aboutsummaryrefslogtreecommitdiff
path: root/src/core
diff options
context:
space:
mode:
authorNils Durner <durner@gnunet.org>2010-10-08 13:47:49 +0000
committerNils Durner <durner@gnunet.org>2010-10-08 13:47:49 +0000
commit60cc64dd7d31a761c0c3c75e3bcb9b31bbd596c4 (patch)
tree1610ef620b1c6bf67e68290ab55b3ae34c715e1b /src/core
parentb36cf857a67f73f308b7623e74eca7754e2a7acc (diff)
downloadgnunet-60cc64dd7d31a761c0c3c75e3bcb9b31bbd596c4.tar.gz
gnunet-60cc64dd7d31a761c0c3c75e3bcb9b31bbd596c4.zip
alignment, byte order, discard fake messages faster
Diffstat (limited to 'src/core')
-rw-r--r--src/core/gnunet-service-core.c110
1 files changed, 51 insertions, 59 deletions
diff --git a/src/core/gnunet-service-core.c b/src/core/gnunet-service-core.c
index bc4ac407d..f222e2a42 100644
--- a/src/core/gnunet-service-core.c
+++ b/src/core/gnunet-service-core.c
@@ -172,17 +172,17 @@ struct EncryptedMessage
172 struct GNUNET_MessageHeader header; 172 struct GNUNET_MessageHeader header;
173 173
174 /** 174 /**
175 * MAC of the encrypted message (starting at 'sequence_number'), 175 * Random value used for IV generation.
176 * used to verify message integrity.
177 */ 176 */
178 GNUNET_HashCode hmac; 177 uint32_t iv_seed GNUNET_PACKED;
179 178
180 /** 179 /**
181 * Random value used for IV generation. Everything after this value 180 * MAC of the encrypted message (starting at 'sequence_number'),
181 * used to verify message integrity. Everything after this value
182 * (excluding this value itself) will be encrypted and authenticated. 182 * (excluding this value itself) will be encrypted and authenticated.
183 * ENCRYPTED_HEADER_SIZE must be set to the offset of the *next* field. 183 * ENCRYPTED_HEADER_SIZE must be set to the offset of the *next* field.
184 */ 184 */
185 uint32_t iv_seed GNUNET_PACKED; 185 GNUNET_HashCode hmac;
186 186
187 /** 187 /**
188 * Sequence number, in network byte order. This field 188 * Sequence number, in network byte order. This field
@@ -230,15 +230,15 @@ struct PingMessage
230 uint32_t iv_seed GNUNET_PACKED; 230 uint32_t iv_seed GNUNET_PACKED;
231 231
232 /** 232 /**
233 * Random number chosen to make reply harder.
234 */
235 uint32_t challenge GNUNET_PACKED;
236
237 /**
238 * Intended target of the PING, used primarily to check 233 * Intended target of the PING, used primarily to check
239 * that decryption actually worked. 234 * that decryption actually worked.
240 */ 235 */
241 struct GNUNET_PeerIdentity target; 236 struct GNUNET_PeerIdentity target;
237
238 /**
239 * Random number chosen to make reply harder.
240 */
241 uint32_t challenge GNUNET_PACKED;
242}; 242};
243 243
244 244
@@ -260,17 +260,12 @@ struct PongMessage
260 uint32_t iv_seed GNUNET_PACKED; 260 uint32_t iv_seed GNUNET_PACKED;
261 261
262 /** 262 /**
263 * Random number proochosen to make reply harder. Must be 263 * Random number to make faking the reply harder. Must be
264 * first field after header (this is where we start to encrypt!). 264 * first field after header (this is where we start to encrypt!).
265 */ 265 */
266 uint32_t challenge GNUNET_PACKED; 266 uint32_t challenge GNUNET_PACKED;
267 267
268 /** 268 /**
269 * Must be zero.
270 */
271 uint32_t reserved GNUNET_PACKED;
272
273 /**
274 * Desired bandwidth (how much we should send to this 269 * Desired bandwidth (how much we should send to this
275 * peer / how much is the sender willing to receive). 270 * peer / how much is the sender willing to receive).
