diff options
| author | Christian Grothoff <christian@grothoff.org> | 2018-06-04 19:17:57 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2018-06-04 19:17:57 +0200 |
| commit | b670eec1c0ea387ae31b52dd0d51c1422949a55c (patch) | |
| tree | 5abaffddad0c258e6b166ada4ef3fb97ba51b5d1 /src/core | |
| parent | 2b99bddcb6961cfda34087138acdda4b8b9ccb9f (diff) | |
| parent | 41cbe10b783a0741c75566232886f262cd779fbb (diff) | |
| download | gnunet-b670eec1c0ea387ae31b52dd0d51c1422949a55c.tar.gz gnunet-b670eec1c0ea387ae31b52dd0d51c1422949a55c.zip | |
merge benchmark changes
Diffstat (limited to 'src/core')
| -rw-r--r-- | src/core/gnunet-service-core_kx.c | 197 |
1 files changed, 167 insertions, 30 deletions
diff --git a/src/core/gnunet-service-core_kx.c b/src/core/gnunet-service-core_kx.c index 944d1e692..c29e46997 100644 --- a/src/core/gnunet-service-core_kx.c +++ b/src/core/gnunet-service-core_kx.c | |||
| @@ -448,7 +448,14 @@ derive_auth_key (struct GNUNET_CRYPTO_AuthKey *akey, | |||
| 448 | { | 448 | { |
| 449 | static const char ctx[] = "authentication key"; | 449 | static const char ctx[] = "authentication key"; |
| 450 | 450 | ||
| 451 | GNUNET_CRYPTO_hmac_derive_key (akey, skey, | 451 | struct GNUNET_HashCode sh; |
| 452 | GNUNET_CRYPTO_hash (skey, sizeof (*skey), &sh); | ||
| 453 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
| 454 | "Deriving Auth key from SKEY %s and seed %u\n", | ||
| 455 | GNUNET_h2s (&sh), | ||
| 456 | (unsigned int) seed); | ||
| 457 | GNUNET_CRYPTO_hmac_derive_key (akey, | ||
| 458 | skey, | ||
| 452 | &seed, sizeof (seed), | 459 | &seed, sizeof (seed), |
| 453 | skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), | 460 | skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), |
| 454 | ctx, sizeof (ctx), | 461 | ctx, sizeof (ctx), |
| @@ -472,7 +479,15 @@ derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, | |||
| 472 | { | 479 | { |
| 473 | static const char ctx[] = "initialization vector"; | 480 | static const char ctx[] = "initialization vector"; |
| 474 | 481 | ||
| 475 | GNUNET_CRYPTO_symmetric_derive_iv (iv, skey, | 482 | struct GNUNET_HashCode sh; |
| 483 | GNUNET_CRYPTO_hash (skey, sizeof (*skey), &sh); | ||
| 484 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
| 485 | "Deriving IV from SKEY %s and seed %u for peer %s\n", | ||
| 486 | GNUNET_h2s (&sh), | ||
| 487 | (unsigned int) seed, | ||
| 488 | GNUNET_i2s (identity)); | ||
| 489 | GNUNET_CRYPTO_symmetric_derive_iv (iv, | ||
| 490 | skey, | ||
| 476 | &seed, sizeof (seed), | 491 | &seed, sizeof (seed), |
| 477 | identity, | 492 | identity, |
| 478 | sizeof (struct GNUNET_PeerIdentity), ctx, | 493 | sizeof (struct GNUNET_PeerIdentity), ctx, |
| @@ -498,7 +513,16 @@ derive_pong_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, | |||
| 498 | { | 513 | { |
| 499 | static const char ctx[] = "pong initialization vector"; | 514 | static const char ctx[] = "pong initialization vector"; |
| 500 | 515 | ||
| 501 | GNUNET_CRYPTO_symmetric_derive_iv (iv, skey, | 516 | struct GNUNET_HashCode sh; |
| 517 | GNUNET_CRYPTO_hash (skey, sizeof (*skey), &sh); | ||
