aboutsummaryrefslogtreecommitdiff
path: root/src/dht
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2022-01-09 18:11:58 +0100
committerChristian Grothoff <christian@grothoff.org>2022-01-09 18:11:58 +0100
commita327860b118e10e170a9721ea36ba5eeccf2bb8e (patch)
treeb2c7660026fc0944deb5214f6de159fb64add937 /src/dht
parentec19c1e316efdd29a7af0524fc2ff33cc4b19d09 (diff)
downloadgnunet-a327860b118e10e170a9721ea36ba5eeccf2bb8e.tar.gz
gnunet-a327860b118e10e170a9721ea36ba5eeccf2bb8e.zip
-DHT: implement path signing (but signatures are not yet being verified)
Diffstat (limited to 'src/dht')
-rw-r--r--src/dht/gnunet-service-dht_neighbours.c85
1 files changed, 81 insertions, 4 deletions
diff --git a/src/dht/gnunet-service-dht_neighbours.c b/src/dht/gnunet-service-dht_neighbours.c
index e100ae2ee..4affc7682 100644
--- a/src/dht/gnunet-service-dht_neighbours.c
+++ b/src/dht/gnunet-service-dht_neighbours.c
@@ -27,6 +27,7 @@
27#include "platform.h" 27#include "platform.h"
28#include "gnunet_constants.h" 28#include "gnunet_constants.h"
29#include "gnunet_protocols.h" 29#include "gnunet_protocols.h"
30#include "gnunet_signatures.h"
30#include "gnunet_ats_service.h" 31#include "gnunet_ats_service.h"
31#include "gnunet_core_service.h" 32#include "gnunet_core_service.h"
32#include "gnunet_hello_lib.h" 33#include "gnunet_hello_lib.h"
@@ -408,6 +409,38 @@ static struct GNUNET_CORE_Handle *core_api;
408 */ 409 */
409static struct GNUNET_ATS_ConnectivityHandle *ats_ch; 410static struct GNUNET_ATS_ConnectivityHandle *ats_ch;
410 411
412/**
413 * Our private key.
414 */
415static struct GNUNET_CRYPTO_EddsaPrivateKey my_private_key;
416
417
418/**
419 * Sign that we are routing a message from @a pred to @a succ.
420 * (So the route is $PRED->us->$SUCC).
421 *
422 * @param pred predecessor peer ID
423 * @param succ successor peer ID
424 * @param[out] sig where to write the signature
425 * (of purpose #GNUNET_SIGNATURE_PURPOSE_DHT_HOP)
426 */
427static void
428sign_path (const struct GNUNET_PeerIdentity *pred,
429 const struct GNUNET_PeerIdentity *succ,
430 struct GNUNET_CRYPTO_EddsaSignature *sig)
431{
432 struct GNUNET_DHT_HopSignature hs = {
433 .purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DHT_HOP),
434 .purpose.size = htonl (sizeof (hs)),
435 .pred = *pred,
436 .succ = *succ
437 };
438
439 GNUNET_CRYPTO_eddsa_sign (&my_private_key,
440 &hs,
441 sig);
442}
443
411 444
412/** 445/**
413 * Find the optimal bucket for this key. 446 * Find the optimal bucket for this key.
@@ -1287,7 +1320,7 @@ GDS_NEIGHBOURS_handle_put (const struct GDS_DATACACHE_BlockData *bd,
1287 GNUNET_i2s (&my_identity)); 1320 GNUNET_i2s (&my_identity));
1288 return GNUNET_NO; 1321 return GNUNET_NO;
1289 } 1322 }
1290 msize = bd->put_path_length * sizeof(struct GNUNET_PeerIdentity) 1323 msize = bd->put_path_length * sizeof(struct GNUNET_DHT_PathElement)
1291 + bd->data_size; 1324 + bd->data_size;
1292 if (msize + sizeof(struct PeerPutMessage) 1325 if (msize + sizeof(struct PeerPutMessage)
1293 >= GNUNET_CONSTANTS_MAX_ENCRYPTED_MESSAGE_SIZE) 1326 >= GNUNET_CONSTANTS_MAX_ENCRYPTED_MESSAGE_SIZE)
@@ -1308,7 +1341,7 @@ GDS_NEIGHBOURS_handle_put (const struct GDS_DATACACHE_BlockData *bd,
1308 struct PeerInfo *target = targets[i]; 1341 struct PeerInfo *target = targets[i];
1309 struct GNUNET_MQ_Envelope *env; 1342 struct GNUNET_MQ_Envelope *env;
