diff options
author | Bart Polot <bart@net.in.tum.de> | 2015-10-02 03:37:54 +0000 |
---|---|---|
committer | Bart Polot <bart@net.in.tum.de> | 2015-10-02 03:37:54 +0000 |
commit | b76a0622c6c6ad15a121ed0f6811d2bf4a6f3e73 (patch) | |
tree | 9344a3833ddfd1886ff28a5fb4b9451a96e3b4a9 /src/cadet | |
parent | 3d4a65d3eab9af4ddde2721e377402a4c60c4469 (diff) | |
download | gnunet-b76a0622c6c6ad15a121ed0f6811d2bf4a6f3e73.tar.gz gnunet-b76a0622c6c6ad15a121ed0f6811d2bf4a6f3e73.zip |
- find the correct stored key, not always the first one
Diffstat (limited to 'src/cadet')
-rw-r--r-- | src/cadet/gnunet-service-cadet_tunnel.c | 38 |
1 files changed, 27 insertions, 11 deletions
diff --git a/src/cadet/gnunet-service-cadet_tunnel.c b/src/cadet/gnunet-service-cadet_tunnel.c index 8986113e1..7dd82a7f7 100644 --- a/src/cadet/gnunet-service-cadet_tunnel.c +++ b/src/cadet/gnunet-service-cadet_tunnel.c | |||
@@ -1337,30 +1337,34 @@ try_old_ax_keys (struct CadetTunnel *t, void *dst, | |||
1337 | struct GNUNET_CADET_Hash *hmac; | 1337 | struct GNUNET_CADET_Hash *hmac; |
1338 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 1338 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |
1339 | struct GNUNET_CADET_AX plaintext_header; | 1339 | struct GNUNET_CADET_AX plaintext_header; |
1340 | struct GNUNET_CRYPTO_SymmetricSessionKey *valid_HK; | ||
1340 | size_t esize; | 1341 | size_t esize; |
1341 | size_t res; | 1342 | size_t res; |
1342 | size_t len; | 1343 | size_t len; |
1344 | unsigned int N; | ||
1343 | 1345 | ||
1346 | LOG (GNUNET_ERROR_TYPE_DEBUG, "Trying old keys\n"); | ||
1344 | hmac = &plaintext_header.hmac; | 1347 | hmac = &plaintext_header.hmac; |
1345 | esize = size - sizeof (struct GNUNET_CADET_AX); | 1348 | esize = size - sizeof (struct GNUNET_CADET_AX); |
1349 | |||
1350 | /* Find a correct Header Key */ | ||
1346 | for (key = t->ax->skipped_head; NULL != key; key = key->next) | 1351 | for (key = t->ax->skipped_head; NULL != key; key = key->next) |
1347 | { | 1352 | { |
1353 | #if DUMP_KEYS_TO_STDERR | ||
1354 | LOG (GNUNET_ERROR_TYPE_DEBUG, " Trying hmac with key %s\n", | ||
1355 | GNUNET_i2s ((struct GNUNET_PeerIdentity *) &key->HK)); | ||
1356 | #endif | ||
1348 | t_hmac (&src->Ns, AX_HEADER_SIZE + esize, 0, &key->HK, hmac); | 1357 | t_hmac (&src->Ns, AX_HEADER_SIZE + esize, 0, &key->HK, hmac); |
1349 | if (0 == memcmp (hmac, &src->hmac, sizeof (*hmac))) | 1358 | if (0 == memcmp (hmac, &src->hmac, sizeof (*hmac))) |
1350 | { | 1359 | { |
1360 | LOG (GNUNET_ERROR_TYPE_DEBUG, " hmac correct\n"); | ||
1361 | valid_HK = &key->HK; | ||
1351 | break; | 1362 | break; |
1352 | } | 1363 | } |
1353 | } | 1364 | } |
1354 | if (NULL == key) | 1365 | if (NULL == key) |
1355 | return -1; | 1366 | return -1; |
1356 | 1367 | ||
1357 | #if DUMP_KEYS_TO_STDERR | ||
1358 | LOG (GNUNET_ERROR_TYPE_INFO, " AX_DEC_H with skipped key %s\n", | ||
1359 | GNUNET_i2s ((struct GNUNET_PeerIdentity *) &key->HK)); | ||
1360 | LOG (GNUNET_ERROR_TYPE_INFO, " AX_DEC with skipped key %u: %s\n", | ||
