diff options
author | t3sserakt <t3ss@posteo.de> | 2020-07-17 14:26:45 +0200 |
---|---|---|
committer | t3sserakt <t3ss@posteo.de> | 2020-07-17 14:26:45 +0200 |
commit | 0c9911d73744da31776f98019ff1460032f2c82b (patch) | |
tree | 6746a66f0467b5115d7c23547b563aab3e119163 /src/include | |
parent | 686a873aed44e0dff36f0d52c465af2e5efb5ab2 (diff) | |
download | gnunet-0c9911d73744da31776f98019ff1460032f2c82b.tar.gz gnunet-0c9911d73744da31776f98019ff1460032f2c82b.zip |
TNG: Implemented 5530: add replay protection to TCP communicator. Added monotime value checks
Diffstat (limited to 'src/include')
-rw-r--r-- | src/include/gnunet_core_service.h | 116 | ||||
-rw-r--r-- | src/include/gnunet_crypto_lib.h | 11 | ||||
-rw-r--r-- | src/include/gnunet_peerstore_service.h | 18 | ||||
-rw-r--r-- | src/include/gnunet_protocols.h | 5 | ||||
-rw-r--r-- | src/include/gnunet_signatures.h | 5 |
5 files changed, 155 insertions, 0 deletions
diff --git a/src/include/gnunet_core_service.h b/src/include/gnunet_core_service.h index 66b292c3c..60bc3c2a6 100644 --- a/src/include/gnunet_core_service.h +++ b/src/include/gnunet_core_service.h | |||
@@ -48,6 +48,122 @@ extern "C" { | |||
48 | */ | 48 | */ |
49 | #define GNUNET_CORE_VERSION 0x00000001 | 49 | #define GNUNET_CORE_VERSION 0x00000001 |
50 | 50 | ||
51 | GNUNET_NETWORK_STRUCT_BEGIN | ||
52 | |||
53 | /** | ||
54 | * Message transmitted with the signed ephemeral key of a peer. The | ||
55 | * session key is then derived from the two ephemeral keys (ECDHE). | ||
56 | */ | ||
57 | struct EphemeralKeyMessage | ||
58 | { | ||
59 | /** | ||
60 | * Message type is #GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY. | ||
61 | */ | ||
62 | struct GNUNET_MessageHeader header; | ||
63 | |||
64 | /** | ||
65 | * Status of the sender (should be in `enum PeerStateMachine`), nbo. | ||
66 | */ | ||
67 | int32_t sender_status GNUNET_PACKED; | ||
68 | |||
69 | /** | ||
70 | * An ECC signature of the @e origin_identity asserting the validity | ||
71 | * of the given ephemeral key. | ||
72 | */ | ||
73 | struct GNUNET_CRYPTO_EddsaSignature signature; | ||
74 | |||
75 | /** | ||
76 | * Information about what is being signed. | ||
77 | */ | ||
78 | struct GNUNET_CRYPTO_EccSignaturePurpose purpose; | ||
79 | |||
80 | /** | ||
81 | * At what time was this key created (beginning of validity). | ||
82 | */ | ||
83 | struct GNUNET_TIME_AbsoluteNBO creation_time; | ||
84 | |||
85 | /** | ||
86 | * When does the given ephemeral key expire (end of validity). | ||
87 | */ | ||
88 | struct GNUNET_TIME_AbsoluteNBO expiration_time; | ||
89 | |||
90 | /** | ||
91 | * Ephemeral public ECC key. | ||
92 | */ | ||
93 | struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key; | ||
94 | |||
95 | /** | ||
96 | * Public key of the signing peer (persistent version, not the | ||
97 | * ephemeral public key). | ||
98 | */ | ||
99 | struct GNUNET_PeerIdentity origin_identity; | ||
100 | }; | ||
101 | |||
102 | |||
103 | /** | ||
104 | * We're sending an (encrypted) PING to the other peer to check if it | ||
105 | * can decrypt. The other peer should respond with a PONG with the | ||
106 | * same content, except this time encrypted with the receiver's key. | ||
107 | */ | ||
108 | struct PingMessage | ||
109 | { | ||
110 | /** | ||
111 | * Message type is #GNUNET_MESSAGE_TYPE_CORE_PING. | ||
112 | */ | ||
113 | struct GNUNET_MessageHeader header; | ||
114 | |||
115 | /** | ||
116 | * Seed for the IV | ||
117 | */ | ||
118 | uint32_t iv_seed GNUNET_PACKED; | ||
119 | |||
120 | /** | ||
121 | * Intended target of the PING, used primarily to check | ||
122 | * that decryption actually worked. | ||
123 | */ | ||
124 | struct GNUNET_PeerIdentity target; | ||
125 | |||
126 | /** | ||
127 | * Random number chosen to make replay harder. | ||
128 | */ | ||
129 | uint32_t challenge GNUNET_PACKED; | ||
130 | }; | ||
131 | |||
132 | |||
133 | /** | ||
134 | * Response to a PING. Includes data from the original PING. | ||
135 | */ | ||
136 | struct PongMessage | ||
137 | { | ||
138 | /** | ||
139 | * Message type is #GNUNET_MESSAGE_TYPE_CORE_PONG. | ||
140 | */ | ||
141 | struct GNUNET_MessageHeader header; | ||
142 | |||
143 | /** | ||
144 | * Seed for the IV | ||
145 | */ | ||
146 | uint32_t iv_seed GNUNET_PACKED; | ||
147 | |||
148 | /** | ||
149 | * Random number to make replay attacks harder. | ||