| 518 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
| 519 | "Deriving PONG IV from SKEY %s and seed %u/%u for %s\n", | ||
| 520 | GNUNET_h2s (&sh), | ||
| 521 | (unsigned int) seed, | ||
| 522 | (unsigned int) challenge, | ||
| 523 | GNUNET_i2s (identity)); | ||
| 524 | GNUNET_CRYPTO_symmetric_derive_iv (iv, | ||
| 525 | skey, | ||
| 502 | &seed, sizeof (seed), | 526 | &seed, sizeof (seed), |
| 503 | identity, | 527 | identity, |
| 504 | sizeof (struct GNUNET_PeerIdentity), | 528 | sizeof (struct GNUNET_PeerIdentity), |
| @@ -524,6 +548,13 @@ derive_aes_key (const struct GNUNET_PeerIdentity *sender, | |||
| 524 | { | 548 | { |
| 525 | static const char ctx[] = "aes key generation vector"; | 549 | static const char ctx[] = "aes key generation vector"; |
| 526 | 550 | ||
| 551 | struct GNUNET_HashCode sh; | ||
| 552 | GNUNET_CRYPTO_hash (skey, sizeof (*skey), &sh); | ||
| 553 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
| 554 | "Deriving AES Keys for %s to %s from %s\n", | ||
| 555 | GNUNET_i2s (sender), | ||
| 556 | GNUNET_i2s2 (receiver), | ||
| 557 | GNUNET_h2s (key_material)); | ||
| 527 | GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), | 558 | GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), |
| 528 | ctx, sizeof (ctx), | 559 | ctx, sizeof (ctx), |
| 529 | key_material, sizeof (struct GNUNET_HashCode), | 560 | key_material, sizeof (struct GNUNET_HashCode), |
| @@ -939,15 +970,26 @@ handle_ephemeral_key (void *cls, | |||
| 939 | { | 970 | { |
| 940 | GNUNET_STATISTICS_update (GSC_stats, | 971 | GNUNET_STATISTICS_update (GSC_stats, |
| 941 | gettext_noop ("# old ephemeral keys ignored"), | 972 | gettext_noop ("# old ephemeral keys ignored"), |
| 942 | 1, GNUNET_NO); | 973 | 1, |
| 974 | GNUNET_NO); | ||
| 975 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | ||
| 976 | "Received expired EPHEMERAL_KEY from %s\n", | ||
| 977 | GNUNET_i2s (&m->origin_identity)); | ||
| 978 | return; | ||
| 979 | } | ||
| 980 | if (0 == memcmp (&m->ephemeral_key, | ||
| 981 | &kx->other_ephemeral_key, | ||
| 982 | sizeof (m->ephemeral_key))) | ||
| 983 | { | ||
| 984 | GNUNET_STATISTICS_update (GSC_stats, | ||
| 985 | gettext_noop ("# duplicate ephemeral keys ignored"), | ||
| 986 | 1, | ||
| 987 | GNUNET_NO); | ||
| 988 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | ||
| 989 | "Ignoring duplicate EPHEMERAL_KEY from %s\n", | ||
| 990 | GNUNET_i2s (&m->origin_identity)); | ||
| 943 | return; | 991 | return; |
| 944 | } | 992 | } |
| 945 | start_t = GNUNET_TIME_absolute_ntoh (m->creation_time); | ||
| 946 | |||
| 947 | GNUNET_STATISTICS_update (GSC_stats, | ||
| 948 | gettext_noop ("# ephemeral keys received"), | ||
| 949 | 1, GNUNET_NO); | ||
| 950 | |||
| 951 | if (0 != | 993 | if (0 != |
| 952 | memcmp (&m->origin_identity, | 994 | memcmp (&m->origin_identity, |
| 953 | kx->peer, | 995 | kx->peer, |
| @@ -960,9 +1002,6 @@ handle_ephemeral_key (void *cls, | |||
| 960 | GNUNET_break_op (0); | 1002 | GNUNET_break_op (0); |
| 961 | return; | 1003 | return; |
| 962 | } | 1004 | } |