276 */ 271 */
@@ -737,16 +732,19 @@ derive_auth_key (struct GNUNET_CRYPTO_AuthKey *akey,
737 uint32_t seed, 732 uint32_t seed,
738 struct GNUNET_TIME_Absolute creation_time) 733 struct GNUNET_TIME_Absolute creation_time)
739{ 734{
740 static char ctx[] = "authentication key"; 735 static const char ctx[] = "authentication key";
736 struct GNUNET_TIME_AbsoluteNBO ctbe;
737
741 738
739 ctbe = GNUNET_TIME_absolute_hton (creation_time);
742 GNUNET_CRYPTO_hmac_derive_key (akey, 740 GNUNET_CRYPTO_hmac_derive_key (akey,
743 skey, 741 skey,
744 &seed, 742 &seed,
745 sizeof(seed), 743 sizeof(seed),
746 &skey->key, 744 &skey->key,
747 sizeof(skey->key), 745 sizeof(skey->key),
748 &creation_time, 746 &ctbe,
749 sizeof(creation_time), 747 sizeof(ctbe),
750 ctx, 748 ctx,
751 sizeof(ctx), NULL); 749 sizeof(ctx), NULL);
752} 750}
@@ -760,7 +758,7 @@ derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv,
760 const struct GNUNET_CRYPTO_AesSessionKey *skey, uint32_t seed, 758 const struct GNUNET_CRYPTO_AesSessionKey *skey, uint32_t seed,
761 const struct GNUNET_PeerIdentity *identity) 759 const struct GNUNET_PeerIdentity *identity)
762{ 760{
763 static char ctx[] = "initialization vector"; 761 static const char ctx[] = "initialization vector";
764 762
765 GNUNET_CRYPTO_aes_derive_iv (iv, 763 GNUNET_CRYPTO_aes_derive_iv (iv,
766 skey, 764 skey,
@@ -780,7 +778,7 @@ derive_pong_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv,
780 const struct GNUNET_CRYPTO_AesSessionKey *skey, uint32_t seed, 778 const struct GNUNET_CRYPTO_AesSessionKey *skey, uint32_t seed,
781 uint32_t challenge, const struct GNUNET_PeerIdentity *identity) 779 uint32_t challenge, const struct GNUNET_PeerIdentity *identity)
782{ 780{
783 static char ctx[] = "pong initialization vector"; 781 static const char ctx[] = "pong initialization vector";
784 782
785 GNUNET_CRYPTO_aes_derive_iv (iv, 783 GNUNET_CRYPTO_aes_derive_iv (iv,
786 skey, 784 skey,
@@ -1047,7 +1045,6 @@ handle_client_init (void *cls,
1047 /* send init reply message */ 1045 /* send init reply message */
1048 irm.header.size = htons (sizeof (struct InitReplyMessage)); 1046 irm.header.size = htons (sizeof (struct InitReplyMessage));
1049 irm.header.type = htons (GNUNET_MESSAGE_TYPE_CORE_INIT_REPLY); 1047 irm.header.type = htons (GNUNET_MESSAGE_TYPE_CORE_INIT_REPLY);
1050 irm.reserved = htonl (0);
1051 memcpy (&irm.publicKey, 1048 memcpy (&irm.publicKey,
1052 &my_public_key, 1049 &my_public_key,
1053 sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded)); 1050 sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded));
@@ -1371,10 +1368,10 @@ send_keep_alive (void *cls,
1371 pm = (struct PingMessage *) &me[1]; 1368 pm = (struct PingMessage *) &me[1];
1372 pm->header.size = htons (sizeof (struct PingMessage)); 1369 pm->header.size = htons (sizeof (struct PingMessage));
1373 pm->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PING); 1370 pm->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PING);
1374 pm->iv_seed = htonl (GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, 1371 pm->iv_seed = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE,
1375 UINT32_MAX)); 1372 UINT32_MAX);
1376 derive_iv (&iv, &n->encrypt_key, pm->iv_seed, &n->peer); 1373 derive_iv (&iv, &n->encrypt_key, pm->iv_seed, &n->peer);
