ bc_hmac (const struct BackchannelKeyState *key, | |||
3342 | const void *data, | 3361 | const void *data, |
3343 | size_t data_size) | 3362 | size_t data_size) |
3344 | { | 3363 | { |
3345 | // FIXME! | 3364 | GNUNET_CRYPTO_hmac (&key->material.hmac_key, |
3365 | data, | ||
3366 | data_size, | ||
3367 | hmac); | ||
3346 | } | 3368 | } |
3347 | 3369 | ||
3348 | 3370 | ||
@@ -3361,7 +3383,12 @@ bc_encrypt (struct BackchannelKeyState *key, | |||
3361 | void *dst, | 3383 | void *dst, |
3362 | size_t in_size) | 3384 | size_t in_size) |
3363 | { | 3385 | { |
3364 | // FIXME! | 3386 | GNUNET_assert (0 == |
3387 | gcry_cipher_encrypt (key->cipher, | ||
3388 | dst, | ||
3389 | in_size, | ||
3390 | in, | ||
3391 | in_size)); | ||
3365 | } | 3392 | } |
3366 | 3393 | ||
3367 | 3394 | ||
@@ -3380,7 +3407,12 @@ bc_decrypt (struct BackchannelKeyState *key, | |||
3380 | const void *ciph, | 3407 | const void *ciph, |
3381 | size_t out_size) | 3408 | size_t out_size) |
3382 | { | 3409 | { |
3383 | // FIXME! | 3410 | GNUNET_assert (0 == |
3411 | gcry_cipher_decrypt (key->cipher, | ||
3412 | out, | ||
3413 | out_size, | ||
3414 | ciph, | ||
3415 | out_size)); | ||
3384 | } | 3416 | } |
3385 | 3417 | ||
3386 | 3418 | ||
@@ -3392,7 +3424,9 @@ bc_decrypt (struct BackchannelKeyState *key, | |||
3392 | static void | 3424 | static void |
3393 | bc_key_clean (struct BackchannelKeyState *key) | 3425 | bc_key_clean (struct BackchannelKeyState *key) |
3394 | { | 3426 | { |
3395 | // FIXME! | 3427 | gcry_cipher_close (key->cipher); |
3428 | GNUNET_CRYPTO_zero_keys (&key->material, | ||
3429 | sizeof (key->material)); | ||
3396 | } | 3430 | } |
3397 | 3431 | ||
3398 | 3432 | ||
diff --git a/src/util/crypto_random.c b/src/util/crypto_random.c index 54bea58e1..8bb5f0587 100644 --- a/src/util/crypto_random.c +++ b/src/util/crypto_random.c | |||
@@ -98,6 +98,34 @@ GNUNET_CRYPTO_seed_weak_random (int32_t seed) | |||
98 | 98 | ||
99 | /** | 99 | /** |
100 | * @ingroup crypto | 100 | * @ingroup crypto |
101 | * Zero out @a buffer, securely against compiler optimizations. | ||
102 | * Used to delete key material. | ||
103 | * | ||
104 | * @param buffer the buffer to zap | ||
105 | * @param length buffer length | ||
106 | */ | ||
107 | void | ||
108 | GNUNET_CRYPTO_zero_keys (void *buffer, | ||
109 | size_t length) | ||
110 | { | ||
111 | #if HAVE_MEMSET_S | ||
112 | memset_s (buffer, | ||
113 | length, | ||
114 | 0, | ||
115 | length); | ||
116 | #elif HAVE_EXPLICIT_BZERO | ||
117 | explicit_bzero (buffer, | ||
118 | length); | ||
119 | #else | ||
120 | volatile unsigned char *p = buffer; | ||
121 | while (length--) | ||
122 | *p++ = 0; | ||
123 | #endif | ||
124 | } | ||
125 | |||
126 | |||
127 | /** | ||
128 | * @ingroup crypto | ||
101 | * Fill block with a random values. | 129 | * Fill block with a random values. |
102 | * | 130 | * |
103 | * @param mode desired quality of the random number | 131 | * @param mode desired quality of the random number |
@@ -105,7 +133,9 @@ GNUNET_CRYPTO_seed_weak_random (int32_t seed) | |||
105 | * @param length buffer length | 133 | * @param length buffer length |
106 | */ | 134 | */ |
107 | void | 135 | void |
108 | GNUNET_CRYPTO_random_block (enum GNUNET_CRYPTO_Quality mode, void *buffer, size_t length) | 136 | GNUNET_CRYPTO_random_block (enum GNUNET_CRYPTO_Quality mode, |
137 | void *buffer, | ||
138 | size_t length) | ||
109 | { | 139 | { |
110 | #ifdef gcry_fast_random_poll | 140 | #ifdef gcry_fast_random_poll |
111 | static unsigned int invokeCount; | 141 | static unsigned int invokeCount; |
@@ -146,7 +176,7 @@ GNUNET_CRYPTO_random_block (enum GNUNET_CRYPTO_Quality mode, void *buffer, size_ | |||
146 | */ | 176 | */ |
147 | uint32_t | 177 | uint32_t |
148 | GNUNET_CRYPTO_random_u32 (enum GNUNET_CRYPTO_Quality mode, | 178 | GNUNET_CRYPTO_random_u32 (enum GNUNET_CRYPTO_Quality mode, |
149 | uint32_t i) | 179 | uint32_t i) |
150 | { | 180 | { |
151 | #ifdef gcry_fast_random_poll | 181 | #ifdef gcry_fast_random_poll |
152 | static unsigned int invokeCount; | 182 | static unsigned int invokeCount; |
@@ -202,7 +232,7 @@ GNUNET_CRYPTO_random_u32 (enum GNUNET_CRYPTO_Quality mode, | |||
202 | */ | 232 | */ |
203 | unsigned int * | 233 | unsigned int * |
204 | GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode, | 234 | GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode, |
205 | unsigned int n) | 235 | unsigned int n) |
206 | { | 236 | { |
207 | unsigned int *ret; | 237 | unsigned int *ret; |
208 | unsigned int i; | 238 | unsigned int i; |
@@ -232,7 +262,8 @@ GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode, | |||
232 | * @return random 64-bit number | 262 | * @return random 64-bit number |
233 | */ | 263 | */ |
234 | uint64_t | 264 | uint64_t |
235 | GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode, uint64_t max) | 265 | GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode, |
266 | uint64_t max) | ||
236 | { | 267 | { |
237 | uint64_t ret; | 268 | uint64_t ret; |
238 | uint64_t ul; | 269 | uint64_t ul; |