| 963 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
| 964 | "Core service receives EPHEMERAL_KEY request from `%s'.\n", | ||
| 965 | GNUNET_i2s (kx->peer)); | ||
| 966 | if ((ntohl (m->purpose.size) != | 1005 | if ((ntohl (m->purpose.size) != |
| 967 | sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + | 1006 | sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + |
| 968 | sizeof (struct GNUNET_TIME_AbsoluteNBO) + | 1007 | sizeof (struct GNUNET_TIME_AbsoluteNBO) + |
| @@ -977,26 +1016,51 @@ handle_ephemeral_key (void *cls, | |||
| 977 | { | 1016 | { |
| 978 | /* invalid signature */ | 1017 | /* invalid signature */ |
| 979 | GNUNET_break_op (0); | 1018 | GNUNET_break_op (0); |
| 1019 | GNUNET_STATISTICS_update (GSC_stats, | ||
| 1020 | gettext_noop ("# EPHEMERAL_KEYs rejected (bad signature)"), | ||
| 1021 | 1, | ||
| 1022 | GNUNET_NO); | ||
| 1023 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | ||
| 1024 | "Received EPHEMERAL_KEY from %s with bad signature\n", | ||
| 1025 | GNUNET_i2s (&m->origin_identity)); | ||
| 980 | return; | 1026 | return; |
| 981 | } | 1027 | } |
| 982 | now = GNUNET_TIME_absolute_get (); | 1028 | now = GNUNET_TIME_absolute_get (); |
| 1029 | start_t = GNUNET_TIME_absolute_ntoh (m->creation_time); | ||
| 983 | if ( (end_t.abs_value_us < GNUNET_TIME_absolute_subtract (now, REKEY_TOLERANCE).abs_value_us) || | 1030 | if ( (end_t.abs_value_us < GNUNET_TIME_absolute_subtract (now, REKEY_TOLERANCE).abs_value_us) || |
| 984 | (start_t.abs_value_us > GNUNET_TIME_absolute_add (now, REKEY_TOLERANCE).abs_value_us) ) | 1031 | (start_t.abs_value_us > GNUNET_TIME_absolute_add (now, REKEY_TOLERANCE).abs_value_us) ) |
| 985 | { | 1032 | { |
| 986 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 1033 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
| 987 | _("Ephemeral key message from peer `%s' rejected as its validity range does not match our system time (%llu not in [%llu,%llu]).\n"), | 1034 | _("EPHERMAL_KEY from peer `%s' rejected as its validity range does not match our system time (%llu not in [%llu,%llu]).\n"), |
| 988 | GNUNET_i2s (kx->peer), | 1035 | GNUNET_i2s (kx->peer), |
| 989 | (unsigned long long) now.abs_value_us, | 1036 | (unsigned long long) now.abs_value_us, |
| 990 | (unsigned long long) start_t.abs_value_us, | 1037 | (unsigned long long) start_t.abs_value_us, |
| 991 | (unsigned long long) end_t.abs_value_us); | 1038 | (unsigned long long) end_t.abs_value_us); |
| 1039 | GNUNET_STATISTICS_update (GSC_stats, | ||
| 1040 | gettext_noop ("# EPHEMERAL_KEY messages rejected due to time"), | ||
| 1041 | 1, | ||
| 1042 | GNUNET_NO); | ||
| 992 | return; | 1043 | return; |
| 993 | } | 1044 | } |
| 1045 | { | ||
| 1046 | struct GNUNET_HashCode eh; | ||
| 1047 | |||
| 1048 | GNUNET_CRYPTO_hash (&m->ephemeral_key, | ||
| 1049 | sizeof (m->ephemeral_key), | ||
| 1050 | &eh); | ||
| 1051 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
| 1052 | "Received valid EPHEMERAL_KEY `%s' from `%s' in state %d.\n", | ||
| 1053 | GNUNET_h2s (&eh), | ||
| 1054 | GNUNET_i2s (kx->peer), | ||
| 1055 | kx->status); | ||
| 1056 | } | ||
