diff options
author | Martin Schanzenbach <schanzen@gnunet.org> | 2023-07-15 15:48:25 +0200 |
---|---|---|
committer | Martin Schanzenbach <schanzen@gnunet.org> | 2023-07-15 15:48:25 +0200 |
commit | 365a1f1bd2a3674b0892ab48630a53ce59f4ddac (patch) | |
tree | d4ec1e22b94cf085859119f9113bd5d85ffb942b /src/transport/gnunet-communicator-udp.c | |
parent | e4367b08dd72b71ba1d73462cf6297641b6885b1 (diff) | |
download | gnunet-365a1f1bd2a3674b0892ab48630a53ce59f4ddac.tar.gz gnunet-365a1f1bd2a3674b0892ab48630a53ce59f4ddac.zip |
TNG(udp): Upon rekey, actually do another KX and not just transmit a new symmetric key.
Diffstat (limited to 'src/transport/gnunet-communicator-udp.c')
-rw-r--r-- | src/transport/gnunet-communicator-udp.c | 74 |
1 files changed, 18 insertions, 56 deletions
diff --git a/src/transport/gnunet-communicator-udp.c b/src/transport/gnunet-communicator-udp.c index 8fcf5ac46..bd51e3003 100644 --- a/src/transport/gnunet-communicator-udp.c +++ b/src/transport/gnunet-communicator-udp.c | |||
@@ -1376,30 +1376,7 @@ setup_shared_secret_dec (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral) | |||
1376 | 1376 | ||
1377 | ss = GNUNET_new (struct SharedSecret); | 1377 | ss = GNUNET_new (struct SharedSecret); |
1378 | GNUNET_CRYPTO_eddsa_kem_decaps (my_private_key, ephemeral, &ss->master); | 1378 | GNUNET_CRYPTO_eddsa_kem_decaps (my_private_key, ephemeral, &ss->master); |
1379 | return ss; | ||
1380 | } | ||
1381 | |||
1382 | |||
1383 | /** | ||
1384 | * Setup shared secret for encryption. | ||
1385 | * | ||
1386 | * @param ephemeral ephemeral key we are sending to the other peer | ||
1387 | * @param[in,out] receiver queue to initialize encryption key for | ||
1388 | * @return new shared secret | ||
1389 | */ | ||
1390 | static struct SharedSecret * | ||
1391 | setup_shared_secret_from_k (struct GNUNET_HashCode *k, | ||
1392 | struct ReceiverAddress *receiver) | ||
1393 | { | ||
1394 | struct SharedSecret *ss; | ||
1395 | |||
1396 | ss = GNUNET_new (struct SharedSecret); | ||
1397 | memcpy (&ss->master, k, sizeof (*k)); | ||
1398 | calculate_cmac (ss); | 1379 | calculate_cmac (ss); |
1399 | ss->receiver = receiver; | ||
1400 | GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss); | ||
1401 | receiver->num_secrets++; | ||
1402 | GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO); | ||
1403 | return ss; | 1380 | return ss; |
1404 | } | 1381 | } |
1405 | 1382 | ||
@@ -1419,26 +1396,12 @@ setup_shared_secret_ephemeral (struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral, | |||
1419 | struct GNUNET_HashCode k; | 1396 | struct GNUNET_HashCode k; |
1420 | 1397 | ||
1421 | GNUNET_CRYPTO_eddsa_kem_encaps (&receiver->target.public_key, ephemeral, &k); | 1398 | GNUNET_CRYPTO_eddsa_kem_encaps (&receiver->target.public_key, ephemeral, &k); |
1422 | ss = setup_shared_secret_from_k (&k, receiver); | 1399 | ss = GNUNET_new (struct SharedSecret); |
1423 | GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO); | 1400 | memcpy (&ss->master, k, sizeof (*k)); |
1424 | return ss; | 1401 | calculate_cmac (ss); |
1425 | } | 1402 | ss->receiver = receiver; |
1426 | 1403 | GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss); | |
1427 | 1404 | receiver->num_secrets++; | |
1428 | /** | ||
1429 | * Setup new random shared secret for encryption. | ||
1430 | * | ||
1431 | * @param[in,out] receiver queue to initialize encryption key for | ||
1432 | * @return new shared secret | ||
1433 | */ | ||
1434 | static struct SharedSecret * | ||
1435 | setup_shared_secret_random (struct ReceiverAddress *receiver) | ||
1436 | { | ||
1437 | struct SharedSecret *ss; | ||
1438 | struct GNUNET_HashCode k; | ||
1439 | |||
1440 | GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, &k, sizeof(k)); | ||
1441 | ss = setup_shared_secret_from_k (&k, receiver); | ||
1442 | GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO); | 1405 | GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO); |
1443 | return ss; | 1406 | return ss; |
1444 | } | 1407 | } |
@@ -2009,7 +1972,7 @@ decrypt_rekey (const struct UDPRekey *rekey, | |||
2009 | struct SharedSecret *ss = kce->ss; | 1972 | struct SharedSecret *ss = kce->ss; |
2010 | struct SharedSecret *ss_rekey; | 1973 | struct SharedSecret *ss_rekey; |
2011 | char out_buf[rekey_len - sizeof(*rekey)]; | 1974 | char out_buf[rekey_len - sizeof(*rekey)]; |