150 | */ | ||
151 | uint32_t challenge GNUNET_PACKED; | ||
152 | |||
153 | /** | ||
154 | * Reserved, always zero. | ||
155 | */ | ||
156 | uint32_t reserved; | ||
157 | |||
158 | /** | ||
159 | * Intended target of the PING, used primarily to check | ||
160 | * that decryption actually worked. | ||
161 | */ | ||
162 | struct GNUNET_PeerIdentity target; | ||
163 | }; | ||
164 | |||
165 | |||
166 | GNUNET_NETWORK_STRUCT_END | ||
51 | 167 | ||
52 | /** | 168 | /** |
53 | * Opaque handle to the service. | 169 | * Opaque handle to the service. |
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index 320701643..c1b0b3b1b 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
@@ -289,6 +289,17 @@ struct GNUNET_CRYPTO_SymmetricSessionKey | |||
289 | unsigned char twofish_key[GNUNET_CRYPTO_AES_KEY_LENGTH]; | 289 | unsigned char twofish_key[GNUNET_CRYPTO_AES_KEY_LENGTH]; |
290 | }; | 290 | }; |
291 | 291 | ||
292 | /** | ||
293 | * Type of a nonce used for challenges. | ||
294 | */ | ||
295 | struct ChallengeNonceP | ||
296 | { | ||
297 | /** | ||
298 | * The value of the nonce. Note that this is NOT a hash. | ||
299 | */ | ||
300 | struct GNUNET_ShortHashCode value; | ||
301 | }; | ||
302 | |||
292 | GNUNET_NETWORK_STRUCT_END | 303 | GNUNET_NETWORK_STRUCT_END |
293 | 304 | ||
294 | /** | 305 | /** |
diff --git a/src/include/gnunet_peerstore_service.h b/src/include/gnunet_peerstore_service.h index cd68dad66..91a8f2e66 100644 --- a/src/include/gnunet_peerstore_service.h +++ b/src/include/gnunet_peerstore_service.h | |||
@@ -67,6 +67,24 @@ extern "C" { | |||
67 | #define GNUNET_PEERSTORE_TRANSPORT_DVLEARN_MONOTIME \ | 67 | #define GNUNET_PEERSTORE_TRANSPORT_DVLEARN_MONOTIME \ |
68 | "transport-dv-learn-monotonic-time" | 68 | "transport-dv-learn-monotonic-time" |
69 | 69 | ||
70 | /** | ||
71 | * Key used to store sender's monotonic time from handshake message. | ||
72 | */ | ||
73 | #define GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_HANDSHAKE \ | ||
74 | "transport-tcp-communicator-handshake" | ||
75 | |||
76 | /** | ||
77 | * Key used to store sender's monotonic time from handshake ack message. | ||
78 | */ | ||
79 | #define GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_HANDSHAKE_ACK \ | ||
80 | "transport-tcp-communicator-handshake-ack" | ||
81 | |||
82 | /** | ||
83 | * Key used to store sender's monotonic time from rekey message. | ||
84 | */ | ||
85 | #define GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_REKEY \ | ||
86 | "transport-tcp-communicator-rekey" | ||
87 | |||
70 | 88 | ||
71 | /** | 89 | /** |
72 | * Options for storing values in PEERSTORE | 90 | * Options for storing values in PEERSTORE |
diff --git a/src/include/gnunet_protocols.h b/src/include/gnunet_protocols.h index 0db6150aa..5af58664f 100644 --- a/src/include/gnunet_protocols.h +++ b/src/include/gnunet_protocols.h | |||
@@ -3293,6 +3293,11 @@ extern "C" { | |||
3293 | #define GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_FINISH 1452 | 3293 | #define GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_FINISH 1452 |
3294 | 3294 | ||
3295 | /** | 3295 | /** |
3296 | * TCP communicator confirmation ack. | ||
3297 | */ | ||
3298 | #define GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_CONFIRMATION_ACK 1453 | ||
3299 | |||
3300 | /** | ||
3296 | * UDP KX acknowledgement. | 3301 | * UDP KX acknowledgement. |
3297 | */ | 3302 | */ |
3298 | #define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK 1460 | 3303 | #define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK 1460 |
diff --git a/src/include/gnunet_signatures.h b/src/include/gnunet_signatures.h index 503113770..7c0c1d104 100644 --- a/src/include/gnunet_signatures.h +++ b/src/include/gnunet_signatures.h | |||
@@ -246,6 +246,11 @@ extern "C" | |||
246 | */ | 246 | */ |
247 | #define GNUNET_SIGNATURE_PURPOSE_CADET_CONNECTION_INITIATOR 38 | 247 | #define GNUNET_SIGNATURE_PURPOSE_CADET_CONNECTION_INITIATOR 38 |
248 | 248 | ||
249 | /** | ||
250 | * Signature by a peer sending back the nonce received at initial handshake. | ||
251 | */ | ||
252 | #define GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE_ACK 39 | ||
253 | |||
249 | #if 0 /* keep Emacsens' auto-indent happy */ | 254 | #if 0 /* keep Emacsens' auto-indent happy */ |
250 | { | 255 | { |
251 | #endif | 256 | #endif |