- use tunnel encryption state to select decryption key

author: Bart Polot <bart@net.in.tum.de> 2013-12-17 04:41:27 +0000
committer: Bart Polot <bart@net.in.tum.de> 2013-12-17 04:41:27 +0000
commit: 27c12911f4f2aba2d90099270d70de846e83854f (patch)
tree: 387c70fd15b69e86228e9d43be32096b9146f78e /src/mesh/gnunet-service-mesh_tunnel.c
parent: 74ba25a59e66634b15d0a34e20f9889cff86ffae (diff)
download: gnunet-27c12911f4f2aba2d90099270d70de846e83854f.tar.gz
gnunet-27c12911f4f2aba2d90099270d70de846e83854f.zip
1 files changed, 20 insertions, 2 deletions
diff --git a/src/mesh/gnunet-service-mesh_tunnel.c b/src/mesh/gnunet-service-mesh_tunnel.c
index 7cfe985f1..a9dcc5daa 100644
--- a/src/mesh/gnunet-service-mesh_tunnel.c
+++ b/src/mesh/gnunet-service-mesh_tunnel.c
@@ -525,9 +525,27 @@ t_decrypt (struct MeshTunnel3 *t,
           size_t size, uint32_t iv)
 {
  struct GNUNET_CRYPTO_SymmetricInitializationVector siv;
+  struct GNUNET_CRYPTO_SymmetricSessionKey *key;
-  GNUNET_CRYPTO_symmetric_derive_iv (&siv, &t->d_key, &iv, sizeof (uint32_t), NULL);
+  if (t->estate == MESH_TUNNEL3_KEY_OK)
-  return GNUNET_CRYPTO_symmetric_decrypt (src, size, &t->d_key, &siv, dst);
+  {
+    key = &t->d_key;
+  }
+  else if (NULL != t->kx_ctx)
+  {
+    key = &t->kx_ctx->d_key_old;
+  }
+  else
+  {
+    GNUNET_STATISTICS_update (stats, "# non decryptable data", 1, GNUNET_NO);
+    LOG (GNUNET_ERROR_TYPE_DEBUG,
+         "WARNING got data on %s without a valid key\n",
+         GMT_2s (t));
+    return 0;
+  }
+  GNUNET_CRYPTO_symmetric_derive_iv (&siv, key, &iv, sizeof (uint32_t), NULL);
+  return GNUNET_CRYPTO_symmetric_decrypt (src, size, key, &siv, dst);
 }
author	Bart Polot <bart@net.in.tum.de>	2013-12-17 04:41:27 +0000
committer	Bart Polot <bart@net.in.tum.de>	2013-12-17 04:41:27 +0000
commit	27c12911f4f2aba2d90099270d70de846e83854f (patch)
tree	387c70fd15b69e86228e9d43be32096b9146f78e /src/mesh/gnunet-service-mesh_tunnel.c
parent	74ba25a59e66634b15d0a34e20f9889cff86ffae (diff)
download	gnunet-27c12911f4f2aba2d90099270d70de846e83854f.tar.gz gnunet-27c12911f4f2aba2d90099270d70de846e83854f.zip

diff --git a/src/mesh/gnunet-service-mesh_tunnel.c b/src/mesh/gnunet-service-mesh_tunnel.c index 7cfe985f1..a9dcc5daa 100644 --- a/src/mesh/gnunet-service-mesh_tunnel.c +++ b/src/mesh/gnunet-service-mesh_tunnel.c
@@ -525,9 +525,27 @@ t_decrypt (struct MeshTunnel3 *t,
525	size_t size, uint32_t iv)	525	size_t size, uint32_t iv)
526	{	526	{
527	struct GNUNET_CRYPTO_SymmetricInitializationVector siv;	527	struct GNUNET_CRYPTO_SymmetricInitializationVector siv;
		528	struct GNUNET_CRYPTO_SymmetricSessionKey *key;
528		529
529	GNUNET_CRYPTO_symmetric_derive_iv (&siv, &t->d_key, &iv, sizeof (uint32_t), NULL);	530	if (t->estate == MESH_TUNNEL3_KEY_OK)
530	return GNUNET_CRYPTO_symmetric_decrypt (src, size, &t->d_key, &siv, dst);	531	{
		532	key = &t->d_key;
		533	}
		534	else if (NULL != t->kx_ctx)
		535	{
		536	key = &t->kx_ctx->d_key_old;
		537	}
		538	else
		539	{
		540	GNUNET_STATISTICS_update (stats, "# non decryptable data", 1, GNUNET_NO);
		541	LOG (GNUNET_ERROR_TYPE_DEBUG,
		542	"WARNING got data on %s without a valid key\n",
		543	GMT_2s (t));
		544	return 0;
		545	}
		546
		547	GNUNET_CRYPTO_symmetric_derive_iv (&siv, key, &iv, sizeof (uint32_t), NULL);
		548	return GNUNET_CRYPTO_symmetric_decrypt (src, size, key, &siv, dst);
531	}	549	}
532		550
533		551