| 1057 | GNUNET_STATISTICS_update (GSC_stats, | ||
| 1058 | gettext_noop ("# valid ephemeral keys received"), | ||
| 1059 | 1, | ||
| 1060 | GNUNET_NO); | ||
| 994 | kx->other_ephemeral_key = m->ephemeral_key; | 1061 | kx->other_ephemeral_key = m->ephemeral_key; |
| 995 | kx->foreign_key_expires = end_t; | 1062 | kx->foreign_key_expires = end_t; |
| 996 | derive_session_keys (kx); | 1063 | derive_session_keys (kx); |
| 997 | GNUNET_STATISTICS_update (GSC_stats, | ||
| 998 | gettext_noop ("# EPHEMERAL_KEY messages received"), 1, | ||
| 999 | GNUNET_NO); | ||
| 1000 | 1064 | ||
| 1001 | /* check if we still need to send the sender our key */ | 1065 | /* check if we still need to send the sender our key */ |
| 1002 | sender_status = (enum GNUNET_CORE_KxState) ntohl (m->sender_status); | 1066 | sender_status = (enum GNUNET_CORE_KxState) ntohl (m->sender_status); |
| @@ -1130,8 +1194,9 @@ handle_ping (void *cls, | |||
| 1130 | { | 1194 | { |
| 1131 | if (GNUNET_CORE_KX_STATE_REKEY_SENT != kx->status) | 1195 | if (GNUNET_CORE_KX_STATE_REKEY_SENT != kx->status) |
| 1132 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 1196 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
| 1133 | "Decryption of PING from peer `%s' failed\n", | 1197 | "Decryption of PING from peer `%s' failed, PING for `%s'?\n", |
| 1134 | GNUNET_i2s (kx->peer)); | 1198 | GNUNET_i2s (kx->peer), |
| 1199 | GNUNET_i2s2 (&t.target)); | ||
| 1135 | else | 1200 | else |
| 1136 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1201 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
| 1137 | "Decryption of PING from peer `%s' failed after rekey (harmless)\n", | 1202 | "Decryption of PING from peer `%s' failed after rekey (harmless)\n", |
| @@ -1328,7 +1393,7 @@ handle_pong (void *cls, | |||
| 1328 | return; | 1393 | return; |
| 1329 | } | 1394 | } |
| 1330 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1395 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
| 1331 | "Received PONG from `%s'\n", | 1396 | "Received valid PONG from `%s'\n", |
| 1332 | GNUNET_i2s (kx->peer)); | 1397 | GNUNET_i2s (kx->peer)); |
| 1333 | /* no need to resend key any longer */ | 1398 | /* no need to resend key any longer */ |
| 1334 | if (NULL != kx->retry_set_key_task) | 1399 | if (NULL != kx->retry_set_key_task) |
| @@ -1395,10 +1460,18 @@ send_key (struct GSC_KeyExchangeInfo *kx) | |||
| 1395 | kx->retry_set_key_task = NULL; | 1460 | kx->retry_set_key_task = NULL; |
| 1396 | } | 1461 | } |
| 1397 | /* always update sender status in SET KEY message */ | 1462 | /* always update sender status in SET KEY message */ |
| 1398 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1463 | { |
| 1399 | "Sending key to `%s' (my status: %d)\n", | 1464 | struct GNUNET_HashCode hc; |
| 1400 | GNUNET_i2s (kx->peer), | 1465 | |
| 1401 | kx->status); | 1466 | GNUNET_CRYPTO_hash (¤t_ekm.ephemeral_key, |
| 1467 | sizeof (current_ekm.ephemeral_key), | ||
| 1468 | &hc); | ||
| 1469 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
| 1470 | "Sending EPHERMERAL_KEY %s to `%s' (my status: %d)\n", | ||