1377 pp.challenge = htonl (n->ping_challenge); 1374 pp.challenge = n->ping_challenge;
1378 pp.target = n->peer; 1375 pp.target = n->peer;
1379#if DEBUG_HANDSHAKE 1376#if DEBUG_HANDSHAKE
1380 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1377 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -1388,10 +1385,10 @@ send_keep_alive (void *cls,
1388#endif 1385#endif
1389 do_encrypt (n, 1386 do_encrypt (n,
1390 &iv, 1387 &iv,
1391 &pp.challenge, 1388 &pp.target,
1392 &pm->challenge, 1389 &pm->target,
1393 sizeof (struct PingMessage) - 1390 sizeof (struct PingMessage) -
1394 ((void *) &pm->challenge - (void *) pm)); 1391 ((void *) &pm->target - (void *) pm));
1395 process_encrypted_neighbour_queue (n); 1392 process_encrypted_neighbour_queue (n);
1396 /* reschedule PING job */ 1393 /* reschedule PING job */
1397 left = GNUNET_TIME_absolute_get_remaining (GNUNET_TIME_absolute_add (n->last_activity, 1394 left = GNUNET_TIME_absolute_get_remaining (GNUNET_TIME_absolute_add (n->last_activity,
@@ -2790,9 +2787,9 @@ send_key (struct Neighbour *n)
2790 pm = (struct PingMessage *) &sm[1]; 2787 pm = (struct PingMessage *) &sm[1];
2791 pm->header.size = htons (sizeof (struct PingMessage)); 2788 pm->header.size = htons (sizeof (struct PingMessage));
2792 pm->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PING); 2789 pm->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PING);
2793 pm->iv_seed = htonl (GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX)); 2790 pm->iv_seed = GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX);
2794 derive_iv (&iv, &n->encrypt_key, pm->iv_seed, &n->peer); 2791 derive_iv (&iv, &n->encrypt_key, pm->iv_seed, &n->peer);
2795 pp.challenge = htonl (n->ping_challenge); 2792 pp.challenge = n->ping_challenge;
2796 pp.target = n->peer; 2793 pp.target = n->peer;
2797#if DEBUG_HANDSHAKE 2794#if DEBUG_HANDSHAKE
2798 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2795 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -2806,10 +2803,10 @@ send_key (struct Neighbour *n)
2806#endif 2803#endif
2807 do_encrypt (n, 2804 do_encrypt (n,
2808 &iv, 2805 &iv,
2809 &pp.challenge, 2806 &pp.target,
2810 &pm->challenge, 2807 &pm->target,
2811 sizeof (struct PingMessage) - 2808 sizeof (struct PingMessage) -
2812 ((void *) &pm->challenge - (void *) pm)); 2809 ((void *) &pm->target - (void *) pm));
2813 GNUNET_STATISTICS_update (stats, 2810 GNUNET_STATISTICS_update (stats,
2814 gettext_noop ("# SET_KEY and PING messages created"), 2811 gettext_noop ("# SET_KEY and PING messages created"),
2815 1, 2812 1,
@@ -2924,17 +2921,17 @@ handle_ping (struct Neighbour *n, const struct PingMessage *m)
2924 if (GNUNET_OK != 2921 if (GNUNET_OK !=
2925 do_decrypt (n, 2922 do_decrypt (n,
2926 &iv, 2923 &iv,
2927 &m->challenge, 2924 &m->target,
2928 &t.challenge, 2925 &t.target,
2929 sizeof (struct PingMessage) - 2926 sizeof (struct PingMessage) -
2930 ((void *) &m->challenge - (void *) m))) 2927 ((void *) &m->target - (void *) m)))
2931 return; 2928 return;
2932#if DEBUG_HANDSHAKE 2929#if DEBUG_HANDSHAKE