1310 struct PeerPutMessage *ppm; 1343 struct PeerPutMessage *ppm;
1311 struct GNUNET_PeerIdentity *pp; 1344 struct GNUNET_DHT_PathElement *pp;
1312 1345
1313 if (GNUNET_MQ_get_length (target->mq) >= MAXIMUM_PENDING_PER_PEER) 1346 if (GNUNET_MQ_get_length (target->mq) >= MAXIMUM_PENDING_PER_PEER)
1314 { 1347 {
@@ -1342,10 +1375,20 @@ GDS_NEIGHBOURS_handle_put (const struct GDS_DATACACHE_BlockData *bd,
1342 ppm->bloomfilter, 1375 ppm->bloomfilter,
1343 DHT_BLOOM_SIZE)); 1376 DHT_BLOOM_SIZE));
1344 ppm->key = bd->key; 1377 ppm->key = bd->key;
1345 pp = (struct GNUNET_PeerIdentity *) &ppm[1]; 1378 pp = (struct GNUNET_DHT_PathElement *) &ppm[1];
1346 GNUNET_memcpy (pp, 1379 GNUNET_memcpy (pp,
1347 bd->put_path, 1380 bd->put_path,
1348 sizeof(struct GNUNET_PeerIdentity) * put_path_length); 1381 sizeof (struct GNUNET_DHT_PathElement) * put_path_length);
1382 /* 0 == put_path_length means path is not being tracked */
1383 if (0 != put_path_length)
1384 {
1385 /* Note that the signature in 'put_path' was not initialized before,
1386 so this is crucial to avoid sending garbage. */
1387 sign_path (&pp[put_path_length - 1].pred,
1388 target->id,
1389 &pp[put_path_length - 1].sig);
1390 }
1391
1349 GNUNET_memcpy (&pp[put_path_length], 1392 GNUNET_memcpy (&pp[put_path_length],
1350 bd->data, 1393 bd->data,
1351 bd->data_size); 1394 bd->data_size);
@@ -1553,6 +1596,15 @@ GDS_NEIGHBOURS_handle_reply (struct PeerInfo *pi,
1553 GNUNET_memcpy (&paths[bd->put_path_length], 1596 GNUNET_memcpy (&paths[bd->put_path_length],
1554 get_path, 1597 get_path,
1555 get_path_length * sizeof(struct GNUNET_DHT_PathElement)); 1598 get_path_length * sizeof(struct GNUNET_DHT_PathElement));
1599 /* 0 == get_path_length means path is not being tracked */
1600 if (0 != get_path_length)
1601 {
1602 /* Note that the signature in 'get_path' was not initialized before,
1603 so this is crucial to avoid sending garbage. */
1604 sign_path (&paths[bd->put_path_length + get_path_length - 1].pred,
1605 pi->id,
1606 &paths[bd->put_path_length + get_path_length - 1].sig);
1607 }
1556 GNUNET_memcpy (&paths[bd->put_path_length + get_path_length], 1608 GNUNET_memcpy (&paths[bd->put_path_length + get_path_length],
1557 bd->data, 1609 bd->data,
1558 bd->data_size); 1610 bd->data_size);
@@ -2326,6 +2378,31 @@ GDS_NEIGHBOURS_init ()
2326 = GNUNET_CONFIGURATION_get_value_yesno (GDS_cfg, 2378 = GNUNET_CONFIGURATION_get_value_yesno (GDS_cfg,
2327 "DHT", 2379 "DHT",
2328 "CACHE_RESULTS"); 2380 "CACHE_RESULTS");
2381 {
2382 char *keyfile;
2383
2384 if (GNUNET_OK !=
2385 GNUNET_CONFIGURATION_get_value_filename (GDS_cfg,
2386 "PEER",
2387 "PRIVATE_KEY",
2388 &keyfile))
2389 {
2390 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2391 "Core service is lacking HOSTKEY configuration setting. Exiting.\n");
2392 return GNUNET_SYSERR;
2393 }
2394 if (GNUNET_SYSERR ==
2395 GNUNET_CRYPTO_eddsa_key_from_file (keyfile,
2396 GNUNET_YES,
2397 &my_private_key))
2398 {
2399 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2400 "Failed to setup peer's private key\n");
2401 GNUNET_free (keyfile);
2402 return GNUNET_SYSERR;
2403 }
2404 GNUNET_free (keyfile);
2405 }
2329 2406
2330 ats_ch = GNUNET_ATS_connectivity_init (GDS_cfg); 2407 ats_ch = GNUNET_ATS_connectivity_init (GDS_cfg);
2331 core_api = GNUNET_CORE_connect (GDS_cfg, 2408 core_api = GNUNET_CORE_connect (GDS_cfg,