| 1471 | GNUNET_h2s (&hc), | ||
| 1472 | GNUNET_i2s (kx->peer), | ||
| 1473 | kx->status); | ||
| 1474 | } | ||
| 1402 | current_ekm.sender_status = htonl ((int32_t) (kx->status)); | 1475 | current_ekm.sender_status = htonl ((int32_t) (kx->status)); |
| 1403 | env = GNUNET_MQ_msg_copy (¤t_ekm.header); | 1476 | env = GNUNET_MQ_msg_copy (¤t_ekm.header); |
| 1404 | GNUNET_MQ_send (kx->mq, | 1477 | GNUNET_MQ_send (kx->mq, |
| @@ -1454,10 +1527,18 @@ GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo *kx, | |||
| 1454 | &ph->sequence_number, | 1527 | &ph->sequence_number, |
| 1455 | &em->sequence_number, | 1528 | &em->sequence_number, |
| 1456 | used - ENCRYPTED_HEADER_SIZE)); | 1529 | used - ENCRYPTED_HEADER_SIZE)); |
| 1457 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1530 | { |
| 1458 | "Encrypted %u bytes for %s\n", | 1531 | struct GNUNET_HashCode hc; |
| 1459 | (unsigned int) (used - ENCRYPTED_HEADER_SIZE), | 1532 | |
| 1460 | GNUNET_i2s (kx->peer)); | 1533 | GNUNET_CRYPTO_hash (&ph->sequence_number, |
| 1534 | used - ENCRYPTED_HEADER_SIZE, | ||
| 1535 | &hc); | ||
| 1536 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
| 1537 | "Encrypted payload `%s' of %u bytes for %s\n", | ||
| 1538 | GNUNET_h2s (&hc), | ||
| 1539 | (unsigned int) (used - ENCRYPTED_HEADER_SIZE), | ||
| 1540 | GNUNET_i2s (kx->peer)); | ||
| 1541 | } | ||
| 1461 | derive_auth_key (&auth_key, | 1542 | derive_auth_key (&auth_key, |
| 1462 | &kx->encrypt_key, | 1543 | &kx->encrypt_key, |
| 1463 | ph->iv_seed); | 1544 | ph->iv_seed); |
| @@ -1465,6 +1546,18 @@ GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo *kx, | |||
| 1465 | &em->sequence_number, | 1546 | &em->sequence_number, |
| 1466 | used - ENCRYPTED_HEADER_SIZE, | 1547 | used - ENCRYPTED_HEADER_SIZE, |
| 1467 | &em->hmac); | 1548 | &em->hmac); |
| 1549 | { | ||
| 1550 | struct GNUNET_HashCode hc; | ||
| 1551 | |||
| 1552 | GNUNET_CRYPTO_hash (&auth_key, | ||
| 1553 | sizeof (auth_key), | ||
| 1554 | &hc); | ||
| 1555 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
| 1556 | "For peer %s, used AC %s to create hmac %s\n", | ||
| 1557 | GNUNET_i2s (kx->peer), | ||
| 1558 | GNUNET_h2s (&hc), | ||
| 1559 | GNUNET_h2s2 (&em->hmac)); | ||
| 1560 | } | ||
| 1468 | kx->has_excess_bandwidth = GNUNET_NO; | 1561 | kx->has_excess_bandwidth = GNUNET_NO; |
| 1469 | GNUNET_MQ_send (kx->mq, | 1562 | GNUNET_MQ_send (kx->mq, |
| 1470 | env); | 1563 | env); |
| @@ -1544,6 +1637,19 @@ handle_encrypted (void *cls, | |||
| 1544 | } | 1637 | } |
| 1545 | 1638 | ||
| 1546 | /* validate hash */ | 1639 | /* validate hash */ |
| 1640 | { | ||
| 1641 | struct GNUNET_HashCode hc; | ||
| 1642 | |||
| 1643 | GNUNET_CRYPTO_hash (&m->sequence_number, | ||
| 1644 | size - ENCRYPTED_HEADER_SIZE, | ||
| 1645 | &hc); | ||
| 1646 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
| 1647 | "Received encrypted payload `%s' of %u bytes from %s\n", | ||
| 1648 | GNUNET_h2s (&hc), | ||
| 1649 | (unsigned int) (size - ENCRYPTED_HEADER_SIZE), | ||
| 1650 | GNUNET_i2s (kx->peer)); | ||
| 1651 | } | ||
| 1652 | |||