2933 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2930 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2934 "Decrypted `%s' to `%4s' with challenge %u decrypted using key %u, IV %u (salt %u)\n", 2931 "Decrypted `%s' to `%4s' with challenge %u decrypted using key %u, IV %u (salt %u)\n",
2935 "PING", 2932 "PING",
2936 GNUNET_i2s (&t.target), 2933 GNUNET_i2s (&t.target),
2937 (unsigned int) ntohl (t.challenge), 2934 (unsigned int) t.challenge,
2938 (unsigned int) n->decrypt_key.crc32, 2935 (unsigned int) n->decrypt_key.crc32,
2939 GNUNET_CRYPTO_crc32_n (&iv, sizeof(iv)), 2936 GNUNET_CRYPTO_crc32_n (&iv, sizeof(iv)),
2940 m->iv_seed); 2937 m->iv_seed);
@@ -2958,14 +2955,13 @@ handle_ping (struct Neighbour *n, const struct PingMessage *m)
2958 me->deadline = GNUNET_TIME_relative_to_absolute (MAX_PONG_DELAY); 2955 me->deadline = GNUNET_TIME_relative_to_absolute (MAX_PONG_DELAY);
2959 me->priority = PONG_PRIORITY; 2956 me->priority = PONG_PRIORITY;
2960 me->size = sizeof (struct PongMessage); 2957 me->size = sizeof (struct PongMessage);
2961 tx.reserved = htonl (0);
2962 tx.inbound_bw_limit = n->bw_in; 2958 tx.inbound_bw_limit = n->bw_in;
2963 tx.challenge = t.challenge; 2959 tx.challenge = t.challenge;
2964 tx.target = t.target; 2960 tx.target = t.target;
2965 tp = (struct PongMessage *) &me[1]; 2961 tp = (struct PongMessage *) &me[1];
2966 tp->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PONG); 2962 tp->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PONG);
2967 tp->header.size = htons (sizeof (struct PongMessage)); 2963 tp->header.size = htons (sizeof (struct PongMessage));
2968 tp->iv_seed = htonl (GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX)); 2964 tp->iv_seed = GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX);
2969 derive_pong_iv (&iv, &n->encrypt_key, tp->iv_seed, t.challenge, &n->peer); 2965 derive_pong_iv (&iv, &n->encrypt_key, tp->iv_seed, t.challenge, &n->peer);
2970 do_encrypt (n, 2966 do_encrypt (n,
2971 &iv, 2967 &iv,
@@ -2981,7 +2977,7 @@ handle_ping (struct Neighbour *n, const struct PingMessage *m)
2981 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2977 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2982 "Encrypting `%s' with challenge %u using key %u, IV %u (salt %u)\n", 2978 "Encrypting `%s' with challenge %u using key %u, IV %u (salt %u)\n",
2983 "PONG", 2979 "PONG",
2984 (unsigned int) ntohl (t.challenge), 2980 (unsigned int) t.challenge,
2985 (unsigned int) n->encrypt_key.crc32, 2981 (unsigned int) n->encrypt_key.crc32,
2986 GNUNET_CRYPTO_crc32_n (&iv, sizeof(iv)), 2982 GNUNET_CRYPTO_crc32_n (&iv, sizeof(iv)),
2987 tp->iv_seed); 2983 tp->iv_seed);
@@ -3012,7 +3008,7 @@ handle_pong (struct Neighbour *n,
3012#endif 3008#endif
3013 /* mark as garbage, just to be sure */ 3009 /* mark as garbage, just to be sure */
3014 memset (&t, 255, sizeof (t)); 3010 memset (&t, 255, sizeof (t));
3015 derive_pong_iv (&iv, &n->decrypt_key, m->iv_seed, htonl (n->ping_challenge), 3011 derive_pong_iv (&iv, &n->decrypt_key, m->iv_seed, n->ping_challenge,
3016 &my_identity); 3012 &my_identity);
3017 if (GNUNET_OK != 3013 if (GNUNET_OK !=
3018 do_decrypt (n, 3014 do_decrypt (n,
@@ -3034,20 +3030,15 @@ handle_pong (struct Neighbour *n,
3034 "Decrypted `%s' from `%4s' with challenge %u using key %u, IV %u (salt %u)\n", 3030 "Decrypted `%s' from `%4s' with challenge %u using key %u, IV %u (salt %u)\n",
