diff options
author | Christian Grothoff <christian@grothoff.org> | 2022-01-09 18:11:58 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2022-01-09 18:11:58 +0100 |
commit | a327860b118e10e170a9721ea36ba5eeccf2bb8e (patch) | |
tree | b2c7660026fc0944deb5214f6de159fb64add937 /src/dht | |
parent | ec19c1e316efdd29a7af0524fc2ff33cc4b19d09 (diff) | |
download | gnunet-a327860b118e10e170a9721ea36ba5eeccf2bb8e.tar.gz gnunet-a327860b118e10e170a9721ea36ba5eeccf2bb8e.zip |
-DHT: implement path signing (but signatures are not yet being verified)
Diffstat (limited to 'src/dht')
-rw-r--r-- | src/dht/gnunet-service-dht_neighbours.c | 85 |
1 files changed, 81 insertions, 4 deletions
diff --git a/src/dht/gnunet-service-dht_neighbours.c b/src/dht/gnunet-service-dht_neighbours.c index e100ae2ee..4affc7682 100644 --- a/src/dht/gnunet-service-dht_neighbours.c +++ b/src/dht/gnunet-service-dht_neighbours.c | |||
@@ -27,6 +27,7 @@ | |||
27 | #include "platform.h" | 27 | #include "platform.h" |
28 | #include "gnunet_constants.h" | 28 | #include "gnunet_constants.h" |
29 | #include "gnunet_protocols.h" | 29 | #include "gnunet_protocols.h" |
30 | #include "gnunet_signatures.h" | ||
30 | #include "gnunet_ats_service.h" | 31 | #include "gnunet_ats_service.h" |
31 | #include "gnunet_core_service.h" | 32 | #include "gnunet_core_service.h" |
32 | #include "gnunet_hello_lib.h" | 33 | #include "gnunet_hello_lib.h" |
@@ -408,6 +409,38 @@ static struct GNUNET_CORE_Handle *core_api; | |||
408 | */ | 409 | */ |
409 | static struct GNUNET_ATS_ConnectivityHandle *ats_ch; | 410 | static struct GNUNET_ATS_ConnectivityHandle *ats_ch; |
410 | 411 | ||
412 | /** | ||
413 | * Our private key. | ||
414 | */ | ||
415 | static struct GNUNET_CRYPTO_EddsaPrivateKey my_private_key; | ||
416 | |||
417 | |||
418 | /** | ||
419 | * Sign that we are routing a message from @a pred to @a succ. | ||
420 | * (So the route is $PRED->us->$SUCC). | ||
421 | * | ||
422 | * @param pred predecessor peer ID | ||
423 | * @param succ successor peer ID | ||
424 | * @param[out] sig where to write the signature | ||
425 | * (of purpose #GNUNET_SIGNATURE_PURPOSE_DHT_HOP) | ||
426 | */ | ||
427 | static void | ||
428 | sign_path (const struct GNUNET_PeerIdentity *pred, | ||
429 | const struct GNUNET_PeerIdentity *succ, | ||
430 | struct GNUNET_CRYPTO_EddsaSignature *sig) | ||
431 | { | ||
432 | struct GNUNET_DHT_HopSignature hs = { | ||
433 | .purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DHT_HOP), | ||
434 | .purpose.size = htonl (sizeof (hs)), | ||
435 | .pred = *pred, | ||
436 | .succ = *succ | ||
437 | }; | ||
438 | |||
439 | GNUNET_CRYPTO_eddsa_sign (&my_private_key, | ||
440 | &hs, | ||
441 | sig); | ||
442 | } | ||
443 | |||
411 | 444 | ||
412 | /** | 445 | /** |
413 | * Find the optimal bucket for this key. | 446 | * Find the optimal bucket for this key. |
@@ -1287,7 +1320,7 @@ GDS_NEIGHBOURS_handle_put (const struct GDS_DATACACHE_BlockData *bd, | |||
1287 | GNUNET_i2s (&my_identity)); | 1320 | GNUNET_i2s (&my_identity)); |
1288 | return GNUNET_NO; | 1321 | return GNUNET_NO; |
1289 | } | 1322 | } |
1290 | msize = bd->put_path_length * sizeof(struct GNUNET_PeerIdentity) | 1323 | msize = bd->put_path_length * sizeof(struct GNUNET_DHT_PathElement) |
1291 | + bd->data_size; | 1324 | + bd->data_size; |
1292 | if (msize + sizeof(struct PeerPutMessage) | 1325 | if (msize + sizeof(struct PeerPutMessage) |
1293 | >= GNUNET_CONSTANTS_MAX_ENCRYPTED_MESSAGE_SIZE) | 1326 | >= GNUNET_CONSTANTS_MAX_ENCRYPTED_MESSAGE_SIZE) |
@@ -1308,7 +1341,7 @@ GDS_NEIGHBOURS_handle_put (const struct GDS_DATACACHE_BlockData *bd, | |||
1308 | struct PeerInfo *target = targets[i]; | 1341 | struct PeerInfo *target = targets[i]; |
1309 | struct GNUNET_MQ_Envelope *env; | 1342 | struct GNUNET_MQ_Envelope *env; |
1310 | struct PeerPutMessage *ppm; | 1343 | struct PeerPutMessage *ppm; |