2012 | struct GNUNET_HashCode *master; | 1975 | struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral_pubkey; |
2013 | 1976 | ||
2014 | 1977 | ||
2015 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1978 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
@@ -2041,10 +2004,8 @@ decrypt_rekey (const struct UDPRekey *rekey, | |||
2041 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2004 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2042 | "decrypted UDPRekey with kid %s\n", | 2005 | "decrypted UDPRekey with kid %s\n", |
2043 | GNUNET_sh2s (&rekey->kid)); | 2006 | GNUNET_sh2s (&rekey->kid)); |
2044 | master = (struct GNUNET_HashCode *) out_buf; | 2007 | ephemeral_pubkey = (struct GNUNET_CRYPTO_EcdhePublicKey *) out_buf; |
2045 | ss_rekey = GNUNET_new (struct SharedSecret); | 2008 | ss_rekey = setup_shared_secret_dec (ephemeral_pubkey); |
2046 | ss_rekey->master = *master; | ||
2047 | calculate_cmac (ss_rekey); | ||
2048 | ss_rekey->sender = sender; | 2009 | ss_rekey->sender = sender; |
2049 | GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss_rekey); | 2010 | GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss_rekey); |
2050 | sender->ss_rekey = ss_rekey; | 2011 | sender->ss_rekey = ss_rekey; |
@@ -2801,6 +2762,7 @@ send_UDPRekey (struct ReceiverAddress *receiver, struct SharedSecret *ss) | |||
2801 | uint8_t send_rekey = GNUNET_NO; | 2762 | uint8_t send_rekey = GNUNET_NO; |
2802 | uint16_t not_below; | 2763 | uint16_t not_below; |
2803 | struct UDPRekey *rekey; | 2764 | struct UDPRekey *rekey; |
2765 | struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_pubkey; | ||
2804 | size_t dpos; | 2766 | size_t dpos; |
2805 | 2767 | ||
2806 | char rekey_dgram[sizeof(struct UDPRekey) + receiver->d_mtu]; | 2768 | char rekey_dgram[sizeof(struct UDPRekey) + receiver->d_mtu]; |
@@ -2823,7 +2785,8 @@ send_UDPRekey (struct ReceiverAddress *receiver, struct SharedSecret *ss) | |||
2823 | else if (NULL == receiver->ss_rekey) | 2785 | else if (NULL == receiver->ss_rekey) |
2824 | { | 2786 | { |
2825 | /* setup key material */ | 2787 | /* setup key material */ |
2826 | receiver->ss_rekey = setup_shared_secret_random (receiver); | 2788 | receiver->ss_rekey = setup_shared_secret_ephemeral (&ephemeral_pubkey, |
2789 | receiver); | ||
2827 | receiver->ss_rekey->sequence_allowed = 0; | 2790 | receiver->ss_rekey->sequence_allowed = 0; |
2828 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2791 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2829 | "Setup secret with cmac %s\n", | 2792 | "Setup secret with cmac %s\n", |
@@ -2856,10 +2819,10 @@ send_UDPRekey (struct ReceiverAddress *receiver, struct SharedSecret *ss) | |||
2856 | 2819 | ||
2857 | GNUNET_assert ( | 2820 | GNUNET_assert ( |
2858 | 0 == gcry_cipher_encrypt (rekey_out_cipher, &rekey_dgram[dpos], | 2821 | 0 == gcry_cipher_encrypt (rekey_out_cipher, &rekey_dgram[dpos], |
2859 | sizeof(receiver->ss_rekey->master), | 2822 | sizeof(ephemeral_pubkey), |
2860 | &(receiver->ss_rekey->master), | 2823 | &ephemeral_pubkey, |
2861 | sizeof(receiver->ss_rekey->master))); | 2824 | sizeof(ephemeral_pubkey))); |
2862 | dpos += sizeof(receiver->ss_rekey->master); | 2825 | dpos += sizeof(ephemeral_pubkey); |
2863 | do_pad (rekey_out_cipher, &rekey_dgram[dpos], sizeof(rekey_dgram) | 2826 | do_pad (rekey_out_cipher, &rekey_dgram[dpos], sizeof(rekey_dgram) |
2864 | - dpos); | 2827 | - dpos); |
2865 | GNUNET_assert (0 == gcry_cipher_gettag (rekey_out_cipher, | 2828 | GNUNET_assert (0 == gcry_cipher_gettag (rekey_out_cipher, |
@@ -2868,9 +2831,8 @@ send_UDPRekey (struct ReceiverAddress *receiver, struct SharedSecret *ss) | |||
2868 | gcry_cipher_close (rekey_out_cipher); | 2831 | gcry_cipher_close (rekey_out_cipher); |
2869 | 2832 | ||
2870 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2833 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2871 | "Sending rekey with kid %s and master %s\n", | 2834 | "Sending rekey with kid %s and new pubkey\n", |
2872 | GNUNET_sh2s (&rekey->kid), | 2835 | GNUNET_sh2s (&rekey->kid)); |
2873 | GNUNET_h2s (&(receiver->ss_rekey->master))); | ||
2874 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2836 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2875 | "Sending rekey with cmac %s\n", | 2837 | "Sending rekey with cmac %s\n", |
2876 | GNUNET_h2s (&(receiver->ss_rekey->cmac))); | 2838 | GNUNET_h2s (&(receiver->ss_rekey->cmac))); |