1361 | key->Kn, GNUNET_i2s ((struct GNUNET_PeerIdentity *) &key->MK)); | ||
1362 | #endif | ||
1363 | |||
1364 | /* Should've been checked in -cadet_connection.c handle_cadet_encrypted. */ | 1368 | /* Should've been checked in -cadet_connection.c handle_cadet_encrypted. */ |
1365 | GNUNET_assert (size > sizeof (struct GNUNET_CADET_AX)); | 1369 | GNUNET_assert (size > sizeof (struct GNUNET_CADET_AX)); |
1366 | len = size - sizeof (struct GNUNET_CADET_AX); | 1370 | len = size - sizeof (struct GNUNET_CADET_AX); |
@@ -1371,10 +1375,22 @@ try_old_ax_keys (struct CadetTunnel *t, void *dst, | |||
1371 | res = GNUNET_CRYPTO_symmetric_decrypt (&src->Ns, AX_HEADER_SIZE, | 1375 | res = GNUNET_CRYPTO_symmetric_decrypt (&src->Ns, AX_HEADER_SIZE, |
1372 | &key->HK, &iv, &plaintext_header.Ns); | 1376 | &key->HK, &iv, &plaintext_header.Ns); |
1373 | GNUNET_assert (AX_HEADER_SIZE == res); | 1377 | GNUNET_assert (AX_HEADER_SIZE == res); |
1374 | LOG (GNUNET_ERROR_TYPE_INFO, " Message %u, previous: %u\n", | 1378 | LOG (GNUNET_ERROR_TYPE_DEBUG, " Message %u, previous: %u\n", |
1375 | ntohl (plaintext_header.Ns), ntohl (plaintext_header.PNs)); | 1379 | ntohl (plaintext_header.Ns), ntohl (plaintext_header.PNs)); |
1376 | 1380 | ||
1377 | // FIXME find correct key | 1381 | /* Find the correct Message Key */ |
1382 | N = ntohl (plaintext_header.Ns); | ||
1383 | while (NULL != key && N != key->Kn) | ||
1384 | key = key->next; | ||
1385 | if (NULL == key || 0 != memcmp (&key->HK, valid_HK, sizeof (*valid_HK))) | ||
1386 | return -1; | ||
1387 | |||
1388 | #if DUMP_KEYS_TO_STDERR | ||
1389 | LOG (GNUNET_ERROR_TYPE_INFO, " AX_DEC_H with skipped key %s\n", | ||
1390 | GNUNET_i2s ((struct GNUNET_PeerIdentity *) &key->HK)); | ||
1391 | LOG (GNUNET_ERROR_TYPE_INFO, " AX_DEC with skipped key %u: %s\n", | ||
1392 | key->Kn, GNUNET_i2s ((struct GNUNET_PeerIdentity *) &key->MK)); | ||
1393 | #endif | ||
1378 | 1394 | ||
1379 | /* Decrypt payload */ | 1395 | /* Decrypt payload */ |
1380 | GNUNET_CRYPTO_symmetric_derive_iv (&iv, &key->MK, NULL, 0, NULL); | 1396 | GNUNET_CRYPTO_symmetric_derive_iv (&iv, &key->MK, NULL, 0, NULL); |
@@ -2972,7 +2988,7 @@ handle_kx_ax (struct CadetTunnel *t, const struct GNUNET_CADET_AX_KX *msg) | |||
2972 | if (GNUNET_YES == am_I_alice) | 2988 | if (GNUNET_YES == am_I_alice) |
2973 | { | 2989 | { |
2974 | GNUNET_CRYPTO_eddsa_ecdh (id_key, /* A */ | 2990 | GNUNET_CRYPTO_eddsa_ecdh (id_key, /* A */ |
2975 | &msg->ephemeral_key, /* B0 */ | 2991 | &msg->ephemeral_key, /* B0 */ |
2976 | &key_material[0]); | 2992 | &key_material[0]); |
2977 | } | 2993 | } |
2978 | else | 2994 | else |
@@ -2992,7 +3008,7 @@ handle_kx_ax (struct CadetTunnel *t, const struct GNUNET_CADET_AX_KX *msg) | |||
2992 | else | 3008 | else |
2993 | { | 3009 | { |
2994 | GNUNET_CRYPTO_eddsa_ecdh (id_key, /* A */ | 3010 | GNUNET_CRYPTO_eddsa_ecdh (id_key, /* A */ |
2995 | &msg->ephemeral_key, /* B0 */ | 3011 | &msg->ephemeral_key, /* B0 */ |
2996 | &key_material[1]); | 3012 | &key_material[1]); |
2997 | 3013 | ||
2998 | 3014 | ||