diff options
| author | Christian Grothoff <christian@grothoff.org> | 2010-06-18 15:29:45 +0000 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2010-06-18 15:29:45 +0000 |
| commit | 475452849162e7c123141d9710b2cf3480e8f868 (patch) | |
| tree | 8620c2483f15825dcff38b000d635190ffa6cc6c /src/core | |
| parent | e4794e7e4bc63d2023768e3b1017f19bd0d41c5f (diff) | |
| download | gnunet-475452849162e7c123141d9710b2cf3480e8f868.tar.gz gnunet-475452849162e7c123141d9710b2cf3480e8f868.zip | |
hmac
Diffstat (limited to 'src/core')
| -rw-r--r-- | src/core/gnunet-service-core.c | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/src/core/gnunet-service-core.c b/src/core/gnunet-service-core.c index 7fcb03094..ce7e33a45 100644 --- a/src/core/gnunet-service-core.c +++ b/src/core/gnunet-service-core.c | |||
| @@ -189,7 +189,7 @@ struct EncryptedMessage | |||
| 189 | * verify message integrity. Everything after this hash (including | 189 | * verify message integrity. Everything after this hash (including |
| 190 | * this hash itself) will be encrypted. | 190 | * this hash itself) will be encrypted. |
| 191 | */ | 191 | */ |
| 192 | GNUNET_HashCode plaintext_hash; | 192 | GNUNET_HashCode hmac; |
| 193 | 193 | ||
| 194 | /** | 194 | /** |
| 195 | * Sequence number, in network byte order. This field | 195 | * Sequence number, in network byte order. This field |
| @@ -2024,15 +2024,16 @@ process_plaintext_neighbour_queue (struct Neighbour *n) | |||
| 2024 | em->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE); | 2024 | em->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE); |
| 2025 | em->iv_seed = ph->iv_seed; | 2025 | em->iv_seed = ph->iv_seed; |
| 2026 | esize = used - ENCRYPTED_HEADER_SIZE; | 2026 | esize = used - ENCRYPTED_HEADER_SIZE; |
| 2027 | GNUNET_CRYPTO_hash (&ph->sequence_number, | 2027 | GNUNET_CRYPTO_hmac (&n->encrypt_key, |
| 2028 | &ph->sequence_number, | ||
| 2028 | esize - sizeof (GNUNET_HashCode), | 2029 | esize - sizeof (GNUNET_HashCode), |
| 2029 | &ph->plaintext_hash); | 2030 | &ph->hmac); |
| 2030 | GNUNET_CRYPTO_hash (&ph->iv_seed, sizeof (uint32_t), &iv); | 2031 | GNUNET_CRYPTO_hash (&ph->iv_seed, sizeof (uint32_t), &iv); |
| 2031 | #if DEBUG_HANDSHAKE | 2032 | #if DEBUG_HANDSHAKE |
| 2032 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2033 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
| 2033 | "Hashed %u bytes of plaintext (`%s') using IV `%d'\n", | 2034 | "Hashed %u bytes of plaintext (`%s') using IV `%d'\n", |
| 2034 | (unsigned int) (esize - sizeof (GNUNET_HashCode)), | 2035 | (unsigned int) (esize - sizeof (GNUNET_HashCode)), |
| 2035 | GNUNET_h2s (&ph->plaintext_hash), | 2036 | GNUNET_h2s (&ph->hmac), |
| 2036 | (int) ph->iv_seed); | 2037 | (int) ph->iv_seed); |
| 2037 | #endif | 2038 | #endif |
| 2038 | /* encrypt */ | 2039 | /* encrypt */ |
| @@ -2046,8 +2047,8 @@ process_plaintext_neighbour_queue (struct Neighbour *n) | |||
| 2046 | GNUNET_assert (GNUNET_OK == | 2047 | GNUNET_assert (GNUNET_OK == |
| 2047 | do_encrypt (n, | 2048 | do_encrypt (n, |
| 2048 | &iv, | 2049 | &iv, |
| 2049 | &ph->plaintext_hash, | 2050 | &ph->hmac, |
| 2050 | &em->plaintext_hash, esize)); | 2051 | &em->hmac, esize)); |
| 2051 | /* append to transmission list */ | 2052 | /* append to transmission list */ |
| 2052 | GNUNET_CONTAINER_DLL_insert_after (n->encrypted_head, | 2053 | GNUNET_CONTAINER_DLL_insert_after (n->encrypted_head, |
| 2053 | n->encrypted_tail, | 2054 | n->encrypted_tail, |
| @@ -3313,13 +3314,14 @@ handle_encrypted_message (struct Neighbour *n, | |||
| 3313 | if (GNUNET_OK != | 3314 | if (GNUNET_OK != |
| 3314 | do_decrypt (n, | 3315 | do_decrypt (n, |
| 3315 | &iv, | 3316 | &iv, |
| 3316 | &m->plaintext_hash, | 3317 | &m->hmac, |
| 3317 | &buf[ENCRYPTED_HEADER_SIZE], | 3318 | &buf[ENCRYPTED_HEADER_SIZE], |
| 3318 | size - ENCRYPTED_HEADER_SIZE)) | 3319 | size - ENCRYPTED_HEADER_SIZE)) |
| 3319 | return; | 3320 | return; |
| 3320 | pt = (struct EncryptedMessage *) buf; | 3321 | pt = (struct EncryptedMessage *) buf; |
| 3321 | /* validate hash */ | 3322 | /* validate hash */ |
| 3322 | GNUNET_CRYPTO_hash (&pt->sequence_number, | 3323 | GNUNET_CRYPTO_hmac (&n->decrypt_key, |
| 3324 | &pt->sequence_number, | ||
| 3323 | size - ENCRYPTED_HEADER_SIZE - sizeof (GNUNET_HashCode), &ph); | 3325 | size - ENCRYPTED_HEADER_SIZE - sizeof (GNUNET_HashCode), &ph); |
| 3324 | #if DEBUG_HANDSHAKE | 3326 | #if DEBUG_HANDSHAKE |
| 3325 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 3327 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
| @@ -3329,7 +3331,7 @@ handle_encrypted_message (struct Neighbour *n, | |||
| 3329 | (int) m->iv_seed); | 3331 | (int) m->iv_seed); |
| 3330 | #endif | 3332 | #endif |
| 3331 | if (0 != memcmp (&ph, | 3333 | if (0 != memcmp (&ph, |
| 3332 | &pt->plaintext_hash, | 3334 | &pt->hmac, |
| 3333 | sizeof (GNUNET_HashCode))) | 3335 | sizeof (GNUNET_HashCode))) |
| 3334 | { | 3336 | { |
| 3335 | /* checksum failed */ | 3337 | /* checksum failed */ |