1311 | struct GNUNET_PeerIdentity *pp; | 1344 | struct GNUNET_DHT_PathElement *pp; |
1312 | 1345 | ||
1313 | if (GNUNET_MQ_get_length (target->mq) >= MAXIMUM_PENDING_PER_PEER) | 1346 | if (GNUNET_MQ_get_length (target->mq) >= MAXIMUM_PENDING_PER_PEER) |
1314 | { | 1347 | { |
@@ -1342,10 +1375,20 @@ GDS_NEIGHBOURS_handle_put (const struct GDS_DATACACHE_BlockData *bd, | |||
1342 | ppm->bloomfilter, | 1375 | ppm->bloomfilter, |
1343 | DHT_BLOOM_SIZE)); | 1376 | DHT_BLOOM_SIZE)); |
1344 | ppm->key = bd->key; | 1377 | ppm->key = bd->key; |
1345 | pp = (struct GNUNET_PeerIdentity *) &ppm[1]; | 1378 | pp = (struct GNUNET_DHT_PathElement *) &ppm[1]; |
1346 | GNUNET_memcpy (pp, | 1379 | GNUNET_memcpy (pp, |
1347 | bd->put_path, | 1380 | bd->put_path, |
1348 | sizeof(struct GNUNET_PeerIdentity) * put_path_length); | 1381 | sizeof (struct GNUNET_DHT_PathElement) * put_path_length); |
1382 | /* 0 == put_path_length means path is not being tracked */ | ||
1383 | if (0 != put_path_length) | ||
1384 | { | ||
1385 | /* Note that the signature in 'put_path' was not initialized before, | ||
1386 | so this is crucial to avoid sending garbage. */ | ||
1387 | sign_path (&pp[put_path_length - 1].pred, | ||
1388 | target->id, | ||
1389 | &pp[put_path_length - 1].sig); | ||
1390 | } | ||
1391 | |||
1349 | GNUNET_memcpy (&pp[put_path_length], | 1392 | GNUNET_memcpy (&pp[put_path_length], |
1350 | bd->data, | 1393 | bd->data, |
1351 | bd->data_size); | 1394 | bd->data_size); |
@@ -1553,6 +1596,15 @@ GDS_NEIGHBOURS_handle_reply (struct PeerInfo *pi, | |||
1553 | GNUNET_memcpy (&paths[bd->put_path_length], | 1596 | GNUNET_memcpy (&paths[bd->put_path_length], |
1554 | get_path, | 1597 | get_path, |
1555 | get_path_length * sizeof(struct GNUNET_DHT_PathElement)); | 1598 | get_path_length * sizeof(struct GNUNET_DHT_PathElement)); |
1599 | /* 0 == get_path_length means path is not being tracked */ | ||
1600 | if (0 != get_path_length) | ||
1601 | { | ||
1602 | /* Note that the signature in 'get_path' was not initialized before, | ||
1603 | so this is crucial to avoid sending garbage. */ | ||
1604 | sign_path (&paths[bd->put_path_length + get_path_length - 1].pred, | ||
1605 | pi->id, | ||
1606 | &paths[bd->put_path_length + get_path_length - 1].sig); | ||
1607 | } | ||
1556 | GNUNET_memcpy (&paths[bd->put_path_length + get_path_length], | 1608 | GNUNET_memcpy (&paths[bd->put_path_length + get_path_length], |
1557 | bd->data, | 1609 | bd->data, |
1558 | bd->data_size); | 1610 | bd->data_size); |
@@ -2326,6 +2378,31 @@ GDS_NEIGHBOURS_init () | |||
2326 | = GNUNET_CONFIGURATION_get_value_yesno (GDS_cfg, | 2378 | = GNUNET_CONFIGURATION_get_value_yesno (GDS_cfg, |
2327 | "DHT", | 2379 | "DHT", |
2328 | "CACHE_RESULTS"); | 2380 | "CACHE_RESULTS"); |
2381 | { | ||
2382 | char *keyfile; | ||
2383 | |||
2384 | if (GNUNET_OK != | ||
2385 | GNUNET_CONFIGURATION_get_value_filename (GDS_cfg, | ||
2386 | "PEER", | ||
2387 | "PRIVATE_KEY", | ||
2388 | &keyfile)) | ||
2389 | { | ||
2390 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
2391 | "Core service is lacking HOSTKEY configuration setting. Exiting.\n"); | ||
2392 | return GNUNET_SYSERR; | ||
2393 | } | ||
2394 | if (GNUNET_SYSERR == | ||
2395 | GNUNET_CRYPTO_eddsa_key_from_file (keyfile, | ||
2396 | GNUNET_YES, | ||
2397 | &my_private_key)) | ||
2398 | { | ||
2399 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
2400 | "Failed to setup peer's private key\n"); | ||
2401 | GNUNET_free (keyfile); | ||
2402 | return GNUNET_SYSERR; | ||
2403 | } | ||
2404 | GNUNET_free (keyfile); | ||
2405 | } | ||
2329 | 2406 | ||
2330 | ats_ch = GNUNET_ATS_connectivity_init (GDS_cfg); | 2407 | ats_ch = GNUNET_ATS_connectivity_init (GDS_cfg); |
2331 | core_api = GNUNET_CORE_connect (GDS_cfg, | 2408 | core_api = GNUNET_CORE_connect (GDS_cfg, |