3035 "PONG", 3031 "PONG",
3036 GNUNET_i2s (&t.target), 3032 GNUNET_i2s (&t.target),
3037 (unsigned int) ntohl (t.challenge), 3033 (unsigned int) t.challenge,
3038 (unsigned int) n->decrypt_key.crc32, 3034 (unsigned int) n->decrypt_key.crc32,
3039 GNUNET_CRYPTO_crc32_n (&iv, sizeof(iv)), 3035 GNUNET_CRYPTO_crc32_n (&iv, sizeof(iv)),
3040 m->iv_seed); 3036 m->iv_seed);
3041#endif 3037#endif
3042 if (0 != ntohl (t.reserved))
3043 {
3044 GNUNET_break_op (0);
3045 return;
3046 }
3047 if ((0 != memcmp (&t.target, 3038 if ((0 != memcmp (&t.target,
3048 &n->peer, 3039 &n->peer,
3049 sizeof (struct GNUNET_PeerIdentity))) || 3040 sizeof (struct GNUNET_PeerIdentity))) ||
3050 (n->ping_challenge != ntohl (t.challenge))) 3041 (n->ping_challenge != t.challenge))
3051 { 3042 {
3052 /* PONG malformed */ 3043 /* PONG malformed */
3053#if DEBUG_CORE 3044#if DEBUG_CORE
@@ -3059,7 +3050,7 @@ handle_pong (struct Neighbour *n,
3059 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 3050 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3060 "Received malformed `%s' received from `%4s' with challenge %u\n", 3051 "Received malformed `%s' received from `%4s' with challenge %u\n",
3061 "PONG", GNUNET_i2s (&t.target), 3052 "PONG", GNUNET_i2s (&t.target),
3062 (unsigned int) ntohl (t.challenge)); 3053 (unsigned int) t.challenge);
3063#endif 3054#endif
3064 GNUNET_break_op (0); 3055 GNUNET_break_op (0);
3065 return; 3056 return;
@@ -3437,16 +3428,6 @@ handle_encrypted_message (struct Neighbour *n,
3437 "Core service receives `%s' request from `%4s'.\n", 3428 "Core service receives `%s' request from `%4s'.\n",
3438 "ENCRYPTED_MESSAGE", GNUNET_i2s (&n->peer)); 3429 "ENCRYPTED_MESSAGE", GNUNET_i2s (&n->peer));
3439#endif 3430#endif
3440 derive_iv (&iv, &n->decrypt_key, m->iv_seed, &my_identity);
3441 /* decrypt */
3442 if (GNUNET_OK !=
3443 do_decrypt (n,
3444 &iv,
3445 &m->sequence_number,
3446 &buf[ENCRYPTED_HEADER_SIZE],
3447 size - ENCRYPTED_HEADER_SIZE))
3448 return;
3449 pt = (struct EncryptedMessage *) buf;
3450 /* validate hash */ 3431 /* validate hash */
3451 derive_auth_key (&auth_key, 3432 derive_auth_key (&auth_key,
3452 &n->decrypt_key, 3433 &n->decrypt_key,
@@ -3463,6 +3444,7 @@ handle_encrypted_message (struct Neighbour *n,
3463 size - ENCRYPTED_HEADER_SIZE), 3444 size - ENCRYPTED_HEADER_SIZE),
3464 GNUNET_h2s (&ph)); 3445 GNUNET_h2s (&ph));
3465#endif 3446#endif
3447
3466 if (0 != memcmp (&ph, 3448 if (0 != memcmp (&ph,
3467 &m->hmac, 3449 &m->hmac,
3468 sizeof (GNUNET_HashCode))) 3450 sizeof (GNUNET_HashCode)))
@@ -3471,6 +3453,16 @@ handle_encrypted_message (struct Neighbour *n,
3471 GNUNET_break_op (0); 3453 GNUNET_break_op (0);
3472 return; 3454 return;
3473 } 3455 }
3456 derive_iv (&iv, &n->decrypt_key, m->iv_seed, &my_identity);
3457 /* decrypt */
3458 if (GNUNET_OK !=
3459 do_decrypt (n,
3460 &iv,
3461 &m->sequence_number,
3462 &buf[ENCRYPTED_HEADER_SIZE],
3463 size - ENCRYPTED_HEADER_SIZE))
3464 return;
3465 pt = (struct EncryptedMessage *) buf;
3474 3466
3475 /* validate sequence number */ 3467 /* validate sequence number */
3476 snum = ntohl (pt->sequence_number); 3468 snum = ntohl (pt->sequence_number);
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-27 12:43:53 +0000