| 1547 | derive_auth_key (&auth_key, | 1653 | derive_auth_key (&auth_key, |
| 1548 | &kx->decrypt_key, | 1654 | &kx->decrypt_key, |
| 1549 | m->iv_seed); | 1655 | m->iv_seed); |
| @@ -1551,6 +1657,18 @@ handle_encrypted (void *cls, | |||
| 1551 | &m->sequence_number, | 1657 | &m->sequence_number, |
| 1552 | size - ENCRYPTED_HEADER_SIZE, | 1658 | size - ENCRYPTED_HEADER_SIZE, |
| 1553 | &ph); | 1659 | &ph); |
| 1660 | { | ||
| 1661 | struct GNUNET_HashCode hc; | ||
| 1662 | |||
| 1663 | GNUNET_CRYPTO_hash (&auth_key, | ||
| 1664 | sizeof (auth_key), | ||
| 1665 | &hc); | ||
| 1666 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
| 1667 | "For peer %s, used AC %s to verify hmac %s\n", | ||
| 1668 | GNUNET_i2s (kx->peer), | ||
| 1669 | GNUNET_h2s (&hc), | ||
| 1670 | GNUNET_h2s2 (&m->hmac)); | ||
| 1671 | } | ||
| 1554 | if (0 != memcmp (&ph, | 1672 | if (0 != memcmp (&ph, |
| 1555 | &m->hmac, | 1673 | &m->hmac, |
| 1556 | sizeof (struct GNUNET_HashCode))) | 1674 | sizeof (struct GNUNET_HashCode))) |
| @@ -1742,11 +1860,19 @@ do_rekey (void *cls) | |||
| 1742 | NULL); | 1860 | NULL); |
| 1743 | if (NULL != my_ephemeral_key) | 1861 | if (NULL != my_ephemeral_key) |
| 1744 | GNUNET_free (my_ephemeral_key); | 1862 | GNUNET_free (my_ephemeral_key); |
| 1745 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
| 1746 | "Rekeying\n"); | ||
| 1747 | my_ephemeral_key = GNUNET_CRYPTO_ecdhe_key_create (); | 1863 | my_ephemeral_key = GNUNET_CRYPTO_ecdhe_key_create (); |
| 1748 | GNUNET_assert (NULL != my_ephemeral_key); | 1864 | GNUNET_assert (NULL != my_ephemeral_key); |
| 1749 | sign_ephemeral_key (); | 1865 | sign_ephemeral_key (); |
| 1866 | { | ||
| 1867 | struct GNUNET_HashCode eh; | ||
| 1868 | |||
| 1869 | GNUNET_CRYPTO_hash (¤t_ekm.ephemeral_key, | ||
| 1870 | sizeof (current_ekm.ephemeral_key), | ||
| 1871 | &eh); | ||
| 1872 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
| 1873 | "Rekeying to %s\n", | ||
| 1874 | GNUNET_h2s (&eh)); | ||
| 1875 | } | ||
| 1750 | for (pos = kx_head; NULL != pos; pos = pos->next) | 1876 | for (pos = kx_head; NULL != pos; pos = pos->next) |
| 1751 | { | 1877 | { |
| 1752 | if (GNUNET_CORE_KX_STATE_UP == pos->status) | 1878 | if (GNUNET_CORE_KX_STATE_UP == pos->status) |
| @@ -1807,6 +1933,17 @@ GSC_KX_init (struct GNUNET_CRYPTO_EddsaPrivateKey *pk) | |||
| 1807 | return GNUNET_SYSERR; | 1933 | return GNUNET_SYSERR; |
| 1808 | } | 1934 | } |
| 1809 | sign_ephemeral_key (); | 1935 | sign_ephemeral_key (); |
| 1936 | { | ||
| 1937 | struct GNUNET_HashCode eh; | ||
| 1938 | |||
| 1939 | GNUNET_CRYPTO_hash (¤t_ekm.ephemeral_key, | ||
| 1940 | sizeof (current_ekm.ephemeral_key), | ||
| 1941 | &eh); | ||
| 1942 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
| 1943 | "Starting with ephemeral key %s\n", | ||
| 1944 | GNUNET_h2s (&eh)); | ||
| 1945 | } | ||
| 1946 | |||
| 1810 | nc = GNUNET_notification_context_create (1); | 1947 | nc = GNUNET_notification_context_create (1); |
| 1811 | rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, | 1948 | rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, |
| 1812 | &do_rekey, | 1949 | &do_rekey, |